exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	4b39f0d26d	DB: 2017-11-16 23 new exploits VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1) VideoLAN VLC Media Player 0.8.6a - Denial of Service (1) Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service Microsoft Windows Explorer - '.AVI' File Denial of Service Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service Microsoft Windows Explorer - '.ANI' File Denial of Service Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service Microsoft Windows Explorer - '.doc' File Denial of Service CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service) Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC) Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC) Webby WebServer - SEH Control (PoC) Webby WebServer - Overflow (SEH) (PoC) Quick 'n Easy FTP Server Lite 3.1 - Exploit Quick 'n Easy FTP Server Lite 3.1 - Denial of Service Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC) Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC) FFDshow - SEH Exception Leading to Null Pointer on Read FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read Microsoft Internet Explorer - MSHTML Findtext Processing Issue Microsoft Internet Explorer - MSHTML Findtext Processing Exploit Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption Debian suidmanager 0.18 - Exploit AMD K6 Processor - Exploit Apple Personal Web Sharing 1.1 - Remote Denial of Service AMD K6 Processor - Denial of Service Sun Solaris 7.0 - 'procfs' Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service D-Link DIR605L - Denial of Service RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service (Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow xfstt 1.2/1.4 - Unspecified Memory Disclosure xfstt 1.2/1.4 - Memory Disclosure ViRobot Linux Server 2.0 - Exploit Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities IBM AIX 5.x - Invscout Local Buffer Overflow IBM AIX 5.x - 'Invscout' Local Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012) Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012) IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2) VideoLAN VLC Media Player 0.8.6a - Denial of Service (2) Sun Solaris 10 - ICMP Unspecified Remote Denial of Service Sun Solaris 10 - ICMP Remote Denial of Service Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service Progress WebSpeed 3.0/3.1 - Denial of Service GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service Wireshark 0.99.8 - X.509sat Dissector Denial of Service Wireshark 0.99.8 - LDAP Dissector Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities SmallFTPd - Unspecified Denial of Service SmallFTPd - Denial of Service Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call Mandrake Linux 8.2 /usr/mail - Local Exploit Mandrake Linux 8.2 - '/usr/mail' Local Exploit RedHat 6.2 /sbin/restore - Exploit RedHat 6.2 - '/sbin/restore' Privilege Escalation dump 0.4b15 (RedHat 6.2) - Exploit dump 0.4b15 (RedHat 6.2) - Privilege Escalation xsoldier 0.96 (RedHat 6.2) - Exploit Pine (Local Message Grabber) - Exploit xsoldier 0.96 (RedHat 6.2) - Buffer Overflow Pine (Local Message Grabber) - Local Message Read Seyon 2.1 rev. 4b i586-Linux - Exploit Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read suid_perl 5.001 - Exploit suid_perl 5.001 - Command Execution Sendmail 8.11.x (Linux/i386) - Exploit Sendmail 8.11.x (Linux/i386) - Privilege Escalation Microsoft Excel - Unspecified Remote Code Execution Microsoft Excel - Remote Code Execution Microsoft Word 2000 - Unspecified Code Execution Microsoft Word 2000 - Code Execution IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite Easy RM to MP3 Converter 2.7.3.700 - Exploit Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow Adobe Reader and Acrobat - Exploit Adobe Reader / Acrobat - '.PDF' File Overflow Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) Winamp 5.572 - Exploit (SEH) Winamp 5.572 - Overflow (SEH) ZipScan 2.2c - Exploit (SEH) ZipScan 2.2c - Overflow (SEH) Local Glibc shared library (.so) 2.11.1 - Exploit (Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation Local Glibc Shared Library (.so) 2.11.1 - Code Execution ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation SyncBack Freeware 3.2.20.0 - Exploit SyncBack Freeware 3.2.20.0 - Overflow (SEH) Mediacoder 0.7.3.4672 - Exploit (SEH) Mediacoder 0.7.3.4672 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) DJ Studio Pro 8.1.3.2.1 - Exploit (SEH) DJ Studio Pro 8.1.3.2.1 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit) iworkstation 9.3.2.1.4 - Exploit (SEH) iworkstation 9.3.2.1.4 - Overflow (SEH) Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode) Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode) POP Peeper 3.7 - Exploit (SEH) POP Peeper 3.7 - Overflow (SEH) DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass) DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit) BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass) Slackware Linux 3.4 - 'liloconfig-color' Temporary file Slackware Linux 3.4 - 'makebootdisk' Temporary file Slackware Linux 3.4 - 'liloconfig-color' Temporary File Slackware Linux 3.4 - 'makebootdisk' Temporary File Slackware Linux 3.4 - 'netconfig' Temporary file Slackware Linux 3.4 - 'pkgtool' Temporary file Slackware Linux 3.4 - 'netconfig' Temporary File Slackware Linux 3.4 - 'pkgtool' Temporary File Debian suidmanager 0.18 - Command Execution BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit Slackware Linux 3.5 - Missing /etc/group Privilege Escalation BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission Slackware Linux 3.5 - '/etc/group' Privilege Escalation Sun Solaris 2.6 power management - Exploit Sun Solaris 2.6 - power management Exploit DataLynx suGuard 1.0 - Exploit Sun Solaris 2.5.1 PAM & unix_scheme - Exploit Solaris 2.5.1 ffbconfig - Exploit Solaris 2.5.1 chkey - Exploit Solaris 2.5.1 Ping - Exploit SGI IRIX 6.4 ioconfig - Exploit DataLynx suGuard 1.0 - Privilege Escalation Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation Solaris 2.5.1 - 'ffbconfig' Exploit Solaris 2.5.1 - 'chkey' Exploit Solaris 2.5.1 - 'Ping' Exploit SGI IRIX 6.4 - 'ioconfig' Exploit BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2) Solaris 2.5.1 automount - Exploit Solaris 2.5.1 - 'automount' Exploit BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit Sun Solaris 7.0 dtprintinfo - Buffer Overflow Sun Solaris 7.0 lpset - Buffer Overflow BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow IBM Remote Control Software 1.0 - Exploit IBM Remote Control Software 1.0 - Code Execution Xcmail 0.99.6 - Exploit Xcmail 0.99.6 - Buffer Overflow Sun Solaris 7.0 ff.core - Exploit S.u.S.E. 5.2 lpc - Exploit Sun Solaris 7.0 - 'ff.core' Exploit S.u.S.E. 5.2 - 'lpc' Exploit SGI IRIX 6.2 cdplayer - Exploit SGI IRIX 6.2 - 'cdplayer' Exploit SGI IRIX 5.3 Cadmin - Exploit SGI IRIX 6.0.1 colorview - Exploit SGI IRIX 5.3 - 'Cadmin' Exploit SGI IRIX 6.0.1 - 'colorview' Exploit SGI IRIX 6.3 df - Exploit SGI IRIX 6.4 - datman/cdman Exploit SGI IRIX 6.3 - 'df' Exploit SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.2 fsdump - Exploit RedHat Linux 5.1 xosview - Exploit Slackware Linux 3.1 - Buffer Overflow RedHat Linux 2.1 - 'abuse.console' Exploit SGI IRIX 6.2 - 'fsdump' Exploit RedHat Linux 5.1 - xosview Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow IBM AIX 4.3 infod - Exploit IBM AIX 4.3 - 'infod' Exploit IBM AIX 4.2.1 snap - Insecure Temporary File Creation IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation SGI IRIX 6.4 inpview - Exploit RedHat Linux 5.0 msgchk - Exploit IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 ping - Buffer Overflow IBM AIX 4.2 lchangelv - Buffer Overflow SGI IRIX 6.4 - 'inpview' Exploit RedHat Linux 5.0 - 'msgchk' Exploit IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 - 'ping' Buffer Overflow IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1) RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1) SGI IRIX 6.4 netprint - Exploit SGI IRIX 6.4 - 'netprint' Exploit SGI IRIX 5.3/6.2 ordist - Exploit SGI IRIX 5.3/6.2 - 'ordist' Exploit SGI IRIX 5.3 pkgadjust - Exploit SGI IRIX 5.3 - 'pkgadjust' Exploit Sun Solaris 7.0 procfs - Exploit IBM AIX 3.2.5 - IFS Exploit IBM AIX 4.2.1 lquerypv - Exploit IBM AIX 3.2.5 - 'IFS' Exploit IBM AIX 4.2.1 - 'lquerypv' File Read SGI IRIX 6.3 pset - Exploit SGI IRIX 6.4 rmail - Exploit SGI IRIX 6.3 - 'pset' Exploit SGI IRIX 6.4 - 'rmail' Exploit SGI IRIX 5.2/5.3 serial_ports - Exploit SGI IRIX 6.4 suid_exec - Exploit SGI IRIX 5.1/5.2 sgihelp - Exploit SGI IRIX 6.4 startmidi - Exploit SGI IRIX 5.2/5.3 - 'serial_ports' Exploit SGI IRIX 6.4 - 'suid_exec' Exploit SGI IRIX 5.1/5.2- 'sgihelp' Exploit SGI IRIX 6.4 - 'startmidi' Exploit SGI IRIX 6.4 xfsdump - Exploit SGI IRIX 6.4 - 'xfsdump' Exploit IBM AIX 4.3.1 adb - Exploit IBM AIX 4.3.1 - 'adb' Denial of Service Apple At Ease 5.0 - Exploit Samba < 2.0.5 - Exploit Apple At Ease 5.0 - Information Disclosure Samba < 2.0.5 - Overflow NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow HP-UX 10.20 newgrp - Exploit HP-UX 10.20 newgrp - Privilege Escalation BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2) BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1) FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2) Solaris 7.0 kcms_configure - Exploit Solaris 7.0 - 'kcms_configure Exploit Windowmaker wmmon 1.0 b2 - Exploit Windowmaker wmmon 1.0 b2 - Command Execution Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation Standard & Poors ComStock 4.2.4 - Exploit Standard & Poors ComStock 4.2.4 - Command Execution KDE 1.1.2 KApplication configfile - Exploit (1) KDE 1.1.2 KApplication configfile - Exploit (2) KDE 1.1.2 KApplication configfile - Exploit (3) KDE 1.1.2 KApplication configfile - Privilege Escalation (1) KDE 1.1.2 KApplication configfile - Privilege Escalation (2) KDE 1.1.2 KApplication configfile - Privilege Escalation (3) BSD 'mailx' 8.1.1-10 - Buffer Overflow (2) mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2) Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow IRIX 6.5.x - GR_OSView Buffer Overflow SGI IRIX 6.2 libgl.so - Buffer Overflow IRIX 6.5.x - dmplay Buffer Overflow IRIX 6.2/6.3 lpstat - Buffer Overflow IRIX 6.5.x - inpview Race Condition IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow SGI IRIX 6.2 - 'libgl.so' Buffer Overflow IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition IRIX 5.3/6.x - mail Exploit IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow Libc locale - Exploit (1) Libc locale - Exploit (2) Libc locale - Privilege Escalation (1) Libc locale - Privilege Escalation (2) GNOME esound 0.2.19 - Unix Domain Socket Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition IBM AIX 4.x - setsenv Buffer Overflow IBM AIX 4.3 digest - Buffer Overflow IBM AIX 4.x - enq Buffer Overflow IBM AIX 4.3.x - piobe Buffer Overflow IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow IBM AIX 4.x - 'enq' Buffer Overflow IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow AIX 4.2/4.3 - piomkapqd Buffer Overflow AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow (Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation (Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow QNX RTOS 6.1 - PKG-Installer Buffer Overflow QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass) AFD 1.2.x - Working Directory Local Buffer Overflow AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access HP-UX 10.x - rs.F3000 Unauthorized Access Leksbot 1.2 - Multiple Unspecified Vulnerabilities Leksbot 1.2 - Multiple Vulnerabilities IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation ViRobot Linux Server 2.0 - Overflow (Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3) Nvidia Display Driver Service (Nsvr) - Exploit Nvidia Display Driver Service (Nsvr) - Buffer Overflow IBM AIX 5.3 - GetShell and GetCommand File Enumeration IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure Apple 2.0.4 - Safari Unspecified Local Apple 2.0.4 - Safari Local Exploit Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities IBM AIX 6.1.8 libodm - Arbitrary File Write IBM AIX 6.1.8 - 'libodm' Arbitrary File Write Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass) Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation QEMU (Gentoo) - Local Priv Escalation QEMU (Gentoo) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock) Microsoft WordPerfect Document Converter - Exploit (MS03-036) Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036) CA BrightStor ARCserve Backup - Exploiter Tool CA BrightStor ARCserve Backup - Overflow NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write CDBurnerXP 4.2.4.1351 - Exploit PeerCast 0.1216 - Exploit (Metasploit) PeerCast 0.1216 - Stack Overflow (Metasploit) BigAnt Server 2.52 - Exploit (SEH) BigAnt Server 2.52 - Overflow (SEH) NetTransport Download Manager 2.90.510 - Exploit NetTransport Download Manager 2.90.510 - Overflow (SEH) File Sharing Wizard 1.5.0 - Exploit (SEH) File Sharing Wizard 1.5.0 - Overflow (SEH) Real Player 12.0.0.879 - Exploit Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass) Real Player 12.0.0.879 - Code Execution Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass) IBM AIX 5l FTPd - Remote DES Hash Exploit IBM AIX 5l - 'FTPd' Remote DES Hash Exploit Microsoft Data Access Components - Exploit (MS11-002) Microsoft Data Access Components - Overflow (PoC) (MS11-002) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit) Apple Personal Web Sharing 1.1 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation HP HP-UX 10.34 rlpdaemon - Exploit HP HP-UX 10.34 rlpdaemon - Remote Overflow Ray Chan WWW Authorization Gateway 0.1 - Exploit Ray Chan WWW Authorization Gateway 0.1 - Command Execution Solaris 7.0 Coredump - Exploit Solaris 7.0 - 'Coredump' File Write IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit SGI IRIX 6.2 cgi-bin wrap - Exploit IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read SGI IRIX 6.2 - cgi-bin wrap Exploit SGI IRIX 6.5.2 nsd - Exploit SGI IRIX 6.5.2 - 'nsd'' Exploit IBM AIX 3.2.5 - login(1) Exploit IBM AIX 3.2.5 - 'login(1)' Exploit Compaq Java Applet for Presario SpawnApp - Exploit Compaq Java Applet for Presario SpawnApp - Code Execution Network Security Wizards Dragon-Fire IDS 1.0 - Exploit Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure IBM AIX 4.3.2 ftpd - Remote Buffer Overflow IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow glFTPd 1.17.2 - Exploit glFTPd 1.17.2 - Code Execution Netopia R-series routers 4.6.2 - Exploit Netopia R-series Routers 4.6.2 - Modifying SNMP Tables Sun Java Web Server 1.1.3/2.0 Servlets - Exploit Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure IPFilter 3.x - Fragment Rule Bypass CGIWrap 2.x/3.x - Cross-Site Scripting AIX 4.1/4.2 - pdnsd Buffer Overflow AIX 4.1/4.2 - 'pdnsd' Buffer Overflow RedHat Linux 7.0 Apache - Remote 'Username' Enumeration RedHat Linux 7.0 Apache - Remote Username Enumeration Hylafax 4.1.x - HFaxD Unspecified Format String Hylafax 4.1.x - HFaxD Format String EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Oracle 9i - Multiple Unspecified Vulnerabilities Oracle 9i - Multiple Vulnerabilities File ELF 4.x - Header Unspecified Buffer Overflow File ELF 4.x - Header Buffer Overflow Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack Microsoft Internet Explorer 6 - Unspecified Code Execution (1) Microsoft Internet Explorer 6 - Unspecified Code Execution (2) Microsoft Internet Explorer 6 - Code Execution (1) Microsoft Internet Explorer 6 - Code Execution (2) GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal TFTP Server TFTPDWin 0.4.2 - Directory Traversal Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit Multiple CA Service Management Products - Unspecified Remote Command Execution Multiple CA Service Management Products - Remote Command Execution NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow Bash - Environment Variables Code Injection (Shellshock) Bash - Environment Variables Command Injection (Shellshock) OpenVPN 2.2.29 - Remote Exploit (Shellshock) OpenVPN 2.2.29 - Remote Command Injection (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock) Apache mod_cgi - Remote Exploit (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock) Apache mod_cgi - Remote Command Injection (Shellshock) Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow Poison Ivy 2.3.2 - Remote Buffer Overflow Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution Samba 3.5.11/3.6.3 - Remote Code Execution Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit) Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit) Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock) Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock) IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit) IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock) TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock) Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion Poll It CGI 2.0 - Exploit Poll It CGI 2.0 - Multiple Vulnerabilities DreamPoll 3.1 - Exploit DreamPoll 3.1 - SQL Injection WordPress Plugin WP-Cumulus 1.20 - Exploit WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting Public Media Manager - Exploit Public Media Manager - Remote File Inclusion Joomla! Component com_adagency - Exploit Joomla! Component com_adagency - Local File Inclusion File Upload Manager 1.3 - Exploit File Upload Manager 1.3 - Web Shell File Upload Joomla! Component com_caddy - Exploit Renista CMS - Exploit Renista CMS - SQL Injection BtiTracker 1.3.x < 1.4.x - Exploit BtiTracker 1.3.x < 1.4.x - SQL Injection WordPress Plugin Cimy Counter - Exploit WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting Belkin F5D7234-4 v5 G Wireless Router - Exploit Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed WhatsApp Status Changer 0.2 - Exploit WhatsApp - Remote Change Status MySimpleNews 1.0 - Remotely Readable Administrator Password MySimpleNews 1.0 - Remote Readable Administrator Password SquirrelMail 1.2.11 - Exploit SquirrelMail 1.2.11 - Multiple Vulnerabilities D-Link DCS-936L Network Camera - Cross-Site Request Forgery Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting Yappa-ng 1.x/2.x - Remote File Inclusion Yappa-ng 1.x/2.x - Cross-Site Scripting Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities Aenovo - Multiple Cross-Site Scripting Vulnerabilities Codegrrl - 'Protection.php' Unspecified Code Execution Codegrrl - 'Protection.php' Code Execution Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'index.php' Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting A-Blog 1.0 - Unspecified Cross-Site Scripting A-Blog 1.0 - Cross-Site Scripting Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Akismet 2.1.3 - Unspecified WordPress Plugin Akismet 2.1.3 - Exploit SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections Zoph 0.7.2.1 - Unspecified SQL Injection Zoph 0.7.2.1 - SQL Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Joomla! Component FreiChat 1.0/2.x - HTML Injection Bash CGI - Remote Code Execution (Shellshock) (Metasploit) Bash CGI - Remote Command Injection (Shellshock) (Metasploit) PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock) PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock) Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit Netsweeper 4.0.8 - Authentication Bypass Issue Netsweeper 4.0.8 - Authentication Bypass SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting SimpleInvoices invoices Module - Customer Field Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Cross-Site Scripting iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal iScripts AutoHoster - 'main_smtp.php' Traversal Exploit Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock) Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock) Squid Analysis Report Generator 2.3.10 - Remote Code Execution	2017-11-16 10:02:26 +00:00
Offensive Security	cb946ad7aa	DB: 2017-11-15 9 new exploits GNU TAR 1.15.91 / CPIO 2.5.90 - safer_name_suffix Remote Denial of Service GNU TAR 1.15.91 / CPIO 2.5.90 - 'safer_name_suffix' Remote Denial of Service Microsoft Internet Explorer 11 - 'jscript!JsErrorToString' Use-After-Free PHP 7.1.8 - Heap-Based Buffer Overflow PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free Realtek Audio Control Panel 1.0.1.65 - Exploit Realtek Audio Microphone Calibration 1.1.1.6 - Exploit Realtek HD Audio Control Panel 2.1.3.2 - Exploit Realtek Audio Control Panel 1.0.1.65 - Buffer Overflow Realtek Audio Microphone Calibration 1.1.1.6 - Buffer Overflow Realtek HD Audio Control Panel 2.1.3.2 - Buffer Overflow Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) (Metasploit) Odin Secure FTP 4.1 - 'LIST' Stack Buffer Overflow (Metasploit) STUNSHELL Web Shell - PHP Remote Code Execution (Metasploit) STUNSHELL Web Shell - Remote Code Execution (Metasploit) STUNSHELL (Web Shell) - PHP Remote Code Execution (Metasploit) STUNSHELL (Web Shell) - Remote Code Execution (Metasploit) Mako Server 2.5 - OS Command Injection Remote Command Execution (Metasploit) Wireless IP Camera (P2P) WIFICAM - Unauthenticated Remote Code Execution Ulterius Server < 1.9.5.0 - Directory Traversal D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit) Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow Gogs (label pararm) - SQL Injection Gogs - users and repos q SQL Injection Gogs - 'label' SQL Injection Gogs - 'users'/'repos' '?q' SQL Injection Kirby CMS < 2.5.7 - Cross-Site Scripting	2017-11-15 05:01:30 +00:00
Offensive Security	9e4de03a13	DB: 2017-11-14 4 new exploits Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC) Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation IBM Websphere 6.0 - Faultactor Cross-Site Scripting IBM Websphere 6.0 - 'Faultactor' Cross-Site Scripting Coppermine Photo Gallery 1.3.2 - File Retrieval SQL Injection Coppermine Photo Gallery 1.3.2 - File Retrieval / SQL Injection MemHT Portal 4.0.1 - SQL Injection Code Execution MemHT Portal 4.0.1 - SQL Injection / Code Execution AWCM 2.1 final - Remote File Inclusion AWCM 2.1 Final - Remote File Inclusion Invision Power Board 3 - search_app SQL Injection Invision Power Board 3 - 'search_app' SQL Injection PHP-Nuke 7.x - Content Filtering Byapss PHP-Nuke 7.x - Content Filtering Bypass Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload	2017-11-14 05:01:29 +00:00
Offensive Security	d70e1a2cf0	DB: 2017-11-08 3 new exploits Pine 4.x - From: Field Heap Corruption Pine 4.x - 'From:' Heap Corruption IBM DB2 db2start - Command Line Argument Local Overflow IBM DB2 db2stop - Command Line Argument Local Overflow IBM DB2 db2govd - Command Line Argument Local Overflow IBM DB2 - 'db2start' Command Line Argument Local Overflow IBM DB2 - 'db2stop' Command Line Argument Local Overflow IBM DB2 - 'db2govd' Command Line Argument Local Overflow F-Secure Internet GateKeeper for Linux < 2.15.484 (and Gateway < 2.16) - Privilege Escalation F-Secure Internet GateKeeper for Linux < 2.15.484 / Gateway < 2.16 - Privilege Escalation Microsoft Zero Administration Kit (ZAK) 1.0 and Office97 - Backdoor Microsoft Zero Administration Kit (ZAK) 1.0 / Office97 - Backdoor Access IBM DB2 - db2start Format String Arbitrary Code Execution IBM DB2 - db2stop Format String Arbitrary Code Execution IBM DB2 - db2govd Format String Arbitrary Code Execution IBM DB2 - 'db2start' Format String Arbitrary Code Execution IBM DB2 - 'db2stop' Format String Arbitrary Code Execution IBM DB2 - 'db2govd' Format String Arbitrary Code Execution Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP Privilege Escalation YaBB 9.11.2000 - search.pl Arbitrary Command Execution YaBB 9.11.2000 - 'search.pl' Arbitrary Command Execution Fortigate OS 4.x < 5.0.7 - SSH Backdoor Fortigate OS 4.x < 5.0.7 - SSH Backdoor Access Tecnovision DLX Spot - SSH Backdoor Tecnovision DLX Spot - SSH Backdoor Access FLIR Thermal Camera F/FC/PT/D - SSH Backdoor FLIR Thermal Camera F/FC/PT/D - SSH Backdoor Access Phorum 3.0.7 - 'auth.php3' Backdoor Phorum 3.0.7 - 'auth.php3' Backdoor Access Active PHP BookMarks 1.0 - 'APB.php' Remote File Inclusion Underground CMS 1.x - 'Search.Cache.Inc.php' Backdoor Underground CMS 1.x - 'Search.Cache.Inc.php' Backdoor Access pfSense 2.3.1_1 - Command Execution ManageEngine Applications Manager 13 - SQL Injection	2017-11-08 05:01:32 +00:00
Offensive Security	6f7af333ff	DB: 2017-11-07 9 new exploits G Data TotalCare 2011 - NtOpenKey Race Condition G Data TotalCare 2011 - 'NtOpenKey' Race Condition QNX 6.1 - TimeCreate Local Denial of Service QNX 6.1 - 'TimeCreate' Local Denial of Service Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH) Debut Embedded httpd 1.20 - Denial of Service Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC) PHP 5.3.0 - pdflib Arbitrary File Write PHP 5.3.0 - 'pdflib' Arbitrary File Write Actiontec C1000A Modem - Backdoor Account Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH) Joomla! Component com_virtuemart 1.1.7/1.5 - Blind Time-Based SQL Injection (Metasploit) Joomla! Component com_virtuemart 1.1.7/1.5 - Blind SQL Injection (Metasploit) Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-Based SQL Injection Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Blind SQL Injection Joomla! 2.5.0 < 2.5.1 - Time Based SQL Injection Joomla! 2.5.0 < 2.5.1 - Blind SQL Injection xt:Commerce 3.04 SP2.1 - Time Based Blind SQL Injection xt:Commerce 3.04 SP2.1 - Blind SQL Injection MyBB 1.6.9 - 'editpost.php?posthash' Time Based SQL Injection MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection Tableau Server - Blind SQL Injection Tableau Server < 8.0.7 / < 8.1.2 - Blind SQL Injection GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection GeoCore MAX DB Ver. 7.3.3 - Blind SQL Injection Joomla! 2.5.1 - 'redirect.php' Time Based SQL Injection Joomla! 2.5.1 - 'redirect.php' Blind SQL Injection Milw0rm Clone Script 1.0 - Time Based SQL Injection Milw0rm Clone Script 1.0 - 'related.php?program' Blind SQL Injection Milw0rm Clone Script 1.0 - Authentication Bypass Milw0rm Clone Script 1.0 - '/admin/login.php' Authentication Bypass RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injections RealtyScript 4.0.2 - Multiple Blind SQL Injections WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting	2017-11-07 05:01:33 +00:00
Offensive Security	ffa5f29b53	DB: 2017-11-04 4 new exploits Avira Premium Security Suite - NtCreateKey Race Condition Avira Premium Security Suite - 'NtCreateKey' Race Condition Microsoft Internet Explorer - Memory Corruption Lotus Domino SMTP Router & Email Server and Client - Denial of Service Byte Fusion BFTelnet 1.1 - Long 'Username' Denial of Service Byte Fusion BFTelnet 1.1 - Long Username Denial of Service Apple Mac OSX (Mavericks) - IOBluetoothHCIUserClient Privilege Escalation Apple Mac OSX (Mavericks) - 'IOBluetoothHCIUserClient' Privilege Escalation Python 2.7 hotshot Module - pack_string Heap Buffer Overflow Python 2.7 array.fromstring Method - Use-After-Free Python 2.7 hotshot Module - 'pack_string' Heap Buffer Overflow Python 2.7 - 'array.fromstring' Method Use-After-Free GraphicsMagick - Memory Disclosure / Heap Overflow Mozilla Firefox 3.6 - URL Spoofing Vir.IT eXplorer Anti-Virus - Privilege Escalation Vir.IT eXplorer Anti-Virus 8.5.39 - 'VIAGLT64.SYS' Privilege Escalation Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass Exploit Adobe Flash / Reader - Live Malware (PoC) Adobe ColdFusion - Directory Traversal Mozilla Firefox 3.6.8 < 3.6.11 - Interleaving 'document.write' / 'appendChild' Exploit CA BrightStor ARCserve License Service - GCR NETWORK Buffer Overflow (Metasploit) CA BrightStor ARCserve License Service - 'GCR NETWORK' Buffer Overflow (Metasploit) Nullsoft SHOUTcast 1.9.2 - icy-name/icy-url Memory Corruption (1) Nullsoft SHOUTcast 1.9.2 - icy-name/icy-url Memory Corruption (2) Nullsoft SHOUTcast 1.9.2 - 'icy-name/icy-url' Memory Corruption (1) Nullsoft SHOUTcast 1.9.2 - 'icy-name/icy-url' Memory Corruption (2) Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities tnftp - 'savefile' Arbitrary Command Execution (Metasploit) PostNuke 0.763 - PNSV lang Remote Code Execution PostNuke 0.763 - 'PNSV lang' Remote Code Execution GuppY 4.6.3 - 'includes.inc selskin' Remote File Inclusion GuppY 4.6.3 - 'index.php?selskin' Remote File Inclusion WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection Ladon Framework for Python 0.9.40 - XML External Entity Expansion	2017-11-04 05:01:30 +00:00
Offensive Security	c66d2f584e	DB: 2017-11-02 5 new exploits Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020) Microsoft Internet Explorer - DHTML Object Handling (MS05-020) Stoney FTPd - Denial of Service (rxBot mods ftpd) Stoney FTPd - 'rxBot mods ftpd' Denial of Service Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows Server 2000 - UPNP 'getdevicelist' Memory Leak Denial of Service Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC) Winamp 5.21 - '.Midi' File Header Handling Buffer Overflow (PoC) Apache (mod_rewrite) < 1.3.37/2.0.59/2.2.3 - Remote Overflow (PoC) Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow (PoC) ProFTPd 1.3.0a - 'mod_ctrls support' Local Buffer Overflow (PoC) ProFTPd 1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (PoC) Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption Vulnerabilities Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption ZOO - .ZOO File Decompression Infinite Loop Denial of Service (PoC) Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service ZOO - '.ZOO' Decompression Infinite Loop Denial of Service (PoC) Versalsoft HTTP File Uploader - ActiveX 6.36 AddFile Remote Denial of Service RhinoSoft Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service RhinoSoft Serv-U FTP Server 7.3 - Authenticated 'stou con:1' Denial of Service CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash CUPS 1.3.7 - Cross-Site Request Forgery (Add RSS Subscription) Remote Crash Microsoft Office - Communicator (SIP) Remote Denial of Service Microsoft Office - Communicator 'SIP' Remote Denial of Service Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow HeapSpray (PoC) Amaya Web Editor 11.0 - XML / HTML Parser Vulnerabilities Amaya Web Editor 11.0 - XML / HTML Parser VideoLAN VLC Media Player 0.9.8a - Web UI (input) Remote Denial of Service VideoLAN VLC Media Player 0.9.8a - Web UI 'input' Remote Denial of Service Real Helix DNA - RTSP / SETUP Request Handler Vulnerabilities Real Helix DNA - 'RTSP' / 'SETUP' Request Handler BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' GET 404 Remote Denial of Service Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 3.2.3 (Windows x86) - JavaScript 'eval' Remote Denial of Service httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service httpdx 1.4 - HTTP Server Host Header Remote Format String Denial of Service Multiple Media Player - HTTP DataHandler Overflow (iTunes & QuickTime etc) Multiple Media Players ((iTunes / QuickTime) - HTTP DataHandler Overflow Microsoft Internet Explorer 6/7/8 - Denial of Service (Shockwave Flash Object) Microsoft Internet Explorer 6/7/8 - Shockwave Flash Object Denial of Service Adobe (Multiple Products) - XML External Entity / XML Injection Vulnerabilities Adobe (Multiple Products) - XML External Entity / XML Injection PHP (Multiple Functions) - Local Denial of Service Vulnerabilities PHP (Multiple Functions) - Local Denial of Service RPM Select/Elite 5.0 - '.xml config parsing' Unicode Buffer Overflow (PoC) RPM Select/Elite 5.0 - '.xml Configuration parsing' Unicode Buffer Overflow (PoC) Microsoft Windows - SMB2 Negotiate Protocol (0x72) Response Denial of Service Microsoft Windows - SMB2 Negotiate Protocol '0x72' Response Denial of Service Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow Oreans Themida 2.1.8.0 - '.TMD' File Handling Buffer Overflow Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service Play [EX] 2.1 - '.M3U'/'.PLS'/'.LST' Playlist File Denial of Service Apple iTunes 10.6.1.7 - '.m3u' Playlist File Walking Heap Buffer Overflow Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow) Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service / Buffer Overflow RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow Vulnerabilities RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4_ UoW imap 4.5 popd - Lock File Denial of Service Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4 / UoW imap 4.5 popd - Lock File Denial of Service Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (1) Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (2) Axent NetProwler 3.0 - IP Packets Denial of Service (1) Axent NetProwler 3.0 - IP Packets Denial of Service (2) WFTPD 2.4.1RC11 - REST Command Malformed File Write Denial of Service WFTPD 2.4.1RC11 - 'REST' Malformed File Write Denial of Service id Software Quake 3 Arena Server 1.29 - Possible Buffer Overflow id Software Quake 3 Arena Server 1.29 - Buffer Overflow BSDI 3.0/3.1 - Possible Local Kernel Denial of Service BSDI 3.0/3.1 - Local Kernel Denial of Service Cisco IOS 11/12 - Malformed SNMP Message Denial of Service Cisco IOS 11/12 - SNMP Message Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x (Mod_JK) - Chunked Encoding Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service BitchX 1.0 - Malformed RPL_NAMREPLY Denial of Service BitchX 1.0 - 'RPL_NAMREPLY' Denial of Service RealPlayer 15.0.6.14(.3g2) - WriteAV Crash (PoC) RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC) Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow Vulnerabilities Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun ProFTPd 1.2.7/1.2.8 - '.ASCII' File Transfer Buffer Overrun Avaya Argent Office - Malformed DNS Packet Denial of Service Avaya Argent Office - DNS Packet Denial of Service Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service Cisco IOS 12 MSFC2 - Layer 2 Frame Denial of Service ClamAV Daemon 0.65 - Malformed UUEncoded Message Denial of Service Red-M Red-Alert 3.1 - Remote Vulnerabilities ClamAV Daemon 0.65 - UUEncoded Message Denial of Service Red-M Red-Alert 3.1 - Remote Exploit Neon WebDAV Client Library 0.2x - Format String Vulnerabilities Neon WebDAV Client Library 0.2x - Format String Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure Vulnerabilities Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure Adobe Acrobat / Acrobat Reader 6.0 - ETD File Parser Format String Adobe Acrobat / Acrobat Reader 6.0 - '.ETD' File Parser Format String Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access Check Point VPN-1 SecureClient - IP Address Local Memory Access CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service CenterICQ 4.20/4.5 - Packet Handling Remote Denial of Service Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012) Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012) Mozilla (Multiple Products) - iFrame JavaScript Execution Vulnerabilities Mozilla (Multiple Products) - iFrame JavaScript Execution Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Vulnerabilities Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Apple Mac OSX 10.x - LZWDecodeVector (.tiff) Overflow Apple Mac OSX 10.x - LZWDecodeVector '.tiff' Overflow SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow SolarWinds Server and Application Monitor - ActiveX 'Pepco32c' Buffer Overflow Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Microsoft Windows XP - GDI+ ICO File Remote Denial of Service Microsoft Windows XP - GDI+ '.ICO' File Remote Denial of Service PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow Vulnerabilities PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow PC SOFT WinDEV 11 - '.WDP' File Parsing Stack Buffer Overflow Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Vulnerabilities libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities Multiple Platform IPv6 Address Publication - Denial of Service Ruby 1.9 - WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request Denial of Service Ruby 1.9 - 'WEBrick::HTTP::DefaultFileHandler' Crafted HTTP Request Denial of Service Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service Apple Safari For Windows 3.2.1 - URI Remote Denial of Service Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service Apple Safari 4 - 'feeds:' URI Null Pointer Dereference Remote Denial of Service Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption Microsoft Windows Media Player 11 - '.AVI' File Colorspace Conversion Remote Memory Corruption Apache 2.4.7 (mod_status) - Scoreboard Handling Race Condition Apache 2.4.7 mod_status - Scoreboard Handling Race Condition Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service Battlefield 2/2142 - Packet Null Pointer Dereference Remote Denial of Service Foxit Products GIF Conversion - Memory Corruption (LZWMinimumCodeSize) Foxit Products GIF Conversion - Memory Corruption (DataSubBlock) Foxit Products GIF Conversion - 'LZWMinimumCodeSize' Memory Corruption Foxit Products GIF Conversion - 'DataSubBlock' Memory Corruption Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize) Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption 'LZWMinimumCodeSize' Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap Based Buffer Overflow Loading '.FLV' File with Nellymoser Audio Codec PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free Vulnerabilities PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Based Buffer Overflow Wireshark - memcpy 'get_value / dissect_btatt' SIGSEGV Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read pdfium - opj_jp2_apply_pclr 'libopenjpeg' Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc 'libopenjpeg' Heap Based Out-of-Bounds Read Wireshark - 'iseries_check_file_type' Stack Based Out-of-Bounds Read Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Based Out-of-Bounds Read pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free pdfium - opj_t2_read_packet_header 'libopenjpeg' Heap Use-After-Free Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine) Samsung Galaxy S6 - 'android.media.process' 'MdConvertLine' Face Recognition Memory Corruption Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor 'treo_attach' Nullpointer Dereference Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1 Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2 Apple QuickTime < 7.7.79.80.95 - PSD File Parsing Memory Corruption Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (1) Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (2) Apple QuickTime < 7.7.79.80.95 - '.PSD' Parsing Memory Corruption Adobe Flash - Heap Overflow in ATF Processing (Image Reading) Adobe Flash - Heap Overflow in ATF Processing Image Reading Apache 2.4.23 (mod_http2) - Denial of Service Apache 2.4.23 mod_http2 - Denial of Service Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow) Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table 'win32k!bGeneratePath' Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table 'win32k!fsc_CalcGrayRow' WhatsApp 2.17.52 - Memory Corruption ICQ Pro 2003a - Password Bypass Exploit (ca1-icq.asm) ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass Exploit IBM DB2 - Universal Database 7.2 (db2licm) Local Exploit IBM DB2 - Universal Database 7.2 'db2licm' Local Exploit SuSE Linux 9.0 - YaST config Skribt Local Exploit SuSE Linux 9.0 - YaST Configuration Skribt Local Exploit Solaris locale - Format Strings (noexec stack) Exploit Solaris locale - Format Strings 'noexec stack' Exploit UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit UUCP Exploit - File Creation/Overwriting Symlinks Exploit GnomeHack - Local Buffer Overflow (gid=games) Kwintv - Local Buffer Overflow (gid=video(33)) GnomeHack - Local Buffer Overflow Kwintv - Local Buffer Overflow RedHat 6.1 man - Local Exploit (egid 15) RedHat 6.1 man - 'egid 15' Local Exploit Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities Solaris 2.5.1 lp / lpsched - Symlink Exploit SGI IRIX - Multiple Buffer Overflows (LsD) SGI IRIX - 'LsD' Multiple Buffer Overflows Solaris 5.5.1 X11R6.3 - xterm (-xrm) Privilege Escalation Solaris 5.5.1 X11R6.3 - xterm '-xrm' Privilege Escalation ProFTPd - 'ftpdctl pr_ctrls_connect' Exploit ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit GlobalScape - CuteFTP macros (.mcr) Local GlobalScape - CuteFTP macros '.mcr' Local socat 1.4.0.2 - Local Format String (not setuid) Socat 1.4.0.2 - Not SETUID Local Format String TipxD 1.1.1 - Local Format String (not setuid) TipxD 1.1.1 - Not SETUID Local Format String GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID) VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid) GNU a2ps - 'Anything to PostScript' Not SUID Local Exploit VisualBoyAdvanced 1.7.x - Non SUID Local Shell Exploit eXeem 0.21 - Local Password Disclosure (asm) eXeem 0.21 - Local Password Disclosure (ASM) Microsoft Excel 2000/2003 - Hlink Local Buffer Overflow (French) Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian) WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow (French) Microsoft Excel 2000/2003 (French) - Hlink Local Buffer Overflow Microsoft Excel 2003 (Italian) - Hlink Local Buffer Overflow WinRAR 3.60 Beta 6 (French) - SFX Path Local Stack Overflow Microsoft PowerPoint 2003 SP2 - Local Code Execution (French) Microsoft PowerPoint 2003 SP2 (French) - Local Code Execution Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation (Root File Create) Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation Apple Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation Apple Mac OSX 10.4.8 - DiskManagement BOM 'cron' Privilege Escalation ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' Local Overflow (exec-shield) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' exec-shield Local Overflow Send ICMP Nasty Garbage (sing) - Append File Logrotate Exploit Send ICMP Nasty Garbage (SING) - Append File Logrotate Exploit Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password) Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (Change Sys Password) VUPlayer 2.49 - '.asx' (HREF) Universal Buffer Overflow VUPlayer 2.49 - '.asx' 'HREF' Universal Buffer Overflow VUPlayer 2.49 - '.asx' (Universal) Local Buffer Overflow VUPlayer 2.49 - '.asx' Universal Local Buffer Overflow Zinf Audio Player 2.2.1 - '.pls' Local Buffer Overflow (Universal) Zinf Audio Player 2.2.1 - '.pls' Universal Local Buffer Overflow Foxit Reader 3.0 (Build 1301) - PDF Buffer Overflow (Universal) Rosoft Media Player 4.2.1 - Local Buffer Overflow (multi target) Foxit Reader 3.0 (Build 1301) - PDF Universal Buffer Overflow Rosoft Media Player 4.2.1 - Local Buffer Overflow Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500) Adobe Acrobat Reader - JBIG2 Universal Exploit Mini-stream Ripper 3.0.1.1 - '.asx' (HREF) Local Buffer Overflow Mini-stream Ripper 3.0.1.1 - '.asx' 'HREF' Local Buffer Overflow Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (update) Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (2) BSD (Multiple Distributions) - 'setusercontext()' Vulnerabilities BSD (Multiple Distributions) - 'setusercontext()' Exploit Audacity 1.2 - '.gro' Universal Buffer Overflow (egg hunter) Audacity 1.2 - '.gro' Universal Buffer Overflow (Egghunter) NetAccess IP3 - Authenticated (ping option) Command Injection NetAccess IP3 - Authenticated Ping Option Command Injection Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Buffer Overflow Jasc Paint Shop Pro 8 - Local Buffer Overflow (Universal) Jasc Paint Shop Pro 8 - Local Universal Buffer Overflow HTML Help Workshop 4.74 - hhp Buffer Overflow (Universal) HTML Help Workshop 4.74 - hhp Universal Buffer Overflow Audiotran 1.4.1 - Buffer Overflow (Direct RET) Audiotran 1.4.1 - Direct RET Buffer Overflow Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - 'KiTrap0D' User Mode to Ring Escalation (MS10-015) feedDemon 3.1.0.9 - opml File Buffer Overflow feedDemon 3.1.0.9 - '.opml' File Buffer Overflow Winamp 5.572 - Local Buffer Overflow (EIP + SEH DEP Bypass) Winamp 5.572 - Local Buffer Overflow (EIP + SEH) (DEP Bypass) GSM SIM Utility 5.15 - sms file Local Buffer Overflow (SEH) GSM SIM Utility 5.15 - '.sms' File Local Buffer Overflow (SEH) GSM SIM Utility 5.15 - Local Exploit (Direct RET) GSM SIM Utility 5.15 - Direct RET Local Exploit Microsoft Windows - Automatic LNK Shortcut File Code Execution Microsoft Windows - Automatic .LNK Shortcut File Code Execution QQPlayer 2.3.696.400p1 - smi File Buffer Overflow QQPlayer 2.3.696.400p1 - '.smi' File Buffer Overflow Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067) Microsoft Excel - FEATHEADER Record Exploit (MS09-067) SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass) SnackAmp 3.1.3B - SMP Buffer Overflow (SEH) (DEP Bypass) MP3-Nator - Buffer Overflow (SEH DEP Bypass) MP3-Nator - Buffer Overflow (SEH) (DEP Bypass) VisiWave - VWR File Parsing Trusted Pointer (Metasploit) VisiWave - '.VWR' File Parsing Trusted Pointer (Metasploit) F-Secure (Multiple Products) - ActiveX Overwrite (SEH) (Heap Spray) F-Secure (Multiple Products) - ActiveX HeapSpray Overwrite (SEH) Blade API Monitor - Unicode Bypass (Serial Number) Buffer Overflow Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - 'LICENSEMGR_FILE_ROOT' Exploit Slackware Linux 3.4 - liloconfig-color Temporary file Slackware Linux 3.4 - makebootdisk Temporary file Slackware Linux 3.4 - 'liloconfig-color' Temporary file Slackware Linux 3.4 - 'makebootdisk' Temporary file Slackware Linux 3.4 - netconfig Temporary file Slackware Linux 3.4 - pkgtool Temporary file Slackware Linux 3.4 - 'netconfig' Temporary file Slackware Linux 3.4 - 'pkgtool' Temporary file IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation Vulnerabilities IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation Vulnerabilities IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage Vulnerabilities GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage Quinn - 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Quinn - 'the Eskimo' and Peter N. Lewis Internet Configuration 1.0/2.0 Weak Password Encryption MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch / RDS Fix - Registry Key Standard & Poors ComStock 4.2.4 - Machine Vulnerabilities Standard & Poors ComStock 4.2.4 - Exploit HP-UX 10.20/11.0 - SNMPD File Permission Vulnerabilities HP-UX 10.20/11.0 - '.SNMPD' File Permission CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (Large Shellcode) CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) Samba 2.0.x - Insecure TMP file Symbolic Link Samba 2.0.x - Insecure TMP File Symbolic Link SuSE 7.0 - KFM Insecure TMP File Creation SuSE 7.0 - KFM Insecure '.TMP' File Creation QNX RTOS 4.25 - CRTTrap File Disclosure QNX RTOS 4.25 - 'CRTTrap' File Disclosure Linux Kernel 2.4 - SUID execve() System Call Race Condition Executable File Read (PoC) Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read (PoC) BlazeVideo HDTV Player 6.6 Professional - Exploit (Direct RETN) Aviosoft Digital TV Player Professional 1.x - '.PLF' Exploit (Direct Retn) BlazeVideo HDTV Player 6.6 Professional - Direct RETN Exploit Aviosoft Digital TV Player Professional 1.x - '.PLF' Direct Retn Exploit BlazeDVD 6.1 - '.PLF' File Exploit (DEP + ASLR Bypass) (Metasploit) BlazeDVD 6.1 - '.PLF' File Exploit (ASLR + DEP Bypass) (Metasploit) Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1) Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2) Cscope 13.0/15.x - Insecure Temporary File Creation (1) Cscope 13.0/15.x - Insecure Temporary File Creation (2) Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution Sony Playstation 3 (PS3) 4.31 - Save Game Preview '.SFO' File Handling Local Command Execution Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - 'EPATHOBJ' Local Ring Exploit PHP 5.0.5 - Safedir Restriction Bypass Vulnerabilities PHP 5.0.5 - Safedir Restriction Bypass AudioCoder 0.8.22 - '.m3u' Buffer Overflow (Direct Retn) AudioCoder 0.8.22 - '.m3u' Direct Retn Buffer Overflow AudioCoder 0.8.22 - '.lst' Buffer Overflow (Direct Retn) AudioCoder 0.8.22 - '.lst' Direct Retn Buffer Overflow KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY) KingView 6.53 - 'KChartXY' ActiveX Remote File Creation / Overwrite BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct RET) BlazeDVD Pro Player 6.1 - Stack Based Direct RET Buffer Overflow Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure KingView 6.53 - Insecure ActiveX Control (SuperGrid) KingView 6.53 - 'SuperGrid' Insecure ActiveX Control Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass with ROP) Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass + ROP) BlazeDVD Pro Player 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET) BlazeDVD Pro Player 7.0 - '.plf' Stack Based Direct RETBuffer Overflow Filemaker Pro 13.03 / Advanced 12.04 - Login Bypass / Privilege Escalation Filemaker Pro 13.03 / Advanced 12.04 - Authentication Bypass / Privilege Escalation Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation Microsoft Windows Task Scheduler - 'DeleteExpiredTaskAfter' File Deletion Privilege Escalation Linux 3.17 - noexec File Security Bypass (Python ctypes and memfd_create) Linux 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass FireEye - Malware Input Processor (uid=mip) Privilege Escalation FireEye - Malware Input Processor Privilege Escalation Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098) VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Config Host Root Privilege Escalation VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Configuration Host Root Privilege Escalation Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH) Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit Microsoft Windows XP/2000 - RPC Remote Non Exec Memory Exploit ProFTPd 1.2.10 - Remote Users Enumeration Exploit ProFTPd 1.2.10 - Remote Users Enumeration Multiple Browsers - Tabbed Browsing Vulnerabilities Multiple Browsers - Tabbed Browsing Ability Server 2.34 - FTP STOR Buffer Overflow (Unix Exploit) Ability Server 2.34 (Unix) - FTP 'STOR' Buffer Overflow Webmin 1.5 - Web Brute Force (cgi-version) Webmin 1.5 - Web Brute Force (CGI) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039) Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service Microsoft Windows Plug-and-Play Service (French) - Remote Universal Exploit (MS05-039) Battlefield (BFCC < 1.22_A /BFVCC < 2.14_B / BF2CC) - Authentication Bypass / Password Stealer / Denial of Service Lynx 2.8.6dev.13 - Remote Buffer Overflow (port bind) Lynx 2.8.6dev.13 - Remote Buffer Overflow Mercury Mail Transport System 4.01b - Remote Exploit (PH SERVER) Mercury Mail Transport System 4.01b - PH SERVER Remote Exploit SHOUTcast 1.9.4 - File Request Format String (Leaked) SHOUTcast 1.9.4 - File Request 'Leaked' Format String Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (extra) Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution MySQL 4.x/5.0 (Windows) - User-Defined Function Command Execution GNU Mailutils imap4d 0.6 - Remote Format String (exec-shield) GNU Mailutils imap4d 0.6 - exec-shield Remote Format String Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield) Fenice Oms server 1.10 - exec-shield Remote Buffer Overflow HP Tru64 - Remote Secure Shell User Enumeration Exploit HP Tru64 - Remote Secure Shell User Enumeration Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow 2 Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow (2) Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit Program Checker - 'sasatl.dll 1.5.0.531' JavaScript HeapSpray Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog HeapSpray Data Dynamics ActiveBar - ActiveX (actbar3.ocx 3.1) Insecure Methods Data Dynamics ActiveBar - ActiveX 'actbar3.ocx 3.1' Insecure Methods Savant Web Server 3.1 - GET Remote Overflow (Universal) Savant Web Server 3.1 - GET Universal Remote Overflow ProFTPd 1.x - 'mod_tls module' Remote Buffer Overflow ProFTPd 1.x - 'mod_tls' Remote Buffer Overflow Apache Tomcat - WebDAV Remote File Disclosure (SSL) Apache Tomcat - WebDAV SSL Remote File Disclosure Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (1) Linksys WRT54G Firmware 1.00.9 - Security Bypass (1) VideoLAN VLC Media Player 0.8.6d - httpd_FileCallBack Remote Format String VideoLAN VLC Media Player 0.8.6d - 'httpd_FileCallBack' Remote Format String Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (2) Linksys WRT54G Firmware 1.00.9 - Security Bypass (2) BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow BlazeDVD 5.0 - '.PLF' Playlist File Remote Buffer Overflow Microsoft Windows Server - Code Execution (MS08-067) (Universal) Microsoft Windows Server - Universal Code Execution (MS08-067) SpeedStream 5200 - Authentication Bypass Config Download SpeedStream 5200 - Authentication Bypass Configuration Download GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption (PoC) GeoVision LiveX 8200 - ActiveX 'LIVEX_~1.OCX' File Corruption (PoC) Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow Amaya 11.1 - W3C Editor/Browser 'defer' Stack Overflow XBMC 8.10 - get tag from file name Remote Buffer Overflow XBMC 8.10 - Get Tag From File Name Remote Buffer Overflow FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) FTPDMIN 0.96 (Windows XP SP3) - 'RNFR' Remote Buffer Overflow Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray) Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow HeapSpray cPanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure cPanel - Authenticated 'lastvisit.html Domain' Arbitrary File Disclosure ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (1) Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (1) Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (2) Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (2) Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Exploit VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Buffer Overflow (Universal) VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Universal Buffer Overflow IBM Informix Client SDK 3.0 - nfx file integer Overflow IBM Informix Client SDK 3.0 - '.nfx' File Integer Overflow AOL 9.5 - ActiveX Exploit (Heap Spray) AOL 9.5 - ActiveX Heap Spray Exploit Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal) Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal) Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal) Magneto Net Resource ActiveX 4.0.0.5 - 'NetFileClose' Universal Exploit Magneto Net Resource ActiveX 4.0.0.5 - 'NetConnectionEnum' Universal Exploit Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal Exploit Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7) Barcodewiz Barcode ActiveX Control 3.29 - Remote HeapSpray Exploit (Internet Explorer 6/7) Advanced File Vault - 'eSellerateControl350.dll' ActiveX Heap Spray Advanced File Vault - 'eSellerateControl350.dll' ActiveX HeapSpray RSP MP3 Player - OCX ActiveX Buffer Overflow (heap spray) Easy FTP 1.7.0.11 - Buffer Overflow Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray Easy FTP 1.7.0.11 - 'NLST' / 'NLST -al' / 'APPE' / 'RETR' / 'SIZE' / 'XCWD' Buffer Overflow Oracle JRE - java.net.URLConnection class Same-of-Origin (SOP) Policy Bypass Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass Microsoft Windows - Common Control Library (Comctl32) Heap Overflow (MS10-081) Microsoft Windows - Common Control Library 'Comctl32' Heap Overflow (MS10-081) Majordomo2 - Directory Traversal (SMTP/HTTP) Majordomo2 - 'SMTP/HTTP' Directory Traversal Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit) Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit) Microsoft Outlook - 'ATTACH_BY_REF_RESOLVE' File Execution (MS10-045) (Metasploit) Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045) (Metasploit) Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit) Apache mod_rewrite - LDAP protocol Buffer Overflow (Metasploit) Zend Java Bridge - Remote Code Execution (ZDI-11-113) Zend Java Bridge - Remote Code Execution 7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities (Metasploit) 7-Technologies IGSS 9 - Data Server/Collector Packet Handling (Metasploit) TFTP Server 1.4 - ST (RRQ) Buffer Overflow WorldMail IMAPd 3.0 - Overflow (SEH) (Egg Hunter) TFTP Server 1.4 - ST 'RRQ' Buffer Overflow WorldMail IMAPd 3.0 - Overflow (SEH) (Egghunter) MailMax 4.6 - POP3 'USER' Remote Buffer Overflow (No Login Needed) MailMax 4.6 - POP3 'USER' Unauthenticated Remote Buffer Overflow AN-HTTPd 1.2b - CGI Vulnerabilities AN-HTTPd 1.2b - CGI Exploits Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX '.CAB' File Execution RedHat 6.1 / IRIX 6.5.18 - lpd Vulnerabilities RedHat 6.1 / IRIX 6.5.18 - 'lpd' Exploit Microsoft Windows Script Host 5.1/5.5 - GetObject() File Disclosure Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Vulnerabilities FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Apache 1.3 - Possible Directory Index Disclosure Apache 1.3 - Directory Index Disclosure Microsoft Outlook Express 6 - XML File Attachment Script Execution Microsoft Outlook Express 6 - '.XML' File Attachment Script Execution Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure Apache Tomcat 3/4 - DefaultServlet File Disclosure Apache Tomcat 3/4 - 'DefaultServlet' File Disclosure Apache Tomcat 3.x - Null Byte Directory/File Disclosure Apache Tomcat 3.x - Null Byte Directory / File Disclosure Clearswift MAILsweeper 4.x - Malformed MIME Attachment Filter Bypass Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass Aladdin Knowledge System Ltd - ChooseFilePath Buffer Overflow (Metasploit) Aladdin Knowledge System Ltd - 'ChooseFilePath' Buffer Overflow (Metasploit) Mod_Gzip 1.3.x - Debug Mode Vulnerabilities Mod_Gzip 1.3.x - Debug Mode Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun Vulnerabilities Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun Microsoft Internet Explorer 6 - Script Execution Vulnerabilities Microsoft Internet Explorer 6 - Script Execution OpenSSL - ASN.1 Parsing Vulnerabilities OpenSSL - ASN.1 Parsing Microsoft Outlook Express 6.0 - MHTML Forced File Execution (1) Microsoft Outlook Express 6.0 - '.MHTML' Forced File Execution (1) Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy Vulnerabilities Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation Sun Java Virtual Machine 1.x - 'Font.createFont' Method Insecure Temporary File Creation Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote Exploit abctab2ps 1.6.3 - Write_Heading Function ABC File Remote Buffer Overflow abctab2ps 1.6.3 - 'Write_Heading' '.ABC' Remote Buffer Overflow abctab2ps 1.6.3 - Trim_Title Function ABC File Remote Buffer Overflow abctab2ps 1.6.3 - 'Trim_Title' '.ABC' File Remote Buffer Overflow PCAL 4.x - Calendar File getline Buffer Overflow PCAL 4.x - Calendar File get_holiday Buffer Overflow PCAL 4.x - Calendar File 'getline' Buffer Overflow PCAL 4.x - Calendar File 'get_holiday' Buffer Overflow Sun JavaMail 1.3.2 - MimeBodyPart.getFileName Directory Traversal Sun JavaMail 1.3.2 - 'MimeBodyPart.getFileName' Directory Traversal Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention Finjan SurfinGate 7.0 - '.ASCII' File Extension File Filter Circumvention Logic Print 2013 - Stack Overflow (vTable Overwrite) Logic Print 2013 - vTable Overwrite Stack Overflow EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure Vulnerabilities EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution Mitsubishi MC-WorkX 8.02 - ActiveX Control 'IcoLaunch' File Execution Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution + Scanner CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution Vulnerabilities CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution Ability Mail Server 2013 (3.1.1) - Persistent Cross-Site Scripting (Web UI) Ability Mail Server 2013 3.1.1 - Web UI Persistent Cross-Site Scripting Microsoft - Tagged Image File Format (TIFF) Integer Overflow (Metasploit) Microsoft - Tagged Image File Format '.TIFF' Integer Overflow (Metasploit) Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow Sun Java Runtime Environment 1.6 - Web Start '.JNLP' File Stack Buffer Overflow Adobe Flash Player 8.0.24 - SWF File Handling Remote Code Execution Adobe Flash Player 8.0.24 - '.SWF' File Handling Remote Code Execution Multiple Browsers - URI Handlers Command Injection Vulnerabilities Multiple Browsers - URI Handlers Command Injection Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow Daum Game 1.1.0.5 - ActiveX 'IconCreate Method' Stack Buffer Overflow LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution Adobe Flash Player 8/9.0.x - '.SWF' File 'DeclareFunction2' ActionScript Tag Remote Code Execution Trillian 3.1.9 - DTD File XML Parser Buffer Overflow Trillian 3.1.9 - '.DTD' File XML Parser Buffer Overflow Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass Vulnerabilities Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass ProFTPd 1.3 - 'mod_sql Username' SQL Injection ProFTPd 1.3 - 'mod_sql' 'Username' SQL Injection Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution Apple Safari for iPhone/iPod touch - 'Throw' Exception Remote Code Execution Apple Safari iPhone/iPod touch - Webpage Remote Code Execution PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Multiple Check Point Endpoint Security Products - Information Disclosure Vulnerabilities Multiple Check Point Endpoint Security Products - Information Disclosure Bsplayer 2.68 - HTTP Response Exploit (Universal) Bsplayer 2.68 - HTTP Response Universal Exploit Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass with ROP) Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass + ROP) Microsoft Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112) Microsoft Internet Explorer 9/10/11 - 'CDOMStringDataList::InitFromString' Out-of-Bounds Read (MS15-112) Acunetix WVS 10 - Remote Command Execution (System) Acunetix WVS 10 - Remote Command Execution Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution (SA-CONTRIB-2016-039) Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution ZyXEL PK5001Z Modem - Backdoor Account PHP-Nuke - SQL Injection Edit/Save Message(s) PHP-Nuke - SQL Injection Edit/Save Messages phpBB - highlight Arbitrary File Upload (Santy.A) phpBB - highlight Arbitrary File Upload 'Santy.A' phpBB 2.0.10 - Bot Install (Altavista) (ssh.D.Worm) phpBB 2.0.10 - Bot Install Altavista 'ssh.D.Worm' Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial) Invision Power Board 2.0.3 - 'login.php' SQL Injection phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (cookie grabber) phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (Cookie Grabber) vBulletin 3.0.8 - Accessible Database Backup Searcher (update 3) vBulletin 3.0.8 - Accessible Database Backup Searcher (3) ibProArcade 2.x - module (vBulletin/IPB) SQL Injection ibProArcade 2.x - module 'vBulletin/IPB' SQL Injection Website Baker 2.6.0 - Login Bypass / Remote Code Execution Website Baker 2.6.0 - Authentication Bypass / Remote Code Execution WebWiz Products 1.0/3.06 - Login Bypass (SQL Injection) WebWiz Products 1.0/3.06 - Authentication Bypass / SQL Injection Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection Woltlab Burning Board 2.x - Datenbank MOD 'fileid' SQL Injection phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities phpCommunityCalendar 4.0.3 - Cross-Site Scripting / SQL Injection BASE 1.2.4 - melissa (Snort Frontend) Remote File Inclusion BASE 1.2.4 - melissa Snort Frontend Remote File Inclusion E Annu 1.0 - Login Bypass (SQL Injection) E Annu 1.0 - Authentication Bypass / SQL Injection ASP Smiley 1.0 - 'default.asp' Login Bypass 'SQL Injection' ASP Smiley 1.0 - 'default.asp' Authentication Bypass / SQL Injection paFileDB 3.5.2/3.5.3 - Remote Login Bypass (SQL Injection) paFileDB 3.5.2/3.5.3 - Remote Authentication Bypass / SQL Injection e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed) e107 0.7.8 - 'mailout.php' Authenticated Access Escalation Exploit TaskDriver 1.2 - Login Bypass / SQL Injection TaskDriver 1.2 - Authentication Bypass / SQL Injection IBM Rational ClearQuest - Web Login Bypass (SQL Injection) IBM Rational ClearQuest - Web Authentication Bypass / SQL Injection Joomla! Component JoomlaXplorer 1.6.2 - Remote Vulnerabilities Joomla! Component JoomlaXplorer 1.6.2 - Remote Exploits Xomol CMS 1.2 - Login Bypass / Local File Inclusion Xomol CMS 1.2 - Authentication Bypass / Local File Inclusion cPanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass) cPanel 11.x - 'Fantastico' Local File Inclusion mxCamArchive 2.2 - Bypass Config Download mxCamArchive 2.2 - Bypass Configuration Download All Club CMS 0.0.2 - Remote Database Config Retrieve Exploit All Club CMS 0.0.2 - Remote Database Configuration Retrieve Exploit OraMon 2.0.1 - Remote Config File Disclosure OraMon 2.0.1 - Remote Configuration File Disclosure Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP code writing Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP Code Writing phpScribe 0.9 - 'user.cfg' Remote Config Disclosure phpScribe 0.9 - 'user.cfg' Remote Configuration Disclosure BlogHelper - Remote Config File Disclosure PollHelper - Remote Config File Disclosure BlogHelper - Remote Configuration File Disclosure PollHelper - Remote Configuration File Disclosure QuoteBook - Remote Config File Disclosure QuoteBook - Remote Configuration File Disclosure Free Joke Script 1.0 - Authentication Bypass / SQL Injection Free Joke Script 1.0 - Authentication Bypass Grestul 1.x - Authentication Bypass (Cookie SQL Injection) Grestul 1.x - Cookie Authentication Bypass S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete Vulnerabilities S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete smNews 1.0 - Authentication Bypass/Column Truncation Vulnerabilities smNews 1.0 - Authentication Bypass / Column Truncation Free Arcade Script 1.0 - Authentication Bypass (SQL Injection) / Arbitrary File Upload Free Arcade Script 1.0 - Authentication Bypass / Arbitrary File Upload phpAdBoard - 'conf.inc' Remote Config File Disclosure phpAdBoard - 'conf.inc' Remote Configuration File Disclosure W2B Restaurant 1.2 - 'conf.inc' Config File Disclosure phpAdBoardPro - 'config.inc' Config File Disclosure W2B Restaurant 1.2 - 'conf.inc' Configuration File Disclosure phpAdBoardPro - 'config.inc' Configuration File Disclosure Job2C - 'conf.inc' Config File Disclosure Job2C - 'conf.inc' Configuration File Disclosure chCounter 3.1.3 - (Authentication Bypass) SQL Injection chCounter 3.1.3 - Authentication Bypass The Recipe Script 5 - (Authentication Bypass) SQL Injection / Database Backup The Recipe Script 5 - Authentication Bypass / Database Backup Mlffat 2.1 - (Authentication Bypass / Cookie) SQL Injection Mlffat 2.1 - Cookie Authentication Bypass my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection my-colex 1.4.2 - Authentication Bypass / SQL Injection / Cross-Site Scripting Flash Image Gallery 1.1 - Arbitrary Config File Disclosure Flash Image Gallery 1.1 - Arbitrary Configuration File Disclosure Traidnt Up 2.0 - (Authentication Bypass / Cookie) SQL Injection Traidnt Up 2.0 - Cookie Authentication Bypass LightNEasy sql/no-db 2.2.x - System Config Disclosure LightNEasy sql/no-db 2.2.x - System Configuration Disclosure MD-Pro 1.083.x - Survey Module (pollID) Blind SQL Injection MD-Pro 1.083.x - Survey Module 'pollID' Blind SQL Injection WHOISCART - (Authentication Bypass) Information Disclosure WHOISCART - Authentication Bypass / Information Disclosure ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Information Disclosure Vulnerabilities ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition / Information Disclosure mobilelib gold 3.0 - Authentication Bypass / SQL Injection Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection Arab Portal 2.2 - (Authentication Bypass) Blind SQL Injection Arab Portal 2.2 - Blind Cookie Authentication Bypass Joomla! Component com_surveymanager 1.5.0 - SQL Injection (stype) Joomla! Component com_surveymanager 1.5.0 - 'stype' SQL Injection Joomla! Component com_virtuemart 1.0 - SQL Injection (Product_ID) Joomla! Component com_virtuemart 1.0 - 'Product_ID' SQL Injection Pre Job Board 1.0 - SQL Authentication Bypass Pre Job Board 1.0 - Authentication Bypass Pre Jobo .NET - SQL Authentication Bypass Pre Jobo .NET - Authentication Bypass SoftCab Sound Converter - ActiveX Insecure Method Exploit (sndConverter.ocx) SoftCab Sound Converter - 'sndConverter.ocx' ActiveX Insecure Method Exploit WSC CMS - (Authentication Bypass) SQL Injection WSC CMS - Authentication Bypass Joomla! Component dcsFlashGames 2.0RC1 - SQL Injection (catid) Joomla! Component dcsFlashGames 2.0RC1 - 'catid' SQL Injection 3Com* iMC (Intelligent Management Center) - Unauthenticated File Retrieval (Traversal) 3Com* iMC (Intelligent Management Center) - Unauthenticated Traversal File Retrieval Yamamah Photo Gallery 1.00 - SQL Injection (calbums) Yamamah Photo Gallery 1.00 - 'calbums' SQL Injection Elite Gaming Ladders 3.5 - SQL Injection (ladder[id]) Elite Gaming Ladders 3.5 - 'ladder[id]' SQL Injection Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Configuration Cross-Site Request Forgery AV Arcade 3 - Cookie SQL Injection / Authentication Bypass AV Arcade 3 - Cookie Authentication Bypass MODx REvolution CMS 2.0.4-pl2 - Cross-Site Scripting (POST Injection) MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting Vulnerabilities appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting ExtCalendar2 - (Authentication Bypass / Cookie) SQL Injection ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload Seotoaster - SQL Injection Admin Login Bypass Seotoaster - SQL Injection BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities phpBB 1.x/2.0.x - '(Knowledge Base Module) 'KB.php' SQL Injection phpBB 1.x/2.0.x - Knowledge Base Module 'KB.php' SQL Injection PhpTax 0.8 - File Manipulation (newvalue) / Remote Code Execution PhpTax 0.8 - File Manipulation 'newvalue' / Remote Code Execution Spid 1.3 - lang_path File Inclusion Spid 1.3 - 'lang_path' File Inclusion NETGEAR WPN824v3 - Unauthorized Config Download NETGEAR WPN824v3 - Unauthorized Configuration Download TWiki 4.0.x - Viewfile Directory Traversal TWiki 4.0.x - 'Viewfile' Directory Traversal ZonPHP 2.25 - Remote Code Execution (Remote Code Execution) ZonPHP 2.25 - Remote Code Execution pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass Vulnerabilities LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass geoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion geoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion GeoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting Vulnerabilities LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting Ability Mail Server 2013 - Cross-Site Request Forgery (via Persistent Cross-Site Scripting) (Password Reset) Ability Mail Server 2013 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Password Reset) WiFiles HD 1.3 iOS - Locla File Inclusion WiFiles HD 1.3 iOS - Local File Inclusion IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure Vulnerabilities IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass Vulnerabilities H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection Vulnerabilities IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting Vulnerabilities Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit) Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python) vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting ZTE F660 - Remote Config Download ZTE F660 - Remote Configuration Download Tango DropBox 3.1.5 + PRO - Activex Heap Spray Tango FTP 1.0 (Build 136) - Activex Heap Spray Tango DropBox 3.1.5 + PRO - Activex HeapSpray Tango FTP 1.0 (Build 136) - Activex HeapSpray Pinterestclones - Security Bypass / HTML Injection Vulnerabilities Pinterestclones - Security Bypass / HTML Injection Privoxy Proxy - Authentication Information Disclosure Vulnerabilities Privoxy Proxy - Authentication Information Disclosure ZTE ZXHN H108N Router - Unauthenticated Config Disclosure ZTE ZXHN H108N Router - Unauthenticated Configuration Disclosure Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection (XXE) Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection Kodi 15 - Arbitrary File Access (Web Interface) Kodi 15 - Web Interface Arbitrary File Access ( OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit OpenMRS 2.3 (1.11.4) - XML External Entity Processing Exploit OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery Ingenious School Management System 2.3.0 - 'friend_index' SQL injection	2017-11-02 05:01:28 +00:00
Offensive Security	33cc894818	DB: 2017-10-31 43 new exploits Microsoft Internet Explorer 6.0/7.0 - RemoveChild Denial of Service Microsoft Internet Explorer 6.0/7.0 - 'RemoveChild' Denial of Service SGI IRIX 6.3 Systour and OutOfBox - Exploit SGI IRIX 6.3 - 'Systour' / 'OutOfBox' Exploit Apple macOS < 10.12.2 / iOS < 10.2 - '_kernelrpc_mach_port_insert_right_trap' Kernel Reference Count Leak / Use-After-Free Apple macOS < 10.12.2 / iOS < 10.2 - '_kernelrpc_mach_port_insert_right_trap' Kernel Reference Count Leak / Use-After-Free Novell eDirectory 9.0 - DHost Remote Buffer Overflow Novell eDirectory 9.0 - 'DHost' Remote Buffer Overflow Cisco IOS 12.3(18) (FTP Server) - Remote Exploit (Attached to GDB) Cisco IOS 12.3(18) (FTP Server) - Remote Exploit (Attached to GDB) Opera 9.61 - opera:historysearch Code Execution (PoC) Opera 9.61 - 'opera:historysearch' Code Execution (PoC) Home FTP Server 1.11.1.149 RETR DELE RMD - Directory Traversal Home FTP Server 1.11.1.149 - 'RETR'/'DELE'/'RMD' Directory Traversal Microsoft Windows 95/WfW - smbclient Directory Traversal Microsoft Windows 95/Windows for Workgroups - 'smbclient' Directory Traversal RSA Authentication Agent for Web 5.3 - Open Redirection RSA Authentication Agent for Web 5.3 - Open Redirection Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' Open Redirection Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' Open Redirection HP System Management Homepage - 'RedirectUrl' Open Redirection HP System Management Homepage - 'RedirectUrl' Open Redirection FirePass 7.0 SSL VPN - 'refreshURL' Open Redirection FirePass 7.0 SSL VPN - 'refreshURL' Open Redirection EasyFTP Server 1.7.0.11 - 'APPE' Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'APPE' Remote Buffer Overflow MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation MyPHP Forum 3.0 - Edit Topics/Blind SQL Injection MyPHP Forum 3.0 - Edit Topics / Blind SQL Injection ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Information Disclosure Vulnerabilities ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Information Disclosure Vulnerabilities Tkai's Shoutbox - 'Query' Open Redirection Tkai's Shoutbox - 'Query' Open Redirection SAP Web Application Server 6.x/7.0 - Open Redirection SAP Web Application Server 6.x/7.0 - Open Redirection UC Gateway Investment SiteEngine 5.0 - 'api.php' Open Redirection UC Gateway Investment SiteEngine 5.0 - 'api.php' Open Redirection Autonomy Ultraseek - 'cs.html' Open Redirection Autonomy Ultraseek - 'cs.html' Open Redirection Joomla! Component com_user - 'view' Open Redirection Joomla! Component com_user - 'view' Open Redirection MBoard 1.3 - 'url' Open Redirection MBoard 1.3 - 'url' Open Redirection Sitecore CMS 6.4.1 - 'url' Open Redirection Sitecore CMS 6.4.1 - 'url' Open Redirection Orchard 1.3.9 - 'ReturnUrl' Open Redirection Orchard 1.3.9 - 'ReturnUrl' Open Redirection Tiki Wiki CMS Groupware - 'url' Open Redirection Tiki Wiki CMS Groupware - 'url' Open Redirection WebsitePanel - 'ReturnUrl' Open Redirection WebsitePanel - 'ReturnUrl' Open Redirection ocPortal 7.1.5 - 'redirect' Open Redirection ocPortal 7.1.5 - 'redirect' Open Redirection Silverstripe CMS 2.4.x - 'BackURL' Open Redirection Silverstripe CMS 2.4.x - 'BackURL' Open Redirection PHP Melody 2.6.1 - SQL Injection PHPMyFAQ 2.9.8 - Cross-Site Scripting (3) phpMyFAQ 2.9.8 - Cross-Site Request Forgery WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection Zomato Clone Script - 'resid' SQL Injection Website Broker Script - 'status_id' SQL Injection Vastal I-Tech Agent Zone - SQL Injection Php Inventory - Arbitrary File Upload Online Exam Test Application - 'sort' SQL Injection Nice PHP FAQ Script - 'nice_theme' SQL Injection Fake Magazine Cover Script - SQL Injection CPA Lead Reward Script - SQL Injection Basic B2B Script - SQL Injection CmsLite 1.4 - 'S' SQL Injection MyMagazine 1.0 - 'id' SQL Injection News 1.0 - SQL Injection Newspaper 1.0 - SQL Injection US Zip Codes Database - 'state' SQL Injection Shareet - 'photo' SQL Injection AROX School ERP PHP Script - 'id' SQL Injection Protected Links - SQL Injection ZeeBuddy 2x - 'groupid' SQL Injection Vastal I-Tech Dating Zone 0.9.9 - 'product_id' SQL Injection tPanel 2009 - Authentication Bypass Sokial Social Network Script 1.0 - SQL Injection SoftDatepro Dating Social Network 1.3 - SQL Injection Same Sex Dating Software Pro 1.0 - SQL Injection PHP CityPortal 2.0 - SQL Injection PG All Share Video 1.0 - SQL Injection MyBuilder Clone 1.0 - 'subcategory' SQL Injection Mailing List Manager Pro 3.0 - SQL Injection Joomla! Component Zh YandexMap 6.1.1.0 - 'placemarklistid' SQL Injection Joomla! Component NS Download Shop 2.2.6 - 'id' SQL Injection Job Board Script - 'nice_theme' SQL Injection iTech Gigs Script 1.21 - SQL Injection iStock Management System 1.0 - Arbitrary File Upload iProject Management System 1.0 - 'ID' SQL Injection Article Directory Script 3.0 - 'id' SQL Injection Adult Script Pro 2.2.4 - SQL Injection D-Park Pro 1.0 - SQL Injection Ingenious 2.3.0 - Arbitrary File Upload Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure	2017-10-31 05:01:39 +00:00
Offensive Security	e515bac4fe	DB: 2017-10-27 2 new exploits Microsoft Windows XP/2000 - TCP Connection Reset Remote Exploit Microsoft Windows XP/2000 - TCP Connection Reset WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflows (PoC) WinEggDropShell 1.7 - Unauthenticated Multiple Remote Stack Overflows (PoC) FileCOPA FTP Server 1.01 - 'USER' Remote Unauthenticated Denial of Service FileCOPA FTP Server 1.01 - 'USER' Unauthenticated Remote Denial of Service Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 Mail SMTPD - Unauthenticated Remote Stack Based Overrun (PoC) Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC) Airsensor M520 - HTTPD Unauthenticated Remote Denial of Service / Buffer Overflow (PoC) Simple HTTPD 1.41 - '/aux' Remote Denial of Service Simple HTTPd 1.41 - '/aux' Remote Denial of Service MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial of Service MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Denial of Service Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service Oracle Internet Directory 10.1.4 - Unauthenticated Remote Denial of Service Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service Linksys WAG54G v2 Wireless ADSL Router - HTTPd Denial of Service Nofeel FTP Server 3.6 - 'CWD' Command Remote Memory Consumption Nofeel FTP Server 3.6 - 'CWD' Remote Memory Consumption Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service Home FTP Server 1.10.1.139 - 'SITE INDEX' Remote Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Denial of Service httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC) httpdx 1.5.2 - Unauthenticated Remote Denial of Service (PoC) httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service Vulnerabilities (PoC) httpdx 1.5.3b - Unauthenticated Remote Denial of Service Multiple Vulnerabilities (PoC) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crashs (SEH) (PoC) eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Crashs (SEH) (PoC) TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (1) TYPSoft FTP Server 1.10 - 'RETR' Denial of Service (1) (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote Denial of Service (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Remote Denial of Service Motorola SB5101 Hax0rware Rajko HTTPD - Remote Exploit (PoC) Motorola SB5101 Hax0rware Rajko HTTPd - Remote Exploit (PoC) Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service Unreal Tournament 3 2.1 - 'STEAMBLOB' Remote Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (2) TYPSoft FTP Server 1.10 - 'RETR' Denial of Service (2) Objectivity/DB - Lack of Authentication Remote Exploit Objectivity/DB - Lack of Authentication IPComp - encapsulation Unauthenticated kernel memory Corruption IPComp - encapsulation Unauthenticated Kernel Memory Corruption Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC) Crush FTP 5 - 'APPE' Remote JVM Blue Screen of Death (PoC) torrent-stats - httpd.c Denial of Service torrent-stats - 'httpd.c' Denial of Service Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor status.cgi Denial of Service Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor 'status.cgi' Denial of Service WhitSoft SlimServe - HTTPD 1.1 Get Denial of Service WhitSoft SlimServe HTTPd 1.1 - Get Denial of Service Linksys BEFSR41 1.4x - Gozila.cgi Denial of Service Linksys BEFSR41 1.4x - 'Gozila.cgi' Denial of Service BRS Webweaver 1.06 httpd - 'User-Agent' Remote Denial of Service BRS Webweaver 1.06 - HTTPd 'User-Agent' Remote Denial of Service Surfboard httpd 1.1.9 - Remote Buffer Overflow Surfboard HTTPd 1.1.9 - Remote Buffer Overflow RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service RobotFTP Server 1.0/2.0 - Unauthenticated Remote Command Denial of Service Titan FTP Server 3.0 - 'LIST' Command Denial of Service Titan FTP Server 3.0 - 'LIST' Denial of Service Monkey HTTPD 1.1.1 - Crash (PoC) Monkey HTTPd 1.1.1 - Crash (PoC) Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow Alt-N MDaemon 2-8 - IMAP Unauthenticated Remote Buffer Overflow Titan FTP Server 6.05 build 550 - 'DELE' Command Remote Buffer Overflow Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow Surgemail and WebMail 3.0 - 'Page' Command Remote Format String Surgemail and WebMail 3.0 - 'Page' Remote Format String Call of Duty 4 1.5 - Malformed 'stats' Command Denial of Service Call of Duty 4 1.5 - 'stats' Denial of Service Softalk Mail Server 8.5.1 - 'APPEND' Command Remote Denial of Service Softalk Mail Server 8.5.1 - 'APPEND' Remote Denial of Service FileCOPA FTP Server 5.01 - 'NOOP' Command Denial of Service FileCOPA FTP Server 5.01 - 'NOOP' Denial of Service Hybserv2 - ':help' Command Denial of Service Hybserv2 - ':help' Denial of Service Titan FTP Server 8.40 - 'APPE' Command Remote Denial of Service Titan FTP Server 8.40 - 'APPE' Remote Denial of Service TYPSoft FTP Server 1.1 - 'APPE' Command Remote Buffer Overflow TYPSoft FTP Server 1.1 - 'APPE' Remote Buffer Overflow Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial of Service Sony Bravia KDL-32CX525 - 'hping' Remote Denial of Service SmallFTPd 1.0.3 - 'mkd' Command Denial of Service freeFTPd 1.0.8 - 'mkd' Command Denial of Service SmallFTPd 1.0.3 - 'mkd' Denial of Service freeFTPd 1.0.8 - 'mkd' Denial of Service Wireshark 2.2.0 to 2.2.12 - ROS Dissector Denial of Service Wireshark 2.2.0 < 2.2.12 - ROS Dissector Denial of Service AIX 4.3/5.1 < 5.3 - 'lsmcode' Command Execution Privilege Escalation AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation xp-AntiSpy 3.9.7-4 - '.xpas' file Buffer Overflow xp-AntiSpy 3.9.7-4 - '.xpas' File Buffer Overflow GTA SA-MP server.cfg - Buffer Overflow (Metasploit) GTA SA-MP - 'server.cfg' Buffer Overflow (Metasploit) SCO Unixware 7.1 - 'pkg' command Exploit SCO Unixware 7.1 - 'pkg' Exploit Caldera UnixWare 7.1.1 - WebTop SCOAdminReg.cgi Arbitrary Command Execution Caldera UnixWare 7.1.1 - WebTop 'SCOAdminReg.cgi' Arbitrary Command Execution OSSEC 2.7 < 2.8.1 - 'diff' Command Privilege Escalation OSSEC 2.7 < 2.8.1 - 'diff' Privilege Escalation Microsoft Windows 10 - pcap Driver Privilege Escalation Microsoft Windows 10 - 'pcap' Driver Privilege Escalation PHPMailer < 5.2.21 - Local File Disclosure HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow Apache 2.0.45 - APR Remote Exploit Apache 2.0.45 - 'APR' Remote Exploit RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Remote Exploit Pavuk Digest - Authentication Buffer Overflow Remote Exploit Pavuk Digest - Authentication Remote Buffer Overflow 3CServer 1.1 - FTP Server Remote Exploit 3CServer 1.1 (FTP Server) - Remote Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Remote Exploit LimeWire 4.1.2 < 4.5.6 - 'GET' Remote Exploit MailEnable Enterprise 1.x - Imapd Remote Exploit MailEnable Enterprise 1.x - IMAPd Remote Exploit Sumus 0.2.2 - httpd Remote Buffer Overflow Sumus 0.2.2 - HTTPd Remote Buffer Overflow Symantec Scan Engine 5.0.x - Change Admin Password Remote Exploit Symantec Scan Engine 5.0.x - Change Admin Password Mercur Messaging 2005 (Windows 2000 SP4) - IMAP (Subscribe) Remote Exploit Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote Exploit CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow CoreHTTP 0.5.3alpha - HTTPd Remote Buffer Overflow Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow Postcast Server Pro 3.0.61 / Quiksoft EasyMail - 'emsmtp.dll 6.0.1' Buffer Overflow Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow Mercury/32 4.52 IMAPD - 'SEARCH' Authenticated Overflow SonicWALL SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit SonicWALL SSL-VPN - 'NeLaunchCtrl' ActiveX Control Remote Exploit simple httpd 1.38 - Multiple Vulnerabilities Simple HTTPd 1.38 - Multiple Vulnerabilities Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB) Cisco IOS 12.3(18) (FTP Server) - Remote Exploit (Attached to GDB) freeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH) freeSSHd 1.2.1 - 'rename' Remote Buffer Overflow (SEH) Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow (Metasploit) Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Buffer Overflow (Metasploit) Home FTP Server - 'MKD' Command Directory Traversal Home FTP Server - 'MKD' Directory Traversal Apple iTunes 8.1.x - 'daap' Buffer Overflow Remote Exploit Apple iTunes 8.1.x - 'daap' Remote Buffer Overflow eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflows (1) eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (1) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflows (2) eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (2) EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - 'MKD' Authenticated Remote Buffer Overflow Xftp client 3.0 - PWD Remote Exploit Xftp client 3.0 - 'PWD' Remote Exploit ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass) ProSSHD 1.2 - Authenticated Remote Exploit (ASLR + DEP Bypass) EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'MKD' Authenticated Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'CWD' Authenticated Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Command Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Buffer Overflow (Metasploit) Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit) Alt-N MDaemon 6.8.5 - WorldClient 'form2raw.cgi' Stack Buffer Overflow (Metasploit) Linksys WRT54 Access Point - apply.cgi Buffer Overflow (Metasploit) Linksys WRT54 Access Point - 'apply.cgi' Buffer Overflow (Metasploit) Progea Movicon 11 - TCPUploadServer Remote Exploit Progea Movicon 11 - 'TCPUploadServer' Remote Exploit PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit) PCMan FTP Server - 'PUT_ Buffer Overflow (Metasploit) Freefloat FTP Server - 'LIST' Command Buffer Overflow Freefloat FTP Server - 'LIST' Buffer Overflow KnFTP 1.0.0 Server - 'USER' command Remote Buffer Overflow KnFTP 1.0.0 Server - 'USER' Remote Buffer Overflow SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Exploit Matt Wright - FormHandler.cgi 2.0 Reply Attachment Matt Wright - 'FormHandler.cgi' 2.0 Reply Attachment Solution Scripts Home Free 1.0 - search.cgi Directory Traversal Solution Scripts Home Free 1.0 - 'search.cgi' Directory Traversal CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution CNC Technology BizDB 1.0 - 'bizdb-search.cgi' Remote Command Execution 3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution 3R Soft MailStudio 2000 2.0 - 'userreg.cgi' Arbitrary Command Execution Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote 'Username' and Password Retrieval Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username / Password Retrieval Greg Matthews - Classifieds.cgi 1.0 MetaCharacter Greg Matthews - 'Classifieds.cgi' 1.0 MetaCharacter Squid Web Proxy 2.2 - cachemgr.cgi Unauthorized Connection Squid Web Proxy 2.2 - 'cachemgr.cgi' Unauthorized Connection Leif M. Wright - ad.cgi 1.0 Unchecked Input Leif M. Wright - 'ad.cgi' 1.0 Unchecked Input NCSA 1.3/1.4.x/1.5 / Apache httpd 0.8.11/0.8.14 - ScriptAlias Source Retrieval NCSA 1.3/1.4.x/1.5 / Apache HTTPd 0.8.11/0.8.14 - ScriptAlias Source Retrieval SWSoft ASPSeek 1.0 - s.cgi Buffer Overflow SWSoft ASPSeek 1.0 - 's.cgi' Buffer Overflow Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - a1disp4.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - 'a1disp2.cgi' Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - 'a1disp3.cgi' Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - 'a1disp4.cgi' Traversal Arbitrary File Read Tarantella Enterprise 3 3.x - TTAWebTop.cgi Arbitrary File Viewing Tarantella Enterprise 3 3.x - 'TTAWebTop.cgi' Arbitrary File Viewing NCSA httpd 1.x - Buffer Overflow (1) NCSA httpd 1.x - Buffer Overflow (2) NCSA HTTPd 1.x - Buffer Overflow (1) NCSA HTTPd 1.x - Buffer Overflow (2) BPM Studio Pro 4.2 - HTTPD Directory Traversal BPM Studio Pro 4.2 - HTTPd Directory Traversal Light HTTPD 0.1 - GET Buffer Overflow (1) Light HTTPD 0.1 - GET Buffer Overflow (2) Light HTTPd 0.1 - GET Buffer Overflow (1) Light HTTPd 0.1 - GET Buffer Overflow (2) Null HTTPD 0.5 - Remote Heap Corruption Null HTTPd 0.5 - Remote Heap Corruption Boozt Standard 0.9.8 - index.cgi Buffer Overrun Boozt Standard 0.9.8 - 'index.cgi' Buffer Overrun Webmin 0.9x / Usermin 0.9x/1.0 - Session ID Spoofing Unauthenticated Access Webmin 0.9x / Usermin 0.9x/1.0 - Unauthenticated Access Session ID Spoofing Axis Communications Video Server 2.x - Command.cgi File Creation Axis Communications Video Server 2.x - 'Command.cgi' File Creation Freefloat FTP Server - 'PUT' Command Buffer Overflow Freefloat FTP Server - 'PUT' Buffer Overflow MNOGoSearch 3.1.20 - search.cgi UL Buffer Overflow (1) MNOGoSearch 3.1.20 - search.cgi UL Buffer Overflow (2) MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (1) MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (2) MySQL - Remote Unauthenticated User Enumeration (SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit MySQL - Unauthenticated Remote User Enumeration (SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Remote Authentication Bypass Freefloat FTP Server - 'USER' Command Buffer Overflow Freefloat FTP Server - 'USER' Buffer Overflow Mephistoles HTTPD 0.6 - Cross-Site Scripting Mephistoles HTTPd 0.6 - Cross-Site Scripting SurgeLDAP 1.0 - User.cgi Directory Traversal SurgeLDAP 1.0 - 'User.cgi' Directory Traversal Nagios3 - history.cgi Remote Command Execution Nagios3 - 'history.cgi' Remote Command Execution Nagios3 - history.cgi Host Command Execution (Metasploit) Nagios3 - 'history.cgi' Host Command Execution (Metasploit) Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun Firebird 1.0 - Unauthenticated Remote Database Name Buffer Overrun acme thttpd 2.0.7 - Directory Traversal Acme thttpd 2.0.7 - Directory Traversal Freefloat FTP Server 1.0 - 'Raw' Commands Buffer Overflow Freefloat FTP Server 1.0 - 'Raw' Buffer Overflow NETGEAR DGN1000B - setup.cgi Remote Command Execution (Metasploit) NETGEAR DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit) Linksys E1500/E2500 - apply.cgi Remote Command Injection (Metasploit) Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit) Linksys WRT54GL - apply.cgi Command Execution (Metasploit) Linksys WRT54GL - 'apply.cgi' Command Execution (Metasploit) NETGEAR DGN2200B - pppoe.cgi Remote Command Execution (Metasploit) NETGEAR DGN2200B - 'pppoe.cgi' Remote Command Execution (Metasploit) SAP ConfigServlet - Remote Unauthenticated Payload Execution (Metasploit) SAP ConfigServlet - Unauthenticated Remote Payload Execution (Metasploit) GroundWork - monarch_scan.cgi OS Command Injection (Metasploit) GroundWork - 'monarch_scan.cgi' OS Command Injection (Metasploit) Linksys WRT160N v2 - apply.cgi Remote Command Injection (Metasploit) Linksys WRT160N v2 - 'apply.cgi' Remote Command Injection (Metasploit) WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal WhitSoft SlimServe HTTPd 1.0/1.1 - Directory Traversal Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit Nginx 1.3.9/1.4.0 (x86) - Brute Force PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow PCMan FTP Server 2.07 - 'PASS' Buffer Overflow Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow Mikrotik RouterOS sshd (ROSSSH) - Unauthenticated Remote Heap Corruption PCMan FTP Server 2.07 - 'STOR' Buffer Overflow Cisco Secure ACS 2.3 - LoginProxy.cgi Cross-Site Scripting Cisco Secure ACS 2.3 - 'LoginProxy.cgi' Cross-Site Scripting PCMan FTP Server 2.07 - 'STOR' Command Stack Overflow (Metasploit) PCMan FTP Server 2.07 - 'STOR' Stack Overflow (Metasploit) Supermicro Onboard IPMI - close_window.cgi Buffer Overflow (Metasploit) Supermicro Onboard IPMI - 'close_window.cgi' Buffer Overflow (Metasploit) Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - setup.cgi Cross-Site Scripting Vulnerabilities Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - 'setup.cgi' Cross-Site Scripting TinTin++ / WinTin++ 1.97.9 - '#chat' Command Multiple Vulnerabilities TinTin++ / WinTin++ 1.97.9 - '#chat' Multiple Vulnerabilities PCMan FTP Server 2.07 - 'ABOR' Command Buffer Overflow PCMan FTP Server 2.07 - 'CWD' Command Buffer Overflow PCMan FTP Server 2.07 - 'ABOR' Buffer Overflow PCMan FTP Server 2.07 - 'CWD' Buffer Overflow Ultra Mini HTTPD 1.21 - POST Stack Buffer Overflow Ultra Mini HTTPD 1.21 - 'POST' Stack Buffer Overflow Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit Ultra Mini HTTPD 1.21 - 'POST' Stack Buffer Overflow ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal ALFTP FTP Client 4.1/5.0 - 'LIST' Directory Traversal Glub Tech Secure FTP 2.5.15 - 'LIST' Command Directory Traversal Glub Tech Secure FTP 2.5.15 - 'LIST' Directory Traversal UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal Classic FTP 1.02 - 'LIST' Command Directory Traversal UltraEdit 14.00b - FTP/SFTP 'LIST' Directory Traversal WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Directory Traversal Classic FTP 1.02 - 'LIST' Directory Traversal AceFTP 3.80.3 - 'LIST' Command Directory Traversal AceFTP 3.80.3 - 'LIST' Directory Traversal RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Command Directory Traversal RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Directory Traversal Vtiger - Install Unauthenticated Remote Command Execution (Metasploit) Vtiger - 'Install' Unauthenticated Remote Command Execution (Metasploit) httpdx 1.5 - 'MKD' Command Directory Traversal httpdx 1.5 - 'MKD' Directory Traversal D-Link Devices - Authentication.cgi Buffer Overflow (Metasploit) D-Link Devices - 'Authentication.cgi' Buffer Overflow (Metasploit) rbot 0.9.14 - '!react' Command Unauthorized Access rbot 0.9.14 - '!react' Unauthorized Access VMTurbo Operations Manager 4.6 - vmtadmin.cgi Remote Command Execution (Metasploit) VMTurbo Operations Manager 4.6 - 'vmtadmin.cgi' Remote Command Execution (Metasploit) Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow Solar FTP Server 2.1.1 - 'PASV' Remote Buffer Overflow Freefloat FTP Server - 'ALLO' Command Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'MKD' Command Buffer Overflow Freefloat FTP Server - 'ALLO' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'MKD' Buffer Overflow Endian Firewall 2.4 - openvpn_users.cgi PATH_INFO Cross-Site Scripting Endian Firewall 2.4 - 'openvpn_users.cgi?PATH_INFO' Cross-Site Scripting PCMan FTP Server 2.0.7 - 'PUT' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'PUT' Buffer Overflow PCMan FTP Server 2.0.7 - 'GET' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'GET' Buffer Overflow PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow Zpanel - Remote Unauthenticated Remote Code Execution (Metasploit) Zpanel - Unauthenticated Remote Code Execution (Metasploit) PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow (Metasploit) IPFire - proxy.cgi Remote Code Execution (Metasploit) IPFire - 'proxy.cgi' Remote Code Execution (Metasploit) PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'ls' Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit EasyFTP Server 1.7.0.11 - 'APPE' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow Freefloat FTP Server 1.0 - 'HOST' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'DELETE' Buffer Overflow Freefloat FTP Server 1.0 - 'ABOR' Buffer Overflow Freefloat FTP Server 1.0 - 'RMD' Buffer Overflow Freefloat FTP Server 1.0 - 'HOST' Buffer Overflow Freefloat FTP Server 1.0 - 'RENAME' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow Freefloat FTP Server 1.0 - 'RENAME' Buffer Overflow PCMan FTP Server 2.0.7 - 'UMASK' Buffer Overflow Freefloat FTP Server 1.0 - 'DIR' Buffer Overflow PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'NLST' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'SITE CHMOD' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow BolinTech DreamFTP Server 1.02 - 'RETR' Command Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'ACCT' Buffer Overflow Freefloat FTP Server 1.0 - 'SITE ZONE' Buffer Overflow PCMan FTP Server 2.0.7 - 'NLST' Buffer Overflow PCMan FTP Server 2.0.7 - 'SITE CHMOD' Buffer Overflow PCMan FTP Server 2.0.7 - 'PORT' Buffer Overflow BolinTech DreamFTP Server 1.02 - 'RETR' Remote Buffer Overflow NETGEAR DGN2200 - dnslookup.cgi Command Injection (Metasploit) NETGEAR DGN2200 - 'dnslookup.cgi' Command Injection (Metasploit) VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command Execution (Metasploit) VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Unauthenticated Command Execution (Metasploit) CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit CCBILL CGI - 'ccbillx.c' 'whereami.cgi' Remote Exploit phpBB 2.0.6 - search_id SQL Injection MD5 Hash Remote Exploit phpBB 2.0.6 - 'search_id' SQL Injection MD5 Hash Remote Exploit eXtropia Shopping Cart - web_store.cgi Remote Exploit eXtropia Shopping Cart - 'web_store.cgi' Remote Exploit Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit Limbo 1.0.4.2 - '_SERVER[REMOTE_ADDR]' Overwrite Remote Exploit TFT Gallery 0.10 - Password Disclosure Remote Exploit TFT Gallery 0.10 - Password Disclosure XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit XOOPS 2.0.13.2 - 'xoopsOption[nocommon]' Remote Exploit Drupal 4.7 - attachment mod_mime Remote Exploit Drupal 4.7 - 'Attachment mod_mime' Remote Exploit Cahier de texte 2.0 - Database Backup/Source Disclosure Remote Exploit Cahier de texte 2.0 - Database Backup / Source Disclosure CSPartner 1.0 - Delete All Users / SQL Injection Remote Exploit CSPartner 1.0 - Delete All Users / SQL Injection Podcast Generator 1.2 - Unauthorized Re-Installation Remote Exploit Podcast Generator 1.2 - Unauthorized Re-Installation SPIP < 2.0.9 - Arbitrary Copy All Passwords to .XML File Remote Exploit SPIP < 2.0.9 - Arbitrary Copy All Passwords to '.XML' File Nagios3 - statuswml.cgi Command Injection (Metasploit) Nagios3 - 'statuswml.cgi' Command Injection (Metasploit) QuickTime Streaming Server - parse_xml.cgi Remote Execution (Metasploit) QuickTime Streaming Server - 'parse_xml.cgi' Remote Execution (Metasploit) Nagios3 - statuswml.cgi Ping Command Execution (Metasploit) Nagios3 - 'statuswml.cgi' 'Ping' Command Execution (Metasploit) E-Mail Security Virtual Appliance - learn-msg.cgi Command Injection (Metasploit) E-Mail Security Virtual Appliance - 'learn-msg.cgi' Command Injection (Metasploit) AHG Search Engine 1.0 - search.cgi Arbitrary Command Execution AHG Search Engine 1.0 - 'search.cgi' Arbitrary Command Execution CGIScript.net - csPassword.cgi 1.0 Information Disclosure CGIScript.net - csPassword.cgi 1.0 HTAccess File Modification CGIScript.net - 'csPassword.cgi' 1.0 Information Disclosure CGIScript.net - 'csPassword.cgi' 1.0 HTAccess File Modification MailReader.com 2.3.x - NPH-MR.cgi File Disclosure MailReader.com 2.3.x - 'NPH-MR.cgi' File Disclosure BizDesign ImageFolio 2.x/3.0.1 - nph-build.cgi Cross-Site Scripting BizDesign ImageFolio 2.x/3.0.1 - 'nph-build.cgi' Cross-Site Scripting cPanel 5.0 - Guestbook.cgi Remote Command Execution (1) cPanel 5.0 - Guestbook.cgi Remote Command Execution (2) cPanel 5.0 - Guestbook.cgi Remote Command Execution (3) cPanel 5.0 - Guestbook.cgi Remote Command Execution (4) cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (1) cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (2) cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (3) cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (4) HappyMall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Command Execution HappyMall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Command Execution HappyMall E-Commerce Software 4.3/4.4 - Member_HTML.cgi Command Execution HappyMall E-Commerce Software 4.3/4.4 - 'Member_HTML.cgi' Command Execution Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Cross-Site Scripting Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Cross-Site Scripting Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi File Disclosure Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' File Disclosure Zeus Web Server 4.x - Admin Interface VS_Diag.cgi Cross-Site Scripting Zeus Web Server 4.x - Admin Interface 'VS_Diag.cgi' Cross-Site Scripting ImageFolio 2.2x/3.0/3.1 - Admin.cgi Directory Traversal ImageFolio 2.2x/3.0/3.1 - 'Admin.cgi' Directory Traversal SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting SurgeLDAP 1.0 d - 'User.cgi' Cross-Site Scripting Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.cgi Cross-Site Scripting Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - 'Message.cgi' Cross-Site Scripting CommerceSQL Shopping Cart 2.2 - index.cgi Directory Traversal CommerceSQL Shopping Cart 2.2 - 'index.cgi' Directory Traversal DansGuardian Webmin Module 0.x - edit.cgi Directory Traversal DansGuardian Webmin Module 0.x - 'edit.cgi' Directory Traversal ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access BoardPower Forum - ICQ.cgi Cross-Site Scripting BoardPower Forum - 'ICQ.cgi' Cross-Site Scripting Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution Axis Network Camera 2.x And Video Server 1-3 - 'virtualinput.cgi' Arbitrary Command Execution Gossamer Threads Links 2.x - User.cgi Cross-Site Scripting Gossamer Threads Links 2.x - 'User.cgi' Cross-Site Scripting MegaBook 2.0/2.1 - Admin.cgi EntryID Cross-Site Scripting MegaBook 2.0/2.1 - 'Admin.cgi?EntryID' Cross-Site Scripting PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting PerlDiver 2.31 - 'Perldiver.cgi' Cross-Site Scripting GlobalNoteScript 4.20 - Read.cgi Remote Command Execution GlobalNoteScript 4.20 - 'Read.cgi' Remote Command Execution Pngren 2.0.1 - Kaiseki.cgi Remote Command Execution Pngren 2.0.1 - 'Kaiseki.cgi' Remote Command Execution Walla TeleSite 3.0 - ts.cgi File Existence Enumeration Walla TeleSite 3.0 - 'ts.cgi' File Existence Enumeration Easy Search System 1.1 - search.cgi Cross-Site Scripting Easy Search System 1.1 - 'search.cgi' Cross-Site Scripting Kryptronic ClickCartPro 5.1/5.2 - CP-APP.cgi Cross-Site Scripting Kryptronic ClickCartPro 5.1/5.2 - 'CP-APP.cgi' Cross-Site Scripting Cholod MySQL Based Message Board - Mb.cgi SQL Injection Cholod MySQL Based Message Board - 'Mb.cgi' SQL Injection BlankOL 1.0 - Bol.cgi Multiple Cross-Site Scripting Vulnerabilities BlankOL 1.0 - 'Bol.cgi' Multiple Cross-Site Scripting Vulnerabilities Web-APP.net WebAPP 0.9.x - /mods/calendar/index.cgi?vsSD' Cross-Site Scripting Web-APP.net WebAPP 0.9.x - '/mods/calendar/index.cgi?vsSD' Cross-Site Scripting Net Clubs Pro 4.0 - imessage.cgi 'Username' Cross-Site Scripting Net Clubs Pro 4.0 - 'imessage.cgi?Username' Cross-Site Scripting Cosmoshop 8.10.78/8.11.106 - Lshop.cgi SQL Injection Cosmoshop 8.10.78/8.11.106 - 'Lshop.cgi' SQL Injection Netwin SurgeFTP 2.3a1 - SurgeFTPMGR.cgi Multiple Input Validation Vulnerabilities Netwin SurgeFTP 2.3a1 - 'SurgeFTPMGR.cgi' Multiple Input Validation Vulnerabilities WebEvent 4.03 - Webevent.cgi Cross-Site Scripting WebEvent 4.03 - 'Webevent.cgi' Cross-Site Scripting Urchin 5.7.x - session.cgi Cross-Site Scripting Urchin 5.7.x - 'session.cgi' Cross-Site Scripting Google Urchin 5.7.3 - Report.cgi Authentication Bypass Google Urchin 5.7.3 - \Report.cgi' Authentication Bypass Web Terra 1.1 - books.cgi Remote Command Execution Web Terra 1.1 - 'books.cgi' Remote Command Execution D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit Lancfg2get.cgi D-Link DSL-2730B Modem - 'Lancfg2get.cgi Persistent Cross-Site Scripting Zenoss 3.2.1 - Remote Authenticated Command Execution Zenoss 3.2.1 - Authenticated Remote Command Execution Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (Metasploit) Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Unauthenticated Remote Command Execution (Metasploit)	2017-10-27 05:01:37 +00:00
Offensive Security	c9ca104d1d	DB: 2017-10-26 11 new exploits Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow (PoC) Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Buffer Overflow (PoC) AT-TFTP 1.9 - 'Long Filename' Remote Buffer Overflow (PoC) AT-TFTP 1.9 - 'Filename' Remote Buffer Overflow (PoC) VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (PoC) VUPlayer 2.49 - '.asx' HREF Local Buffer Overflow (PoC) ByteCatcher FTP Client 1.0.4 - Long Server Banner Buffer Overflow ByteCatcher FTP Client 1.0.4 - 'Server Banner' Buffer Overflow Avant Browser 8.0.2 - Long HTTP Request Buffer Overflow Avant Browser 8.0.2 - 'HTTP Request' Buffer Overflow thttpd 2.2x - defang Remote Buffer Overflow (PoC) thttpd 2.2x - 'defang' Remote Buffer Overflow (PoC) Rigs of Rods 0.33d - Long Vehicle Name Buffer Overflow Rigs of Rods 0.33d - 'Vehicle Name' Buffer Overflow Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read Wireshark - 'infer_pkt_encap' Heap Based Out-of-Bounds Read Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Based Out-of-Bounds Read (1) Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Based Out-of-Bounds Read (2) Wireshark 1.12.0 < 1.12.12 / 2.0.0 < 2.0.4- PacketBB Dissector Denial of Service Wireshark 1.12.0 < 1.12.12 / 2.0.0 < 2.0.4 - PacketBB Dissector Denial of Service WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization (1) glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploits glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit WinRAR 3.30 - Long Filename Buffer Overflow (1) WinRAR 3.30 - Long Filename Buffer Overflow (2) WinRAR 3.30 - 'Filename' Buffer Overflow (1) WinRAR 3.30 - 'Filename' Buffer Overflow (2) Pico Zip 4.01 - Long Filename Buffer Overflow Pico Zip 4.01 - 'Filename' Buffer Overflow PowerZip 7.06.38950 - Long Filename Handling Buffer Overflow PowerZip 7.06.38950 - 'Filename Handling' Buffer Overflow Oracle 9i/10g - Evil Views Change Passwords Exploit Oracle 9i/10g - Evil Views Change Passwords Oracle 10g/11g - SYS.LT.FINDRICSET SQL Injection (1) Oracle 10g/11g - SYS.LT.FINDRICSET SQL Injection (2) Oracle 10g/11g - 'SYS.LT.FINDRICSET' SQL Injection (1) Oracle 10g/11g - 'SYS.LT.FINDRICSET' SQL Injection (2) VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (2) VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (1) VUPlayer 2.49 - '.asx' HREF Local Buffer Overflow (2) VUPlayer 2.49 - '.asx' HREF Local Buffer Overflow (1) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (1) Wireshark 1.4.4 - 'packet-dect.c' Stack Buffer Overflow (Metasploit) (1) SGI IRIX 6.2 - eject Exploit (1) SGI IRIX 6.2 - eject Exploit (2) SGI IRIX 6.2 - 'eject' Exploit (1) SGI IRIX 6.2 - 'eject' Exploit (2) Slackware Linux 3.1/3.2 - color_xterm Buffer Overflow (2) Slackware Linux 3.1/3.2 - 'color_xterm' Buffer Overflow (2) RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (2) RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (2) RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - klogd Buffer Overflow (1) RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - klogd Buffer Overflow (2) RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Buffer Overflow (1) RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Buffer Overflow (2) Solaris 2.5.1 kcms - Buffer Overflow (1) Solaris 2.5.1 kcms - Buffer Overflow (2) Solaris 2.5.1 - 'kcms' Buffer Overflow (1) Solaris 2.5.1 - 'kcms' Buffer Overflow (2) SGI IRIX 6.3 Systour and OutOfBox - Exploits SGI IRIX 6.3 Systour and OutOfBox - Exploit RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap tgetent() Buffer Overflow (1) RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap 'tgetent()' Buffer Overflow (1) GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit GNU glibc 2.1/2.1.1 -6 - 'pt_chown' Exploit Solaris 7.0 ufsdump - Local Buffer Overflow (1) Solaris 7.0 ufsdump - Local Buffer Overflow (2) Solaris 7.0 - 'ufsdump' Local Buffer Overflow (1) Solaris 7.0 - 'ufsdump' Local Buffer Overflow (2) SCO Unixware 7.0 - xlock(1) (long 'Username') Buffer Overflow SCO Unixware 7.0 - 'xlock(1)' 'Username' Buffer Overflow RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (1) RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (2) RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x - 'man' Buffer Overrun (1) RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x - 'man' Buffer Overrun (2) Solaris 2.6/7.0 - lpset -r Buffer Overflow (1) Solaris 2.6/7.0 - lpset -r Buffer Overflow (2) Solaris 2.6/7.0 - lpset -r Buffer Overflow (3) Solaris 2.6/7.0 - 'lpset -r' Buffer Overflow (1) Solaris 2.6/7.0 - 'lpset -r' Buffer Overflow (2) Solaris 2.6/7.0 - 'lpset -r' Buffer Overflow (3) Solaris 2.6/7.0/8 netpr - Buffer Overflow (1) Solaris 2.6/7.0/8 netpr - Buffer Overflow (2) Solaris 2.6/7.0/8 - 'netpr' Buffer Overflow (1) Solaris 2.6/7.0/8 - 'netpr' Buffer Overflow (2) S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (1) S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (2) S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (3) S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Buffer Overflow (1) S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Buffer Overflow (2) S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Buffer Overflow (3) Solaris 2.x/7.0/8 Catman - Race Condition (1) Solaris 2.x/7.0/8 Catman - Race Condition (2) Solaris 2.x/7.0/8 - 'Catman' Race Condition (1) Solaris 2.x/7.0/8 - 'Catman' Race Condition (2) DG/UX 4.20 lpsched - Long Error Message Buffer Overflow DG/UX 4.20 lpsched - 'Error Message' Buffer Overflow Solaris 7/8 kcms_configure - Command-Line Buffer Overflow (1) Solaris 7/8 kcms_configure - Command-Line Buffer Overflow (2) Solaris 7/8 - 'kcms_configure' Command-Line Buffer Overflow (1) Solaris 7/8 - 'kcms_configure' Command-Line Buffer Overflow (2) Solaris 2.5/2.6/7.0/8 - mailx -F Buffer Overflow (1) Solaris 2.5/2.6/7.0/8 - mailx -F Buffer Overflow (2) Solaris 2.5/2.6/7.0/8 - 'mailx -F' Buffer Overflow (1) Solaris 2.5/2.6/7.0/8 - 'mailx -F' Buffer Overflow (2) Sawmill 6.2.x - AdminPassword Insecure Default Permissions Sawmill 6.2.x - Admin Password Insecure Default Permissions XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (1) XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (2) XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (3) XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (4) XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (1) XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (2) XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (3) XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (4) BlazeVideo HDTV Player 6.6 Professional - Exploit (Direct Retn) BlazeVideo HDTV Player 6.6 Professional - Exploit (Direct RETN) Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation (1) Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation (2) Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - 'Long Filename' Remote Buffer Overflow Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - 'Filename' Remote Buffer Overflow Microsoft Internet Explorer - XML Parsing Buffer Overflow Microsoft Internet Explorer - XML Parsing Buffer Overflow (1) Microsoft Internet Explorer - XML Parsing Buffer Overflow Microsoft Internet Explorer - XML Parsing Buffer Overflow (2) Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow Orbit Downloader 2.8.4 - 'Hostname' Remote Buffer Overflow Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities Huawei SmartAX MT880 - Cross-Site Request Forgery Multiple Vulnerabilities Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit) Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (1) (Metasploit) HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities HP LaserJet Printers - Persistent Cross-Site Scripting Multiple Vulnerabilities XFTP 3.0 Build 0239 - Long Filename Buffer Overflow XFTP 3.0 Build 0239 - 'Filename' Buffer Overflow Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit) Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (2) (Metasploit) D-Link TFTP 1.0 - Long Filename Buffer Overflow (Metasploit) ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit) D-Link TFTP 1.0 - 'Filename' Buffer Overflow (Metasploit) ProSysInfo TFTP server TFTPDWIN 0.4.2 - 'Filename' Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) - 'Mode' Buffer Overflow (Metasploit) TFTPD32 < 2.21 - Long Filename Buffer Overflow (Metasploit) TFTPD32 < 2.21 - 'Filename' Buffer Overflow (Metasploit) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (2) Wireshark 1.4.4 - 'packet-dect.c' Stack Buffer Overflow (Metasploit) (2) WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - realpath Exploit (1) WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - realpath Exploit (2) WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Exploit (1) WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Exploit (2) Trend Micro Interscan VirusWall 3.2.3/3.3 - Long HELO Buffer Overflow (1) Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Buffer Overflow (1) Trend Micro Interscan VirusWall 3.2.3/3.3 - Long HELO Buffer Overflow (2) Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Buffer Overflow (2) Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (1) Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (2) Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (3) Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (4) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (1) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (2) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (3) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (4) Sun Java Web Server 1.1.3/2.0 Servlets - Exploits Sun Java Web Server 1.1.3/2.0 Servlets - Exploit Samba 1.9.19 - Long Password Buffer Overflow Samba 1.9.19 - 'Password' Buffer Overflow OReilly Software WebSite Professional 2.5.4 - Directory Disclosure OReilly Software WebSite Professional 2.5.4 - Path Disclosure PowerScripts PlusMail WebConsole 1.0 - Poor Authentication (1) PowerScripts PlusMail WebConsole 1.0 - Poor Authentication (2) PowerScripts PlusMail WebConsole 1.0 - Poor Authentication (3) PowerScripts PlusMail WebConsole 1.0 - Weak Authentication (1) PowerScripts PlusMail WebConsole 1.0 - Weak Authentication (2) PowerScripts PlusMail WebConsole 1.0 - Weak Authentication (3) AOLServer 3 - Long Authentication String Buffer Overflow (1) AOLServer 3 - Long Authentication String Buffer Overflow (2) AOLServer 3 - 'Authentication String' Buffer Overflow (1) AOLServer 3 - 'Authentication String' Buffer Overflow (2) John Roy Pi3Web 2.0 For Windows - Long Request Buffer Overflow John Roy Pi3Web 2.0 For Windows - Buffer Overflow Phusion WebServer 1.0 - Long URL Buffer Overflow Phusion WebServer 1.0 - 'URL' Buffer Overflow Essentia Web Server 2.1 - Long URL Buffer Overflow Essentia Web Server 2.1 - 'URL' Buffer Overflow Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross-Site Scripting Vulnerabilities Monkey HTTP Server 0.1/0.4/0.5 - Cross-Site Scripting Multiple Vulnerabilities TFTPD32 2.50 - Long Filename Buffer Overflow TFTPD32 2.50 - 'Filename' Buffer Overflow Opera 6.0/7.0 - Long Filename Download Buffer Overrun Opera 6.0/7.0 - 'Filename Download' Buffer Overrun PGP4Pine 1.75.6/1.76 - Long Message Line Buffer Overflow PGP4Pine 1.75.6/1.76 - 'Message Line' Buffer Overflow Passlog Daemon 0.1 - SL_Parse Remote Buffer Overflow (1) Passlog Daemon 0.1 - SL_Parse Remote Buffer Overflow (2) Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (1) Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (2) Tellurian TftpdNT 1.8/2.0 - Long Filename Buffer Overrun Tellurian TftpdNT 1.8/2.0 - 'Filename' Buffer Overrun Nokia Electronic Documentation 5.0 - Directory Disclosure Nokia Electronic Documentation 5.0 - Path Disclosure TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities TCLHttpd 3.4.2 - Cross-Site Scripting Multiple Vulnerabilities WebFS 1.x - Long Pathname Buffer Overrun WebFS 1.x - 'Pathname' Buffer Overrun Monit 1.4/2.x/3/4 - Long HTTP Request Buffer Overrun Monit 1.4/2.x/3/4 - 'HTTP Request' Buffer Overrun Novell Netware Enterprise Web Server 5.1/6.0 - Multiple Cross-Site Scripting Vulnerabilities Novell Netware Enterprise Web Server 5.1/6.0 - Cross-Site Scripting Multiple Vulnerabilities Oracle Reports Server 10g 9.0.2 - Multiple Cross-Site Scripting Vulnerabilities Oracle Reports Server 10g 9.0.2 - Cross-Site Scripting Multiple Vulnerabilities NETGEAR MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NETGEAR MA521 Wireless Driver 5.148.724 - 'Beacon Probe' Buffer Overflow Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities Hilgraeve HyperAccess 8.4 - Remote Command Execution Multiple Vulnerabilities TeamSpeak Server 2.0.23 (Multiple Scripts) - Multiple Cross-Site Scripting Vulnerabilities TeamSpeak Server 2.0.23 (Multiple Scripts) - Cross-Site Scripting Multiple Vulnerabilities RedHat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities RedHat Directory Server 7.1 - Cross-Site Scripting Multiple Vulnerabilities Novell Groupwise 5.57e/6.5.7/7.0 Webaccess - Multiple Cross-Site Scripting Vulnerabilities Novell Groupwise 5.57e/6.5.7/7.0 Webaccess - Cross-Site Scripting Multiple Vulnerabilities RSA Authentication Agent for Web 5.3 - URI Redirection RSA Authentication Agent for Web 5.3 - Open Redirection Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' URI redirection Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' Open Redirection Novell QuickFinder Server - Multiple Cross-Site Scripting Vulnerabilities Novell QuickFinder Server - Cross-Site Scripting Multiple Vulnerabilities Linksys WVC54GCA 1.00R22/1.00R24 (Wireless-G) - Multiple Cross-Site Scripting Vulnerabilities Linksys WVC54GCA 1.00R22/1.00R24 (Wireless-G) - Cross-Site Scripting Multiple Vulnerabilities XAMPP 1.6.x - Multiple Cross-Site Scripting Vulnerabilities XAMPP 1.6.x - Cross-Site Scripting Multiple Vulnerabilities Zenoss 2.3.3 - Multiple Cross-Site Request Forgery Vulnerabilities Zenoss 2.3.3 - Cross-Site Request Forgery Multiple Vulnerabilities Huawei HG510 - Multiple Cross-Site Request Forgery Vulnerabilities Huawei HG510 - Cross-Site Request Forgery Multiple Vulnerabilities IBM Lotus Notes 6.5.6 - 'names.nsf' Open redirection IBM Lotus Notes 6.5.6 - 'names.nsf' Open Redirection HP System Management Homepage - 'RedirectUrl' URI Redirection HP System Management Homepage - 'RedirectUrl' Open Redirection Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities Nagios XI - Cross-Site Request Forgery Multiple Vulnerabilities DServe - Multiple Cross-Site Scripting Vulnerabilities DServe - Cross-Site Scripting Multiple Vulnerabilities Mozilla Firefox/Thunderbird/SeaMonkey - Multiple HTML Injection Vulnerabilities Mozilla Firefox/Thunderbird/SeaMonkey - HTML Injection Multiple Vulnerabilities Microsoft Visual Studio Report Viewer 2005 Control - Multiple Cross-Site Scripting Vulnerabilities SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities Microsoft Visual Studio Report Viewer 2005 Control - Cross-Site Scripting Multiple Vulnerabilities SurgeFTP 23b6 - Cross-Site Scripting Multiple Vulnerabilities Xavi 7968 ADSL Router - Multiple Cross-Site Request Forgery Vulnerabilities Xavi 7968 ADSL Router - Cross-Site Request Forgery Multiple Vulnerabilities Barracuda CudaTel Communication Server 2.0.029.1 - Multiple HTML Injection Vulnerabilities Barracuda CudaTel Communication Server 2.0.029.1 - HTML Injection Multiple Vulnerabilities Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities Barracuda Email Security Service - HTML Injection Multiple Vulnerabilities Websense Content Gateway - Multiple Cross-Site Scripting Vulnerabilities Websense Content Gateway - Cross-Site Scripting Multiple Vulnerabilities FirePass 7.0 SSL VPN - 'refreshURL' URI Redirection FirePass 7.0 SSL VPN - 'refreshURL' Open Redirection Fortinet FortiWeb (Multiple Appliances) - Multiple Cross-Site Scripting Vulnerabilities Fortinet FortiWeb (Multiple Appliances) - Cross-Site Scripting Multiple Vulnerabilities Apache OFBiz 10.4.x - Multiple Cross-Site Scripting Vulnerabilities Apache OFBiz 10.4.x - Cross-Site Scripting Multiple Vulnerabilities Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities Dell SonicWALL Scrutinizer - HTML Injection Multiple Vulnerabilities Foscam IP (Multiple Cameras) - Multiple Cross-Site Request Forgery Vulnerabilities Foscam IP (Multiple Cameras) - Cross-Site Request Forgery Multiple Vulnerabilities Sony CH / DH Series IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities Sony CH / DH Series IP Cameras - Cross-Site Request Forgery Multiple Vulnerabilities Apache Struts 2.2.3 - Multiple Open redirection Vulnerabilities Apache Struts 2.2.3 - Multiple Open Redirections Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities Barracuda CudaTel - Cross-Site Scripting Multiple Vulnerabilities Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution (Metasploit) ZeroBoard Worm - Source Code ZeroBoard - Worm Source Code Maxwebportal 1.36 - 'Password.asp' Change Password Exploit (3) (Perl) Maxwebportal 1.36 - 'Password.asp' Change Password Exploit (2) (PHP) Maxwebportal 1.36 - 'Password.asp' Change Password Exploit (1) (HTML) Maxwebportal 1.36 - 'Password.asp' Change Password (3) (Perl) Maxwebportal 1.36 - 'Password.asp' Change Password (2) (PHP) Maxwebportal 1.36 - 'Password.asp' Change Password (1) (HTML) Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities Jupiter CMS 1.1.5 - Cross-Site Scripting Multiple Vulnerabilities AuraCMS 2.x - '/user.php' Security Code Bypass / Add Administrator AuraCMS 2.x - '/user.php' Security Code Bypass / Arbitrary Add Administrator pPIM 1.0 - upload/change Password pPIM 1.0 - Upload/Change Password Observer 0.3.2.1 - Multiple Remote Command Execution Vulnerabilities Observer 0.3.2.1 - Remote Command Execution Multiple Vulnerabilities VideoScript 4.0.1.50 - Admin Change Password Exploit VideoScript 4.0.1.50 - Change Admin Password txtBB 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit txtBB 1.0 RC3 - HTML/JS Injection / Arbitrary Add Admin Privileges eLitius 1.0 - '/manage-admin.php' Add Admin/Change Password Exploit eLitius 1.0 - '/manage-admin.php' Arbitrary Add Admin/Change Password Exploit ShaadiClone 2.0 - 'addAdminmembercode.php' Add Admin ShaadiClone 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin ZeeCareers 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities ecshop 2.6.2 - Remote Command Execution Multiple Vulnerabilities Zen Cart 1.3.8 - SQL Execution Exploit Zen Cart 1.3.8 - SQL Execution ZenPhoto Gallery 1.2.5 - Admin Password Reset (CRSF) ZenPhoto Gallery 1.2.5 - Admin Password Reset (Cross-Site Request Forgery) Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities Snitz Forums 2000 - Cross-Site Scripting Multiple Vulnerabilities Hyperic HQ 3.2 < 4.2-beta1 - Multiple Cross-Site Scripting Vulnerabilities Hyperic HQ 3.2 < 4.2-beta1 - Cross-Site Scripting Multiple Vulnerabilities McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross-Site Scripting Vulnerabilities McAfee Network Security Manager < 5.1.11.8.1 - Cross-Site Scripting Multiple Vulnerabilities IBM Rational RequisitePro 7.10 / ReqWebHelp - Multiple Cross-Site Scripting Vulnerabilities IBM Rational RequisitePro 7.10 / ReqWebHelp - Cross-Site Scripting Multiple Vulnerabilities Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities Sun Solaris AnswerBook2 - Cross-Site Scripting Multiple Vulnerabilities Chipmunk Board Script 1.x - Multiple Cross-Site Request Forgery Vulnerabilities Chipmunk Board Script 1.x - Cross-Site Request Forgery Multiple Vulnerabilities Ez Cart 1.0 - Multiple Cross-Site Request Forgery Vulnerabilities Ez Cart 1.0 - Cross-Site Request Forgery Multiple Vulnerabilities Basic PHP Events Lister 2 - Add Admin Jobscript4Web 3.5 - Multiple Cross-Site Request Forgery Vulnerabilities Basic PHP Events Lister 2 - Arbitrary Add Admin Jobscript4Web 3.5 - Cross-Site Request Forgery Multiple Vulnerabilities Traidnt Gallery - Add Admin Traidnt Gallery - Arbitrary Add Admin X7CHAT 1.3.6b - Add Admin X7CHAT 1.3.6b - Arbitrary Add Admin Drupal 6.15 - Multiple Persistent Cross-Site Scripting Vulnerabilities Drupal 6.15 - Persistent Cross-Site Scripting Multiple Vulnerabilities CiviCRM 3.1 < Beta 5 - Multiple Cross-Site Scripting Vulnerabilities CiviCRM 3.1 < Beta 5 - Cross-Site Scripting Multiple Vulnerabilities Croogo 1.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities Croogo 1.2.1 - Cross-Site Request Forgery Multiple Vulnerabilities cPanel - Multiple Cross-Site Request Forgery Vulnerabilities cPanel - Cross-Site Request Forgery Multiple Vulnerabilities ATutor 1.6.4 - Multiple Cross-Site Scripting Vulnerabilities ANE CMD CRSF - Add Admin ATutor 1.6.4 - Cross-Site Scripting Multiple Vulnerabilities ANE CMD CRSF - Arbitrary Add Admin Apache OFBiz - Multiple Cross-Site Scripting Vulnerabilities Apache OFBiz - Cross-Site Scripting Multiple Vulnerabilities eXtreme Message Board 1.9.11 - Multiple Cross-Site Request Forgery Vulnerabilities eXtreme Message Board 1.9.11 - Cross-Site Request Forgery Multiple Vulnerabilities Campsite CMS 3.4.0 - Multiple Cross-Site Request Forgery Vulnerabilities Campsite CMS 3.4.0 - Cross-Site Request Forgery Multiple Vulnerabilities Phreebooks 2.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities Phreebooks 2.0 - Persistent Cross-Site Scripting Multiple Vulnerabilities Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities Orbis CMS 1.0.2 - Cross-Site Request Forgery Multiple Vulnerabilities ZenPhoto CMS 1.3 - Multiple Cross-Site Request Forgery Vulnerabilities ZenPhoto CMS 1.3 - Cross-Site Request Forgery Multiple Vulnerabilities Joomla! Component JomSocial 1.6.288 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component JomSocial 1.6.288 - Cross-Site Scripting Multiple Vulnerabilities Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (1) Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities TomatoCMS 2.0.5 - Multiple Cross-Site Request Forgery Vulnerabilities Frog CMS 0.9.5 - Cross-Site Request Forgery Multiple Vulnerabilities TomatoCart 1.0.1 - Cross-Site Request Forgery Multiple Vulnerabilities TomatoCMS 2.0.5 - Cross-Site Request Forgery Multiple Vulnerabilities TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities TheHostingTool 1.2.2 - Cross-Site Request Forgery Multiple Vulnerabilities Grafik CMS 1.1.2 - Multiple Cross-Site Request Forgery Vulnerabilities Grafik CMS 1.1.2 - Cross-Site Request Forgery Multiple Vulnerabilities Diferior CMS 8.03 - Multiple Cross-Site Request Forgery Vulnerabilities Diferior CMS 8.03 - Cross-Site Request Forgery Multiple Vulnerabilities MyIT CRM - Multiple Cross-Site Scripting Vulnerabilities MyIT CRM - Cross-Site Scripting Multiple Vulnerabilities Saurus CMS Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities Saurus CMS Admin Panel - Cross-Site Request Forgery Multiple Vulnerabilities Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities Hycus CMS 1.0.1 - Cross-Site Request Forgery Multiple Vulnerabilities sNews CMS - Multiple Cross-Site Scripting Vulnerabilities sNews CMS - Cross-Site Scripting Multiple Vulnerabilities BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities BlogBird Platform - Cross-Site Scripting Multiple Vulnerabilities Front Accounting 2.3RC2 - Multiple Persistent Cross-Site Scripting Vulnerabilities Front Accounting 2.3RC2 - Persistent Cross-Site Scripting Multiple Vulnerabilities Diferior 8.03 - Multiple Cross-Site Scripting Vulnerabilities Diferior 8.03 - Cross-Site Scripting Multiple Vulnerabilities MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities MySmartBB 1.7 - Cross-Site Scripting Multiple Vulnerabilities Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities Radius Manager 3.8.0 - Cross-Site Scripting Multiple Vulnerabilities PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities PiXie CMS 1.04 - Cross-Site Request Forgery Multiple Vulnerabilities Openfire 3.6.4 - Multiple Cross-Site Request Forgery Vulnerabilities Openfire 3.6.4 - Cross-Site Request Forgery Multiple Vulnerabilities TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities TaskFreak! 0.6.4 - Cross-Site Scripting Multiple Vulnerabilities SmarterMail 8.0 - Multiple Cross-Site Scripting Vulnerabilities SmarterMail 8.0 - Cross-Site Scripting Multiple Vulnerabilities WikiWig 5.01 - Multiple Cross-Site Scripting Vulnerabilities WikiWig 5.01 - Cross-Site Scripting Multiple Vulnerabilities Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2) DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities DoceboLms 4.0.4 - Persistent Cross-Site Scripting Multiple Vulnerabilities docuFORM Mercury WebApp 6.16a/5.20 - Multiple Cross-Site Scripting Vulnerabilities SocialCMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities docuFORM Mercury WebApp 6.16a/5.20 - Cross-Site Scripting Multiple Vulnerabilities SocialCMS 1.0.2 - Cross-Site Request Forgery Multiple Vulnerabilities ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities ManageEngine ServiceDesk Plus 8.0 Build 8013 - Cross-Site Scripting Multiple Vulnerabilities ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities ManageEngine ServiceDesk Plus 8.0 - Persistent Cross-Site Scripting Multiple Vulnerabilities Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities Family CMS 2.7.2 - Persistent Cross-Site Scripting Multiple Vulnerabilities FCMS CMS 2.7.2 - Multiple Cross-Site Request Forgery Vulnerabilities FCMS CMS 2.7.2 - Cross-Site Request Forgery Multiple Vulnerabilities Plume CMS 1.2.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities Plume CMS 1.2.4 - Persistent Cross-Site Scripting Multiple Vulnerabilities Sphinix Mobile Web Server 3.1.2.47 - Multiple Persistent Cross-Site Scripting Vulnerabilities Apache Struts - Multiple Persistent Cross-Site Scripting Vulnerabilities Sphinix Mobile Web Server 3.1.2.47 - Persistent Cross-Site Scripting Multiple Vulnerabilities Apache Struts - Persistent Cross-Site Scripting Multiple Vulnerabilities FlexCMS 3.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities FlexCMS 3.2.1 - Cross-Site Request Forgery Multiple Vulnerabilities Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities Sitecom WLM-2501 - Cross-Site Request Forgery Multiple Vulnerabilities vBshop - Multiple Persistent Cross-Site Scripting Vulnerabilities vBshop - Persistent Cross-Site Scripting Multiple Vulnerabilities XOOPS 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities XOOPS 2.5.4 - Cross-Site Scripting Multiple Vulnerabilities Oracle GlassFish Server 3.1.1 (build 12) - Multiple Cross-Site Scripting Vulnerabilities Oracle GlassFish Server 3.1.1 (build 12) - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Zingiri Web Shop 2.4.0 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Zingiri Web Shop 2.4.0 - Cross-Site Scripting Multiple Vulnerabilities WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities WordPress 3.3.1 - Cross-Site Request Forgery Multiple Vulnerabilities Baby Gekko CMS 1.1.5c - Multiple Persistent Cross-Site Scripting Vulnerabilities Baby Gekko CMS 1.1.5c - Persistent Cross-Site Scripting Multiple Vulnerabilities Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities Zoho BugTracker - Persistent Cross-Site Scripting Multiple Vulnerabilities T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Vulnerabilities T-dah Webmail Client - Persistent Cross-Site Scripting Multiple Vulnerabilities Hivemail Webmail - Multiple Persistent Cross-Site Scripting Vulnerabilities Hivemail Webmail - Persistent Cross-Site Scripting Multiple Vulnerabilities Wiki Web Help 0.3.9 - Multiple Persistent Cross-Site Scripting Vulnerabilities XWiki 4.2-milestone-2 - Multiple Persistent Cross-Site Scripting Vulnerabilities Wiki Web Help 0.3.9 - Persistent Cross-Site Scripting Multiple Vulnerabilities XWiki 4.2-milestone-2 - Persistent Cross-Site Scripting Multiple Vulnerabilities Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities Geeklog 1.3.5 - Cross-Site Scripting Multiple Vulnerabilities Kerio MailServer 5.0/5.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities Mozilla Bonsai - Multiple Cross-Site Scripting Vulnerabilities Kerio MailServer 5.0/5.1 Web Mail - Cross-Site Scripting Multiple Vulnerabilities Mozilla Bonsai - Cross-Site Scripting Multiple Vulnerabilities SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting Multiple Vulnerabilities phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities phpLinkat 0.1 - Cross-Site Scripting Multiple Vulnerabilities PHP-Nuke 5.x/6.0/6.5 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities PHP-Nuke 5.x/6.0/6.5 Beta 1 - Cross-Site Scripting Multiple Vulnerabilities PHP-Nuke 6.0 - Multiple Cross-Site Scripting Vulnerabilities PHP-Nuke 6.0 - Cross-Site Scripting Multiple Vulnerabilities Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities Endpoint Protector 4.0.4.2 - Persistent Cross-Site Scripting Multiple Vulnerabilities EZ Publish 2.2.7/3.0 - Multiple Cross-Site Scripting Vulnerabilities EZ Publish 2.2.7/3.0 - Cross-Site Scripting Multiple Vulnerabilities WebChat 2.0 - 'users.php?Database 'Username' Disclosure WebChat 2.0 - 'users.php?Database Username Disclosure PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel - Multiple Cross-Site Scripting Vulnerabilities PostNuke 0.723 - Cross-Site Scripting Multiple Vulnerabilities Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel - Cross-Site Scripting Multiple Vulnerabilities MegaBook 1.1/2.0/2.1 - Multiple HTML Injection Vulnerabilities MegaBook 1.1/2.0/2.1 - HTML Injection Multiple Vulnerabilities m0n0wall 1.33 - Multiple Cross-Site Request Forgery Vulnerabilities m0n0wall 1.33 - Cross-Site Request Forgery Multiple Vulnerabilities Enterpriser16 Load Balancer 7.1 - Multiple Cross-Site Scripting Vulnerabilities Enterpriser16 Load Balancer 7.1 - Cross-Site Scripting Multiple Vulnerabilities Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities Invision Power Board 1.3 - Cross-Site Scripting Multiple Vulnerabilities YABB SE 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities YABB SE 1.5.1 - Cross-Site Scripting Multiple Vulnerabilities PHP-Nuke MS-Analysis Module - Multiple Cross-Site Scripting Vulnerabilities PHP-Nuke MS-Analysis Module - Cross-Site Scripting Multiple Vulnerabilities BlackBoard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities BlackBoard Learning System 5.x/6.0 - Cross-Site Scripting Multiple Vulnerabilities PHPX 3.x - Multiple Cross-Site Scripting Vulnerabilities PHPX 3.x - Cross-Site Scripting Multiple Vulnerabilities Adam Webb NukeJokes 1.7/2.0 Module - Multiple Cross-Site Scripting Vulnerabilities Adam Webb NukeJokes 1.7/2.0 Module - Cross-Site Scripting Multiple Vulnerabilities Liferay Enterprise Portal 1.x/2.x/5.0.2 - Multiple Cross-Site Scripting Vulnerabilities Liferay Enterprise Portal 1.x/2.x/5.0.2 - Cross-Site Scripting Multiple Vulnerabilities Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities Crafty Syntax Live Help 2.7.3 - HTML Injection Multiple Vulnerabilities PHP-Nuke 6.x/7.x Reviews Module - Multiple Cross-Site Scripting Vulnerabilities PHP-Nuke 6.x/7.x Reviews Module - Cross-Site Scripting Multiple Vulnerabilities Mantis 0.x - Multiple Cross-Site Scripting Vulnerabilities Mantis 0.x - Cross-Site Scripting Multiple Vulnerabilities PHP Code Snippet Library 0.8 - Multiple Cross-Site Scripting Vulnerabilities Nagl XOOPS Dictionary Module 1.0 - Multiple Cross-Site Scripting Vulnerabilities PHP Code Snippet Library 0.8 - Cross-Site Scripting Multiple Vulnerabilities Nagl XOOPS Dictionary Module 1.0 - Cross-Site Scripting Multiple Vulnerabilities glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities glFusion 1.2.2 - Cross-Site Scripting Multiple Vulnerabilities MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Guestbook 1.0 - Cross-Site Scripting Multiple Vulnerabilities MTP Poll 1.0 - Cross-Site Scripting Multiple Vulnerabilities DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities DCP-Portal 3.7/4.x/5.x - HTML Injection Multiple Vulnerabilities FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities FuseTalk Forum 4.0 - Cross-Site Scripting Multiple Vulnerabilities Mark Zuckerberg Thefacebook - Multiple Cross-Site Scripting Vulnerabilities Mark Zuckerberg Thefacebook - Cross-Site Scripting Multiple Vulnerabilities ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities ViewGit 0.0.6 - Cross-Site Scripting Multiple Vulnerabilities Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple Cross-Site Request Forgery Vulnerabilities Vanilla Forums Van2Shout Plugin 1.0.51 - Cross-Site Request Forgery Multiple Vulnerabilities WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities WorkBoard 1.2 - Cross-Site Scripting Multiple Vulnerabilities ProjectBB 0.4.5.1 - Cross-Site Scripting Multiple Vulnerabilities Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilities Exponent CMS 0.95 - Cross-Site Scripting Multiple Vulnerabilities PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities PHP-Nuke 6.x/7.x - Cross-Site Scripting Multiple Vulnerabilities ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities ZeroBoard 4.1 - Cross-Site Scripting Multiple Vulnerabilities OOApp Guestbook - Multiple HTML Injection Vulnerabilities OOApp Guestbook - HTML Injection Multiple Vulnerabilities CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities CubeCart 2.0.x - Cross-Site Scripting Multiple Vulnerabilities PHP Arena PAFileDB 3.1 - Multiple Cross-Site Scripting Vulnerabilities PHP Arena PAFileDB 3.1 - Cross-Site Scripting Multiple Vulnerabilities PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities PunBB 1.2.3 - HTML Injection Multiple Vulnerabilities PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities PHPOpenChat 3.0.1 - HTML Injection Multiple Vulnerabilities Oracle Reports Server 10g - Multiple Cross-Site Scripting Vulnerabilities Oracle Reports Server 10g - Cross-Site Scripting Multiple Vulnerabilities Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities Nuke BookMarks 0.6 - Cross-Site Scripting Multiple Vulnerabilities Tkai's Shoutbox - 'Query' URI redirection Tkai's Shoutbox - 'Query' Open Redirection CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities CPG Dragonfly 9.0.2.0 - Cross-Site Scripting Multiple Vulnerabilities Alstrasoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities Alstrasoft EPay Pro 2.0 - Cross-Site Scripting Multiple Vulnerabilities PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities PHP-Nuke 7.6 Web_Links Module - Cross-Site Scripting Multiple Vulnerabilities Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities Ultimate PHP Board 1.8/1.9 - Cross-Site Scripting Multiple Vulnerabilities PWSPHP 1.2 - Multiple Cross-Site Scripting Vulnerabilities PWSPHP 1.2 - Cross-Site Scripting Multiple Vulnerabilities Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities Skull-Splitter Guestbook 1.0/2.0/2.2 - HTML Injection Multiple Vulnerabilities Spread The Word - Multiple Cross-Site Scripting Vulnerabilities Spread The Word - Cross-Site Scripting Multiple Vulnerabilities Kasseler CMS 1.3.4 Lite - Multiple Cross-Site Scripting Vulnerabilities Kasseler CMS 1.3.4 Lite - Cross-Site Scripting Multiple Vulnerabilities Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities Cerberus Helpdesk 0.97.3/2.6.1 - Cross-Site Scripting Multiple Vulnerabilities Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities Comersus Open Technologies Comersus Cart 6.0.41 - Cross-Site Scripting Multiple Vulnerabilities PHPMyFAQ 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities PHPMyFAQ 1.5.1 - Cross-Site Scripting Multiple Vulnerabilities @Mail 4.0/4.13 - Multiple Cross-Site Scripting Vulnerabilities Easypx41 - Multiple Cross-Site Scripting Vulnerabilities @Mail 4.0/4.13 - Cross-Site Scripting Multiple Vulnerabilities Easypx41 - Cross-Site Scripting Multiple Vulnerabilities PHPFreeNews 1.x - Multiple Cross-Site Scripting Vulnerabilities PHPFreeNews 1.x - Cross-Site Scripting Multiple Vulnerabilities SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities SaveWebPortal 3.4 - Cross-Site Scripting Multiple Vulnerabilities MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities MAXdev MD-Pro 1.0.73 - Cross-Site Scripting Multiple Vulnerabilities phpCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities phpCommunityCalendar 4.0 - Cross-Site Scripting Multiple Vulnerabilities PHP Advanced Transfer Manager 1.30 - Multiple Cross-Site Scripting Vulnerabilities PHP Advanced Transfer Manager 1.30 - Cross-Site Scripting Multiple Vulnerabilities TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities TellMe 1.2 - Cross-Site Scripting Multiple Vulnerabilities Comersus Backoffice Plus - Multiple Cross-Site Scripting Vulnerabilities Comersus Backoffice Plus - Cross-Site Scripting Multiple Vulnerabilities Flyspray 0.9 - Multiple Cross-Site Scripting Vulnerabilities Flyspray 0.9 - Cross-Site Scripting Multiple Vulnerabilities PBLang 4.65 - Multiple Cross-Site Scripting Vulnerabilities PBLang 4.65 - Cross-Site Scripting Multiple Vulnerabilities SAP Web Application Server 6.x/7.0 - URI redirection SAP Web Application Server 6.x/7.0 - Open Redirection PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities PHPWCMS 1.2.5 -DEV - Cross-Site Scripting Multiple Vulnerabilities PBLang Bulletin Board System 4.65 - Multiple HTML Injection Vulnerabilities PBLang Bulletin Board System 4.65 - HTML Injection Multiple Vulnerabilities FreeWebStat 1.0 - Multiple Cross-Site Scripting Vulnerabilities FreeWebStat 1.0 - Cross-Site Scripting Multiple Vulnerabilities NetAuctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities NetAuctionHelp 3.0 - Cross-Site Scripting Multiple Vulnerabilities CourseForum Technologies ProjectForum 4.7 - Multiple Cross-Site Scripting Vulnerabilities CourseForum Technologies ProjectForum 4.7 - Cross-Site Scripting Multiple Vulnerabilities AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities AltantForum 4.0.2 - Cross-Site Scripting Multiple Vulnerabilities Soft4e ECW-Cart 2.0.3 - Multiple Cross-Site Scripting Vulnerabilities Soft4e ECW-Cart 2.0.3 - Cross-Site Scripting Multiple Vulnerabilities Dick Copits PDEstore 1.8 - Multiple Cross-Site Scripting Vulnerabilities Dick Copits PDEstore 1.8 - Cross-Site Scripting Multiple Vulnerabilities Advanced Guestbook 2.x - Multiple Cross-Site Scripting Vulnerabilities Advanced Guestbook 2.x - Cross-Site Scripting Multiple Vulnerabilities Caravel CMS 3.0 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities Caravel CMS 3.0 Beta 1 - Cross-Site Scripting Multiple Vulnerabilities Liferay Portal Enterprise 3.6.1 - Multiple Cross-Site Scripting Vulnerabilities Liferay Portal Enterprise 3.6.1 - Cross-Site Scripting Multiple Vulnerabilities Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities Beehive Forum 0.6.2 - HTML Injection Multiple Vulnerabilities ComputerOil Redakto CMS 3.2 - Multiple Cross-Site Scripting Vulnerabilities ComputerOil Redakto CMS 3.2 - Cross-Site Scripting Multiple Vulnerabilities Dell PacketTrap MSP RMM 6.6.x - Multiple Cross-Site Scripting Vulnerabilities Dell PacketTrap PSA 7.1 - Multiple Cross-Site Scripting Vulnerabilities Dell PacketTrap MSP RMM 6.6.x - Cross-Site Scripting Multiple Vulnerabilities Dell PacketTrap PSA 7.1 - Cross-Site Scripting Multiple Vulnerabilities FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities FatWire UpdateEngine 6.2 - Cross-Site Scripting Multiple Vulnerabilities Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities Kayako SupportSuite 3.0 0.26 - Cross-Site Scripting Multiple Vulnerabilities Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities Faq-O-Matic 2.711 - Cross-Site Scripting Multiple Vulnerabilities GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities GTP iCommerce - Cross-Site Scripting Multiple Vulnerabilities CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities CheesyBlog 1.0 - HTML Injection Multiple Vulnerabilities MyBB 1.0.2 - Multiple Cross-Site Scripting Vulnerabilities MyBB 1.0.2 - Cross-Site Scripting Multiple Vulnerabilities SoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities SoftMaker Shop - Cross-Site Scripting Multiple Vulnerabilities CyberShop Ultimate E-Commerce - Cross-Site Scripting Multiple Vulnerabilities cPanel 10.8.1 - Cross-Site Scripting Multiple Vulnerabilities Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities Papoo 2.1.x - Cross-Site Scripting Multiple Vulnerabilities Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities Clever Copy 2.0/3.0 - HTML Injection Multiple Vulnerabilities V-Webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities V-Webmail 1.6.2 - Cross-Site Scripting Multiple Vulnerabilities Dragonfly CMS 9.0.6 1 Your_Account Module - Multiple Cross-Site Scripting Vulnerabilities Dragonfly CMS 9.0.6 1 News Module - Multiple Cross-Site Scripting Vulnerabilities Dragonfly CMS 9.0.6.1 Stories_Archive Module - Multiple Cross-Site Scripting Vulnerabilities Dragonfly CMS 9.0.6.1 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities Dragonfly CMS 9.0.6.1 Surveys Module - Multiple Cross-Site Scripting Vulnerabilities Dragonfly CMS 9.0.6 1 Your_Account Module - Cross-Site Scripting Multiple Vulnerabilities Dragonfly CMS 9.0.6 1 News Module - Cross-Site Scripting Multiple Vulnerabilities Dragonfly CMS 9.0.6.1 Stories_Archive Module - Cross-Site Scripting Multiple Vulnerabilities Dragonfly CMS 9.0.6.1 Web_Links Module - Cross-Site Scripting Multiple Vulnerabilities Dragonfly CMS 9.0.6.1 Surveys Module - Cross-Site Scripting Multiple Vulnerabilities TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities TextFileBB 1.0 - Cross-Site Scripting Multiple Vulnerabilities txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities txtForum 1.0.3/1.0.4 - Cross-Site Scripting Multiple Vulnerabilities FusionZONE CouponZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities FusionZONE CouponZONE 4.2 - Cross-Site Scripting Multiple Vulnerabilities ActiveCampaign SupportTrio 2.50.2 - Multiple Cross-Site Scripting Vulnerabilities RealestateZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities ActiveCampaign SupportTrio 2.50.2 - Cross-Site Scripting Multiple Vulnerabilities RealestateZONE 4.2 - Cross-Site Scripting Multiple Vulnerabilities AL-Caricatier 2.5 - Multiple Cross-Site Scripting Vulnerabilities AL-Caricatier 2.5 - Cross-Site Scripting Multiple Vulnerabilities Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities Bitweaver CMS 1.3 - Cross-Site Scripting Multiple Vulnerabilities Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities Tritanium Bulletin Board 1.2.3 - Cross-Site Scripting Multiple Vulnerabilities Interaktiv.shop 4/5 - Multiple Cross-Site Scripting Vulnerabilities Interaktiv.shop 4/5 - Cross-Site Scripting Multiple Vulnerabilities Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities Manila 9.0.1 - Cross-Site Scripting Multiple Vulnerabilities BannerFarm 2.3 - Multiple Cross-Site Scripting Vulnerabilities BannerFarm 2.3 - Cross-Site Scripting Multiple Vulnerabilities Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities Portal Pack 6.0 - Cross-Site Scripting Multiple Vulnerabilities NextAge Shopping Cart - Multiple HTML Injection Vulnerabilities PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities NextAge Shopping Cart - HTML Injection Multiple Vulnerabilities PHPWebFTP 2.3 - Cross-Site Scripting Multiple Vulnerabilities CuteNews 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities Farsinews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities CuteNews 1.4.1 - Cross-Site Scripting Multiple Vulnerabilities Farsinews 2.5.3 - Cross-Site Scripting Multiple Vulnerabilities SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities SunShop Shopping Cart 3.5 - Cross-Site Scripting Multiple Vulnerabilities MyNews 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities MyNews 1.6.2 - Cross-Site Scripting Multiple Vulnerabilities AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities vCard 2.9 - Multiple Cross-Site Scripting Vulnerabilities AR-Blog 5.2 - Cross-Site Scripting Multiple Vulnerabilities vCard 2.9 - Cross-Site Scripting Multiple Vulnerabilities Portix-PHP 2-0.3.2 Portal - Multiple Cross-Site Scripting Vulnerabilities Portix-PHP 2-0.3.2 Portal - Cross-Site Scripting Multiple Vulnerabilities DELTAScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities DELTAScripts PHP Pro Publish 2.0 - Cross-Site Scripting Multiple Vulnerabilities vBulletin 2.x/3.x - Multiple Cross-Site Scripting Vulnerabilities Datecomm 1.1 - Multiple Cross-Site Scripting Vulnerabilities vBulletin 2.x/3.x - Cross-Site Scripting Multiple Vulnerabilities Datecomm 1.1 - Cross-Site Scripting Multiple Vulnerabilities H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities H-Sphere 2.5.1 - Cross-Site Scripting Multiple Vulnerabilities QTO File Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities QTO File Manager 1.0 - Cross-Site Scripting Multiple Vulnerabilities PostNuke 0.6x/0.7x - Multiple Cross-Site Scripting Vulnerabilities PostNuke 0.6x/0.7x - Cross-Site Scripting Multiple Vulnerabilities D-Link DSL-2740B - Multiple Cross-Site Request Forgery Vulnerabilities D-Link DSL-2740B - Cross-Site Request Forgery Multiple Vulnerabilities BlackBoard Products 6 - Multiple HTML Injection Vulnerabilities BlackBoard Products 6 - HTML Injection Multiple Vulnerabilities BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities BlaBla 4U - Cross-Site Scripting Multiple Vulnerabilities MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities MyBB 1.1.7 - HTML Injection Multiple Vulnerabilities Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities Open-Xchange Guard 2.4.2 - Cross-Site Scripting Multiple Vulnerabilities IDevSpot BizDirectory 1.9 - Multiple Cross-Site Scripting Vulnerabilities IDevSpot BizDirectory 1.9 - Cross-Site Scripting Multiple Vulnerabilities EXPBlog 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities EXPBlog 0.3.5 - Cross-Site Scripting Multiple Vulnerabilities Yetihost Helm 3.2.10 - Multiple Cross-Site Scripting Vulnerabilities Yetihost Helm 3.2.10 - Cross-Site Scripting Multiple Vulnerabilities Sphpblog 0.8 - Multiple Cross-Site Scripting Vulnerabilities Sphpblog 0.8 - Cross-Site Scripting Multiple Vulnerabilities cPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities cPanel 11 Beta - Cross-Site Scripting Multiple Vulnerabilities cPanel Web Hosting Manager 3.1 - Multiple Cross-Site Scripting Vulnerabilities cPanel Web Hosting Manager 3.1 - Cross-Site Scripting Multiple Vulnerabilities Omniture SiteCatalyst - Multiple Cross-Site Scripting Vulnerabilities Omniture SiteCatalyst - Cross-Site Scripting Multiple Vulnerabilities Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities Mobilelib Gold - Cross-Site Scripting Multiple Vulnerabilities 212Cafe Board - Multiple Cross-Site Scripting Vulnerabilities Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities 212Cafe Board - Cross-Site Scripting Multiple Vulnerabilities Bitweaver 1.3.1 Articles and Blogs - Cross-Site Scripting Multiple Vulnerabilities WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress 2.1.1 - Cross-Site Scripting Multiple Vulnerabilities Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities Woltlab Burning Board 2.3.6 - HTML Injection Multiple Vulnerabilities WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities WMSCMS 2.0 - Cross-Site Scripting Multiple Vulnerabilities TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities TP-Link WR740N/WR740ND - Cross-Site Request Forgery Multiple Vulnerabilities phpMyAdmin 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities phpMyAdmin 2.9.1 - Cross-Site Scripting Multiple Vulnerabilities Scientific-Atlanta_ Inc. DPR2320R2 - Multiple Cross-Site Request Forgery Vulnerabilities Scientific-Atlanta_ Inc. DPR2320R2 - Cross-Site Request Forgery Multiple Vulnerabilities Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities Digirez 3.4 - Cross-Site Scripting Multiple Vulnerabilities eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities eFront 3.6.14 (build 18012) - Persistent Cross-Site Scripting Multiple Vulnerabilities Calendarix 0.7.20070307 - Multiple Cross-Site Scripting Vulnerabilities Calendarix 0.7.20070307 - Cross-Site Scripting Multiple Vulnerabilities Oliver - Multiple Cross-Site Scripting Vulnerabilities Oliver - Cross-Site Scripting Multiple Vulnerabilities ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities ASP cvmatik 1.1 - HTML Injection Multiple Vulnerabilities Beetel TC1-450 Airtel Wireless Router - Multiple Cross-Site Request Forgery Vulnerabilities Beetel TC1-450 Airtel Wireless Router - Cross-Site Request Forgery Multiple Vulnerabilities Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities Vigile CMS 1.8 Wiki Module - Cross-Site Scripting Multiple Vulnerabilities Stuffed Guys Stuffed Tracker - Multiple Cross-Site Scripting Vulnerabilities Stuffed Guys Stuffed Tracker - Cross-Site Scripting Multiple Vulnerabilities Technicolor TC7200 - Multiple Cross-Site Request Forgery Vulnerabilities Technicolor TC7200 - Multiple Cross-Site Scripting Vulnerabilities Technicolor TC7200 - Cross-Site Request Forgery Multiple Vulnerabilities Technicolor TC7200 - Cross-Site Scripting Multiple Vulnerabilities pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities pMachine Pro 2.4.1 - Cross-Site Scripting Multiple Vulnerabilities Alcatel Lucent Omnivista 4760 - Multiple Cross-Site Scripting Vulnerabilities SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities Alcatel Lucent Omnivista 4760 - Cross-Site Scripting Multiple Vulnerabilities SocketKB 1.1.5 - Cross-Site Scripting Multiple Vulnerabilities Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities Seagate BlackArmor NAS sg2000-2000.1331 - Persistent Cross-Site Scripting Multiple Vulnerabilities Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities Flyspray 0.9.9 - Cross-Site Scripting Multiple Vulnerabilities AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities AwesomeTemplateEngine 1 - Cross-Site Scripting Multiple Vulnerabilities Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities Snitz Forums 2000 3.4.5/3.4.6 - Cross-Site Scripting Multiple Vulnerabilities Joomla! Component SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component SMF Forum 1.1.4 - Cross-Site Scripting Multiple Vulnerabilities DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Cross-Site Scripting Multiple Vulnerabilities e107 CMS 0.7 - Multiple Cross-Site Scripting Vulnerabilities e107 CMS 0.7 - Cross-Site Scripting Multiple Vulnerabilities Jeebles Directory 2.9.60 - Multiple Cross-Site Scripting Vulnerabilities Jeebles Directory 2.9.60 - Cross-Site Scripting Multiple Vulnerabilities IBM Rational ClearQuest 7.0 - Multiple Cross-Site Scripting Vulnerabilities IBM Rational ClearQuest 7.0 - Cross-Site Scripting Multiple Vulnerabilities DivXDB 2002 0.94b - Multiple Cross-Site Scripting Vulnerabilities DivXDB 2002 0.94b - Cross-Site Scripting Multiple Vulnerabilities QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities QT-cute QuickTalk Guestbook 1.6 - Cross-Site Scripting Multiple Vulnerabilities osCommerce 2.1/2.2 - Multiple Cross-Site Scripting Vulnerabilities osCommerce 2.1/2.2 - Cross-Site Scripting Multiple Vulnerabilities Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities Tux CMS 0.1 - Cross-Site Scripting Multiple Vulnerabilities Horde Turba 3.1.7 - Multiple Cross-Site Scripting Vulnerabilities Horde Turba 3.1.7 - Cross-Site Scripting Multiple Vulnerabilities SchoolCenter 7.5 - Multiple Cross-Site Scripting Vulnerabilities SchoolCenter 7.5 - Cross-Site Scripting Multiple Vulnerabilities Hot Links SQL-PHP - Multiple Cross-Site Scripting Vulnerabilities Hot Links SQL-PHP - Cross-Site Scripting Multiple Vulnerabilities SimpleNotes - Multiple Cross-Site Scripting Vulnerabilities SimpleNotes - Cross-Site Scripting Multiple Vulnerabilities PEGames - Multiple Cross-Site Scripting Vulnerabilities PEGames - Cross-Site Scripting Multiple Vulnerabilities Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities Pluck CMS 4.5.2 - Cross-Site Scripting Multiple Vulnerabilities Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities Quate CMS 0.3.4 - Cross-Site Scripting Multiple Vulnerabilities Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities Ubee EVW3200 - Persistent Cross-Site Scripting Multiple Vulnerabilities TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities Accellion File Transfer - Multiple Cross-Site Scripting Vulnerabilities TimeTrex Time 2.2 and Attendance Module - Cross-Site Scripting Multiple Vulnerabilities Accellion File Transfer - Cross-Site Scripting Multiple Vulnerabilities vTiger CRM 5.0.4 - Multiple Cross-Site Scripting Vulnerabilities vTiger CRM 5.0.4 - Cross-Site Scripting Multiple Vulnerabilities @Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-Site Scripting Vulnerabilities @Mail 5.42 and @Mail WebMail 5.0.5 - Cross-Site Scripting Multiple Vulnerabilities Silentum LoginSys 1.0 - Multiple Cross-Site Scripting Vulnerabilities Silentum LoginSys 1.0 - Cross-Site Scripting Multiple Vulnerabilities Gallery 2.0 - Multiple Cross-Site Scripting Vulnerabilities Gallery 2.0 - Cross-Site Scripting Multiple Vulnerabilities Paranews 3.4 - Multiple Cross-Site Scripting Vulnerabilities Paranews 3.4 - Cross-Site Scripting Multiple Vulnerabilities Flatpress 0.804 - Multiple Cross-Site Scripting Vulnerabilities Flatpress 0.804 - Cross-Site Scripting Multiple Vulnerabilities Membership Script - Multiple Cross-Site Scripting Vulnerabilities Membership Script - Cross-Site Scripting Multiple Vulnerabilities Celoxis - Multiple Cross-Site Scripting Vulnerabilities Celoxis - Cross-Site Scripting Multiple Vulnerabilities WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities WikyBlog 1.7.1 - Cross-Site Scripting Multiple Vulnerabilities UC Gateway Investment SiteEngine 5.0 - 'api.php' URI redirection UC Gateway Investment SiteEngine 5.0 - 'api.php' Open Redirection KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities KKE Info Media Kmita Gallery - Cross-Site Scripting Multiple Vulnerabilities Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities Venalsur Booking Centre 2.01 - Cross-Site Scripting Multiple Vulnerabilities CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities CMS Made Simple 1.11.10 - Cross-Site Scripting Multiple Vulnerabilities Autonomy Ultraseek - 'cs.html' URI redirection Autonomy Ultraseek - 'cs.html' Open Redirection E-PHP B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities E-PHP B2B Trading Marketplace Script - Cross-Site Scripting Multiple Vulnerabilities Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Cross-Site Scripting Multiple Vulnerabilities Verlihub Control Panel 1.7 - Multiple Cross-Site Scripting Vulnerabilities Verlihub Control Panel 1.7 - Cross-Site Scripting Multiple Vulnerabilities Achievo 1.3.4 - Multiple Cross-Site Scripting Vulnerabilities Achievo 1.3.4 - Cross-Site Scripting Multiple Vulnerabilities Webmedia Explorer 5.0.9/5.10 - Multiple Cross-Site Scripting Vulnerabilities Webmedia Explorer 5.0.9/5.10 - Cross-Site Scripting Multiple Vulnerabilities XZeroScripts XZero Community Classifieds 4.97.8 - Multiple Cross-Site Scripting Vulnerabilities XZeroScripts XZero Community Classifieds 4.97.8 - Cross-Site Scripting Multiple Vulnerabilities Joomla! Component com_user - 'view' URI Redirection Joomla! Component com_user - 'view' Open Redirection Miniweb 2.0 Site Builder Module - Multiple Cross-Site Scripting Vulnerabilities Miniweb 2.0 Site Builder Module - Cross-Site Scripting Multiple Vulnerabilities Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities Censura < 2.1.1 - Cross-Site Scripting Multiple Vulnerabilities McAfee Network Security Manager 5.1.7 - Multiple Cross-Site Scripting Vulnerabilities McAfee Network Security Manager 5.1.7 - Cross-Site Scripting Multiple Vulnerabilities OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities OpenFiler 2.99.1 - Persistent Cross-Site Scripting Multiple Vulnerabilities AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities AfterLogic WebMail Pro 4.7.10 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Subscribe to Comments 2.0 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Subscribe to Comments 2.0 - Cross-Site Scripting Multiple Vulnerabilities phpMyFAQ < 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities phpMyFAQ < 2.5.4 - Cross-Site Scripting Multiple Vulnerabilities Binatone DT 850W Wireless Router - Multiple Cross-Site Request Forgery Vulnerabilities Binatone DT 850W Wireless Router - Cross-Site Request Forgery Multiple Vulnerabilities Discuz! 2.0 - Multiple Cross-Site Scripting Vulnerabilities Discuz! 2.0 - Cross-Site Scripting Multiple Vulnerabilities @lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities @lex Guestbook 5.0 - Cross-Site Scripting Multiple Vulnerabilities Mayan-EDms web-based document management OS system - Multiple Persistent Cross-Site Scripting Vulnerabilities Mayan-EDms web-based document management OS system - Persistent Cross-Site Scripting Multiple Vulnerabilities Joomla! Component EasyBook 2.0.0rc4 - Multiple HTML Injection Vulnerabilities Joomla! Component EasyBook 2.0.0rc4 - HTML Injection Multiple Vulnerabilities KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities KnowGate hipergate 4.0.12 - Cross-Site Scripting Multiple Vulnerabilities vBulletin 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities vBulletin 3.5.4 - Cross-Site Scripting Multiple Vulnerabilities Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-Site Scripting Vulnerabilities Portrait Software Portrait Campaign Manager 4.6.1.22 - Cross-Site Scripting Multiple Vulnerabilities vBulletin 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities vBulletin 4.0.2 - Cross-Site Scripting Multiple Vulnerabilities Sparta Systems TrackWise EQms - Multiple Cross-Site Scripting Vulnerabilities Sparta Systems TrackWise EQms - Cross-Site Scripting Multiple Vulnerabilities PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities PHPWind 6.0 - Cross-Site Scripting Multiple Vulnerabilities SpringSource (Multiple Products) - Multiple HTML Injection Vulnerabilities SpringSource (Multiple Products) - HTML Injection Multiple Vulnerabilities Chipmunk NewsLetter 2.0 - Multiple Cross-Site Scripting Vulnerabilities Chipmunk NewsLetter 2.0 - Cross-Site Scripting Multiple Vulnerabilities Datetopia Match Agency BiZ - Multiple Cross-Site Scripting Vulnerabilities Datetopia Match Agency BiZ - Cross-Site Scripting Multiple Vulnerabilities Bilboplanet 2.0 - Multiple Cross-Site Scripting Vulnerabilities Bilboplanet 2.0 - Cross-Site Scripting Multiple Vulnerabilities Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities Hitmaaan Gallery 1.3 - Cross-Site Scripting Multiple Vulnerabilities Ez Poll Hoster - Multiple Cross-Site Scripting Vulnerabilities Ez Poll Hoster - Cross-Site Scripting Multiple Vulnerabilities LiveZilla 3.1.8.3 - Multiple Cross-Site Scripting Vulnerabilities LiveZilla 3.1.8.3 - Cross-Site Scripting Multiple Vulnerabilities Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities Worxware DCP-Portal 7.0 - Cross-Site Scripting Multiple Vulnerabilities phpFaber CMS 2.0.5 - Multiple Cross-Site Scripting Vulnerabilities phpFaber CMS 2.0.5 - Cross-Site Scripting Multiple Vulnerabilities SimpNews 2.47.3 - Multiple Cross-Site Scripting Vulnerabilities SimpNews 2.47.3 - Cross-Site Scripting Multiple Vulnerabilities eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities eliteCMS 1.01 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Firestats 1.6.5 - Cross-Site Scripting Multiple Vulnerabilities Diem 5.1.2 - Multiple Cross-Site Scripting Vulnerabilities Diem 5.1.2 - Cross-Site Scripting Multiple Vulnerabilities Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities Claus Muus Spitfire 1.0.336 - Cross-Site Scripting Multiple Vulnerabilities SyndeoCMS 2.9 - Multiple HTML Injection Vulnerabilities SyndeoCMS 2.9 - HTML Injection Multiple Vulnerabilities Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities Sourcefabric Campsite - Cross-Site Scripting Multiple Vulnerabilities FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities FuseTalk 3.2/4.0 - Cross-Site Scripting Multiple Vulnerabilities PHP Stock Management System 1.02 - Multiple Persistent Cross-Site Scripting Vulnerabilities PHP Stock Management System 1.02 - Persistent Cross-Site Scripting Multiple Vulnerabilities Hulihan Applications Amethyst 0.1.5 - Multiple HTML Injection Vulnerabilities Muraus Open Blog - Multiple HTML Injection Vulnerabilities Hulihan Applications Amethyst 0.1.5 - HTML Injection Multiple Vulnerabilities Muraus Open Blog - HTML Injection Multiple Vulnerabilities WordPress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin WooCommerce Store Exporter 1.7.5 - Cross-Site Scripting Multiple Vulnerabilities Preation Eden Platform 27.7.2010 - Multiple HTML Injection Vulnerabilities Preation Eden Platform 27.7.2010 - HTML Injection Multiple Vulnerabilities Mystic 0.1.4 - Multiple Cross-Site Scripting Vulnerabilities Onyx - Multiple Cross-Site Scripting Vulnerabilities Mystic 0.1.4 - Cross-Site Scripting Multiple Vulnerabilities Onyx - Cross-Site Scripting Multiple Vulnerabilities Online Work Order Suite Lite Edition - Multiple Cross-Site Scripting Vulnerabilities Online Work Order Suite Lite Edition - Cross-Site Scripting Multiple Vulnerabilities Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities Valarsoft WebMatic 3.0.5 - HTML Injection Multiple Vulnerabilities Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities Amiro.CMS 5.8.4.0 - HTML Injection Multiple Vulnerabilities StatsCode - Multiple Cross-Site Scripting Vulnerabilities StatsCode - Cross-Site Scripting Multiple Vulnerabilities e-Soft24 Jokes Portal Script Seo 1.0 - Multiple Cross-Site Scripting Vulnerabilities e-Soft24 Jokes Portal Script Seo 1.0 - Cross-Site Scripting Multiple Vulnerabilities Open Classifieds - Multiple Cross-Site Scripting Vulnerabilities Open Classifieds - Cross-Site Scripting Multiple Vulnerabilities OpenText LiveLink 9.7.1 - Multiple Cross-Site Scripting Vulnerabilities OpenText LiveLink 9.7.1 - Cross-Site Scripting Multiple Vulnerabilities Micro CMS 1.0 - 'name' HTML Injection Micro CMS 1.0 - 'name' HTML Injection (1) eCardMAX - Multiple Cross-Site Scripting Vulnerabilities eCardMAX - Cross-Site Scripting Multiple Vulnerabilities Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities Ronny CMS 1.1 r935 - HTML Injection Multiple Vulnerabilities eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities eXV2 CMS - Cross-Site Scripting Multiple Vulnerabilities Wiccle Web Builder 2.0 - Multiple Cross-Site Scripting Vulnerabilities Micro CMS 1.0 - 'name' HTML Injection Wiccle Web Builder 2.0 - Cross-Site Scripting Multiple Vulnerabilities Micro CMS 1.0 - 'name' HTML Injection (2) Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities Flatnux 2009-03-27 - Cross-Site Scripting Multiple Vulnerabilities Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities Elastix 2.0.2 - Cross-Site Scripting Multiple Vulnerabilities Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities Croogo 2.0.0 - Persistent Cross-Site Scripting Multiple Vulnerabilities Change CMS 3.6.8 - Multiple Cross-Site Request Forgery Vulnerabilities Change CMS 3.6.8 - Cross-Site Request Forgery Multiple Vulnerabilities OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities OpenWrt 10.03 - Cross-Site Scripting Multiple Vulnerabilities Contenido CMS 4.8.12 - Multiple Cross-Site Scripting Vulnerabilities Contenido CMS 4.8.12 - Cross-Site Scripting Multiple Vulnerabilities SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilities SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Cross-Site Scripting Multiple Vulnerabilities ManageEngine EventLog Analyzer 6.1 - Multiple Cross-Site Scripting Vulnerabilities ManageEngine EventLog Analyzer 6.1 - Cross-Site Scripting Multiple Vulnerabilities Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component com_mailto - Cross-Site Scripting Multiple Vulnerabilities Mura CMS - Multiple Cross-Site Scripting Vulnerabilities Mura CMS - Cross-Site Scripting Multiple Vulnerabilities BlogCFC 5.9.6.001 - Multiple Cross-Site Scripting Vulnerabilities BlogCFC 5.9.6.001 - Cross-Site Scripting Multiple Vulnerabilities Radius Manager 3.6 - Multiple Cross-Site Scripting Vulnerabilities Social Share - Multiple Cross-Site Scripting Vulnerabilities Radius Manager 3.6 - Cross-Site Scripting Multiple Vulnerabilities Social Share - Cross-Site Scripting Multiple Vulnerabilities Habari 0.6.5 - Multiple Cross-Site Scripting Vulnerabilities Habari 0.6.5 - Cross-Site Scripting Multiple Vulnerabilities Openfire 3.6.4 - Multiple Cross-Site Scripting Vulnerabilities Openfire 3.6.4 - Cross-Site Scripting Multiple Vulnerabilities phpSound Music Sharing Platform 1.0.5 - Multiple Cross-Site Scripting Vulnerabilities phpSound Music Sharing Platform 1.0.5 - Cross-Site Scripting Multiple Vulnerabilities vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities vBSEO 3.2.2/3.5.2 - Cross-Site Scripting Multiple Vulnerabilities ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities ViArt Shop 4.0.5 - Cross-Site Scripting Multiple Vulnerabilities CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities CiviCRM 3.3.3 - Cross-Site Scripting Multiple Vulnerabilities UMI CMS 2.8.1.2 - Cross-Site Scripting Multiple Vulnerabilities Dolphin 7.0.4 - Multiple Cross-Site Scripting Vulnerabilities Dolphin 7.0.4 - Cross-Site Scripting Multiple Vulnerabilities MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities MG2 0.5.1 - Cross-Site Scripting Multiple Vulnerabilities Gollos 2.8 - Cross-Site Scripting Multiple Vulnerabilities Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities Photopad 1.2 - Cross-Site Scripting Multiple Vulnerabilities Support Incident Tracker (SiT!) 3.62 - Multiple Cross-Site Scripting Vulnerabilities Support Incident Tracker (SiT!) 3.62 - Cross-Site Scripting Multiple Vulnerabilities Pragyan CMS 3.0 Beta - Multiple Cross-Site Scripting Vulnerabilities Pragyan CMS 3.0 Beta - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Sodahead Polls 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Rating-Widget 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Sodahead Polls 2.0.2 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Rating-Widget 1.3.1 - Cross-Site Scripting Multiple Vulnerabilities XOOPS 2.x - Cross-Site Scripting Multiple Vulnerabilities MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities GrapeCity Data Dynamics Reports 1.6.2084.14 - Multiple Cross-Site Scripting Vulnerabilities MC Content Manager 10.1.1 - Cross-Site Scripting Multiple Vulnerabilities GrapeCity Data Dynamics Reports 1.6.2084.14 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Daily Maui Photo Widget 0.2 - Cross-Site Scripting Multiple Vulnerabilities Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities Kusaba X 0.9 - Cross-Site Scripting Multiple Vulnerabilities Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities Humhub 0.10.0-rc.1 - Persistent Cross-Site Scripting Multiple Vulnerabilities Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities Alkacon OpenCMS 7.5.x - Cross-Site Scripting Multiple Vulnerabilities Claroline 1.10 - Multiple HTML Injection Vulnerabilities Claroline 1.10 - HTML Injection Multiple Vulnerabilities YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities YaCOMAS 0.3.6 OpenCMS - Cross-Site Scripting Multiple Vulnerabilities webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities webSPELL 4.2.2a - Cross-Site Scripting Multiple Vulnerabilities YaPiG 0.95 - Multiple Cross-Site Scripting Vulnerabilities YaPiG 0.95 - Cross-Site Scripting Multiple Vulnerabilities PHPDug 2.0 - Multiple Cross-Site Scripting Vulnerabilities PHPDug 2.0 - Cross-Site Scripting Multiple Vulnerabilities Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities Keyfax Customer Response Management 3.2.2.6 - Cross-Site Scripting Multiple Vulnerabilities poMMo Aardvark PR16.1 - Multiple Cross-Site Scripting Vulnerabilities poMMo Aardvark PR16.1 - Cross-Site Scripting Multiple Vulnerabilities Argyle Social - Multiple Cross-Site Scripting Vulnerabilities Argyle Social - Cross-Site Scripting Multiple Vulnerabilities Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-Site Scripting Vulnerabilities Mitel Audio and Web Conferencing 4.4.3.0 - Cross-Site Scripting Multiple Vulnerabilities PHP Calendar Basic 2.3 - Multiple Cross-Site Scripting Vulnerabilities PHP Calendar Basic 2.3 - Cross-Site Scripting Multiple Vulnerabilities phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities phpScheduleIt 1.2.12 - Cross-Site Scripting Multiple Vulnerabilities Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities Blog:CMS 4.2 - Cross-Site Scripting Multiple Vulnerabilities miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities miniblog 1.0 - Cross-Site Scripting Multiple Vulnerabilities Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities Mambo 4.6.x - Cross-Site Scripting Multiple Vulnerabilities Joomla! 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities Flatpress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities Joomla! 1.6.3 - Cross-Site Scripting Multiple Vulnerabilities Flatpress 0.1010.1 - Cross-Site Scripting Multiple Vulnerabilities MBoard 1.3 - 'url' URI Redirection PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities MBoard 1.3 - 'url' Open Redirection PHPJunkYard GBook 1.6/1.7 - Cross-Site Scripting Multiple Vulnerabilities TCExam 11.2.x - Multiple Cross-Site Scripting Vulnerabilities TCExam 11.2.x - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin bSuite 4.0.7 - Multiple HTML Injection Vulnerabilities WordPress Plugin bSuite 4.0.7 - HTML Injection Multiple Vulnerabilities Joomla! < 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities Joomla! < 1.6.5 - Cross-Site Scripting Multiple Vulnerabilities Cyberoam UTM - Multiple Cross-Site Scripting Vulnerabilities Cyberoam UTM - Cross-Site Scripting Multiple Vulnerabilities Online Grades 3.2.5 - Multiple Cross-Site Scripting Vulnerabilities Online Grades 3.2.5 - Cross-Site Scripting Multiple Vulnerabilities Sitecore CMS 6.4.1 - 'url' URI Redirection Sitecore CMS 6.4.1 - 'url' Open Redirection Curverider Elgg 1.7.9 - Multiple Cross-Site Scripting Vulnerabilities Curverider Elgg 1.7.9 - Cross-Site Scripting Multiple Vulnerabilities HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities HESK 2.2 - Cross-Site Scripting Multiple Vulnerabilities Exponent CMS 2.3.1 - Multiple Cross-Site Scripting Vulnerabilities Exponent CMS 2.3.1 - Cross-Site Scripting Multiple Vulnerabilities Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities Softbiz Recipes Portal Script - Cross-Site Scripting Multiple Vulnerabilities OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities OpenEMR 4.0 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin eShop 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin eShop 6.2.8 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin WP-Stats-Dashboard 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin WP-Stats-Dashboard 2.6.5.1 - Cross-Site Scripting Multiple Vulnerabilities Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities Open Classifieds 1.7.2 - Cross-Site Scripting Multiple Vulnerabilities IBM Open Admin Tool 2.71 - Multiple Cross-Site Scripting Vulnerabilities IBM Open Admin Tool 2.71 - Cross-Site Scripting Multiple Vulnerabilities GuppY CMS 5.0.9 < 5.00.10 - Multiple Cross-Site Request Forgery Vulnerabilities GuppY CMS 5.0.9 < 5.00.10 - Cross-Site Request Forgery Multiple Vulnerabilities Papoo CMS Light 4.0 - Multiple Cross-Site Scripting Vulnerabilities Papoo CMS Light 4.0 - Cross-Site Scripting Multiple Vulnerabilities Microsoft SharePoint 2007/2010 - 'Source' Multiple URI Open redirection Vulnerabilities Microsoft SharePoint 2007/2010 - 'Source' Multiple Open Redirections PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities PunBB 1.3.5 - Cross-Site Scripting Multiple Vulnerabilities Zyncro 3.0.1.20 - Multiple HTML Injection Vulnerabilities Zyncro 3.0.1.20 - HTML Injection Multiple Vulnerabilities Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities Adobe ColdFusion 7 - Cross-Site Scripting Multiple Vulnerabilities Joomla! < 1.7.0 - Multiple Cross-Site Scripting Vulnerabilities Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities Joomla! < 1.7.0 - Cross-Site Scripting Multiple Vulnerabilities Bitweaver 2.8.1 - Cross-Site Scripting Multiple Vulnerabilities vTiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities vTiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities (1) Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities Silverstripe CMS 2.4.5 - Cross-Site Scripting Multiple Vulnerabilities BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities BugFree 2.1.3 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Pretty Link 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Pretty Link 1.4.56 - Cross-Site Scripting Multiple Vulnerabilities Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities Tine 2.0 - Cross-Site Scripting Multiple Vulnerabilities InverseFlow 2.4 - Multiple Cross-Site Scripting Vulnerabilities InverseFlow 2.4 - Cross-Site Scripting Multiple Vulnerabilities vTiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities vTiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities (2) eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities eFront 3.6.10 Build 11944 - Cross-Site Scripting Multiple Vulnerabilities CmyDocument - Multiple Cross-Site Scripting Vulnerabilities CmyDocument - Cross-Site Scripting Multiple Vulnerabilities AShop - Open-redirection / Cross-Site Scripting Joomla! Component com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities AShop - Open Redirection / Cross-Site Scripting Joomla! Component com_alfcontact 1.9.3 - Cross-Site Scripting Multiple Vulnerabilities PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Cross-Site Scripting Vulnerabilities PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Cross-Site Scripting Multiple Vulnerabilities Zen Cart CMS 1.3.9h - Multiple Cross-Site Scripting Vulnerabilities Zen Cart CMS 1.3.9h - Cross-Site Scripting Multiple Vulnerabilities eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities eSyndiCat Pro 2.3.5 - Cross-Site Scripting Multiple Vulnerabilities Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities Fork CMS 3.1.5 - Cross-Site Scripting Multiple Vulnerabilities Pulse Pro 1.7.2 - Cross-Site Scripting Multiple Vulnerabilities epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities epesi BIM 1.2 rev 8154 - Cross-Site Scripting Multiple Vulnerabilities Orchard 1.3.9 - 'ReturnUrl' URI Redirection Orchard 1.3.9 - 'ReturnUrl' Open Redirection WordPress Plugin Age Verification 0.4 - 'redirect_to' URI Redirection WordPress Plugin Age Verification 0.4 - 'redirect_to' Open Redirection KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities KnowledgeTree 3.x - Cross-Site Scripting Multiple Vulnerabilities ATutor 2.0.3 - Multiple Cross-Site Scripting Vulnerabilities Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities phpVideoPro 0.8.x/0.9.7 - Multiple Cross-Site Scripting Vulnerabilities ATutor 2.0.3 - Cross-Site Scripting Multiple Vulnerabilities Beehive Forum 101 - Cross-Site Scripting Multiple Vulnerabilities phpVideoPro 0.8.x/0.9.7 - Cross-Site Scripting Multiple Vulnerabilities Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities Acidcat ASP CMS 3.5 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Video Gallery 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities WordPress Plugin Video Gallery 2.8 - Cross-Site Request Forgery Multiple Vulnerabilities GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities GForge 5.7.1 - Cross-Site Scripting Multiple Vulnerabilities LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities LxCenter Kloxo 6.1.10 - HTML Injection Multiple Vulnerabilities Tiki Wiki CMS Groupware - 'url' URI Redirection Tiki Wiki CMS Groupware - 'url' Open Redirection FEX 20100208/20111129-2 - Multiple Cross-Site Scripting Vulnerabilities FEX 20100208/20111129-2 - Cross-Site Scripting Multiple Vulnerabilities Webglimpse 2.x - Multiple Cross-Site Scripting Vulnerabilities Webglimpse 2.x - Cross-Site Scripting Multiple Vulnerabilities OSQA's CMS - Multiple HTML Injection Vulnerabilities OSQA's CMS - HTML Injection Multiple Vulnerabilities Matthew1471 BlogX - Multiple Cross-Site Scripting Vulnerabilities Matthew1471 BlogX - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Uploadify Integration 0.9.6 - Cross-Site Scripting Multiple Vulnerabilities Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Plugin Beatz 1.1 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Yahoo Answer - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Yahoo Answer - Cross-Site Scripting Multiple Vulnerabilities Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities Croogo CMS 1.3.4 - HTML Injection Multiple Vulnerabilities WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin NewsLetter Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin NewsLetter Manager 1.0 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Media Library Categories - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin LeagueManager 3.7 - Cross-Site Scripting Multiple Vulnerabilities PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities PHP Address Book 7.0 - Cross-Site Scripting Multiple Vulnerabilities Opsview 4.6.2 - Multiple Cross-Site Scripting Vulnerabilities Opsview 4.6.2 - Cross-Site Scripting Multiple Vulnerabilities SPIP 2.x - Multiple Cross-Site Scripting Vulnerabilities SPIP 2.x - Cross-Site Scripting Multiple Vulnerabilities TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities TEMENOS T24 - Cross-Site Scripting Multiple Vulnerabilities WebsitePanel - 'ReturnUrl' URI Redirection WebsitePanel - 'ReturnUrl' Open Redirection Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities Simple Machines 2.0.2 - HTML Injection Multiple Vulnerabilities ocPortal 7.1.5 - 'redirect' URI Redirection Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities ocPortal 7.1.5 - 'redirect' Open Redirection Scrutinizer 9.0.1.19899 - Cross-Site Scripting Multiple Vulnerabilities Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities Distimo Monitor - Cross-Site Scripting Multiple Vulnerabilities Total Shop UK eCommerce CodeIgniter - Multiple Cross-Site Scripting Vulnerabilities Total Shop UK eCommerce CodeIgniter - Cross-Site Scripting Multiple Vulnerabilities Monstra - Multiple HTML Injection Vulnerabilities Monstra - HTML Injection Multiple Vulnerabilities Power-eCommerce - Multiple Cross-Site Scripting Vulnerabilities Power-eCommerce - Cross-Site Scripting Multiple Vulnerabilities Web Wiz Forums - Multiple Cross-Site Scripting Vulnerabilities LibGuides - Multiple Cross-Site Scripting Vulnerabilities Web Wiz Forums - Cross-Site Scripting Multiple Vulnerabilities LibGuides - Cross-Site Scripting Multiple Vulnerabilities Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities Phorum 5.2.18 - Cross-Site Scripting Multiple Vulnerabilities PrestaShop 1.4.7 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Slideshow - Cross-Site Scripting Multiple Vulnerabilities Silverstripe CMS 2.4.x - 'BackURL' URI Redirection Silverstripe CMS 2.4.x - 'BackURL' Open Redirection AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities AxisInternet VoIP Manager - Cross-Site Scripting Multiple Vulnerabilities WordPress Theme Purity - Multiple Cross-Site Scripting Vulnerabilities WordPress Theme Purity - Cross-Site Scripting Multiple Vulnerabilities Switchvox - Multiple HTML Injection Vulnerabilities Switchvox - HTML Injection Multiple Vulnerabilities WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Akismet - Cross-Site Scripting Multiple Vulnerabilities WANem - Multiple Cross-Site Scripting Vulnerabilities WANem - Cross-Site Scripting Multiple Vulnerabilities NetCat CMS - Multiple Cross-Site Scripting Vulnerabilities NetCat CMS - Cross-Site Scripting Multiple Vulnerabilities BloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities BloofoxCMS 0.3.5 - Cross-Site Scripting Multiple Vulnerabilities WordPress Plugin Contact Form Generator 2.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities WordPress Plugin Contact Form Generator 2.0.1 - Cross-Site Request Forgery Multiple Vulnerabilities Smartphone Pentest Framework - Multiple Remote Command Execution Vulnerabilities Smartphone Pentest Framework - Remote Command Execution Multiple Vulnerabilities Joomla! Component com_incapsula - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component com_incapsula - Cross-Site Scripting Multiple Vulnerabilities Openfire 3.10.2 - Multiple Cross-Site Scripting Vulnerabilities Openfire 3.10.2 - Cross-Site Scripting Multiple Vulnerabilities Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities Perforce P4Web - Cross-Site Scripting Multiple Vulnerabilities Sonar - Multiple Cross-Site Scripting Vulnerabilities Sonar - Cross-Site Scripting Multiple Vulnerabilities MIMEsweeper For SMTP - Multiple Cross-Site Scripting Vulnerabilities MIMEsweeper For SMTP - Cross-Site Scripting Multiple Vulnerabilities phpMyRecipes - Multiple HTML Injection Vulnerabilities phpMyRecipes - HTML Injection Multiple Vulnerabilities OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities OrionDB Web Directory - Cross-Site Scripting Multiple Vulnerabilities PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities PHP Server Monitor 3.1.1 - Cross-Site Request Forgery Multiple Vulnerabilities Elastix - Multiple Cross-Site Scripting Vulnerabilities Elastix - Cross-Site Scripting Multiple Vulnerabilities Telaen 2.7.x - Open redirection Telaen 2.7.x - Open Redirection Xaraya - Multiple Cross-Site Scripting Vulnerabilities Xaraya - Cross-Site Scripting Multiple Vulnerabilities Mintboard - Multiple Cross-Site Scripting Vulnerabilities Mintboard - Cross-Site Scripting Multiple Vulnerabilities NXFilter 3.0.3 - Multiple Cross-Site Scripting Vulnerabilities NXFilter 3.0.3 - Cross-Site Scripting Multiple Vulnerabilities PrestaShop - Multiple Cross-Site Request Forgery Vulnerabilities PrestaShop - Cross-Site Request Forgery Multiple Vulnerabilities Magnolia CMS - Multiple Cross-Site Scripting Vulnerabilities Magnolia CMS - Cross-Site Scripting Multiple Vulnerabilities Alienvault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities Alienvault Open Source SIEM (OSSIM) - Cross-Site Scripting Multiple Vulnerabilities appRain CMF - Multiple Cross-Site Request Forgery Vulnerabilities appRain CMF - Cross-Site Request Forgery Multiple Vulnerabilities WordPress Plugin Event Easy Calendar - Multiple Cross-Site Request Forgery Vulnerabilities WordPress Plugin Event Easy Calendar - Cross-Site Request Forgery Multiple Vulnerabilities Silverstripe CMS - Multiple HTML Injection Vulnerabilities Silverstripe CMS - HTML Injection Multiple Vulnerabilities OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities OpenMRS 2.3 (1.11.4) - Cross-Site Scripting Multiple Vulnerabilities OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities OpenX 2.8.x - Cross-Site Request Forgery Multiple Vulnerabilities ZamFoo - Multiple Remote Command Execution Vulnerabilities ZamFoo - Remote Command Execution Multiple Vulnerabilities ATutor 2.2 - Multiple Cross-Site Scripting Vulnerabilities ATutor 2.2 - Cross-Site Scripting Multiple Vulnerabilities ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities ProjectSend r582 - Cross-Site Scripting Multiple Vulnerabilities NationBuilder - Multiple Persistent Cross-Site Scripting Vulnerabilities NationBuilder - Persistent Cross-Site Scripting Multiple Vulnerabilities w2wiki - Multiple Cross-Site Scripting Vulnerabilities w2wiki - Cross-Site Scripting Multiple Vulnerabilities Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting Vulnerabilities Radiant CMS 1.1.3 - Persistent Cross-Site Scripting Multiple Vulnerabilities Apache Archiva 1.3.9 - Multiple Cross-Site Request Forgery Vulnerabilities Apache Archiva 1.3.9 - Cross-Site Request Forgery Multiple Vulnerabilities Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting Vulnerabilities Wowza Streaming Engine 4.5.0 - Cross-Site Scripting Multiple Vulnerabilities Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities Nagios Network Analyzer 2.2.1 - Cross-Site Request Forgery Multiple Vulnerabilities InfraPower PPS-02-S Q213V1 - Multiple Cross-Site Scripting Vulnerabilities InfraPower PPS-02-S Q213V1 - Cross-Site Scripting Multiple Vulnerabilities ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery Vulnerabilities ViMbAdmin 3.0.15 - Cross-Site Request Forgery Multiple Vulnerabilities PHPMyFAQ 2.9.8 - Cross-Site Scripting PHPMyFAQ 2.9.8 - Cross-Site Scripting (1) Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (1) Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (2) phpMyFAQ 2.9.8 - Cross-Site Scripting phpMyFAQ 2.9.8 - Cross-Site Scripting (2) Kaltura < 13.1.0 - Remote Code Execution Kaltura < 13.2.0 - Remote Code Execution Mura CMS < 6.2 - Server-Side Request Forgery / XML External Entity Injection FS Shutter Stock Clone - 'keywords' SQL Injection FS Thumbtack Clone - 'ser' SQL Injection FS Trademe Clone - 'id' SQL Injection FS Monster Clone - 'id' SQL Injection FS Care Clone - 'sitterService' SQL Injection FS Crowdfunding Script - 'id' SQL Injection FS Realtor Clone - 'id' SQL Injection KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting	2017-10-26 05:01:38 +00:00
Offensive Security	5bd93d7e45	DB: 2017-10-25 12 new exploits Apple Mac OSX xnu 1228.0 - mach-o Local Kernel Denial of Service (PoC) Apple Mac OSX xnu 1228.0 - 'mach-o' Local Kernel Denial of Service (PoC) Apple Mac OSX xnu 1228.0 - super_blob Local kernel Denial of Service (PoC) Apple Mac OSX xnu 1228.0 - 'super_blob' Local kernel Denial of Service (PoC) Administrador de Contenidos - Admin Login Bypass Administrador de Contenidos - Admin Authentication Bypass Microsoft Windows Kernel - DeferWindowPos Use-After-Free (MS15-073) Microsoft Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073) Microsoft Windows Kernel - 'DeferWindowPos' Use-After-Free (MS15-073) Microsoft Windows Kernel - 'UserCommitDesktopMemory' Use-After-Free (MS15-073) Microsoft Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061) Microsoft Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061) Microsoft Windows Kernel - SURFOBJ Null Pointer Dereference (MS15-061) Microsoft Windows Kernel - 'HmgAllocateObjectAttr' Use-After-Free (MS15-061) Microsoft Windows Kernel - 'win32k!vSolidFillRect' Buffer Overflow (MS15-061) Microsoft Windows Kernel - 'SURFOBJ' Null Pointer Dereference (MS15-061) Microsoft Windows Kernel - FlashWindowEx Memory Corruption (MS15-097) Microsoft Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097) Microsoft Windows Kernel - 'FlashWindowEx' Memory Corruption (MS15-097) Microsoft Windows Kernel - 'bGetRealizedBrush' Use-After-Free (MS15-097) Microsoft Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097) Microsoft Windows Kernel - 'NtGdiStretchBlt' Pool Buffer Overflows (MS15-097) Microsoft Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097) Microsoft Windows Kernel - 'NtGdiBitBlt' Buffer Overflow (MS15-097) Blue Coat ProxySG 5.x - and Security Gateway OS Denial of Service Blue Coat ProxySG 5.x and Security Gateway OS - Denial of Service Microsoft Windows Kernel - win32k!OffsetChildren Null Pointer Dereference Microsoft Windows Kernel - 'win32k!OffsetChildren' Null Pointer Dereference Apple Mac OSX - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution Apple Mac OSX - 'IOBluetoothHCIUserClient' Arbitrary Kernel Code Execution Apple Mac OSX - gst_configure Kernel Buffer Overflow Apple Mac OSX - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference Apple Mac OSX - 'gst_configure' Kernel Buffer Overflow Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference Microsoft Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read Microsoft Windows Kernel - 'NtGdiGetTextExtentExW'' Out-of-Bounds Memory Read Microsoft Windows Kernel - win32k Denial of Service (MS16-135) Microsoft Windows Kernel - 'win32k' Denial of Service (MS16-135) Microsoft Windows 10 Kernel - nt!NtTraceControl (EtwpSetProviderTraits) Pool Memory Disclosure Microsoft Windows 10 Kernel - 'nt!NtTraceControl (EtwpSetProviderTraits)' Pool Memory Disclosure Microsoft Windows Kernel - win32k.sys '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel - win32k.sys .TTF Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow) Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow) AIX 5.2 - netpmon Local Elevated Privileges Exploit AIX 5.2 - ipl_varyon Local Elevated Privileges Exploit AIX 5.2 - 'netpmon' Local Privilege Escalation AIX 5.2 - 'ipl_varyon' Local Privilege Escalation Willing Webcam 2.8 - Licence Info Disclosure Local Exploit Willing Webcam 2.8 - Licence Information Disclosure Local Exploit Solaris 7.0 cancel - Exploit Solaris 7.0 chkperm - Exploit Solaris 7.0 - 'cancel' Exploit Solaris 7.0 - 'chkperm' Exploit Apple Mac OSX 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Apple Mac OSX 10.4.x - 'Shared_Region_Make_Private_Np' Kernel Function Local Memory Corruption Apple macOS < 10.12.2 / iOS < 10.2 Kernel - _kernelrpc_mach_port_insert_right_trap Reference Count Leak / Use-After-Free Apple macOS < 10.12.2 / iOS < 10.2 - '_kernelrpc_mach_port_insert_right_trap' Kernel Reference Count Leak / Use-After-Free Mikogo 5.4.1.160608 - Local Credentials Disclosure THOMSON ST585 - 'user.ini' Arbitrary Download THOMSON ST585 - 'user.ini' Arbitrary Disclosure THOMSON TG585n 7.4.3.2 - 'user.ini' Arbitrary Download THOMSON TG585n 7.4.3.2 - 'user.ini' Arbitrary Disclosure Adobe Flash and Reader - Live Malware (PoC) Adobe Flash / Reader - Live Malware (PoC) Unify eWave ServletExec 3 - JSP Source Disclosure Unify eWave ServletExec 3 - .JSP Source Disclosure 1C: Arcadia Internet Store 1.0 - Show Path 1C: Arcadia Internet Store 1.0 - Path Disclosure Adobe ColdFusion 9 - Administrative Login Bypass (Metasploit) Adobe ColdFusion 9 - Administrative Authentication Bypass (Metasploit) Apache Tomcat 6.0.13 - Cookie Handling Quote Delimiter Session ID Disclosure Apache Tomcat 6.0.13 - Insecure Cookie Handling Quote Delimiter Session ID Disclosure myNewsletter 1.1.2 - 'adminLogin.asp' Login Bypass myNewsletter 1.1.2 - 'adminLogin.asp' Authentication Bypass 2BGal 3.0 - '/admin/configuration.inc.php' Local Inclusion Exploit 2BGal 3.0 - '/admin/configuration.inc.php' Local File Inclusion Estate Agent Manager 1.3 - 'default.asp' Login Bypass Property Pro 1.0 - 'vir_Login.asp' Remote Login Bypass Estate Agent Manager 1.3 - 'default.asp' Authentication Bypass Property Pro 1.0 - 'vir_Login.asp' Remote Authentication Bypass Hpecs Shopping Cart - Remote Login Bypass Hpecs Shopping Cart - Remote Authentication Bypass HR Assist 1.05 - 'vdateUsr.asp' Remote Login Bypass HR Assist 1.05 - 'vdateUsr.asp' Remote Authentication Bypass PHPX 3.5.16 - Cookie Poisoning / Login Bypass PHPX 3.5.16 - Cookie Poisoning / Authentication Bypass Absolute File Send 1.0 - Remote Cookie Handling Absolute File Send 1.0 - Remote Insecure Cookie Handling Absolute Poll Manager XE 4.1 - Cookie Handling Absolute Poll Manager XE 4.1 - Insecure Cookie Handling TR News 2.1 - 'login.php' Remote Login Bypass TR News 2.1 - 'login.php' Remote Authentication Bypass PhpAddEdit 1.3 - 'cookie' Login Bypass PhpAddEdit 1.3 - 'cookie' Authentication Bypass 2532/Gigs 1.2.2 Stable - Remote Login Bypass 2532/Gigs 1.2.2 Stable - Remote Authentication Bypass Flexcustomer 0.0.6 - Admin Login Bypass / Possible PHP code writing Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP code writing ClearBudget 0.6.1 - Insecure Database Download ClearBudget 0.6.1 - Insecure Database Disclosure ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities ClanTiger < 1.1.1 - Multiple Insecure Cookie Handling Vulnerabilities 2DayBiz Custom T-shirt Design -(SQL Injection / Cross-Site Scripting 2DayBiz Custom T-shirt Design - SQL Injection / Cross-Site Scripting ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Information Disclosure Vulnerabilities Amiro.CMS 5.4.0.0 - Folder Disclosure Amiro.CMS 5.4.0.0 - Path Disclosure Mura CMS 5.1 - Root Folder Disclosure Mura CMS 5.1 - Root Path Disclosure jgbbs-3.0beta1 - Database Download PSnews - Database Download jgbbs-3.0beta1 - Database Disclosure PSnews - Database Disclosure AspBB - Active Server Page Bulletin Board Database Download Futility Forum 1.0 Revamp - Database Download htmlArea 2.03 - Database Download Uguestbook - Database Download BaalASP 2.0 - Database Download Fully Functional ASP Forum 1.0 - Database Download makit news/blog poster 3.1 - Database Download AspBB - Active Server Page Bulletin Board Database Disclosure Futility Forum 1.0 Revamp - Database Disclosure htmlArea 2.03 - Database Disclosure Uguestbook - Database Disclosure BaalASP 2.0 - Database Disclosure Fully Functional ASP Forum 1.0 - Database Disclosure makit news/blog poster 3.1 - Database Disclosure ASP Battle Blog - Database Download ASP Battle Blog - Database Disclosure Proxyroll.com Clone PHP Script - Cookie Handling Proxyroll.com Clone PHP Script - Insecure Cookie Handling YP Portal MS-Pro Surumu 1.0 - Database Download YP Portal MS-Pro Surumu 1.0 - Database Disclosure Lebi soft Ziyaretci Defteri 7.5 - Database Download Net Gitar Shop 1.0 - Database Download Lebi soft Ziyaretci Defteri 7.5 - Database Disclosure Net Gitar Shop 1.0 - Database Disclosure VP-ASP Shopping Cart 7.0 - Database Download VP-ASP Shopping Cart 7.0 - Database Disclosure Asp VevoCart Control System 3.0.4 - Database Download Asp VevoCart Control System 3.0.4 - Database Disclosure MoME CMS 0.8.5 - Remote Login Bypass RoseOnlineCMS 3 B1 - Remote Login Bypass MoME CMS 0.8.5 - Remote Authentication Bypass RoseOnlineCMS 3 B1 - Remote Authentication Bypass al3jeb script - Remote Login Bypass al3jeb script - Remote Authentication Bypass Al Sat Scripti - Database Download Al Sat Scripti - Database Disclosure Mp3 MuZik - DataBase Download Mp3 MuZik - Database Disclosure My School Script - Data Base Download My School Script - Database Disclosure Azimut Technologie - Admin Login Bypass Azimut Technologie - Admin Authentication Bypass Auction_Software Script - Admin Login Bypass Auction_Software Script - Admin Authentication Bypass BSI Hotel Booking System Admin 1.4/2.0 - Login Bypass BSI Hotel Booking System Admin 1.4/2.0 - Authentication Bypass DeluxeBB 1.3 - Private Info Disclosure DeluxeBB 1.3 - Private Information Disclosure Qcodo Development Framework 0.3.3 - Full Info Disclosure Qcodo Development Framework 0.3.3 - Full Information Disclosure CosmoQuest - Login Bypass CosmoQuest - Authentication Bypass PHProjekt 2.x/3.x - Login Bypass PHProjekt 2.x/3.x - Authentication Bypass MapInfo Discovery 1.0/1.1 - Administrative Login Bypass MapInfo Discovery 1.0/1.1 - Administrative Authentication Bypass Keyvan1 ImageGallery - Database Download Keyvan1 ImageGallery - Database Disclosure Simple File Manager 024 - Login Bypass Simple File Manager 024 - Authentication Bypass Adobe ColdFusion 9 - Administrative Login Bypass Adobe ColdFusion 9 - Administrative Authentication Bypass RASPcalendar 1.01 - [ASP] Admin Login RASPcalendar 1.01 (ASP) - Admin Login Zend-Framework - Full Info Disclosure Zend-Framework - Full Information Disclosure Simple E-document 1.31 - Login Bypass Simple E-document 1.31 - Authentication Bypass ZYXEL P-660HN-T1A Router - Login Bypass ZYXEL P-660HN-T1A Router - Authentication Bypass agXchange ESM - 'ucschcancelproc.jsp' Open redirection agXchange ESM - 'ucschcancelproc.jsp' Open Redirection ESRI ArcGIS for Server - 'where' Form Field SQL Injection ESRI ArcGIS for Server - 'where' Form SQL Injection ZTE ZXHN H108N Router - Unauthenticated Config Download ZTE ZXHN H108N Router - Unauthenticated Config Disclosure FS Car Rental Script - 'pickup_location' SQL Injection FS Amazon Clone - 'category_id' SQL Injection FS Book Store Script - 'category' SQL Injection FS Ebay Clone - 'pd_maincat_id' SQL Injection FS Food Delivery Script - 'keywords' SQL Injection FS Expedia Clone - 'hid' SQL Injection FS Freelancer Clone - 'sk' SQL Injection FS Groupon Clone - 'category' SQL Injection FS Indiamart Clone - 'keywords' SQL Injection FS Lynda Clone - 'category' SQL Injection FS OLX Clone - 'catg_id' SQL Injection	2017-10-25 05:01:35 +00:00
Offensive Security	538da000af	DB: 2017-10-24 10 new exploits FreeBSD 6.1 /dev/crypto - Local Kernel Denial of Service FreeBSD 6.1 - '/dev/crypto' Local Kernel Denial of Service NetBSD FTPd / Tnftpd - Remote Stack Overflow (PoC) NetBSD - 'FTPd / Tnftpd' Remote Stack Overflow (PoC) FreeBSD 6/8 - ata device Local Denial of Service FreeBSD 6/8 - ata Device Local Denial of Service FreeBSD 7.2 - pecoff executable Local Denial of Service FreeBSD 7.2 - 'pecoff' Local Denial of Service FreeBSD / OpenBSD 'ftpd' - Null Pointer Dereference Denial of Service FreeBSD / OpenBSD - 'ftpd' Null Pointer Dereference Denial of Service FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off-By-One (PoC) FreeBSD 8.0 - 'ftpd' (FreeBSD-SA-10:05) Off-By-One (PoC) FreeBSD Kernel - 'mountnfs()' Exploit FreeBSD - 'mountnfs()' Exploit FreeBSD 8.1/7.3 - vm.pmap Kernel Local Race Condition FreeBSD 8.1/7.3 - 'vm.pmap' Local Race Condition Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service BSD/Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service FreeBSD 3.0/3.1/3.2 vfs_cache - Denial of Service FreeBSD 3.0/3.1/3.2 - 'vfs_cache' Denial of Service FreeBSD Kernel - SCTP Remote NULL Ptr Dereference Denial of Service FreeBSD - SCTP Remote NULL Ptr Dereference Denial of Service OpenBSD 3.3/3.4 sysctl - Local Denial of Service OpenBSD 3.3/3.4 - 'sysctl' Local Denial of Service FreeBSD 9.1 ftpd - Remote Denial of Service FreeBSD 9.1 - 'ftpd' Remote Denial of Service FreeBSD 6.0/6.1 Ftrucante - Local Denial of Service FreeBSD 6.0/6.1 - Ftrucante Local Denial of Service NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow NetBSD 3.1 - 'FTPd / Tnftpd' Port Remote Buffer Overflow Multiple BSD Distributions - 'strfmon()' Integer Overflow BSD (Multiple Distributions) - 'strfmon()' Integer Overflow Multiple BSD Distributions - 'gdtoa/misc.c' Memory Corruption BSD (Multiple Distributions) - 'gdtoa/misc.c' Memory Corruption Multiple BSD Distributions - 'printf(3)' Memory Corruption BSD (Multiple Distributions) - 'printf(3)' Memory Corruption FreeBSD Kernel - Multiple Vulnerabilities FreeBSD - Multiple Vulnerabilities FreeBSD 10.2 Kernel (x64) - 'amd64_set_ldt' Heap Overflow FreeBSD 10.2 (x64) - 'amd64_set_ldt' Heap Overflow ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service FreeBSD 3.5.1/4.2 - ports package xklock Privilege Escalation FreeBSD 3.5.1/4.2 - Ports Package elvrec Privilege Escalation FreeBSD 3.5.1/4.2 - Ports Package 'xklock' Privilege Escalation FreeBSD 3.5.1/4.2 - Ports Package 'elvrec' Privilege Escalation OpenBSD ftp - Exploit OpenBSD - 'ftp' Exploit FreeBSD /usr/bin/top - Format String FreeBSD - '/usr/bin/top' Format String FreeBSD 4.x / < 5.4 - master.passwd Disclosure FreeBSD 4.x / < 5.4 - 'master.passwd' Disclosure FreeBSD mcweject 0.9 (eject) - Buffer Overflow Privilege Escalation FreeBSD mcweject 0.9 'Eject' - Buffer Overflow Privilege Escalation Oracle 10g - CTX_DOC.MARKUP SQL Injection Oracle 10g - 'CTX_DOC.MARKUP' SQL Injection FreeBSD 6x/7 protosw Kernel - Privilege Escalation FreeBSD 6x/7 - 'protosw' Privilege Escalation FreeBSD 7.0-RELEASE Telnet Daemon - Privilege Escalation FreeBSD 7.0-RELEASE - Telnet Daemon Privilege Escalation FreeBSD 7.0/7.1 - 'ktimer' Kernel Privilege Escalation FreeBSD 7.0/7.1 - 'ktimer' Privilege Escalation FreeBSD 7.0/7.1 vfs.usermount - Privilege Escalation FreeBSD 7.0/7.1 - 'vfs.usermount' Privilege Escalation Multiple BSD Distributions - 'setusercontext()' Vulnerabilities BSD (Multiple Distributions) - 'setusercontext()' Vulnerabilities FreeBSD Kernel - 'nfs_mount()' Exploit FreeBSD - 'nfs_mount()' Exploit FreeBSD 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit FreeBSD 5.4-RELEASE ftpd 6.00LS - 'sendfile' Memory Leak Exploit Sun Solaris 7.0 sdtcm_convert - Exploit Sun Solaris 7.0 - 'sdtcm_convert' Exploit BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (1) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (2) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (3) BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (1) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (2) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (3) BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit NetBSD 1.3.2 / SGI IRIX 6.5.1 at(1) - Exploit NetBSD 1.3.2 / SGI IRIX 6.5.1 - 'at(1)' Exploit Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (1) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (2) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - 'Lsof' Buffer Overflow (1) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - 'Lsof' Buffer Overflow (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (1) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (1) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2) BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit FreeBSD 3.3 gdc - Buffer Overflow FreeBSD 3.3 gdc - Symlink Exploit FreeBSD 3.3 - Seyon setgid dialer FreeBSD 3.3 xmindpath - Buffer Overflow FreeBSD 3.3 angband - Buffer Overflow FreeBSD 3.3 - 'gdc' Buffer Overflow FreeBSD 3.3 - 'gdc' Symlink Exploit FreeBSD 3.3 - Seyon setgid Dialer FreeBSD 3.3 - 'xmindpath' Buffer Overflow FreeBSD 3.3 - 'angband' Buffer Overflow FreeBSD 3.0/3.1/3.2/3.3/3.4 Asmon/Ascpu - Exploit FreeBSD 3.0/3.1/3.2/3.3/3.4 - 'Asmon'/'Ascpu' Exploit BSD mailx 8.1.1-10 - Buffer Overflow (1) BSD mailx 8.1.1-10 - Buffer Overflow (2) BSD 'mailx' 8.1.1-10 - Buffer Overflow (1) BSD 'mailx' 8.1.1-10 - Buffer Overflow (2) OpenBSD 2.x - fstat Format String OpenBSD 2.x - 'fstat' Format String BSD lpr 0.54 -4 - Arbitrary Command Execution BSD 'lpr' 0.54 -4 - Arbitrary Command Execution FreeBSD 3.5/4.x /usr/bin/top - Format String FreeBSD 3.5/4.x - '/usr/bin/top' Format String Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - 'exec C Library' Standard I/O File Descriptor Closure BSD lpr 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2) BSD lpr 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1) BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2) BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1) BSD Kernel - SHMAT System Call Privilege Escalation BSD - SHMAT System Call Privilege Escalation Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation Linux Kernel < 3.8.x - open-time Capability 'file_ns_capable()' Privilege Escalation FreeBSD 9.0 < 9.1 mmap/ptrace - Privilege Escalation FreeBSD 9.0 < 9.1 - 'mmap/ptrace' Privilege Escalation NetBSD mail.local(8) - Privilege Escalation (Metasploit) NetBSD - 'mail.local(8)' Privilege Escalation (Metasploit) OpenBSD 3.9/4.0 - ld.so Local Environment Variable Clearing OpenBSD 3.9/4.0 - 'ld.so' Local Environment Variable Clearing FreeBSD 7.1 libc - Berkley DB Interface Uninitialized Memory Local Information Disclosure FreeBSD 7.1 - libc Berkley DB Interface Uninitialized Memory Local Information Disclosure Apple Mac OSX 10.10 - DYLD_PRINT_TO_FILE Privilege Escalation Apple Mac OSX 10.10 - 'DYLD_PRINT_TO_FILE' Privilege Escalation Apple Mac OSX 10.10.5 - XNU Privilege Escalation Apple Mac OSX 10.10.5 - 'XNU' Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit) Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Privilege Escalation (Metasploit) NetBSD mail.local(8) - Privilege Escalation (NetBSD-SA2016-006) NetBSD - 'mail.local(8)' Privilege Escalation Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' & 'SO_RCVBUFFORCE' Local Privilege Escalation Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Local Privilege Escalation Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Privilege Escalation Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' / 'SO_RCVBUFFORCE' Privilege Escalation Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Privilege Escalation Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Local Privilege Escalation Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Privilege Escalation Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Privilege Escalation Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Privilege Escalation Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation BSD TelnetD - Remote Command Execution (1) BSD - 'TelnetD' Remote Command Execution (1) ftpd / ProFTPd (FreeBSD) - Remote Command Execution FreeBSD - 'ftpd / ProFTPd' Remote Command Execution FreeBSD Telnet Service - Encryption Key ID Buffer Overflow (Metasploit) FreeBSD - Telnet Service Encryption Key ID Buffer Overflow (Metasploit) BSD 4.2 fingerd - Buffer Overflow BSD 4.2 - 'fingerd' Buffer Overflow BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (1) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (2) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (1) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (2) BSD TelnetD - Remote Command Execution (2) BSD - 'TelnetD' Remote Command Execution (2) FreeBSD 3.x/4.x - ipfw Filtering Evasion FreeBSD 3.x/4.x - 'ipfw' Filtering Evasion FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x FTPd - 'glob()' Buffer Overflow FreeBSD 4.2-stable FTPd - 'glob()' Buffer Overflow Vulnerabilities FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Buffer Overflow FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Vulnerabilities Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - TelnetD Buffer Overflow Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Buffer Overflow NetBSD 1.x TalkD - User Validation NetBSD 1.x - 'TalkD' User Validation tnftp - clientside BSD Exploit tnftp (FreeBSD 8/9/10) - 'tnftp' Client Eide Exploit Ayukov NFTP FTP Client < 2.0 - Buffer Overflow Unitrends UEB 9 - http api/storage Remote Root (Metasploit) Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution (Metasploit) Polycom - Command Shell Authorization Bypass (Metasploit) Joomla! Component Photo Blog alpha 3 - alpha 3a SQL Injection Joomla! Component Photo Blog alpha 3 < alpha 3a - SQL Injection cPanel 10.9 - dosetmytheme 'theme' Cross-Site Scripting cPanel 10.9 - 'dosetmytheme?theme' Cross-Site Scripting Korean GHBoard - Component/upload.jsp Unspecified Arbitrary File Upload Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload TP-Link TL-MR3220 - Cross-Site Scripting Logitech Media Server - Cross-Site Scripting CometChat < 6.2.0 BETA 1 - Local File Inclusion Kaltura < 13.1.0 - Remote Code Execution	2017-10-24 05:02:00 +00:00
Offensive Security	7de3f31675	DB: 2017-10-21 9 new exploits Too many to list!	2017-10-21 05:01:31 +00:00
Offensive Security	5d67bcf186	DB: 2017-10-19 5 new exploits Too many to list!	2017-10-19 05:01:29 +00:00
Offensive Security	461226bd00	DB: 2017-10-17 3 new exploits Microsoft Office - HtmlDlgHelper Class Memory Corruption (MS10-071) Microsoft Office - 'HtmlDlgHelper' Class Memory Corruption (MS10-071) Xcode OpenBase 9.1.5 (OSX) - (Root File Create) Privilege Escalation Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation (Root File Create) Linux modutils 2.3.9 - modprobe Arbitrary Command Execution Linux modutils 2.3.9 - 'modprobe' Arbitrary Command Execution Jan Hubicka Koules 1.4 - Svgalib Buffer Overflow Jan Hubicka Koules 1.4 - 'Svgalib' Buffer Overflow Internet Security Systems 3.6 - ZWDeleteFile Function Arbitrary File Deletion Internet Security Systems 3.6 - 'ZWDeleteFile()' Arbitrary File Deletion Muhammad A. Muquit wwwcount 2.3 - Count.cgi Buffer Overflow Muhammad A. Muquit wwwcount 2.3 - 'Count.cgi' Buffer Overflow Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection Asterisk 'asterisk-addons' 1.2.7/1.4.3 - CDR_ADDON_MYSQL Module SQL Injection Comdev One Admin 4.1 - Adminfoot.php Remote Code Execution Simplog 0.9.3.1 - comments.php SQL Injection Comdev One Admin 4.1 - 'Adminfoot.php' Remote Code Execution Simplog 0.9.3.1 - 'comments.php' SQL Injection Trend Micro Data Loss Prevention Virtual Appliance 5.2 - Path Traversal AlienVault Unified Security Management (USM) 5.4.2 - Cross-Site Request Forgery Webmin 1.850 - Multiple Vulnerabilities	2017-10-17 05:01:30 +00:00
Offensive Security	51c5257c7f	DB: 2017-10-14 11 new exploits FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service FreeBSD 6.1-RELEASE-p10 - 'ftruncate' Local Denial of Service FreeBSD 6.1-RELEASE-p10 - 'scheduler' Local Denial of Service Mozilla Firefox 3.5.10/3.6.6 - WMP Memory Corruption Using Popups Mozilla Firefox 3.5.10/3.6.6 - 'WMP' Memory Corruption Using Popups mIRC 6.1 - DCC SEND Buffer Overflow (1) mIRC 6.1 - DCC SEND Buffer Overflow (2) mIRC 6.1 - 'DCC SEND' Buffer Overflow (1) mIRC 6.1 - 'DCC SEND' Buffer Overflow (2) Adobe Reader 9.1.3 and Acrobat - COM Objects Memory Corruption Remote Code Execution Adobe Reader 9.1.3 / Acrobat - COM Objects Memory Corruption Remote Code Execution Oracle Solaris - 'su' Local Solaris Oracle Solaris - 'su' Local Exploit Mozilla Firefox - Array.reduceRight() Integer Overflow (Metasploit) (2) Mozilla Firefox - 'Array.reduceRight()' Integer Overflow (Metasploit) (2) Sync Breeze Enterprise 10.1.16 - Buffer Overflow (SEH) (Metasploit) Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes) phpBB RPG Events 1.0 - functions_rpg_events Remote File Inclusion phpBB RPG Events 1.0 - 'functions_rpg_events' Remote File Inclusion cPanel 10.8.x - (cpwrap via MySQLAdmin) Privilege Escalation (PHP) cPanel 10.8.x - 'cpwrap' via MySQLAdmin Privilege Escalation (PHP) WWWISIS 7.1 - (IsisScript) Local File Disclosure / Cross-Site Scripting WWWISIS 7.1 - 'IsisScript' Local File Disclosure / Cross-Site Scripting SCT Campus Pipeline 1.0/2.x/3.x - Render.UserLayoutRootNode.uP Cross-Site Scripting SCT Campus Pipeline 1.0/2.x/3.x - 'Render.UserLayoutRootNode.uP' Cross-Site Scripting YaPiG 0.95b - view.php img_size Parameter Cross-Site Scripting Accelerated Mortgage Manager - Password Field SQL Injection YaPiG 0.95b - 'view.php?img_size' Cross-Site Scripting Accelerated Mortgage Manager - 'Password' SQL Injection YaPiG 0.9x - Thanks_comment.php Cross-Site Scripting YaPiG 0.9x - 'Thanks_comment.php' Cross-Site Scripting Bloq 0.5.4 - 'index.php' page[path] Parameter Remote File Inclusion Bloq 0.5.4 - admin.php page[path] Parameter Remote File Inclusion Bloq 0.5.4 - rss.php page[path] Parameter Remote File Inclusion Bloq 0.5.4 - rss2.php page[path] Parameter Remote File Inclusion Bloq 0.5.4 - rdf.php page[path] Parameter Remote File Inclusion Bloq 0.5.4 - files/mainfile.php page[path] Parameter Remote File Inclusion Xoops 2.2.3 - search.php Cross-Site Scripting Bloq 0.5.4 - 'index.php?page[path]' Remote File Inclusion Bloq 0.5.4 - 'admin.php?page[path]' Remote File Inclusion Bloq 0.5.4 - 'rss.php?page[path]' Remote File Inclusion Bloq 0.5.4 - 'rss2.php?page[path]' Remote File Inclusion Bloq 0.5.4 - 'rdf.php?page[path]' Remote File Inclusion Bloq 0.5.4 - 'files/mainfile.php?page[path]' Remote File Inclusion Xoops 2.2.3 - 'search.php' Cross-Site Scripting Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection Typo3 Extension JobControl 2.14.0 - Cross-Site Scripting / SQL Injection TYPO3 ke DomPDF Extension - Remote Code Execution TYPO3 Extension ke DomPDF - Remote Code Execution TYPO3 Akronymmanager Extension 0.5.0 - SQL Injection TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection TYPO3 News Module - SQL Injection TYPO3 Extension News - SQL Injection OctoberCMS 1.0.425 (Build 425) - Cross-Site Scripting E-Sic Software livre CMS - 'q' Parameter SQL Injection E-Sic Software livre CMS - Autentication Bypass E-Sic Software livre CMS - 'cpfcnpj' Parameter SQL Injection E-Sic Software livre CMS - 'f' Parameter SQL Injection E-Sic Software livre CMS - Cross Site Scripting TYPO3 Extension Restler 1.7.0 - Local File Disclosure Dreambox Plugin BouquetEditor - Cross-Site Scripting phpMyFAQ 2.9.8 - Cross-Site Scripting	2017-10-14 05:01:31 +00:00
Offensive Security	3cfdd1cc27	DB: 2017-10-12 5 new exploits MultiTheftAuto 0.5 patch 1 - Server Crash and MOTD Deletion Exploit MultiTheftAuto 0.5 patch 1 - Server Crash / MOTD Deletion Exploit Amaya Web Editor 11.0 - XML and HTML parser Vulnerabilities Amaya Web Editor 11.0 - XML / HTML Parser Vulnerabilities Apple Safari & QuickTime - Denial of Service Apple Safari / QuickTime - Denial of Service Real Helix DNA - RTSP and SETUP Request Handler Vulnerabilities Real Helix DNA - RTSP / SETUP Request Handler Vulnerabilities Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service and Unspecified Vulnerabilities Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities Novell Netware - CIFS And AFP Remote Memory Consumption Denial of Service Novell Netware - CIFS and AFP Remote Memory Consumption Denial of Service Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities Multiple Adobe Products - XML External Entity / XML Injection Vulnerabilities Ghost Recon Advanced Warfighter - Integer Overflow and Array Indexing Overflow Ghost Recon Advanced Warfighter - Integer Overflow / Array Indexing Overflow Webkit (Apple Safari < 4.1.2/5.0.2 & Google Chrome < 5.0.375.125) - Memory Corruption Webkit (Apple Safari < 4.1.2/5.0.2 / Google Chrome < 5.0.375.125) - Memory Corruption Mozilla Firefox - Interleaving document.write and appendChild Denial of Service Mozilla Firefox - Interleaving 'document.write' / 'appendChild' Denial of Service Avirt Mail 4.0/4.2 - 'Mail From:' and 'Rcpt to:' Denial of Service Avirt Mail 4.0/4.2 - 'Mail From:' / 'Rcpt to:' Denial of Service BRS Webweaver 1.0 4 - POST and HEAD Denial of Service BRS Webweaver 1.0 4 - POST / HEAD Denial of Service Microsoft IIS 5.0 - WebDAV PROPFIND and SEARCH Method Denial of Service Microsoft IIS 5.0 - WebDAV PROPFIND / SEARCH Method Denial of Service Microsoft Internet Explorer 5.0.1 - Malformed IMG and XML Parsing Denial of Service Microsoft Internet Explorer 5.0.1 - Malformed .IMG / .XML Parsing Denial of Service Extended Module Player (xmp) 2.5.1 - 'oxm.c' And 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities Extended Module Player (xmp) 2.5.1 - 'oxm.c' / 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption (PoC) (MS14-035) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free / Memory Corruption (PoC) (MS14-035) Ubisoft Ghost Recon Advanced Warfighter - Integer Overflow and Array Indexing Overflow Ubisoft Ghost Recon Advanced Warfighter - Integer Overflow / Array Indexing Overflow Adobe Photoshop CC & Bridge CC - '.iff' Parsing Memory Corruption Adobe Photoshop CC / Bridge CC - '.iff' Parsing Memory Corruption Nitro Pro 10.5.7.32 & Nitro Reader 5.5.3.1 - Heap Memory Corruption Nitro Pro 10.5.7.32 / Nitro Reader 5.5.3.1 - Heap Memory Corruption Microsoft Windows - GDI+ EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) Microsoft Windows - GDI+ EMR_EXTTEXTOUTA / EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) Google Android - 'cfp_ropp_new_key_reenc' and 'cfp_ropp_new_key' RKP Memory Corruption Google Android - 'cfp_ropp_new_key_reenc' / 'cfp_ropp_new_key' RKP Memory Corruption Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages (MS17-017) Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc / nt!ExpFindAndRemoveTagBigPages (MS17-017) Microsoft Windows 7 Kernel - Pool-Based Out-of-Bounds Reads Due to bind() Implementation Bugs in afd.sys and tcpip.sys Microsoft Windows 7 Kernel - Pool-Based Out-of-Bounds Reads Due to bind() Implementation Bugs in afd.sys / tcpip.sys binutils 2.29.51.20170921 - 'read_1_byte' Heap-Based Buffer Overflow BSD & Linux umount - Privilege Escalation BSD / Linux - 'umount' Privilege Escalation BSD & Linux lpr - Privilege Escalation BSD / Linux - 'lpr' Privilege Escalation DelphiTurk CodeBank 3.1 - Local 'Username' and Password Disclosure DelphiTurk CodeBank 3.1 - Local Username and Password Disclosure SystemTap 1.0/1.1 - '__get_argv()' and '__get_compat_argv()' Local Memory Corruption SystemTap 1.0/1.1 - '__get_argv()' / '__get_compat_argv()' Local Memory Corruption Filemaker Pro 13.03 & Advanced 12.04 - Login Bypass / Privilege Escalation Filemaker Pro 13.03 / Advanced 12.04 - Login Bypass / Privilege Escalation ASX to MP3 converter < 3.1.3.7 - Stack Overflow (DEP Bypass) ASX to MP3 converter < 3.1.3.7 - '.asx' Stack Overflow (DEP Bypass) ASX to MP3 3.1.3.7 - '.m3u' Buffer Overflow Microsoft Windows - WINS Vulnerability and OS/SP Scanner Microsoft Windows - WINS Vulnerability + OS/SP Scanner Mozilla Firefox 3.6.8 < 3.6.11 - Interleaving document.write and appendChild Exploit (From the Wild) Mozilla Firefox 3.6.8 < 3.6.11 - Interleaving 'document.write' / 'appendChild' Exploit Mozilla Firefox - Interleaving document.write and appendChild Exploit (Metasploit) Mozilla Firefox - Interleaving 'document.write' / 'appendChild' Exploit (Metasploit) Quest InTrust 10.4.x - ReportTree and SimpleTree Classes Quest InTrust 10.4.x - ReportTree / SimpleTree Classes SunOS 4.1.3 - LD_LIBRARY_PATH and LD_OPTIONS SunOS 4.1.3 - LD_LIBRARY_PATH / LD_OPTIONS Exploit RedHat Linux 5.1 & Caldera OpenLinux Standard 1.2 - Mountd RedHat Linux 5.1 / Caldera OpenLinux Standard 1.2 - Mountd Microsoft IIS 3.0/4.0 - Using ASP And FSO To Read Server Files Microsoft IIS 3.0/4.0 - Using ASP and FSO To Read Server Files tcpdump 3.4 - Protocol Four and Zero Header Length tcpdump 3.4 - Protocol Four / Zero Header Length Symantec pcAnywhere 12.5.0 - Login and Password Field Buffer Overflow Symantec pcAnywhere 12.5.0 - 'Login' / 'Password' Buffer Overflow Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit Microsoft Internet Explorer 5.0/4.0.1 - iFrame Exploit Internet Security Systems ICECap Manager 2.0.23 - Default 'Username' and Password Internet Security Systems ICECap Manager 2.0.23 - Default Username and Password Technote 2000/2001 - 'Filename' Parameter Command Execution And File Disclosure Technote 2000/2001 - 'Filename' Parameter Command Execution and File Disclosure WFTPD 3.0 - 'RETR' and 'CWD' Buffer Overflow WFTPD 3.0 - 'RETR' / 'CWD' Buffer Overflow EFTP Server 2.0.7.337 - Directory and File Existence EFTP Server 2.0.7.337 - Directory Existence / File Existence Bajie HTTP Server 0.95 - Example Scripts And Servlets Cross-Site Scripting Bajie HTTP Server 0.95 - Example Scripts and Servlets Cross-Site Scripting InternetNow ProxyNow 2.6/2.75 - Multiple Stack and Heap Overflow Vulnerabilities InternetNow ProxyNow 2.6/2.75 - Multiple Stack / Heap Overflow Vulnerabilities Microsoft Windows XP - Help And Support Center Interface Spoofing Microsoft Windows XP - Help and Support Center Interface Spoofing BigAnt Server 2.97 - SCH And DUPF Buffer Overflow (Metasploit) BigAnt Server 2.97 - SCH / DUPF Buffer Overflow (Metasploit) Adobe Acrobat 7.0 / Adobe Reader 7.0 - File Existence and Disclosure Adobe Acrobat 7.0 / Adobe Reader 7.0 - File Existence / File Disclosure Apache 2.2.6 mod_negotiation - HTML Injection and HTTP Response Splitting Apache 2.2.6 mod_negotiation - HTML Injection / HTTP Response Splitting 3D-FTP 8.01 - 'LIST' and 'MLSD' Directory Traversal 3D-FTP 8.01 - 'LIST' / 'MLSD' Directory Traversal Apache Tomcat 7.0.4 - 'sort' and 'orderBy' Parameters Cross-Site Scripting Apache Tomcat 7.0.4 - 'sort' / 'orderBy' Cross-Site Scripting Apple macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read Apple macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution / Arbitrary File Read Github Enterprise - Default Session Secret And Deserialization (Metasploit) Github Enterprise - Default Session Secret and Deserialization (Metasploit) VX Search Enterprise 10.1.12 - Buffer Overflow QUOTE&ORDERING SYSTEM 1.0 - 'ordernum' Multiple Vulnerabilities Quote&Ordering System 1.0 - 'ordernum' Multiple Vulnerabilities Joomla! Component Flash uploader 2.5.1 - Remote File Inclusion Joomla! Component Flash Uploader 2.5.1 - Remote File Inclusion FlexPHPNews 0.0.6 & PRO - Authentication Bypass FlexPHPNews 0.0.6 / PRO - Authentication Bypass click&rank - SQL Injection / Cross-Site Scripting Click&Rank - SQL Injection / Cross-Site Scripting WordPress Core & MU & Plugins - 'admin.php' Privileges Unchecked / Multiple Information Disclosures WordPress Core / MU / Plugins - 'admin.php' Privileges Unchecked / Multiple Information Disclosures PRE HOTELS&RESORTS MANAGEMENT SYSTEM - Authentication Bypass Pre Hotels&Resorts Management System - Authentication Bypass PHP-Nuke CMS - (Survey and Poll) SQL Injection PHP-Nuke CMS (Survey and Poll) - SQL Injection 60 cycleCMS 2.5.2 - Cross-Site Request Forgery (Change 'Username' and Password) 60 cycleCMS 2.5.2 - Cross-Site Request Forgery (Change Username and Password) XT-Commerce 1.0 Beta 1 - Pass / Creat and Download Backup XT-Commerce 1.0 Beta 1 - Pass / Create and Download Backup Allomani Songs & Clips Script 2.7.0 - Cross-Site Request Forgery (Add Admin) Allomani Songs & Clips 2.7.0 - Cross-Site Request Forgery (Add Admin) Sun i-Runbook 2.5.2 - Directory And File Content Disclosure Sun i-Runbook 2.5.2 - Directory and File Content Disclosure DUclassmate 1.x - account.asp MM-recordId Parameter Arbitrary Password Modification DUclassmate 1.x - 'account.asp MM-recordId' Arbitrary Password Modification DUforum 3.x - messages.asp FOR_ID Parameter SQL Injection DUforum 3.x - messageDetail.asp MSG_ID Parameter SQL Injection DUforum 3.x - 'messages.asp FOR_ID' SQL Injection DUforum 3.x - 'messageDetail.asp MSG_ID' SQL Injection SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation And Input Validation SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation / Input Validation JAF CMS 4.0.0 RC2 - 'website' and 'main_dir' Parameters Multiple Remote File Inclusion JAF CMS 4.0.0 RC2 - 'website' / 'main_dir' Multiple Remote File Inclusion WordPress Plugin WP BackupPlus - Database And Files Backup Download WordPress Plugin WP BackupPlus - Database and Files Backup Download WebsiteKit Gbplus - Name and Body Fields HTML Injection Vulnerabilities WebsiteKit Gbplus - 'Name' / 'Body' HTML Injection Gogs - (users and repos q pararm) SQL Injection Gogs - users and repos q SQL Injection WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection WebFileExplorer 3.6 - 'user' / 'pass' SQL Injection Joomla! Component 'com_tree' - 'key' Parameter SQL Injection Joomla! Component com_tree - 'key' Parameter SQL Injection Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities WeBid - Multiple Cross-Site Scripting And LDAP Injection Vulnerabilities WeBid - Multiple Cross-Site Scripting / LDAP Injection Vulnerabilities Squiz CMS - Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities Squiz CMS - Multiple Cross-Site Scripting / XML External Entity Injection Vulnerabilities TOTOLINK Routers - Backdoor and Remote Code Execution (PoC) TOTOLINK Routers - Backdoor / Remote Code Execution (PoC) up.time 7.5.0 - Arbitrary File Disclose And Delete Exploit up.time 7.5.0 - Upload And Execute File Exploit up.time 7.5.0 - Arbitrary File Disclose and Delete Exploit up.time 7.5.0 - Upload and Execute Exploit Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass Wildfly - 'WEB-INF' / 'META-INF' Information Disclosure via Filter Restriction Bypass WebKit - enqueuePageshowEvent and enqueuePopstateEvent Universal Cross-Site Scripting WebKit - 'enqueuePageshowEvent' / 'enqueuePopstateEvent' Universal Cross-Site Scripting WebKit - 'Document::prepareForDestruction' and 'CachedFrame' Universal Cross-Site Scripting WebKit - 'Document::prepareForDestruction' / 'CachedFrame' Universal Cross-Site Scripting WebKit JSC - 'JSObject::putInlineSlow and JSValue::putToPrimitive' Universal Cross-Site Scripting WebKit JSC - 'JSObject::putInlineSlow' / 'JSValue::putToPrimitive' Universal Cross-Site Scripting Trend Micro OfficeScan 11.0/XG (12.0) - Remote Code Execution (Metasploit) Trend Micro InterScan Messaging Security (Virtual Appliance) - Remote Code Execution (Metasploit)	2017-10-12 05:01:34 +00:00
Offensive Security	b77b178de0	DB: 2017-10-11 4 new exploits Hasbani-WindWeb/2.0 - HTTP GET Remote Denial of Service Hasbani-WindWeb/2.0 - GET Remote Denial of Service KingSoft - 'UpdateOcx2.dll' 'SetUninstallName()' Heap Overflow (PoC) KingSoft - 'UpdateOcx2.dll SetUninstallName()' Heap Overflow (PoC) Konqueror 3.5.9 - (color/bgcolor) Multiple Remote Crash Vulnerabilities Konqueror 3.5.9 - 'color'/'bgcolor' Multiple Remote Crash Vulnerabilities WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service Konqueror 3.5.9 - (load) Remote Crash WinFTP Server 2.3.0 - 'PASV Mode' Remote Denial of Service Konqueror 3.5.9 - 'load' Remote Crash Nokia Mini Map Browser - (array sort) Silent Crash Nokia Mini Map Browser - 'Array Sort' Silent Crash vBulletin Cyb - Advanced Forum Statistics - 'misc.php' Denial of Service vBulletin Cyb - Advanced Forum Statistics 'misc.php' Denial of Service VideoLAN VLC Media Player < 1.1.4 - '.xspf' 'smb://' URI Handling Remote Stack Overflow (PoC) VideoLAN VLC Media Player < 1.1.4 - '.xspf smb://' URI Handling Remote Stack Overflow (PoC) HP OpenView Network Node Manager (OV NNM) - 'webappmon.exe' 'execvp_nc' Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'webappmon.exe execvp_nc' Remote Code Execution RarCrack 0.2 - 'Filename' 'init()' '.bss' (PoC) RarCrack 0.2 - 'Filename init() .bss' (PoC) VideoLAN VLC Media Player 1.1 - Subtitle 'StripTags()' Function Memory Corruption VideoLAN VLC Media Player 1.1 - Subtitle 'StripTags()' Memory Corruption PHP 'Exif' Extension - 'exif_read_data()' Function Remote Denial of Service PHP 'Exif' Extension - 'exif_read_data()' Remote Denial of Service GNU glibc < 2.12.2 - 'fnmatch()' Function Stack Corruption GNU glibc < 2.12.2 - 'fnmatch()' Stack Corruption PyPAM - Python bindings for PAM - Double-Free Corruption PyPAM Python bindings for PAM - Double-Free Corruption Tiny Server 1.1.9 - HTTP HEAD Denial of Service Tiny Server 1.1.9 - HEAD Denial of Service Symantec End Point Protection 11.x - & Symantec Network Access Control 11.x - LCE (PoC) Symantec End Point Protection 11.x / Symantec Network Access Control 11.x - Local Code Execution (PoC) MAILsweeper - SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2/5.2.1 - File Scanner Malicious Archive Denial of Service MAILsweeper SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2/5.2.1 - File Scanner Malicious Archive Denial of Service FL Studio 10 Producer Edition -Buffer Overflow (SEH) (PoC) FL Studio 10 Producer Edition - Buffer Overflow (SEH) (PoC) Intellicom 1.3 - 'NetBiterConfig.exe' 'Hostname' Data Remote Stack Buffer Overflow Intellicom 1.3 - 'NetBiterConfig.exe Hostname' Data Remote Stack Buffer Overflow MyServer 0.4.3 - HTTP GET Argument Buffer Overflow MyServer 0.5 - HTTP GET Argument Buffer Overflow MyServer 0.4.3 - GET Argument Buffer Overflow MyServer 0.5 - GET Argument Buffer Overflow Cisco Aironet AP1x00 - Malformed HTTP GET Denial of Service Cisco Aironet AP1x00 - GET Denial of Service McAfee ePolicy Orchestrator 1.x/2.x/3.0 - Agent HTTP POST Buffer Mismanagement McAfee ePolicy Orchestrator 1.x/2.x/3.0 Agent - POST Buffer Mismanagement Orenosv HTTP/FTP Server 0.5.9 - HTTP GET Denial of Service (1) Orenosv HTTP/FTP Server 0.5.9 - HTTP GET Denial of Service (2) Orenosv HTTP/FTP Server 0.5.9 - HTTP GET Denial of Service (3) Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (1) Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (2) Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (3) Gattaca Server 2003 - 'web.tmpl' 'Language' Parameter CPU Consumption (Denial of Service) Gattaca Server 2003 - 'web.tmpl Language' Parameter CPU Consumption (Denial of Service) Microsoft Windows XP - 'explorer.exe' '.tiff' Image Denial of Service Microsoft Windows XP - 'explorer.exe .tiff' Image Denial of Service PHPMailer 1.7 - 'Data()' Function Remote Denial of Service PHPMailer 1.7 - 'Data()' Remote Denial of Service Apple Mac OSX 10.x - '.zip' Parsing 'BOMStackPop()' Function Overflow Apple Mac OSX 10.x - '.zip' BOMStackPop()' Overflow MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities MailEnable 2.x - SMTP NTLM Authentication Multiple Vulnerabilities Microsoft Windows Explorer - 'explorer.exe' '.WMV' File Handling Denial of Service Microsoft Windows Explorer - 'explorer.exe .WMV' File Handling Denial of Service MW6 Technologies Aztec - ActiveX 'Data Pparameter Buffer Overflow MW6 Technologies Aztec - ActiveX 'Data' Parameter Buffer Overflow Multiple BSD Distributions - 'strfmon()' Function Integer Overflow Multiple BSD Distributions - 'strfmon()' Integer Overflow HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'StartApp' ActiveX Control Insecure Method HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'RegistryString' Buffer Overflow HP Instant Support 1.0.22 - 'HPISDataManager.dll StartApp' ActiveX Control Insecure Method HP Instant Support 1.0.22 - 'HPISDataManager.dll RegistryString' Buffer Overflow Apple iOS 1.1.4/2.0 / iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service Apple iOS 1.1.4/2.0 / iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Remote Denial of Service KDE Konqueror 3.5.9 - JavaScript 'load' Function Denial of Service KDE Konqueror 3.5.9 - JavaScript 'load' Denial of Service GNU glibc 2.x - 'strfmon()' Function Integer Overflow GNU glibc 2.x - 'strfmon()' Integer Overflow Sun Java System Web Server 6.1/7.0 - HTTP 'TRACE' Heap Buffer Overflow Sun Java System Web Server 6.1/7.0 - 'TRACE' Heap Buffer Overflow PHP 5.3.1 - 'session_save_path()' 'Safe_mode()' Restriction Bypass Exploiot PHP 5.3.1 - 'session_save_path() Safe_mode()' Restriction Bypass Exploiot Microsoft Windows XP/Vista - '.ani' 'tagBITMAPINFOHEADER' Denial of Service Microsoft Windows XP/Vista - '.ani tagBITMAPINFOHEADER' Denial of Service PHP 5.3.2 - 'zend_strtod()' Function Floating-Point Value Denial of Service PHP 5.3.2 - 'zend_strtod()' Floating-Point Value Denial of Service PHP 5.3.x 'Intl' Extension - 'NumberFormatter::setSymbol()' Function Denial of Service PHP 5.3.x 'Zip' Extension - 'stream_get_contents()' Function Denial of Service PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Function Denial of Service PHP < 5.3.6 'OpenSSL' Extension - 'openssl_encrypt' Function Plaintext Data Memory Leak Denial of Service PHP < 5.3.6 'OpenSSL' Extension - 'openssl_decrypt' Function Ciphertext Data Memory Leak Denial of Service Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service PHP 5.3.x 'Intl' Extension - 'NumberFormatter::setSymbol()' Denial of Service PHP 5.3.x 'Zip' Extension - 'stream_get_contents()' Denial of Service PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Denial of Service PHP < 5.3.6 'OpenSSL' Extension - 'openssl_encrypt' Plaintext Data Memory Leak Denial of Service PHP < 5.3.6 'OpenSSL' Extension - 'openssl_decrypt' Ciphertext Data Memory Leak Denial of Service Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Remote Denial of Service Apple Mac OSX 10.10 - BlueTooth DispatchHCICreateConnection - Crash (PoC) Apple Mac OSX 10.10 - BlueTooth BlueToothHCIChangeLocalName - Crash (PoC) Apple Mac OSX 10.10 - BlueTooth TransferACLPacketToHW - Crash (PoC) Apple Mac OSX 10.10 - BlueTooth DispatchHCIWriteStoredLinkKey - Crash (PoC) Apple Mac OSX 10.10 - BlueTooth DispatchHCICreateConnection Crash (PoC) Apple Mac OSX 10.10 - BlueTooth BlueToothHCIChangeLocalName Crash (PoC) Apple Mac OSX 10.10 - BlueTooth TransferACLPacketToHW Crash (PoC) Apple Mac OSX 10.10 - BlueTooth DispatchHCIWriteStoredLinkKey Crash (PoC) CoDeSys 3.4 - HTTP POST Null Pointer Content-Length Parsing Remote Denial of Service CoDeSys 3.4 - POST Null Pointer Content-Length Parsing Remote Denial of Service Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to - Malformed CFF Table Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to Malformed CFF Table Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access BT Home Hub - 'uuid' field Buffer Overflow BT Home Hub - 'uuid' Buffer Overflow Squid - 'httpMakeVaryMark()' Function Remote Denial of Service Squid - 'httpMakeVaryMark()' Remote Denial of Service Python 3.3 < 3.5 - 'product_setstate()' Function Out-of-Bounds Read Python 3.3 < 3.5 - 'product_setstate()' Out-of-Bounds Read Microsoft Windows - 'ndis.sys' IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117) Microsoft Windows - 'ndis.sys' IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) Pool Buffer Overflow (MS15-117) Broadcom Wi-Fi SoC - Heap Overflow in _wlc_tdls_cal_mic_chk_ Due to Large RSN IE in TDLS Setup Confirm Frame Broadcom Wi-Fi SoC - Heap Overflow 'wlc_tdls_cal_mic_chk' Due to Large RSN IE in TDLS Setup Confirm Frame Microsoft Windows Kernel - win32k.sys .TTF Font Processing - Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel - win32k.sys '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit) ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit ProFTPd - 'ftpdctl pr_ctrls_connect' Exploit CDRecord's ReadCD - '$RSH' 'exec()' SUID Shell Creation CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation SGI IRIX 6.5.28 - (runpriv) Design Error SGI IRIX 6.5.28 - 'runpriv' Design Error PHP < 4.4.5/5.2.1 - 'shmop' Functions Local Code Execution PHP < 4.4.5/5.2.1 - 'shmop' Local Code Execution PHP < 4.4.5/5.2.1 - '_SESSION' 'unset()' Local Exploit PHP < 4.4.5/5.2.1 - '_SESSION unset()' Local Exploit FreeBSD 6.4 - pipeclose()/knlist_cleardel() Race Condition FreeBSD 7.2 VFS/devfs - Race Condition FreeBSD 6.4 - 'pipeclose()'/'knlist_cleardel()' Race Condition FreeBSD 7.2 - VFS/devfs Race Condition Microsoft Windows 7 - 'wab32res.dll' 'wab.exe' DLL Hijacking Microsoft Windows 7 - 'wab32res.dll wab.exe' DLL Hijacking Oracle 10/11g - 'exp.exe' 'file' Parameter Local Buffer Overflow (PoC) Oracle 10/11g - 'exp.exe file' Parameter Local Buffer Overflow (PoC) Microsoft Visio - 'VISIODWG.dll' '.DXF' File Handling (MS10-028) (Metasploit) Microsoft Visio - 'VISIODWG.dll .DXF' File Handling (MS10-028) (Metasploit) ACDSee FotoSlate - '.PLP' File id Parameter Overflow (Metasploit) ACDSee FotoSlate - '.PLP' File 'id' Parameter Overflow (Metasploit) Netscape iCal 2.1 Patch2 iPlanet iCal - 'iplncal.sh' Permissions Netscape iCal 2.1 Patch2 - iPlanet iCal 'iplncal.sh' Permissions PLIB 1.8.5 - ssg/ssgParser.cxx Buffer Overflow PLIB 1.8.5 - 'ssg/ssgParser.cxx' Buffer Overflow Linux PAM 0.77 - Pam_Wheel Module 'getlogin()' 'Username' Spoofing Privilege Escalation Linux PAM 0.77 - Pam_Wheel Module 'getlogin() Username' Spoofing Privilege Escalation Microsoft ListBox/ComboBox Control - 'User32.dll' Function Buffer Overrun Microsoft ListBox/ComboBox Control - 'User32.dll' Buffer Overrun PHP 4.x/5.0/5.1 - 'mb_send_mail()' Function Parameter Restriction Bypass PHP 4.x/5.0/5.1 - 'mb_send_mail()' Parameter Restriction Bypass Microsoft Windows - 'ndproxy.sys' - Privilege Escalation (Metasploit) Microsoft Windows - 'ndproxy.sys' Privilege Escalation (Metasploit) Microsoft Windows - SeImpersonatePrivilege - Privilege Escalation Microsoft Windows - 'SeImpersonatePrivilege' Privilege Escalation Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (1) Microsoft Windows Kernel - 'win32k.sys NtSetWindowLongPtr' Privilege Escalation (MS16-135) (1) Linux Kernel 2.6.x - 'rds_recvmsg()' Function Local Information Disclosure Linux Kernel 2.6.x - 'rds_recvmsg()' Local Information Disclosure MASM321 11 Quick Editor - '.qeditor' 4.0g - '.qse' File Buffer Overflow (SEH) (ASLR + SafeSEH Bypass) MASM321 11 Quick Editor '.qeditor' 4.0g - '.qse' File Buffer Overflow (SEH) (ASLR + SafeSEH Bypass) CompuSource Systems - Real Time Home Banking - Privilege Escalation CompuSource Systems Real Time Home Banking - Privilege Escalation Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (SUID Method) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (SUID Method) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition (PoC) (Write Access Method) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW PTRACE_POKEDATA' Race Condition (PoC) (Write Access Method) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (/etc/passwd Method) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (/etc/passwd Method) Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (2) Microsoft Windows Kernel - 'win32k.sys NtSetWindowLongPtr' Privilege Escalation (MS16-135) (2) OpenBSD - 'at' 'Stack Clash' Local Privilege Escalation Linux Kernel - 'offset2lib' 'Stack Clash' Exploit Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap' 'Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64' 'Stack Clash' Local Privilege Escalation Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic' 'Stack Clash' Local Privilege Escalation OpenBSD - 'at Stack Clash' Local Privilege Escalation Linux Kernel - 'offset2lib Stack Clash' Exploit Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Local Privilege Escalation Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation Microsoft Windows - LNK Shortcut File Code Execution (Metasploit) Microsoft Windows - '.LNK' Shortcut File Code Execution (Metasploit) Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow Microsoft Windows 10 RS2 (x64) - 'win32kfull!bFill' Pool Overflow ASX to MP3 converter < 3.1.3.7 - Stack Overflow (DEP Bypass) Xine-Lib 1.1 - (media player library) Remote Format String CA iTechnology iGateway - (debug mode) Remote Buffer Overflow Xine-Lib 1.1 - 'Media Player Library' Remote Format String CA iTechnology iGateway - 'Debug Mode' Remote Buffer Overflow Microsoft Windows - NetpManageIPCConnect - Stack Overflow (MS06-070) (Python) Microsoft Windows - 'NetpManageIPCConnect' Stack Overflow (MS06-070) (Python) Microsoft Windows - DNS RPC - Remote Buffer Overflow (2) Microsoft Windows - DNS RPC Remote Buffer Overflow (2) 3proxy 0.5.3g (Linux) - 'proxy.c' 'logurl()' Remote Buffer Overflow 3proxy 0.5.3g (Windows x86) - 'proxy.c' 'logurl()' Remote Buffer Overflow 3proxy 0.5.3g - (exec-shield) 'proxy.c' 'logurl()' Remote Overflow 3proxy 0.5.3g (Linux) - 'proxy.c logurl()' Remote Buffer Overflow 3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow 3proxy 0.5.3g - (exec-shield) 'proxy.c logurl()' Remote Overflow NCTAudioStudio2 - ActiveX DLL 2.6.1.148 'CreateFile()/ Insecure Method NCTAudioStudio2 - ActiveX DLL 2.6.1.148 'CreateFile()'/ Insecure Method CHILKAT ASP String - 'CkString.dll 1.1' 'SaveToFile()' Insecure Method CHILKAT ASP String - 'CkString.dll 1.1 SaveToFile()' Insecure Method GlobalLink 2.7.0.8 - 'glItemCom.dll' 'SetInfo()' Heap Overflow GlobalLink 2.7.0.8 - 'glItemCom.dll SetInfo()' Heap Overflow GlobalLink 2.7.0.8 - 'glitemflat.dll' 'SetClientInfo()' Heap Overflow Ultra Crypto Component - 'CryptoX.dll 2.0' 'SaveToFile()' Insecure Method GlobalLink 2.7.0.8 - 'glitemflat.dll SetClientInfo()' Heap Overflow Ultra Crypto Component - 'CryptoX.dll 2.0 SaveToFile()' Insecure Method Microsoft Visual FoxPro 6.0 - FPOLE.OCX Arbitrary Command Execution Microsoft Visual FoxPro 6.0 - 'FPOLE.OCX' Arbitrary Command Execution WebKit - 'Document()' Function Remote Information Disclosure WebKit - 'Document()' Remote Information Disclosure Microsoft Internet Explorer 6/7/8 - 'winhlp32.exe' 'MsgBox()' Remote Code Execution Microsoft Internet Explorer 6/7/8 - 'winhlp32.exe MsgBox()' Remote Code Execution Liquid XML Studio 2010 < 8.061970 - 'LtXmlComHelp8.dll' 'OpenFile()' Remote Overflow Liquid XML Studio 2010 < 8.061970 - 'LtXmlComHelp8.dll OpenFile()' Remote Overflow Bigant Messenger 2.52 - 'AntCore.dll' 'RegisterCom()' Remote Heap Overflow Bigant Messenger 2.52 - 'AntCore.dll RegisterCom()' Remote Heap Overflow Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass Oracle JRE - java.net.URLConnection class Same-of-Origin (SOP) Policy Bypass httpdx - 'tolog()' Function Format String (Metasploit) (1) httpdx - 'tolog()' Format String (Metasploit) (1) httpdx - 'tolog()' Function Format String (Metasploit) (2) httpdx - 'tolog()' Format String (Metasploit) (2) httpdx - 'h_handlepeer()' Function Buffer Overflow (Metasploit) httpdx - 'h_handlepeer()' Buffer Overflow (Metasploit) hplip - hpssd.py From Address Arbitrary Command Execution (Metasploit) hplip - 'hpssd.py' From Address Arbitrary Command Execution (Metasploit) Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit) Apple Mac OSX EvoCam Web Server - GET Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'OvJavaLocale' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'execvp' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe OvJavaLocale' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe execvp' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe' 'schdParams' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe schdParams' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'ICount' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'main' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe ICount' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe main' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'ovutil' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'Hostname' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe ovutil' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe Hostname' CGI Buffer Overflow (Metasploit) ZyWALL USG - Appliance - Multiple Vulnerabilities ZyWALL USG Appliance - Multiple Vulnerabilities ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (Metasploit) (2) ScriptFTP 3.3 - LIST Remote Buffer Overflow (Metasploit) (2) Opera Browser 10/11/12 - (SVG layout) Memory Corruption (Metasploit) Opera Browser 10/11/12 - 'SVG Layout' Memory Corruption (Metasploit) Adobe Flash Player - '.mp4' 'cprt' Overflow (Metasploit) Adobe Flash Player - '.mp4 cprt' Overflow (Metasploit) UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow UoW Pine 4.0.4/4.10/4.21 - 'From:' Buffer Overflow Technote 2000/2001 - 'board' Function File Disclosure Technote 2000/2001 - 'board' File Disclosure IPSwitch IMail 6.x/7.0/7.1 - Web Messaging HTTP Get Buffer Overflow IPSwitch IMail 6.x/7.0/7.1 - Web Messaging GET Buffer Overflow Novell NetWare 5.1/6.0 - HTTP Post Arbitrary Perl Code Execution Novell NetWare 5.1/6.0 - POST Arbitrary Perl Code Execution Webmin 0.x - 'RPC' Function Privilege Escalation Webmin 0.x - 'RPC' Privilege Escalation Avaya IP Office Customer Call Reporter - ImageUpload.ashx Remote Command Execution (Metasploit) Avaya IP Office Customer Call Reporter - 'ImageUpload.ashx' Remote Command Execution (Metasploit) ghttpd 1.4.x - 'Log()' Function Buffer Overflow ghttpd 1.4.x - 'Log()' Buffer Overflow M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - 'nph-psf.exe css' Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - 'nph-psa.exe css' Parameter Cross-Site Scripting Dune 0.6.7 - HTTP Get Remote Buffer Overrun Dune 0.6.7 - GET Remote Buffer Overrun InduSoft Web Studio - 'ISSymbol.ocx' 'InternationalSeparator()' Heap Overflow (Metasploit) InduSoft Web Studio - 'ISSymbol.ocx InternationalSeparator()' Heap Overflow (Metasploit) GNU Anubis 3.6.x/3.9.x - 'auth.c' 'auth_ident()' Function Overflow GNU Anubis 3.6.x/3.9.x - 'auth.c auth_ident()' Overflow Rlpr 2.0 - 'msg()' Function Multiple Vulnerabilities Rlpr 2.0 - 'msg()' Multiple Vulnerabilities Oracle HTML DB 1.5/1.6 - 'wwv_flow.accept' 'p_t02' Parameter Cross-Site Scripting Oracle HTML DB 1.5/1.6 - 'wwv_flow.accept p_t02' Parameter Cross-Site Scripting SAP Business Connector 4.6/4.7 - 'chopSAPLog.dsp' 'fullName' Parameter Arbitrary File Disclosure SAP Business Connector 4.6/4.7 - 'deleteSingle' 'fullName' Parameter Arbitrary File Deletion SAP Business Connector 4.6/4.7 - 'adapter-index.dsp' 'url' Parameter Arbitrary Site Redirect SAP Business Connector 4.6/4.7 - 'chopSAPLog.dsp fullName' Parameter Arbitrary File Disclosure SAP Business Connector 4.6/4.7 - 'deleteSingle fullName' Parameter Arbitrary File Deletion SAP Business Connector 4.6/4.7 - 'adapter-index.dsp url' Parameter Arbitrary Site Redirect PHP 4.x - 'tempnam()' Function open_basedir Restriction Bypass PHP 4.x - 'copy()' Function 'Safe_Mode' Bypass Exploit PHP 4.x - 'tempnam() open_basedir' Restriction Bypass PHP 4.x - 'copy() Safe_Mode' Bypass Exploit Python 2.5 - 'PyLocale_strxfrm' Function Remote Information Leak Python 2.5 - 'PyLocale_strxfrm' Remote Information Leak aBitWhizzy - 'whizzypic.php' 'd' ParameterTraversal Arbitrary Directory Listing aBitWhizzy - 'whizzypic.php d' ParameterTraversal Arbitrary Directory Listing PHP 5.1.6 - 'Chunk_Split()' Function Integer Overflow PHP 5.1.6 - 'Chunk_Split()' Integer Overflow PHP 5.1.6 - 'Imap_Mail_Compose()' Function Buffer Overflow PHP 5.1.6 - 'Imap_Mail_Compose()' Buffer Overflow Cisco IOS 12.3 - LPD Remote Buffer Overflow Cisco IOS 12.3 - 'LPD' Remote Buffer Overflow Ghostscript 8.0.1/8.15 - 'zseticcspace()' Function Buffer Overflow Ghostscript 8.0.1/8.15 - 'zseticcspace()' Buffer Overflow HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'ExtractCab' ActiveX Control Buffer Overflow HP Instant Support 1.0.22 - 'HPISDataManager.dll ExtractCab' ActiveX Control Buffer Overflow F5 FirePass 6.0.2.3 - '/vdesk/admincon/webyfiers.php' 'css_exceptions' Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - '/vdesk/admincon/index.php' 'sql_matchscope' Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - '/vdesk/admincon/webyfiers.php css_exceptions' Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - '/vdesk/admincon/index.php sql_matchscope' Parameter Cross-Site Scripting Audio File Library 0.2.6 - libaudiofile 'msadpcm.c' '.WAV' File Processing Buffer Overflow Audio File Library 0.2.6 - libaudiofile 'msadpcm.c .WAV' File Processing Buffer Overflow ProFTPd 1.3 - 'mod_sql' 'Username' SQL Injection ProFTPd 1.3 - 'mod_sql Username' SQL Injection Microsoft Windows Vista - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution Microsoft Windows Vista - 'lpksetup.exe oci.dll' DLL Loading Arbitrary Code Execution PHP 5.3.x - 'mb_strcut()' Function Information Disclosure PHP 5.3.x - 'mb_strcut()' Information Disclosure Perl 5.x - 'lc()' and 'uc()' functions TAINT Mode Protection Security Bypass Perl 5.x - 'lc()' / 'uc()' TAINT Mode Protection Security Bypass Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf' 'jdeowpBackButtonProtect' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService' 'e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService' 'e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/MafletClose.mafService' 'RENDER_MAFLET' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/JASMafletMafBrowserClose.mafService' 'jdemafjasLinkTarget' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf jdeowpBackButtonProtect' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/MafletClose.mafService RENDER_MAFLET' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget' Parameter Cross-Site Scripting NetBSD 5.1 - Multiple 'libc/net' functions Stack Buffer Overflow NetBSD 5.1 - 'libc/net' Multiple Stack Buffer Overflow Skype 5.3 - 'Mobile Phone' Field HTML Injection Skype 5.3 - 'Mobile Phone' HTML Injection IBM Lotus Domino 8.5.2 - 'NSFComputeEvaluateExt()' Function Remote Stack Buffer Overflow IBM Lotus Domino 8.5.2 - 'NSFComputeEvaluateExt()' Remote Stack Buffer Overflow GoAhead Web Server 2.18 - 'addgroup.asp' 'group' Parameter Cross-Site Scripting GoAhead Web Server 2.18 - 'addlimit.asp' 'url' Parameter Cross-Site Scripting GoAhead Web Server 2.18 - 'addgroup.asp group' Parameter Cross-Site Scripting GoAhead Web Server 2.18 - 'addlimit.asp url' Parameter Cross-Site Scripting Linux Kernel 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Linux Kernel 3.0.5 - 'ath9k_htc_set_bssid_mask()' Information Disclosure Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi' 'ping_ipaddr' Parameter Remote Code Execution VideoCharge Studio - 'CHTTPResponse::GetHttpResponse()' Function Stack Buffer Overflow Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi ping_ipaddr' Parameter Remote Code Execution VideoCharge Studio - 'CHTTPResponse::GetHttpResponse()' Stack Buffer Overflow NETGEAR D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution NETGEAR D6300B - '/diag.cgi IPAddr4' Parameter Remote Command Execution lxml - 'clean_html' Function Security Bypass lxml - 'clean_html' Security Bypass Alfresco - '/proxy' 'endpoint' Parameter Server-Side Request Forgery Alfresco - '/cmisbrowser' 'url' Parameter Server-Side Request Forgery Alfresco - '/proxy endpoint' Parameter Server-Side Request Forgery Alfresco - '/cmisbrowser url' Parameter Server-Side Request Forgery Laravel - 'Hash::make()' Function Password Truncation Security Laravel - 'Hash::make()' Password Truncation Security OrientDB 2.2.2 - 2.2.22 - Remote Code Execution (Metasploit) OrientDB 2.2.2 < 2.2.22 - Remote Code Execution (Metasploit) Windows - (DCOM RPC2) Universal Shellcode Windows - DCOM RPC2 Universal Shellcode Linux/CRISv32 - Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes) Linux/CRISv32 Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes) Cyphor 0.19 - (board takeover) SQL Injection Cyphor 0.19 - Board Takeover SQL Injection PHPay 2.02 - 'nu_mail.inc.php' 'mail()' Remote Injection PHPay 2.02 - 'nu_mail.inc.php mail()' Remote Injection PHPMyNews 1.4 - (cfg_include_dir) Remote File Inclusion PHPMyNews 1.4 - 'cfg_include_dir' Remote File Inclusion Flatnuke 2.5.8 - (userlang) Local Inclusion / Delete All Users Exploit Flatnuke 2.5.8 - 'userlang' Local Inclusion / Delete All Users Exploit Yrch 1.0 - 'plug.inc.php' 'path' Parameter Remote File Inclusion Yrch 1.0 - 'plug.inc.phppath' Parameter Remote File Inclusion Cacti 0.8.6i - 'cmd.php' 'popen()' Remote Injection Cacti 0.8.6i - 'cmd.php popen()' Remote Injection Vizayn Haber - 'haberdetay.asp' 'id' Parameter SQL Injection Vizayn Haber - 'haberdetay.asp id' Parameter SQL Injection iG Calendar 1.0 - 'user.php' 'id' Parameter SQL Injection iG Calendar 1.0 - 'user.php id' Parameter SQL Injection MGB 0.5.4.5 - 'email.php' 'id' Parameter SQL Injection MGB 0.5.4.5 - 'email.php id' Parameter SQL Injection Original 0.11 - 'config.inc.php' 'x[1]' Remote File Inclusion Original 0.11 - 'config.inc.php x[1]' Remote File Inclusion Picturesolution 2.1 - 'config.php' 'path' Remote File Inclusion Picturesolution 2.1 - 'config.php path' Remote File Inclusion PHP Homepage M 1.0 - galerie.php SQL Injection PHP Homepage M 1.0 - 'galerie.php' SQL Injection cpDynaLinks 1.02 - category.php SQL Injection cpDynaLinks 1.02 - 'category.php' SQL Injection DFF PHP Framework API (Data Feed File) - Remote File Inclusion DFF PHP Framework API - 'Data Feed File' Remote File Inclusion WebBiscuits Modules Controller 1.1 - Remote File Inclusion / RFD WebBiscuits Modules Controller 1.1 - Remote File Inclusion / Remote File Disclosure dMx READY (25 - Products) - Remote Database Disclosure dMx READ - Remote Database Disclosure Access2asp - imageLibrary - Arbitrary File Upload Access2asp - 'imageLibrar' Arbitrary File Upload Auktionshaus 3.0.0.1 - 'news.php' 'id' SQL Injection Auktionshaus 3.0.0.1 - 'news.php id' SQL Injection Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection Bild Flirt System 2.0 - 'index.php id' SQL Injection Fast Free Media 1.3 - Adult Site - Arbitrary File Upload Fast Free Media 1.3 Adult Site - Arbitrary File Upload goffgrafix - Design's - SQL Injection goffgrafix Design's - SQL Injection Bilder Upload Script - Datei Upload 1.09 - Arbitrary File Upload Bilder Upload Script Datei Upload 1.09 - Arbitrary File Upload Allomani - E-Store 1.0 - Cross-Site Request Forgery (Add Admin) Allomani - Super MultiMedia 2.5 - Cross-Site Request Forgery (Add Admin) Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) Allomani Super MultiMedia 2.5 - Cross-Site Request Forgery (Add Admin) E-Xoopport - Samsara 3.1 (Sections Module) - Blind SQL Injection E-Xoopport Samsara 3.1 (Sections Module) - Blind SQL Injection E-Xoopport - Samsara 3.1 (eCal Module) - Blind SQL Injection E-Xoopport Samsara 3.1 (eCal Module) - Blind SQL Injection WordPress 3.0.1 - 'do_trackbacks()' function SQL Injection WordPress 3.0.1 - 'do_trackbacks()' SQL Injection Oracle WebLogic - Session Fixation Via HTTP POST Oracle WebLogic - POST Session Fixation spidaNews 1.0 - 'news.php' 'id' SQL Injection spidaNews 1.0 - 'news.php id' SQL Injection Catalog Builder - eCommerce Software - Blind SQL Injection Catalog Builder eCommerce Software - Blind SQL Injection FileBox - File Hosting & Sharing Script 1.5 - SQL Injection FileBox File Hosting & Sharing Script 1.5 - SQL Injection Snortreport - nmap.php and nbtscan.php Remote Command Execution (Metasploit) Snortreport - 'nmap.php' / 'nbtscan.php' Remote Command Execution (Metasploit) jbShop - e107 7 CMS Plugin - SQL Injection jbShop e107 7 CMS Plugin - SQL Injection Tine 2.0 - Maischa - Multiple Cross-Site Scripting Vulnerabilities Tine 2.0 - Maischa Multiple Cross-Site Scripting Vulnerabilities 4Images - Image Gallery Management System - Cross-Site Request Forgery 4Images Image Gallery Management System - Cross-Site Request Forgery PHP Ticket System Beta 1 - 'index.php' 'p' Parameter SQL Injection PHP Ticket System Beta 1 - 'index.php p' Parameter SQL Injection X-Cart Gold 4.5 - 'products_map.php' 'symb' Parameter Cross-Site Scripting X-Cart Gold 4.5 - 'products_map.php symb' Parameter Cross-Site Scripting Symantec Web Gateway 5.0.2 - 'blocked.php' 'id' Parameter Blind SQL Injection Symantec Web Gateway 5.0.2 - 'blocked.php id' Parameter Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php' 'groupid' Parameter Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid' Parameter Blind SQL Injection YourArcadeScript 2.4 - 'index.php' 'id' Parameter SQL Injection YourArcadeScript 2.4 - 'index.php id' Parameter SQL Injection AV Arcade Free Edition - 'add_rating.php' 'id' Parameter Blind SQL Injection AV Arcade Free Edition - 'add_rating.php id' Parameter Blind SQL Injection PhpTax - pfilez Parameter Exec Remote Code Injection (Metasploit) PhpTax - 'pfilez' Parameter Exec Remote Code Injection (Metasploit) phpMyAdmin 3.5.2.2 - server_sync.php Backdoor (Metasploit) phpMyAdmin 3.5.2.2 - 'server_sync.php' Backdoor (Metasploit) Blog Mod 0.1.9 - 'index.php' 'month' Parameter SQL Injection Blog Mod 0.1.9 - 'index.php month' Parameter SQL Injection SurfControl SuperScout Email Filter 3.5 - MsgError.asp Cross-Site Scripting SurfControl SuperScout Email Filter 3.5 - 'MsgError.asp' Cross-Site Scripting PHPReactor 1.2.7 pl1 - browse.php Cross-Site Scripting PHPReactor 1.2.7 pl1 - 'browse.php' Cross-Site Scripting PHPRank 1.8 - add.php Cross-Site Scripting PHPRank 1.8 - 'add.php' Cross-Site Scripting MyBB Profile Albums Plugin 0.9 - 'albums.php' 'album' Parameter SQL Injection MyBB Profile Albums Plugin 0.9 - 'albums.php album' Parameter SQL Injection M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - 'nph-psf.exe css' Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - 'nph-psa.exe css' Parameter Remote File Inclusion friendsinwar FAQ Manager - 'view_faq.php' 'question' Parameter SQL Injection friendsinwar FAQ Manager - 'view_faq.php question' Parameter SQL Injection SmartCMS - 'index.php' 'idx' Parameter SQL Injection SmartCMS - 'index.php idx' Parameter SQL Injection SmartCMS - 'index.php' 'menuitem' Parameter SQL Injection / Cross-Site Scripting SmartCMS - 'index.php menuitem' Parameter SQL Injection / Cross-Site Scripting PHP-Nuke 6.6 - admin.php SQL Injection PHP-Nuke 6.6 - 'admin.php' SQL Injection MyBB AwayList Plugin - 'index.php' 'id' Parameter SQL Injection MyBB AwayList Plugin - 'index.php id' Parameter SQL Injection WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php' 'basepath' Parameter Remote File Inclusion WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php basepath' Parameter Remote File Inclusion PHP-Nuke Error Manager Module 2.1 - 'error.php' 'language' Parameter Full Path Disclosure PHP-Nuke Error Manager Module 2.1 - 'error.php language' Parameter Full Path Disclosure phpHeaven phpMyChat 0.14.5 - 'edituser.php3' 'do_not_login' Parameter Authentication Bypass phpHeaven phpMyChat 0.14.5 - 'edituser.php3 do_not_login' Parameter Authentication Bypass NConf 1.3 - 'detail.php' 'detail_admin_items.php' 'id' Parameter SQL Injection NConf 1.3 - 'detail.php detail_admin_items.php id' Parameter SQL Injection AdaptCMS 2.0.4 - 'config.php' 'question' Parameter SQL Injection AdaptCMS 2.0.4 - 'config.php question' Parameter SQL Injection Scripts Genie Domain Trader - 'catalog.php' 'id' Parameter SQL Injection Scripts Genie Domain Trader - 'catalog.php id' Parameter SQL Injection Scripts Genie Games Site Script - 'index.php' 'id' Parameter SQL Injection Scripts Genie Games Site Script - 'index.php id' Parameter SQL Injection Scripts Genie Top Sites - 'out.php' 'id' Parameter SQL Injection Scripts Genie Top Sites - 'out.php id' Parameter SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php' 'cid' Parameter SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid' Parameter SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php' 'r_id' Parameter SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php r_id' Parameter SQL Injection MTP Image Gallery 1.0 - 'edit_photos.php' 'title' Parameter Cross-Site Scripting MTP Image Gallery 1.0 - 'edit_photos.php title' Parameter Cross-Site Scripting DCP-Portal 3.7/4.x/5.x - 'announcement.php' 'cid' Parameter Cross-Site Scripting DCP-Portal 3.7/4.x/5.x - 'news.php' 'cid' Parameter Cross-Site Scripting DCP-Portal 3.7/4.x/5.x - 'contents.php' 'cid' Parameter Cross-Site Scripting DCP-Portal 3.7/4.x/5.x - 'announcement.php cid' Parameter Cross-Site Scripting DCP-Portal 3.7/4.x/5.x - 'news.php cid' Parameter Cross-Site Scripting DCP-Portal 3.7/4.x/5.x - 'contents.php cid' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'showflat.php' 'Cat' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'calendar.php' 'Cat' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'login.php' 'Cat' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'online.php' 'Cat' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'showflat.php Cat' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'calendar.php Cat' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'login.php Cat' Parameter Cross-Site Scripting UBBCentral UBB.Threads 6.2.3/6.5 - 'online.php Cat' Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' 'Username' Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php Username' Parameter Cross-Site Scripting Rebus:list - 'list.php' 'list_id' Parameter SQL Injection Rebus:list - 'list.php list_id' Parameter SQL Injection SynConnect Pms - 'index.php' 'loginid' Parameter SQL Injection SynConnect Pms - 'index.php loginid' Parameter SQL Injection AWS Xms 2.5 - 'importer.php' 'what' Parameter Directory Traversal Pollen CMS 0.6 - 'index.php' 'p' Paramete' Local File Disclosure AWS Xms 2.5 - 'importer.php what' Parameter Directory Traversal Pollen CMS 0.6 - 'index.php p' Paramete' Local File Disclosure WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php' 'hash Parameter SQL Injection WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php hash' Parameter SQL Injection CubeCart 2.0.x - 'tellafriend.php' 'product' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_cart.php' 'add' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_product.php' 'product' Parameter Full Path Disclosure CubeCart 2.0.x - 'tellafriend.php product' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_cart.php add' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_product.php product' Parameter Full Path Disclosure WHMCS 4.x - 'invoicefunctions.php' 'id' Parameter SQL Injection WHMCS 4.x - 'invoicefunctions.php id' Parameter SQL Injection AVE.CMS 2.09 - 'index.php' 'module' Parameter Blind SQL Injection AVE.CMS 2.09 - 'index.php module' Parameter Blind SQL Injection RadioCMS 2.2 - 'menager.php' 'playlist_id' Parameter SQL Injection RadioCMS 2.2 - 'menager.php playlist_id' Parameter SQL Injection SPIP - CMS < 2.0.23/ 2.1.22/3.0.9 - Privilege Escalation SPIP CMS < 2.0.23/ 2.1.22/3.0.9 - Privilege Escalation FlatNuke 2.5.x - 'index.php' 'where' Parameter Full Path Disclosure FlatNuke 2.5.x - 'index.php where' Parameter Full Path Disclosure UBBCentral UBB.Threads 5.5.1/6.x - 'download.php' 'Number' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'download.php Number' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php' 'Number' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php' 'message' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php' 'main' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php' 'Number' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php' 'posted' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php Number' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php message' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php main' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php Number' Parameter SQL Injection UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php posted' Parameter SQL Injection osTicket 1.2/1.3 - 'view.php' 'inc' Parameter Arbitrary Local File Inclusion osTicket 1.2/1.3 - 'view.php inc' Parameter Arbitrary Local File Inclusion Ruubikcms 1.1.1 - 'tinybrowser.php' 'folder' Parameter Directory Traversal DS3 - Authentication Server - Multiple Vulnerabilities Ruubikcms 1.1.1 - 'tinybrowser.php folder' Parameter Directory Traversal DS3 Authentication Server - Multiple Vulnerabilities Kayako LiveResponse 2.0 - 'index.php' 'Username' Parameter Cross-Site Scripting Kayako LiveResponse 2.0 - 'index.php Username' Parameter Cross-Site Scripting Utopia News Pro 1.1.3 - 'header.php' 'sitetitle' Parameter Cross-Site Scripting Utopia News Pro 1.1.3 - 'header.php sitetitle' Parameter Cross-Site Scripting Simple PHP Agenda 2.2.8 - 'edit_event.php' 'eventid' Parameter SQL Injection Simple PHP Agenda 2.2.8 - 'edit_event.php eventid' Parameter SQL Injection Aenovo - '/Password/default.asp' Password Field SQL Injection Aenovo - '/incs/searchdisplay.asp' strSQL Parameter SQL Injection Aenovo - '/Password/default.asp Password' SQL Injection Aenovo - '/incs/searchdisplay.asp strSQL' Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php' 'usertitleid' Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php' 'ids' Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php usertitleid' Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php ids' Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php' 'group' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php group' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' 'email' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php' 'goto' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php' 'orderby' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php email' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php goto' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php orderby' Parameter Cross-Site Scripting Cyphor 0.19 - lostpwd.php nick Field SQL Injection Cyphor 0.19 - 'newmsg.php' fid Parameter SQL Injection Cyphor 0.19 - footer.php t_login Parameter Cross-Site Scripting Cyphor 0.19 - 'lostpwd.php nick' SQL Injection Cyphor 0.19 - 'newmsg.php fid' Parameter SQL Injection Cyphor 0.19 - 'footer.php t_login' Parameter Cross-Site Scripting MySource 2.14 - 'Socket.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Request.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Socket.php PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Request.php PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mail.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Date.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Span.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mimeDecode.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mime.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mail.php PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Date.php PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Span.php PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mimeDecode.php PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mime.php PEAR_PATH' Remote File Inclusion Top Games Script 1.2 - 'play.php' 'gid' Parameter SQL Injection Top Games Script 1.2 - 'play.php gid' Parameter SQL Injection Elemata CMS RC3.0 - 'global.php' 'id' Parameter SQL Injection Elemata CMS RC3.0 - 'global.php id' Parameter SQL Injection PHP-Charts 1.0 - 'index.php' 'type' Parameter Remote Code Execution PHP-Charts 1.0 - 'index.php type' Parameter Remote Code Execution PHPList Mailing List Manager 2.x - '/admin/admin.php' 'id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/editattributes.php' 'id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/admin.php id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/editattributes.php id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/configure.php' 'id' Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/users.php' 'find' Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/configure.php id' Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/users.php find' Parameter Cross-Site Scripting Walla TeleSite 3.0 - 'ts.exe' 'tsurl' Parameter Arbitrary Article Access Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter Cross-Site Scripting Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter SQL Injection Walla TeleSite 3.0 - 'ts.exe tsurl' Parameter Arbitrary Article Access Walla TeleSite 3.0 - 'ts.exe sug' Parameter Cross-Site Scripting Walla TeleSite 3.0 - 'ts.exe sug' Parameter SQL Injection GLPI 0.83.9 - 'Unserialize()' Function Remote Code Execution GLPI 0.83.9 - 'Unserialize()' Remote Code Execution Binary Board System 0.2.5 - 'toc.pl' 'board' Parameter Cross-Site Scripting Binary Board System 0.2.5 - 'toc.pl board' Parameter Cross-Site Scripting Cerberus Helpdesk 2.649 - 'cer_KnowledgebaseHandler.class.php' '_load_article_details' Function SQL Injection Cerberus Helpdesk 2.649 - 'cer_KnowledgebaseHandler.class.php _load_article_details' SQL Injection IceWarp Universal WebMail - '/dir/include.html' 'lang' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/settings.html' 'Language' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/index.html' 'lang_settings' Parameter Remote File Inclusion IceWarp Universal WebMail - '/dir/include.html lang' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/settings.html Language' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/index.html lang_settings' Parameter Remote File Inclusion OnePlug CMS - '/press/details.asp' 'Press_Release_ID' Parameter SQL Injection OnePlug CMS - '/services/details.asp' 'Service_ID' Parameter SQL Injection OnePlug CMS - '/products/details.asp' 'Product_ID' Parameter SQL Injection OnePlug CMS - '/press/details.asp Press_Release_ID' Parameter SQL Injection OnePlug CMS - '/services/details.asp Service_ID' Parameter SQL Injection OnePlug CMS - '/products/details.asp Product_ID' Parameter SQL Injection aoblogger 2.3 - 'login.php' 'Username' Field SQL Injection aoblogger 2.3 - 'login.php Username' SQL Injection HiveMail 1.2.2/1.3 - 'addressbook.update.php' 'contactgroupid' Parameter Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - 'folders.update.php' 'folderid' Parameter Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - 'addressbook.update.php contactgroupid' Parameter Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - 'folders.update.php folderid' Parameter Arbitrary PHP Command Execution ImageVue 0.16.1 - 'readfolder.php' 'path' Parameter Arbitrary Directory Listing ImageVue 0.16.1 - 'readfolder.php path' Parameter Arbitrary Directory Listing Virtual Hosting Control System 2.2/2.4 - 'login.php' 'check_login()' Function Authentication Bypass Virtual Hosting Control System 2.2/2.4 - 'login.php check_login()' Authentication Bypass dotProject 2.0 - '/modules/projects/gantt.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/includes/db_connect.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/includes/session.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/gantt2.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/vw_files.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/admin/vw_usr_roles.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/calendar.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/date_format.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/tasks/gantt.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/gantt.php dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/includes/db_connect.php baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/includes/session.php baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/gantt2.php dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/vw_files.php dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/admin/vw_usr_roles.php baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/calendar.php baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/date_format.php baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/tasks/gantt.php baseDir' Parameter Remote File Inclusion Ginkgo CMS - 'index.php' 'rang' Parameter SQL Injection Ginkgo CMS - 'index.php rang' Parameter SQL Injection Telmanik CMS Press 1.01b - 'pages.php' 'page_name' Parameter SQL Injection Telmanik CMS Press 1.01b - 'pages.php page_name' Parameter SQL Injection sBlog 0.7.2 - 'search.php' 'keyword' Parameter POST Method Cross-Site Scripting sBlog 0.7.2 - 'search.php keyword' Parameter POST Method Cross-Site Scripting MLMAuction Script - 'gallery.php' 'id' Parameter SQL Injection MLMAuction Script - 'gallery.php id' Parameter SQL Injection PHPMyForum 4.0 - 'index.php' 'type' Parameter CRLF Injection PHPMyForum 4.0 - 'index.php type' Parameter CRLF Injection 321soft PHP-Gallery 0.9 - 'index.php' 'path' Parameter Arbitrary Directory Listing 321soft PHP-Gallery 0.9 - 'index.php path' Parameter Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - 'index.php' 'pfad' Parameter Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - 'galerie.php' 'pfad' Parameter Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - 'index.php pfad' Parameter Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - 'galerie.php pfad' Parameter Arbitrary Directory Listing Gphotos 1.4/1.5 - 'index.php' 'rep' Parameter Traversal Arbitrary Directory Listing Gphotos 1.4/1.5 - 'index.php rep' Parameter Traversal Arbitrary Directory Listing Woltlab Burning Board FLVideo Addon - 'video.php' 'value' Parameter SQL Injection Woltlab Burning Board FLVideo Addon - 'video.php value' Parameter SQL Injection ATutor 1.5.x - 'admin/fix_content.php' 'submit' Parameter Cross-Site Scripting ATutor 1.5.x - 'admin/fix_content.php submit' Parameter Cross-Site Scripting glFusion 1.3.0 - 'search.php' 'cat_id' Parameter SQL Injection glFusion 1.3.0 - 'search.php cat_id' Parameter SQL Injection Geodesic Solutions Multiple Products - 'index.php' 'b' Parameter SQL Injection Geodesic Solutions Multiple Products - 'index.php b' Parameter SQL Injection RadScripts - 'a_editpage.php' 'Filename' Parameter Arbitrary File Overwrite RadScripts - 'a_editpage.php Filename' Parameter Arbitrary File Overwrite WoW Roster 1.5 - 'hsList.php' 'subdir' Parameter Remote File Inclusion WoW Roster 1.5 - 'hsList.php subdir' Parameter Remote File Inclusion Zen Cart Web Shopping Cart 1.x - 'autoload_func.php' 'autoLoadConfig[999][0][loadFile]' Parameter Remote File Inclusion Zen Cart Web Shopping Cart 1.x - 'autoload_func.php autoLoadConfig[999][0][loadFile]' Parameter Remote File Inclusion vTiger CRM 5.4.0 - 'index.php' 'onlyforuser' Parameter SQL Injection vTiger CRM 5.4.0 - 'index.php onlyforuser' Parameter SQL Injection osCommerce 2.2 - 'admin/orders_status.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/products_attributes.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/orders_status.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/products_attributes.php page' Parameter Cross-Site Scripting DCP-Portal 6.0 - 'login.php' 'Username' Parameter SQL Injection DCP-Portal 6.0 - 'login.php Username' Parameter SQL Injection CubeCart 3.0.x - '/admin/print_order.php' 'order_id' Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/print_order.php order_id' Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/image.php' 'image' Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/image.php image' Parameter Cross-Site Scripting CubeCart 3.0.x - '/footer.inc.php' 'la_pow_by' Parameter Cross-Site Scripting CubeCart 3.0.x - '/footer.inc.php la_pow_by' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/banner_manager.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/banner_statistics.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/countries.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/currencies.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/languages.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/manufacturers.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/products_expected.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/reviews.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/specials.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/stats_products_purchased.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/stats_products_viewed.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/tax_classes.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/tax_rates.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/zones.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/banner_manager.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/banner_statistics.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/countries.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/currencies.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/languages.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/manufacturers.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/products_expected.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/reviews.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/specials.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/stats_products_purchased.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/stats_products_viewed.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/tax_classes.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/tax_rates.php page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/zones.php page' Parameter Cross-Site Scripting ISearch 2.16 - ISEARCH_PATH Parameter Remote File Inclusion ISearch 2.16 - 'ISEARCH_PATH' Parameter Remote File Inclusion Evandor Easy notesManager 0.0.1 - 'login.php' 'Username' Parameter SQL Injection Evandor Easy notesManager 0.0.1 - 'login.php Username' Parameter SQL Injection Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php' 'sondage' Parameter SQL Injection Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php sondage' Parameter SQL Injection BirdBlog 1.4 - '/admin/admincore.php' 'msg' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/comments.php' 'month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/entries.php' 'month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/logs.php' 'page' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/admincore.php msg' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/comments.php month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/entries.php month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/logs.php page' Parameter Cross-Site Scripting Cilem Haber Free Edition - 'hata.asp' 'hata' Parameter Cross-Site Scripting Cilem Haber Free Edition - 'hata.asp hata' Parameter Cross-Site Scripting ImpressPages CMS 3.6 - 'manage()' Function Remote Code Execution ImpressPages CMS 3.6 - 'manage()' Remote Code Execution EditTag 1.2 - 'edittag.cgi' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag.pl' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.cgi' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.pl' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag.cgi file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag.pl file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.cgi file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.pl file' Parameter Arbitrary File Disclosure Project'Or RIA 3.4.0 - 'objectDetail.php' 'objectId' Parameter SQL Injection Project'Or RIA 3.4.0 - 'objectDetail.php objectId' Parameter SQL Injection WordPress 2.1.1 - 'wp-includes/theme.php' 'iz' Parameter Arbitrary Command Execution Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Parameter SQL Injection WordPress 2.1.1 - 'wp-includes/theme.php iz' Parameter Arbitrary Command Execution Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php s' Parameter SQL Injection aBitWhizzy - 'whizzylink.php' 'd' Parameter Traversal Arbitrary Directory Listing aBitWhizzy - 'whizzylink.php d' Parameter Traversal Arbitrary Directory Listing PHPLive! 3.2.2 - 'super/info.php' 'BASE_URL' Parameter Parameter Cross-Site Scripting PHPLive! 3.2.2 - 'super/info.php BASE_URL' Parameter Parameter Cross-Site Scripting DotClear 1.2.x - '/ecrire/trackback.php' 'post_id' Parameter Cross-Site Scripting DotClear 1.2.x - '/tools/thememng/index.php' 'tool_url' Parameter Cross-Site Scripting DotClear 1.2.x - '/ecrire/trackback.php post_id' Parameter Cross-Site Scripting DotClear 1.2.x - '/tools/thememng/index.php tool_url' Parameter Cross-Site Scripting ToendaCMS 1.5.3 - HTTP Get And Post Forms HTML Injection ToendaCMS 1.5.3 - GET / POST Forms HTML Injection Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php' 'icodir' Parameter Traversal Arbitrary Directory Listing Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php icodir' Parameter Traversal Arbitrary Directory Listing Phorum 5.1.20 - 'admin.php' 'module[]' Parameter Full Path Disclosure Phorum 5.1.20 - 'admin.php module[]' Parameter Full Path Disclosure DynaTracker 1.5.1 - 'includes_handler.php' 'base_path' Remote File Inclusion DynaTracker 1.5.1 - 'action.php' 'base_path' Remote File Inclusion DynaTracker 1.5.1 - 'includes_handler.php base_path' Remote File Inclusion DynaTracker 1.5.1 - 'action.php base_path' Remote File Inclusion Campsite 2.6.1 - 'LocalizerConfig.php' 'g_documentRoot' Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php' 'g_documentRoot' Parameter Remote File Inclusion Chamilo Lms 1.9.6 - 'profile.php' 'password0 Parameter SQL Injection Dokeos 2.2 RC2 - 'index.php' 'language' Parameter SQL Injection Campsite 2.6.1 - 'LocalizerConfig.php g_documentRoot' Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php g_documentRoot' Parameter Remote File Inclusion Chamilo Lms 1.9.6 - 'profile.php password0 Parameter SQL Injection Dokeos 2.2 RC2 - 'index.php language' Parameter SQL Injection NetFlow Analyzer 5 - '/jspui/applicationList.jsp' 'alpha' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/appConfig.jsp' 'task' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/applicationList.jsp alpha' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/appConfig.jsp task' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/selectDevice.jsp' 'rtype' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/customReport.jsp' 'rtype' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/selectDevice.jsp rtype' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/customReport.jsp rtype' Parameter Cross-Site Scripting geoBlog MOD_1.0 - 'deletecomment.php' 'id' Parameter Arbitrary Comment Deletion geoBlog MOD_1.0 - 'deleteblog.php' 'id' Parameter Arbitrary Blog Deletion geoBlog MOD_1.0 - 'deletecomment.php id' Parameter Arbitrary Comment Deletion geoBlog MOD_1.0 - 'deleteblog.php id' Parameter Arbitrary Blog Deletion Web News 1.1 - 'feed.php' 'config[root_ordner]' Parameter Remote File Inclusion Web News 1.1 - 'news.php' 'config[root_ordner]' Parameter Remote File Inclusion Web News 1.1 - 'feed.php config[root_ordner]' Parameter Remote File Inclusion Web News 1.1 - 'news.php config[root_ordner]' Parameter Remote File Inclusion WebBatch - 'webbatch.exe' 'dumpinputdata' Parameter Remote Information Disclosure WebBatch - 'webbatch.exe dumpinputdata' Parameter Remote Information Disclosure AfterLogic MailBee WebMail Pro 3.x - 'default.asp' 'mode2' Parameter Cross-Site Scripting AfterLogic MailBee WebMail Pro 3.x - 'default.asp mode2' Parameter Cross-Site Scripting phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting phpMyAdmin 2.11.1 - 'setup.php' Cross-Site Scripting Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/modules/install_module.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/modules/uninstall_module.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/patch/index.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/ossigeno/admin/install_module.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/ossigeno/admin/uninstall_module.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/modules/install_module.php level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/modules/uninstall_module.php level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/patch/index.php level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/ossigeno/admin/install_module.php level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/ossigeno/admin/uninstall_module.php level' Parameter Remote File Inclusion Absolute News Manager .NET 5.1 - 'pages/default.aspx' 'template' Parameter Remote File Access Absolute News Manager .NET 5.1 - 'pages/default.aspx template' Parameter Remote File Access MyBlog 1.x - 'Games.php' 'ID' Remote File Inclusion MyBlog 1.x - 'Games.php ID' Remote File Inclusion Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp' 'resultsForm' Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp' 'helpUrl' Parameter Remote Frame Injection Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp' 'activeControl' Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp resultsForm' Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp helpUrl' Parameter Remote Frame Injection Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp activeControl' Parameter Cross-Site Scripting WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc' 'camnum' Parameter Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic' 'id' Parameter Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc camnum' Parameter Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic id' Parameter Arbitrary Memory Disclosure CiMe - Citas Médicas - Multiple Vulnerabilities CiMe Citas Médicas - Multiple Vulnerabilities Elastic Path 4.1 - 'manager/FileManager.jsp' 'dir' Parameter Traversal Arbitrary Directory Listing Elastic Path 4.1 - 'manager/FileManager.jsp dir' Parameter Traversal Arbitrary Directory Listing osCommerce 2.3.3.4 - 'geo_zones.php' 'zID' Parameter SQL Injection osCommerce 2.3.3.4 - 'geo_zones.php zID' Parameter SQL Injection Concrete5 CMS 5.6.2.1 - 'index.php' 'cID' Parameter SQL Injection Concrete5 CMS 5.6.2.1 - 'index.php cID' Parameter SQL Injection WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php' 'track' Parameter SQL Injection WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph track' Parameter SQL Injection PHPEasyData 1.5.4 - admin/login.php 'Username' Field SQL Injection PHPEasyData 1.5.4 - 'admin/login.php Username' SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php' 'id' Parameter SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php id' Parameter SQL Injection webERP 4.11.3 - 'SalesInquiry.php' 'SortBy' Parameter SQL Injection webERP 4.11.3 - 'SalesInquiry.php SortBy' Parameter SQL Injection Claroline 1.8.9 - 'claroline/redirector.php' 'url' Parameter Arbitrary Site Redirect Claroline 1.8.9 - 'claroline/redirector.php url' Parameter Arbitrary Site Redirect XOOPS 2.0.18 - 'modules/system/admin.php' 'fct' Parameter Traversal Local File Inclusion XOOPS 2.0.18 - 'modules/system/admin.php fct' Parameter Traversal Local File Inclusion ownCloud 4.0.x/4.5.x - 'upload.php' 'Filename' Parameter Remote Code Execution ownCloud 4.0.x/4.5.x - 'upload.php Filename' Parameter Remote Code Execution InterWorx Control Panel 5.0.13 build 574 - 'xhr.php' 'i' Parameter SQL Injection InterWorx Control Panel 5.0.13 build 574 - 'xhr.php i' Parameter SQL Injection MKPortal 1.2.1 - '/modules/rss/handler_image.php' 'i' Parameter Cross-Site Scripting MKPortal 1.2.1 - '/modules/rss/handler_image.php i' Parameter Cross-Site Scripting glFusion 1.1 - Anonymous Comment 'Username' Field HTML Injection glFusion 1.1 - Anonymous Comment 'Username' HTML Injection IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Function Cross-Site Scripting IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Cross-Site Scripting kitForm CRM Extension 0.43 - 'sorter.ph' 'sorter_value' Parameter SQL Injection kitForm CRM Extension 0.43 - 'sorter.ph sorter_value' Parameter SQL Injection dompdf 0.6.0 - 'dompdf.php' 'read' Parameter Arbitrary File Read dompdf 0.6.0 - 'dompdf.php read' Parameter Arbitrary File Read WordPress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting WordPress Plugin TYPO3 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting DiamondList - '/user/main/update_settings' 'setting[site_title]' Parameter Cross-Site Scripting DiamondList - '/user/main/update_category' 'category[description]' Parameter Cross-Site Scripting DiamondList - '/user/main/update_settings setting[site_title]' Parameter Cross-Site Scripting DiamondList - '/user/main/update_category category[description]' Parameter Cross-Site Scripting vBulletin 4.0.x < 4.1.2 - 'search.php' 'cat' Parameter SQL Injection vBulletin 4.0.x < 4.1.2 - 'search.php cat' Parameter SQL Injection MybbCentral TagCloud 2.0 - 'Topic' Field HTML Injection MybbCentral TagCloud 2.0 - 'Topic' HTML Injection Cacti 0.8.7 (RedHat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting Cacti 0.8.7 (RedHat High Performance Computing [HPC]) - 'utilities.php' Filter Parameter Cross-Site Scripting Mulitple WordPress Themes - 'admin-ajax.php' 'img' Parameter Arbitrary File Download Mulitple WordPress Themes - 'admin-ajax.php img' Parameter Arbitrary File Download Free Arcade Script 1.0 - 'search' Field Cross-Site Scripting Free Arcade Script 1.0 - 'search' Cross-Site Scripting Micro CMS 1.0 - 'name' Field HTML Injection Micro CMS 1.0 - 'name' HTML Injection MODx manager - '/controllers/default/resource/tvs.php' 'class_key' Parameter Traversal Local File Inclusion MODx manager - '/controllers/default/resource/tvs.php class_key' Parameter Traversal Local File Inclusion Bacula-Web 5.2.10 - 'joblogs.php' 'jobid Parameter SQL Injection Bacula-Web 5.2.10 - 'joblogs.php jobid Parameter SQL Injection PHP Scripts Now Riddles - '/riddles/results.php' 'searchQuery' Parameter Cross-Site Scripting PHP Scripts Now Riddles - '/riddles/list.php' 'catid' Parameter SQL Injection PHP Scripts Now Riddles - '/riddles/results.php searchQuery' Parameter Cross-Site Scripting PHP Scripts Now Riddles - '/riddles/list.php catid' Parameter SQL Injection W-Agora 4.2.1 - 'search.php3' 'bn' Parameter Traversal Local File Inclusion W-Agora 4.2.1 - 'search.php3 bn' Parameter Traversal Local File Inclusion Piwigo 2.6.0 - 'picture.php' 'rate' Parameter SQL Injection Piwigo 2.6.0 - 'picture.php rate' Parameter SQL Injection PHPMyRecipes 1.2.2 - 'dosearch.php' 'words_exact Parameter SQL Injection PHPMyRecipes 1.2.2 - 'dosearch.php words_exact Parameter SQL Injection PHPMyRecipes 1.2.2 - 'browse.php' 'category' Parameter SQL Injection PHPMyRecipes 1.2.2 - 'browse.php category' Parameter SQL Injection Dolibarr ERP/CRM - '/user/info.php' 'id' Parameter SQL Injection Dolibarr ERP/CRM - '/admin/boxes.php' 'rowid' Parameter SQL Injection Dolibarr ERP/CRM - '/user/info.php id' Parameter SQL Injection Dolibarr ERP/CRM - '/admin/boxes.php rowid' Parameter SQL Injection PrestaShop 1.4.4.1 - '/modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php' 'Expedition' Parameter Cross-Site Scripting PrestaShop 1.4.4.1 - '/modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition' Parameter Cross-Site Scripting Manx 1.0.1 - '/admin/admin_blocks.php' 'Filename' Parameter Traversal Arbitrary File Access Manx 1.0.1 - '/admin/admin_pages.php' 'Filename' Parameter Traversal Arbitrary File Access Manx 1.0.1 - '/admin/admin_blocks.php Filename' Parameter Traversal Arbitrary File Access Manx 1.0.1 - '/admin/admin_pages.php Filename' Parameter Traversal Arbitrary File Access UBBCentral UBB.Threads 7.5.6 - 'Username' Field Cross-Site Scripting UBBCentral UBB.Threads 7.5.6 - 'Username' Cross-Site Scripting OSClass 2.3.3 - 'index.php' 'getParam()' Function Multiple Parameter Cross-Site Scripting OSClass 2.3.3 - 'index.php getParam()' Multiple Parameter Cross-Site Scripting 11in1 CMS 1.2.1 - 'index.php' 'class' Parameter Traversal Local File Inclusion 11in1 CMS 1.2.1 - 'admin/index.php' 'class' Parameter Traversal Local File Inclusion 11in1 CMS 1.2.1 - 'index.php class' Parameter Traversal Local File Inclusion 11in1 CMS 1.2.1 - 'admin/index.php class' Parameter Traversal Local File Inclusion Dotclear 2.4.1.2 - '/admin/auth.php' 'login_data' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/blogs.php' 'nb' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/auth.php login_data' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/blogs.php nb' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/plugin.php' 'page' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/plugin.php page' Parameter Cross-Site Scripting Fork CMS 3.x - 'backend/modules/error/actions/index.php' 'parse()' Function Multiple Parameter Error Display Cross-Site Scripting Fork CMS 3.x - 'backend/modules/error/actions/index.php parse()' Multiple Parameter Error Display Cross-Site Scripting 11in1 CMS 1.2.1 - 'admin/comments' 'topicID' Parameter SQL Injection 11in1 CMS 1.2.1 - 'admin/tps' 'id' Parameter SQL Injection 11in1 CMS 1.2.1 - 'admin/comments topicID' Parameter SQL Injection 11in1 CMS 1.2.1 - 'admin/tps id' Parameter SQL Injection SAP Business Objects InfoView System - '/help/helpredir.aspx' 'guide' Parameter Cross-Site Scripting SAP Business Objects InfoView System - '/webi/webi_modify.aspx' 'id' Parameter Cross-Site Scripting SAP Business Objects InfoView System - '/help/helpredir.aspx guide' Parameter Cross-Site Scripting SAP Business Objects InfoView System - '/webi/webi_modify.aspx id' Parameter Cross-Site Scripting Wikidforum 2.10 - Advanced Search - Multiple Field SQL Injection Wikidforum 2.10 - Advanced Search Multiple Field SQL Injection Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php' 'String::stripUnsafeHtml()' Method Cross-Site Scripting Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml()' Method Cross-Site Scripting TeamPass 2.1.5 - 'login' Field HTML Injection TeamPass 2.1.5 - 'login' HTML Injection XOOPS 2.5.4 - '/modules/pm/pmlite.php' 'to_userid' Parameter Cross-Site Scripting XOOPS 2.5.4 - '/modules/pm/pmlite.php to_userid' Parameter Cross-Site Scripting Kajona - 'getAllPassedParams()' Function Multiple Cross-Site Scripting Vulnerabilities Kajona - 'getAllPassedParams()' Multiple Cross-Site Scripting Vulnerabilities PolarisCMS - 'WebForm_OnSubmit()' Function Cross-Site Scripting PolarisCMS - 'WebForm_OnSubmit()' Cross-Site Scripting TCExam 11.2.x - '/admin/code/tce_edit_question.php' 'subject_module_id' Parameter SQL Injection TCExam 11.2.x - '/admin/code/tce_edit_question.php subject_module_id' Parameter SQL Injection jCore - '/admin/index.php' 'path' Parameter Cross-Site Scripting jCore - '/admin/index.php path' Parameter Cross-Site Scripting Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection Cyberoam Firewall CR500iNG-XP 10.6.2 MR-1 - Blind SQL Injection WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf' 'abouttext' Parameter Cross-Site Scripting WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext' Parameter Cross-Site Scripting cPanel WebHost Manager (WHM) - '/webmail/x3/mail/clientconf.html' 'acct' Parameter Cross-Site Scripting cPanel WebHost Manager (WHM) - '/webmail/x3/mail/clientconf.html acct' Parameter Cross-Site Scripting WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php' 'reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php' 'reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php' 'reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID' Parameter SQL Injection Kallithea 0.2.9 - (came_from) HTTP Response Splitting PHP Address Book - '/addressbook/register/delete_user.php' 'id' Parameter SQL Injection PHP Address Book - '/addressbook/register/edit_user.php' 'id' Parameter SQL Injection Kallithea 0.2.9 - 'came_from' HTTP Response Splitting PHP Address Book - '/addressbook/register/delete_user.php id' Parameter SQL Injection PHP Address Book - '/addressbook/register/edit_user.php id' Parameter SQL Injection PHP Address Book - '/addressbook/register/linktick.php' 'site' Parameter SQL Injection PHP Address Book - '/addressbook/register/linktick.php site' Parameter SQL Injection PHP Address Book - '/addressbook/register/router.php' 'BasicLogin' Cookie Parameter SQL Injection PHP Address Book - '/addressbook/register/traffic.php' 'var' Parameter SQL Injection PHP Address Book - '/addressbook/register/user_add_save.php' 'email' Parameter SQL Injection PHP Address Book - '/addressbook/register/checklogin.php' 'Username' Parameter SQL Injection PHP Address Book - '/addressbook/register/admin_index.php' 'q' Parameter SQL Injection PHP Address Book - '/addressbook/register/router.php BasicLogin' Cookie Parameter SQL Injection PHP Address Book - '/addressbook/register/traffic.php var' Parameter SQL Injection PHP Address Book - '/addressbook/register/user_add_save.php email' Parameter SQL Injection PHP Address Book - '/addressbook/register/checklogin.php Username' Parameter SQL Injection PHP Address Book - '/addressbook/register/admin_index.php q' Parameter SQL Injection Hero Framework - '/users/login' 'Username' Parameter Cross-Site Scripting Hero Framework - '/users/forgot_password' 'error' Parameter Cross-Site Scripting Hero Framework - '/users/login Username' Parameter Cross-Site Scripting Hero Framework - '/users/forgot_password error' Parameter Cross-Site Scripting Jahia xCM - '/engines/manager.jsp' 'site' Parameter Cross-Site Scripting Jahia xCM - '/engines/manager.jsp site' Parameter Cross-Site Scripting NeoBill - '/modules/nullregistrar/PHPwhois/example.php' 'query' Parameter Remote Code Execution NeoBill - '/modules/nullregistrar/PHPwhois/example.php query' Parameter Remote Code Execution C2C Forward Auction Creator 2.0 - '/auction/asp/list.asp' 'pa' Parameter SQL Injection C2C Forward Auction Creator 2.0 - '/auction/asp/list.asp pa' Parameter SQL Injection Command School Student Management System - '/sw/admin_grades.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_terms.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_years.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_sgrades.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_media_codes_1.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_infraction_codes.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_generations.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_relations.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_titles.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/health_allergies.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_names.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_subjects.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_grades.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_terms.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_years.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_sgrades.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_media_codes_1.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_infraction_codes.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_generations.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_relations.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_titles.php id' Parameter SQL Injection Command School Student Management System - '/sw/health_allergies.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_names.php id' Parameter SQL Injection Command School Student Management System - '/sw/admin_subjects.php id' Parameter SQL Injection Dredge School Administration System - '/DSM/loader.php' 'Id' Parameter SQL Injection Dredge School Administration System - '/DSM/loader.php Id' Parameter SQL Injection UAEPD Shopping Script - '/news.php' 'id' Parameter SQL Injection UAEPD Shopping Script - '/news.php id' Parameter SQL Injection BloofoxCMS - '/bloofox/index.php' 'Username' Parameter SQL Injection BloofoxCMS - '/bloofox/admin/index.php' 'Username' Parameter SQL Injection BloofoxCMS - '/bloofox/index.php Username' Parameter SQL Injection BloofoxCMS - '/bloofox/admin/index.php Username' Parameter SQL Injection Xangati - '/servlet/Installer' 'file' Parameter Directory Traversal Xangati - '/servlet/Installer file' Parameter Directory Traversal Caldera - '/costview2/jobs.php' 'tr' Parameter SQL Injection Caldera - '/costview2/printers.php' 'tr' Parameter SQL Injection Caldera - '/costview2/jobs.php tr' Parameter SQL Injection Caldera - '/costview2/printers.php tr' Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_signup.php' 'a_country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_show_banner.php' 'affiliate_banner_id' Parameter SQL Injection OL-Commerce - '/OL-Commerce/create_account.php' 'country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/admin/create_account.php' 'entry_country_id' Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_signup.php a_country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_show_banner.php affiliate_banner_id' Parameter SQL Injection OL-Commerce - '/OL-Commerce/create_account.php country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/admin/create_account.php entry_country_id' Parameter SQL Injection Disc ORGanizer - DORG - Multiple Vulnerabilities Disc ORGanizer (DORG) - Multiple Vulnerabilities Apache < 2.2.34 / < 2.4.27 - HTTP OPTIONS Memory Leak Apache < 2.2.34 / < 2.4.27 - OPTIONS Memory Leak ClipShare 7.0 - SQL Injection Complain Management System - Hard-Coded Credentials / Blind SQL injection	2017-10-11 05:01:35 +00:00
Offensive Security	4e334a292d	DB: 2017-10-08 2 new exploits Microsoft Windows XP/2003 - Samba Share Resource Exhaustion Exploit Microsoft Windows XP/2003 - Samba Share Resource Exhaustion (Denial of Service) Multiple vendors - ZOO file Decompression Infinite Loop Denial of Service (PoC) ZOO - .ZOO File Decompression Infinite Loop Denial of Service (PoC) WzdFTPD 0.8.0 - (USER) Remote Denial of Service WzdFTPD 0.8.0 - 'USER' Remote Denial of Service Multiple Vendors - 'libc:fts_()' Local Denial of Service Libc - 'libc:fts_()' Local Denial of Service Asterisk IAX2 - Resource Exhaustion via Attacked IAX Fuzzer Asterisk IAX2 - Attacked IAX Fuzzer Resource Exhaustion (Denial of Service) Multiple Web Browsers - Denial of Service Multiple Browsers - Denial of Service Multiple browsers - 'history.go()' Denial of Service Multiple browsers - 'window.print()' Denial of Service Multiple Browsers - 'history.go()' Denial of Service Multiple Browsers - 'window.print()' Denial of Service Multiple Vendors libc/glob(3) - Resource Exhaustion / Remote ftpd-anon libc/glob(3) - Resource Exhaustion / Remote ftpd-anonymous (Denial of Service) Check Point Software Firewall-1 4.0/1.4.1 - Resource Exhaustion (Denial of Service) Linux Kernel 2.4.18/2.4.19 - Privileged File Descriptor Resource Exhaustion Linux Kernel 2.4.18/2.4.19 - Privileged File Descriptor Resource Exhaustion (Denial of Service) EType EServ 2.98/2.99/3.0 - Resource Exhaustion Denial of Service (1) EType EServ 2.98/2.99/3.0 - Resource Exhaustion Denial of Service (2) EType EServ 2.98/2.99/3.0 - Resource Exhaustion (Denial of Service) (1) EType EServ 2.98/2.99/3.0 - Resource Exhaustion (Denial of Service) (2) Desktop Orbiter 2.0 1 - Resource Exhaustion Denial of Service Desktop Orbiter 2.0 1 - Resource Exhaustion (Denial of Service) ACLogic CesarFTP 0.99 - Remote Resource Exhaustion (Denial of Service) Oracle 9.0 iSQLPlus TLS Listener - Remote Denial of Service Oracle 9.0 iSQLPlus - TLS Listener Remote Denial of Service Multiple Linksys Routers - LanD Packet Denial of Service Linksys Routers - LanD Packet Denial of Service Multiple Mozilla Products - IFRAME JavaScript Execution Vulnerabilities Multiple Mozilla Products - iFrame JavaScript Execution Vulnerabilities Multiple D-Link Routers - UPNP Buffer Overflow D-Link Routers - UPNP Buffer Overflow Multiple Vendors - Zoo Compression Algorithm Remote Denial of Service Zoo 2.10 - .ZOO Compression Algorithm Remote Denial of Service Multiple BSD Platforms - 'strfmon()' Function Integer Overflow Multiple BSD Distributions - 'strfmon()' Function Integer Overflow Multiple Vendors Unspecified SVG File Processing - Denial of Service Firefox / Evince / EoG / GIMP - '.SVG' File Processing Denial of Service Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion Denial of Service Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service) VMware Player and Workstation 6.5.3 - 'VMware-authd' Remote Denial of Service VMware Player / VMware Workstation 6.5.3 - 'VMware-authd' Remote Denial of Service Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial of Service Libc - 'regcomp()' Stack Exhaustion Denial of Service Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Multiple BSD Operating Systems - 'setusercontext()' Vulnerabilities Multiple BSD Distributions - 'setusercontext()' Vulnerabilities Multiple Cisco Products - Cisco Global Exploiter Tool Cisco - Cisco Global Exploiter Tool Multiple (Almost all) Browsers - Tabbed Browsing Vulnerabilities Multiple Browsers - Tabbed Browsing Vulnerabilities Skype extension for Firefox Beta 2.2.0.95 - Clipboard Writing Skype Extension for Firefox Beta 2.2.0.95 - Clipboard Writing Multiple D-Link Products - Captcha Bypass D-Link - Captcha Bypass Multiple Web Browser (FF3.6.7/SM 2.0.6) - Clickjacking Multiple Browser (FF3.6.7/SM 2.0.6) - Clickjacking Check Point Software Firewall-1 4.0/1.4.1 - Resource Exhaustion hassan Consulting shopping cart 1.18 - Directory Traversal Hassan Consulting Shopping Cart 1.18 - Directory Traversal Adobe SVG Viewer 3.0 - postURL/getURL Restriction Bypass Adobe SVG Viewer 3.0 - 'postURL'/'getURL' Restriction Bypass ACLogic CesarFTP 0.99 - Remote Resource Exhaustion Multiple Linksys Devices - DHCP Information Disclosure Linksys - DHCP Information Disclosure Oracle HTML DB 1.5/1.6 - wwv_flow.accept p_t02 Parameter Cross-Site Scripting Oracle HTML DB 1.5/1.6 - 'wwv_flow.accept' 'p_t02' Parameter Cross-Site Scripting Oracle HTML DB 1.5/1.6 - f p Parameter Cross-Site Scripting Oracle HTML DB 1.5/1.6 - 'f?p=' Parameter Cross-Site Scripting Multiple Cisco Products - WebSense Content Filtering Bypass Cisco - WebSense Content Filtering Bypass Multiple Vendors - RAR Handling Remote Null Pointer Dereference ClamAV / UnRAR - .RAR Handling Remote Null Pointer Dereference Multiple Cisco Products - 'file' Parameter Directory Traversal Cisco - 'file' Parameter Directory Traversal Multiple D-Link DCS Products - 'security.cgi' Cross-Site Request Forgery D-Link DCS - 'security.cgi' Cross-Site Request Forgery Multiple Vendors - 'RuntimeDiagnosticPing()' Stack Buffer Overflow D-Link / PLANEX COMMUNICATIONS - 'RuntimeDiagnosticPing()' Stack Buffer Overflow Multiple Aztech Modem Routers - Session Hijacking Aztech Modem Routers - Session Hijacking Mambo Component Security Images 3.0.5 - Inclusion Mambo Component Security Images 3.0.5 - Remote File Inclusion Joomla! Component com_bayesiannaivefilter 1.1 - Inclusion Joomla! Component com_bayesiannaivefilter 1.1 - Remote File Inclusion Mambo Component 'com_phpshop' 1.2 RC2b - File Inclusion Mambo Component 'com_a6mambocredits' 1.0.0 - File Inclusion Mambo Component 'com_phpshop' 1.2 RC2b - Remote File Inclusion Mambo Component 'com_a6mambocredits' 1.0.0 - Remote File Inclusion Mambo Component bigAPE-Backup 1.1 - File Inclusion NES Game and NES System c108122 - File Inclusion Mambo Component bigAPE-Backup 1.1 - Remote File Inclusion NES Game and NES System c108122 - Remote File Inclusion Mambo Component com_serverstat 0.4.4 - File Inclusion Mambo Component com_serverstat 0.4.4 - Remote File Inclusion Wili-CMS 0.1.1 - File Inclusion / Cross-Site Scripting / Full Path Disclosure Wili-CMS 0.1.1 - Remote File Inclusion / Cross-Site Scripting / Full Path Disclosure phpBB Admin Topic Action Logging Mod 0.94b - File Inclusion phpBB Admin Topic Action Logging Mod 0.94b - Remote File Inclusion phpBB User Viewed Posts Tracker 1.0 - File Inclusion phpBB User Viewed Posts Tracker 1.0 - Remote File Inclusion phpBB Random User Registration Number 1.0 Mod - Inclusion phpBB Random User Registration Number 1.0 Mod - Remote File Inclusion Softerra PHP Developer Library 1.5.3 - File Inclusion Softerra PHP Developer Library 1.5.3 - Remote File Inclusion phpBB ACP User Registration Mod 1.0 - File Inclusion phpBB ACP User Registration Mod 1.0 - Remote File Inclusion Electronic Engineering Tool (EE TOOL) 0.4.1 - File Inclusion Electronic Engineering Tool (EE TOOL) 0.4.1 - Remote File Inclusion phpBB Spider Friendly Module 1.3.10 - File Inclusion phpBB Spider Friendly Module 1.3.10 - Remote File Inclusion Tucows Client Code Suite (CSS) 1.2.1015 - File Inclusion Tucows Client Code Suite (CSS) 1.2.1015 - Remote File Inclusion pre Multiple Vendors shopping malls - Multiple Vulnerabilities PreProject Multi-Vendor Shopping Malls - Multiple Vulnerabilities Easy Px 41 CMS 09.00.00B1 - (fiche) Local File Inclusion Easy Px 41 CMS 09.00.00B1 - 'fiche' Local File Inclusion Joomla! Component Book Library 1.0 - File Inclusion Joomla! Component Book Library 1.0 - Remote File Inclusion Community Translate - File Inclusion Community Translate - Remote File Inclusion EZsneezyCal CMS 95.1-95.2 - File Inclusion EZRecipeZee CMS 91 - File Inclusion EZsneezyCal CMS 95.1-95.2 - Remote File Inclusion EZRecipeZee CMS 91 - Remote File Inclusion AIOCP 1.4.001 - File Inclusion AIOCP 1.4.001 - Remote File Inclusion Gbook MX 4.1.0 (Arabic Version) - File Inclusion Gbook MX 4.1.0 (Arabic Version) - Remote File Inclusion Multiple D-Link Routers - Authentication Bypass D-Link Routers - Authentication Bypass (2) 29o3 CMS - (LibDir) Multiple Remote File Inclusion 29o3 CMS - 'LibDir' Multiple Remote File Inclusion MyNews 1.0 CMS - SQL Injection / Local File Inclusion / Cross-Site Scripting MyNews CMS 1.0 - SQL Injection / Local File Inclusion / Cross-Site Scripting Pre Multiple Vendors Shopping Malls - SQL Injection PreProject Multi-Vendor Shopping Malls - SQL Injection Pre Multiple Vendors Shopping Malls - 'products.php?sid' SQL Injection PreProject Multi-Vendor Shopping Malls - 'products.php?sid' SQL Injection Pre Multiple Vendors Shopping Malls - SQL Injection / Authentication Bypass PreProject Multi-Vendor Shopping Malls - SQL Injection / Authentication Bypass Multiple D-Link Routers (Multiple Models) - Authentication Bypass D-Link Routers - Authentication Bypass (1) Multiple Linksys Routers - Cross-Site Request Forgery Linksys Routers - Cross-Site Request Forgery Joomla! Component 'Scriptegrator' 1.5 - File Inclusion Joomla! Component 'Scriptegrator' 1.5 - Local File Inclusion BbZL.php - File Inclusion BbZL.php - Remote File Inclusion FCMS 2.7.2 CMS - Multiple Cross-Site Request Forgery Vulnerabilities FCMS CMS 2.7.2 - Multiple Cross-Site Request Forgery Vulnerabilities Cyberoam Central Console 2.00.2 - File Inclusion Cyberoam Central Console 2.00.2 - Remote File Inclusion Dolibarr ERP & CRM 3 - Authenticated OS Command Injection (Metasploit) Dolibarr ERP & CRM - OS Command Injection Dolibarr ERP/CRM 3 - Authenticated OS Command Injection (Metasploit) Dolibarr ERP/CRM - OS Command Injection VamCart 0.9 CMS - Multiple Vulnerabilities PBBoard 2.1.4 CMS - Multiple Vulnerabilities VamCart CMS 0.9 - Multiple Vulnerabilities PBBoard CMS 2.1.4 - Multiple Vulnerabilities Flynax General Classifieds 4.0 CMS - Multiple Vulnerabilities Flynax General Classifieds CMS 4.0 - Multiple Vulnerabilities PG Dating Pro 1.0 CMS - Multiple Vulnerabilities PG Dating Pro CMS 1.0 - Multiple Vulnerabilities Artmedic Webdesign Kleinanzeigen Script - File Inclusion Artmedic Webdesign Kleinanzeigen Script - Remote File Inclusion Multiple D-Link Devices - Multiple Vulnerabilities D-Link - Multiple Vulnerabilities Utopia News Pro 1.1.3 - header.php sitetitle Parameter Cross-Site Scripting Utopia News Pro 1.1.3 - 'header.php' 'sitetitle' Parameter Cross-Site Scripting Utopia News Pro 1.1.3 - footer.php Multiple Parameter Cross-Site Scripting Utopia News Pro 1.1.3 - 'footer.php' Multiple Parameter Cross-Site Scripting Multiple D-Link Devices - OS-Command Injection via UPnP Interface D-Link - OS-Command Injection via UPnP Interface WordPress Plugin Spicy Blogroll - File Inclusion WordPress Plugin Spicy Blogroll - Local File Inclusion OliveOffice Mobile Suite 2.0.3 iOS - File Inclusion OliveOffice Mobile Suite 2.0.3 iOS - Local File Inclusion ActiveWeb Contentserver 5.6.2929 CMS - Client-Side Filtering Bypass ActiveWeb Contentserver CMS 5.6.2929 - Client-Side Filtering Bypass Piwigo 2.5.3 CMS - Multiple Web Vulnerabilities Piwigo CMS 2.5.3 - Multiple Web Vulnerabilities Office Assistant Pro 2.2.2 iOS - File Inclusion Office Assistant Pro 2.2.2 iOS - Local File Inclusion WiFiles HD 1.3 iOS - File Inclusion WiFiles HD 1.3 iOS - Locla File Inclusion PDF Album 1.7 iOS - File Inclusion PDF Album 1.7 iOS - Local File Inclusion Multiple D-Link Routers - Multiple Vulnerabilities D-Link Routers - Multiple Vulnerabilities Multiple Consona Products - 'n6plugindestructor.asp' Cross-Site Scripting Consona - 'n6plugindestructor.asp' Cross-Site Scripting Photo Org WonderApplications 8.3 iOS - File Inclusion Photo Org WonderApplications 8.3 iOS - Local File Inclusion Pre Projects Multiple Vendors Shopping Malls - 'products.php' SQL Injection PreProject Multi-Vendor Shopping Malls - 'products.php' SQL Injection PhotoSync Wifi & Bluetooth 1.0 - File Inclusion PhotoSync Wifi & Bluetooth 1.0 - Local File Inclusion Photorange 1.0 iOS - File Inclusion Photorange 1.0 iOS - Local File Inclusion GS Foto Uebertraeger 3.0 iOS - File Inclusion GS Foto Uebertraeger 3.0 iOS - Local File Inclusion iFunBox Free 1.1 iOS - File Inclusion iFunBox Free 1.1 iOS - Local File Inclusion Pimcore 2.3.0/3.0 CMS - SQL Injection Pimcore CMS 2.3.0/3.0 - SQL Injection Dolibarr 3.0 - Local File Inclusion / Cross-Site Scripting Dolibarr CMS 3.0 - Local File Inclusion / Cross-Site Scripting Dolibarr 3.1 ERP/CRM - Multiple Script URI Cross-Site Scripting Dolibarr ERP/CRM 3.1 - Multiple Script URI Cross-Site Scripting Dolibarr 3.x - 'adherents/fiche.php' SQL Injection Dolibarr CMS 3.x - 'adherents/fiche.php' SQL Injection 11in1 CMS 1.2.1 - 'index.php' class Parameter Traversal Local File Inclusion 11in1 CMS 1.2.1 - admin/index.php class Parameter Traversal Local File Inclusion 11in1 CMS 1.2.1 - 'index.php' 'class' Parameter Traversal Local File Inclusion 11in1 CMS 1.2.1 - 'admin/index.php' 'class' Parameter Traversal Local File Inclusion Wifi Drive Pro 1.2 iOS - File Inclusion Photo Manager Pro 4.4.0 iOS - File Inclusion Mobile Drive HD 1.8 - File Inclusion Web Wifi Drive Pro 1.2 iOS - Local File Inclusion Photo Manager Pro 4.4.0 iOS - Local File Inclusion Mobile Drive HD 1.8 - Local File Inclusion Dolibarr 3.2 Alpha - Multiple Directory Traversal Vulnerabilities Dolibarr CMS 3.2 Alpha - Multiple Directory Traversal Vulnerabilities 11in1 CMS 1.2.1 - admin/comments topicID Parameter SQL Injection 11in1 CMS 1.2.1 - admin/tps id Parameter SQL Injection 11in1 CMS 1.2.1 - 'admin/comments' 'topicID' Parameter SQL Injection 11in1 CMS 1.2.1 - 'admin/tps' 'id' Parameter SQL Injection PhotoWebsite 3.1 iOS - File Inclusion PhotoWebsite 3.1 iOS - Local File Inclusion vPhoto-Album 4.2 iOS - File Inclusion vPhoto-Album 4.2 iOS - Local File Inclusion PDF Converter & Editor 2.1 iOS - File Inclusion PDF Converter & Editor 2.1 iOS - Local File Inclusion Wireless Photo Transfer 3.0 iOS - File Inclusion Wireless Photo Transfer 3.0 iOS - Local File Inclusion WordPress Plugin Really Simple Guest Post 1.0.6 - File Inclusion WordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion My.WiFi USB Drive 1.0 iOS - File Inclusion My.WiFi USB Drive 1.0 iOS - Local File Inclusion Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure WordPress Plugin Dharma Booking 2.38.3 - File Inclusion WordPress Plugin Dharma Booking 2.38.3 - Remote File Inclusion Multiple Vendors (RomPager 4.34) - Misfortune Cookie Router Authentication Bypass RomPager 4.34 (Multiple Router Vendors) - 'Misfortune Cookie' Authentication Bypass Multiple NETGEAR Routers - Password Disclosure NETGEAR Routers - Password Disclosure	2017-10-08 05:01:28 +00:00
Offensive Security	bfb5d80e10	DB: 2017-10-07 4 new exploits Konqueror 3.5.9 - (font color) Remote Crash Konqueror 3.5.9 - 'font color' Remote Crash Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow hammer software metagauge 1.0.0.17 - Directory Traversal Hammer Software MetaGauge 1.0.0.17 - Directory Traversal Billion Router 7700NR4 - Remote Command Execution Billion 7700NR4 Router - Remote Command Execution Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution else if CMS 0.6 - Multiple Vulnerabilities Else If CMS 0.6 - Multiple Vulnerabilities Picturesolution 2.1 - 'config.php path' Remote File Inclusion Picturesolution 2.1 - 'config.php' 'path' Remote File Inclusion tsmim Lessons Library - 'show.php' SQL Injection Tsmim Lessons Library - 'show.php' SQL Injection Simple Machines Forum (SMF) 1.1.6 - POST Filter Security Bypass Simple Machines Forum (SMF) 1.1.6 - 'POST' Filter Security Bypass PHP-Fusion v7.02.07 - Blind SQL Injection PHP-Fusion 7.02.07 - Blind SQL Injection ZTE ZXHN H108N - Unauthenticated Config Download ZTE ZXHN H108N Router - Unauthenticated Config Download Unitrends UEB 9.1 - Privilege Escalation	2017-10-07 05:01:30 +00:00
Offensive Security	d4e17b950d	DB: 2017-10-05 9 new exploits FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service FreeBSD 6.0 - 'nfsd' Remote Kernel Panic (Denial of Service) FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service FreeBSD 6.1 /dev/crypto - Local Kernel Denial of Service SunOS 5.10 Sun Cluster - rpc.metad Denial of Service (PoC) SunOS 5.10 Sun Cluster - 'rpc.metad' Denial of Service (PoC) Minix 3.1.2a - tty panic Local Denial of Service Minix 3.1.2a - tty panic Remote Denial of Service Minix 3.1.2a - Local TTY Panic (Denial of Service) Minix 3.1.2a - Remote TTY Panic (Denial of Service) Linux Kernel < 2.4.36.9/2.6.27.5 - Unix Sockets Local Kernel Panic Exploit Linux Kernel < 2.4.36.9/2.6.27.5 - Unix Sockets Local Kernel Panic (Denial of Service) QNX 6.4.0 - bitflipped elf binary 'id' Kernel Panic Exploit QNX 6.4.0 - bitflipped ELF Binary 'id' Kernel Panic (Denial of Service) FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit FreeBSD 7.x - Dumping Environment Local Kernel Panic (Denial of Service) FreeBSD and OpenBSD 'ftpd' - Null Pointer Dereference Denial of Service FreeBSD / OpenBSD 'ftpd' - Null Pointer Dereference Denial of Service Linux Kernel < 2.6.37-rc2 - 'TCP_MAXSEG' Kernel Panic Denial of Service (2) Linux Kernel < 2.6.37-rc2 - 'TCP_MAXSEG' Kernel Panic (Denial of Service) (2) Apple Mac OSX < 10.6.7 - Kernel Panic Apple Mac OSX < 10.6.7 - Kernel Panic (Denial of Service) genstat 14.1.0.5943 - Multiple Vulnerabilities GenStat 14.1.0.5943 - Multiple Vulnerabilities FreeBSD 3.0 - UNIX-domain Panic (Denial of Service) Solaris 7.0 - Recursive mutex_enter Remote Panic (Denial of Service) Apple Mac OSX 10.2.2 - Directory Kernel Panic Denial of Service Apple Mac OSX 10.2.2 - Directory Kernel Panic (Denial of Service) OpenBSD 5.5 - Local Kernel Panic OpenBSD 5.5 - Local Kernel Panic (Denial of Service) OpenBSD 5.6 - Multiple Local Kernel Panics (Denial of Service) FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow FreeBSD 10.2 Kernel (x64) - 'amd64_set_ldt' Heap Overflow Microsoft Windows Kernel - .win32k.sys TTF Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow) Microsoft Windows Kernel - win32k.sys .TTF Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow) WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization (2) Apple Mac OSX 10.2.4 - DirectoryService (PATH) Privilege Escalation Apple Mac OSX 10.2.4 - DirectoryService 'PATH' Privilege Escalation FreeBSD TOP - Format String FreeBSD /usr/bin/top - Format String Qpopper 4.0.8 (FreeBSD) - (poppassd) Privilege Escalation Qpopper 4.0.8 (FreeBSD) - Privilege Escalation Sudo 1.6.9p18 - (Defaults setenv) Privilege Escalation Sudo 1.6.9p18 - 'Defaults SetEnv' Privilege Escalation FreeBSD 8.0 Run-Time Link-Editor (rtld) - Privilege Escalation FreeBSD 8.0 Run-Time Link-Editor (RTLD) - Privilege Escalation FreeBSD 3.0 - UNIX-domain panic FreeBSD 3.5/4.x - top Format String FreeBSD 3.5/4.x /usr/bin/top - Format String OpenBSD 5.6 - Multiple Local Kernel Panics Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation Vm86 - Syscall Task Switch Kernel Panic (Denial of Service) / Privilege Escalation DiskBoss Enterprise 8.4.16 - Local Buffer Overflow Microsoft Windows - RPC Locator Service Remote Exploit Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Exploit Microsoft Windows - SMB Authentication Remote Exploit Microsoft Windows 2000/XP - SMB Authentication Remote Exploit Webfroot Shoutbox < 2.32 - (Apache) Remote Exploit Webfroot Shoutbox < 2.32 (Apache) - Remote Exploit Winmail Mail Server 2.3 - Remote Format String Winmail Mail Server 2.3 Build 0402 - Remote Format String Linux eXtremail 1.5.x - Remote Format Strings Exploit eXtremail 1.5.x (Linux) - Remote Format Strings Exploit QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow QBik WinGate WWW Proxy Server 6.1.1.1077 - 'POST' Remote Buffer Overflow Solaris 9 (UltraSPARC) - sadmind Remote Code Execution Solaris 9 (UltraSPARC) - 'sadmind' Remote Code Execution Sun One WebServer 6.1 - JSP Source Viewing Sun One WebServer 6.1 - .JSP Source Viewing Solaris 7.0 - Recursive mutex_enter Panic MySQL - Windows Remote System Level Exploit (Stuxnet technique) MySQL - 'Stuxnet Technique' Windows Remote System Exploit vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution (Metasploit) vTiger CRM 5.3.0 5.4.0 - Authenticated Remote Code Execution (Metasploit) vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload (Metasploit) vTiger CRM 5.4.0 SOAP - AddEmailAttachment Arbitrary File Upload (Metasploit) ERS Data System 1.8.1 - Java Deserialization Windows XP Professional SP3 (English) x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes) Windows XP Professional SP3 x86 (English) - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes) Linux/x86_64 - Kill All Processes Shellcode (19 bytes) Linux/x86_64 - Fork Bomb Shellcode (11 bytes) Linux/x86-64 - Kill All Processes Shellcode (19 bytes) Linux/x86-64 - Fork Bomb Shellcode (11 bytes) Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes) Linux/x86-64 - mkdir() 'evil' Shellcode (30 bytes) vtiger CRM 4.2 - (calpath) Multiple Remote File Inclusion vTiger CRM 4.2 - 'calpath' Multiple Remote File Inclusion Flatnuke 2.7.1 - (level) Privilege Escalation Flatnuke 2.7.1 - 'level' Privilege Escalation Vtiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting Cilem Haber 1.4.4 (Tr) - Database Disclosure (Python) Cilem Haber 1.4.4 (Tr) - Database Disclosure Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion vTiger CRM 5.0.4 - Unauthenticated Local File Inclusion vtiger CRM 5.1.0 - Local File Inclusion vTiger CRM 5.1.0 - Local File Inclusion phpmychat plus 1.94 rc1 - Multiple Vulnerabilities template CMS 2.1.1 - Multiple Vulnerabilities phpmybittorrent 2.04 - Multiple Vulnerabilities phpMyChat Plus 1.94 RC1 - Multiple Vulnerabilities Template CMS 2.1.1 - Multiple Vulnerabilities phpMyBitTorrent 2.04 - Multiple Vulnerabilities vtiger CRM 4.2 Leads Module - record Parameter Cross-Site Scripting vtiger CRM 4.2 - (RSS Aggregation Module Feed) Cross-Site Scripting vtiger CRM 4.2 - SQL Injection vTiger CRM 4.2 Leads Module - 'record' Parameter Cross-Site Scripting vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting vTiger CRM 4.2 - SQL Injection DreamLevels Dream Poll 3.0 - View_Results.php SQL Injection DreamLevels Dream Poll 3.0 - 'View_Results.php' SQL Injection vtiger CRM 5.4.0 (SOAP Services) - Multiple Vulnerabilities vTiger CRM 5.4.0 SOAP - Multiple Vulnerabilities Vtiger CRM 5.4.0 - 'index.php' 'onlyforuser' Parameter SQL Injection vTiger CRM 5.4.0 - 'index.php' 'onlyforuser' Parameter SQL Injection osCommerce 2.2 - admin/orders_status.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/products_attributes.php page Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/orders_status.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/products_attributes.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - admin/banner_manager.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/banner_statistics.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/countries.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/currencies.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/languages.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/manufacturers.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/products_expected.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/reviews.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/specials.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/stats_products_purchased.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/stats_products_viewed.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/tax_classes.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/tax_rates.php page Parameter Cross-Site Scripting osCommerce 2.2 - admin/zones.php page Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/banner_manager.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/banner_statistics.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/countries.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/currencies.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/languages.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/manufacturers.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/products_expected.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/reviews.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/specials.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/stats_products_purchased.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/stats_products_viewed.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/tax_classes.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/tax_rates.php' 'page' Parameter Cross-Site Scripting osCommerce 2.2 - 'admin/zones.php' 'page' Parameter Cross-Site Scripting Cilem Haber Free Edition - hata.asp hata Parameter Cross-Site Scripting Cilem Haber Free Edition - 'hata.asp' 'hata' Parameter Cross-Site Scripting GForge 3.1/4.5/4.6 - 'Verify.php' Cross-Site Scripting GForge 4.6/4.5/3.1 - 'Verify.php' Cross-Site Scripting Ossigeno CMS 2.2_pre1 - upload/xax/admin/modules/install_module.php level Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - upload/xax/admin/modules/uninstall_module.php level Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - upload/xax/admin/patch/index.php level Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/install_module.php level Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/modules/install_module.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/modules/uninstall_module.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/admin/patch/index.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/ossigeno/admin/install_module.php' 'level' Parameter Remote File Inclusion Ossigeno CMS 2.2_pre1 - 'upload/xax/ossigeno/admin/uninstall_module.php' 'level' Parameter Remote File Inclusion Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion vTiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion vtiger CRM 5.0.4 - Multiple Cross-Site Scripting Vulnerabilities vTiger CRM 5.0.4 - Multiple Cross-Site Scripting Vulnerabilities ITS SCADA 'Username' - SQL Injection ITS SCADA - 'Username' SQL Injection vtiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Inclusion vTiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Inclusion vtiger CRM 5.2.1 - 'vtigerservice.php' Cross-Site Scripting vTiger CRM 5.2.1 - 'vtigerservice.php' Cross-Site Scripting vtiger CRM 5.2.1 - 'index.php' Multiple Parameter Cross-Site Scripting vtiger CRM 5.2.1 - PHPrint.php Multiple Parameter Cross-Site Scripting vtiger CRM 5.2 - 'onlyforuser' Parameter SQL Injection vTiger CRM 5.2.1 - 'index.php' Multiple Parameter Cross-Site Scripting vTiger CRM 5.2.1 - 'PHPrint.php' Multiple Parameter Cross-Site Scripting vTiger CRM 5.2 - 'onlyforuser' Parameter SQL Injection vtiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities vTiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities Vtiger CRM 6.3.0 - Authenticated Remote Code Execution vTiger CRM 6.3.0 - Authenticated Remote Code Execution EPESI 1.8.2 rev20170830 - Cross-Site Scripting Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution ClipBucket 2.8.3 - Remote Code Execution	2017-10-05 05:01:29 +00:00
Offensive Security	4df0e06052	DB: 2017-10-04 22 new exploits All browsers - Crash Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Read with Malformed _glyf_ Table (win32k!fsc_CalcGrayRow) Microsoft Windows Kernel - win32k.sys .TTF Font Processing - Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel - .win32k.sys TTF Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow) NoMachine 5.3.9 - Privilege Escalation Microsoft Word 2007 (x86) - Information Disclosure Apple Mac OS X + Safari - Local Javascript Quarantine Bypass Australian Education App - Remote Code Execution CenturyLink ZyXEL PK5001Z Router - Root Remote Code Execution Trend Micro OfficeScan 11.0/XG (12.0) - MITM Remote Code Execution UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code Execution Web interface for DNSmasq / Mikrotik - SQL Injection Web Interface for DNSmasq / Mikrotik - SQL Injection Zyxel P-660HW-61 Firmware < 3.40(PE.11)C0 Router - Local File Inclusion Uniview NVR - Password Disclosure Nuevomailer < 6.0 - SQL Injection IBM Informix Dynamic Server - Code Injection / Remote Code Execution WordPress Plugin Sabai Discuss - Cross-Site Scripting Tilde CMS 1.01 - Multiple Vulnerabilities VACRON VIG-US731VE 1.0.18-09-B727 IP Camera - Authentication Bypass JoySale 2.2.1 - Arbitrary File Upload AirMaster 3000M - Multiple Vulnerabilities RPi Cam Control < 6.3.14 - Remote Command Execution iTech Movie Script 7.51 - SQL Injection CMS Web-Gooroo < 1.141 - Multiple Vulnerabilities PHP-SecureArea < 2.7 - Multiple Vulnerabilities Humax Wi-Fi Router HG100R 2.0.6 - Authentication Bypass Fiberhome AN5506-04-F - Command Injection	2017-10-04 05:01:32 +00:00
Offensive Security	ecfeb57577	DB: 2017-10-03 15 new exploits Linux Kernel < 4.14.rc3 - Local Denial of Service Dnsmasq < 2.78 - 2-byte Heap-Based Overflow Dnsmasq < 2.78 - Heap-Based Overflow Dnsmasq < 2.78 - Stack-Based Overflow Dnsmasq < 2.78 - Information Leak Dnsmasq < 2.78 - Lack of free() Denial of Service Dnsmasq < 2.78 - Integer Underflow UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape Qmail SMTP - Bash Environment Variable Injection (Metasploit) NPM-V (Network Power Manager) 2.4.1 - Password Reset phpCollab 2.5.1 - Arbitrary File Upload phpCollab 2.5.1 - SQL Injection OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL Injection	2017-10-03 05:01:26 +00:00
Offensive Security	38a6cf0b56	DB: 2017-10-02 8 new exploits Dup Scout Enterprise 10.0.18 - 'Import Command' Buffer Overflow Sync Breeze Enterprise 10.0.28 - Buffer Overflow SmarterStats 11.3.6347 - Cross-Site Scripting WordPress Plugin WPHRM - SQL Injection PHP Multi Vendor Script 1.02 - 'sid' Parameter SQL Injection Real Estate MLM plan script 1.0 - 'srch' Parameter SQL Injection ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download HBGK DVR 3.0.0 build20161206 - Authentication Bypass	2017-10-02 05:01:34 +00:00
Offensive Security	b15ad9d0bc	DB: 2017-09-30 2 new exploits Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption FileRun <= 2017.09.18 - SQL Injection	2017-09-30 05:01:29 +00:00
Offensive Security	a92226f6ac	DB: 2017-09-29 14 new exploits DiskBoss Enterprise 8.4.16 - Local Buffer Overflow (PoC) Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass DiskBoss Enterprise 8.4.16 - 'Import Command' Buffer Overflow LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit) Oracle WebLogic Server 10.3.6.0 - Java Deserialization Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution Wordpress Plugin Ads Pro <= 3.4 - Cross-Site Scripting / SQL Injection Trend Micro OfficeScan 11.0/XG (12.0) - Private Key Disclosure Trend Micro OfficeScan 11.0/XG (12.0) - Code Execution / Memory Corruption Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery Trend Micro OfficeScan 11.0/XG (12.0) - 'Host' Header Injection Roteador Wireless Intelbras WRN150 - Autentication Bypass Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection	2017-09-29 05:01:35 +00:00
Offensive Security	ec599357c0	DB: 2017-09-28 21 new exploits Adobe Flash - Out-of-Bounds Memory Read in MP4 Parsing Adobe Flash - Out-of-Bounds Write in MP4 Edge Processing Adobe Flash - Out-of-Bounds Read in applyToRange CyberArk Viewfinity 5.5.10.95 - Privilege Escalation PDF-XChange Viewer 2.5 Build 314.0 - Remote Code Execution Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response Tiny HTTPd 0.1.0 - Directory Traversal Free PHP photo Gallery script - Remote File Inclusion Free PHP Photo Gallery Script - Remote File Inclusion WordPress Plugin School Management System - SQL Injection iTech Dating Script 3.40 - SQL Injection iTech Job Script 9.27 - SQL Injection WordPress Plugin Content Timeline - SQL Injection Job Links - Arbitrary File Upload TicketPlus - Arbitrary File Upload Photo Fusion - Arbitrary File Upload SMSmaster - SQL Injection AMC Master - Arbitrary File Upload WordPress Plugin WPCHURCH - SQL Injection WordPress Plugin WPGYM - SQL Injection WordPress Plugin Hospital Management System - SQL Injection Fibaro Home Center 2 - Remote Command Execution / Privilege Escalation WordPress Plugin WPAMS - SQL Injection	2017-09-28 05:01:27 +00:00
Offensive Security	f27338c1f7	DB: 2017-09-26 12 new exploits Apache 2.0.52 - GET Request Denial of Service Apache 2.0.52 - GET Denial of Service CUPS Server 1.1 - GET Request Denial of Service CUPS Server 1.1 - GET Denial of Service BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service BlueCoat WinProxy 6.0 R1c - GET Denial of Service TFTPD32 2.81 - GET Request Format String Denial of Service (PoC) TFTPD32 2.81 - GET Format String Denial of Service (PoC) ImgSvr 0.6.5 - (long http post) Denial of Service ImgSvr 0.6.5 - POST Denial of Service Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service Multi-Threaded TFTP 1.1 - GET Denial of Service Essentia Web Server 2.15 - GET Request Remote Denial of Service Essentia Web Server 2.15 - GET Remote Denial of Service Sami HTTP Server 2.0.1 - POST Request Denial of Service Sami HTTP Server 2.0.1 - POST Denial of Service Xserver 0.1 Alpha - Post Request Remote Buffer Overflow Xserver 0.1 Alpha - POST Remote Buffer Overflow XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC) XBMC 8.10 - GET Multiple Remote Buffer Overflow (PoC) Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC) Mereo 1.8.0 - GET Request Remote Denial of Service Zervit Web Server 0.04 - GET Remote Buffer Overflow (PoC) Mereo 1.8.0 - GET Remote Denial of Service ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service ARD-9808 DVR Card Security Camera - GET Remote Denial of Service Kolibri+ Web Server 2 - GET Request Denial of Service Kolibri+ Web Server 2 - GET Denial of Service Adobe InDesign CS3 - '.INDD' File Handling Buffer Overflow Adobe InDesign CS3 - '.INDD' Handling Buffer Overflow Sami HTTP Server 2.0.1 - GET Request Denial of Service Sami HTTP Server 2.0.1 - GET Denial of Service Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Request Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Exploit (Linux Kernel) ReiserFS 3.5.28 - Potential Code Execution / Denial of Service (Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service WebTrends Reporting Center for Windows 4.0 d - GET Request Buffer Overflow WebTrends Reporting Center for Windows 4.0 d - GET Buffer Overflow Working Resources BadBlue 1.7.3 - GET Request Denial of Service Working Resources BadBlue 1.7.3 - GET Denial of Service PlanetWeb 1.14 - Long GET Request Buffer Overflow PlanetWeb 1.14 - GET Buffer Overflow My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service My Web Server 1.0.1/1.0.2 - GET Denial of Service Monkey HTTP Server 0.4/0.5 - Invalid POST Request Denial of Service Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service Linksys Devices 1.42/1.43 - GET Request Buffer Overflow Linksys Devices 1.42/1.43 - GET Buffer Overflow Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service NETGEAR ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service VisNetic ActiveDefense 1.3.1 - Multiple GET Request Denial of Service VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Pi3Web 2.0.1 - GET Request Denial of Service Pi3Web 2.0.1 - GET Denial of Service Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow Snowblind Web Server 1.0/1.1 - GET Buffer Overflow ArGoSoft Mail Server 1.8.3.5 - Multiple GET Requests Denial of Service WebBBS Pro 1.18 - GET Request Denial of Service ArGoSoft Mail Server 1.8.3.5 - GET Multiple Denial of Service WebBBS Pro 1.18 - GET Denial of Service Proxomitron Proxy Server - Long GET Request Remote Denial of Service Proxomitron Proxy Server - GET Remote Denial of Service Armida Databased Web Server 1.0 - Remote GET Request Denial of Service Armida Databased Web Server 1.0 - GET Remote Denial of Service Twilight WebServer 1.3.3.0 - 'GET' Request Buffer Overflow Twilight WebServer 1.3.3.0 - GET Buffer Overflow Sami FTP Server 1.1.3 - Library Crafted GET Request Remote Denial of Service Sami FTP Server 1.1.3 - Library Crafted GET Remote Denial of Service Loom Software SurfNow 1.x/2.x - Remote GET Request Denial of Service Loom Software SurfNow 1.x/2.x - GET Remote Denial of Service Sambar Server 6.0 - 'results.stm' POST Request Buffer Overflow Sambar Server 6.0 - 'results.stm' POST Buffer Overflow Linksys PSUS4 PrintServer - POST Request Denial of Service Linksys PSUS4 PrintServer - POST Denial of Service Thomson TCW690 Cable Modem ST42.03.0a - Long GET Request Denial of Service Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service Netgear ProSafe - Denial of Service NETGEAR ProSafe - Denial of Service Multiple IEA Software Products - POST Request Denial of Service Multiple IEA Software Products - POST Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service NETGEAR WGR614 - Administration Interface Remote Denial of Service Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service Remote Help HTTP 0.0.7 - GET Format String Denial of Service Geo++ GNCASTER 1.4.0.7 - GET Request Denial of Service Geo++ GNCASTER 1.4.0.7 - GET Denial of Service D-Link WBR-2310 1.0.4 - GET Request Remote Buffer Overflow D-Link WBR-2310 1.0.4 - GET Remote Buffer Overflow Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial of Service Polipo 1.0.4.1 - POST/PUT HTTP Header Processing Denial of Service CoDeSys 3.4 - HTTP POST Request Null Pointer Content-Length Parsing Remote Denial of Service CoDeSys 3.4 - HTTP POST Null Pointer Content-Length Parsing Remote Denial of Service Zoom Player - '.avi' File Divide-by-Zero Denial of Service Zoom Player - '.avi' Divide-by-Zero Denial of Service Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (1) Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (2) Adobe Flash - '.SWF' Out-of-Bounds Memory Read (1) Adobe Flash - '.SWF' Out-of-Bounds Memory Read (2) Microsoft Windows - Cursor Object Potential Memory Leak (MS15-115) Microsoft Windows - Cursor Object Memory Leak (MS15-115) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (1) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (2) Adobe Photoshop CC & Bridge CC - '.iff' File Parsing Memory Corruption Adobe Photoshop CC / Bridge CC - '.png' Parsing Memory Corruption (1) Adobe Photoshop CC / Bridge CC - '.png' Parsing Memory Corruption (2) Adobe Photoshop CC & Bridge CC - '.iff' Parsing Memory Corruption Adobe Flash - '.MP4' File Stack Corruption Adobe Flash - '.MP4' Stack Corruption Adobe Photoshop CS2 / CS3 - Unspecified '.bmp' File Buffer Overflow Adobe Photoshop CS2 / CS3 - '.bmp' Buffer Overflow Zoom Player Pro 3.30 - '.m3u' File Buffer Overflow (SEH) Zoom Player Pro 3.30 - '.m3u' Buffer Overflow (SEH) Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Potential Information Disclosure Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Information Disclosure Adrenalin Player 2.2.5.3 - '.m3u' File Buffer Overflow (SEH) (ASLR + DEP Bypass) Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH) (ASLR + DEP Bypass) Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation NETGEAR Genie 2.4.32 - Unquoted Service Path Privilege Escalation CyberLink LabelPrint < 2.5 - Buffer Overflow (SEH Unicode) LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Remote Exploit PMSoftware Simple Web Server - GET Request Remote Buffer Overflow PMSoftware Simple Web Server - GET Remote Buffer Overflow Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow Fenice Oms 1.10 - GET Remote Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Buffer Overflow webdesproxy 0.0.1 - GET Remote Buffer Overflow webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution webdesproxy 0.0.1 - (exec-shield) GET Remote Code Execution Savant Web Server 3.1 - GET Request Remote Overflow (Universal) Savant Web Server 3.1 - GET Remote Overflow (Universal) Belkin Wireless G Plus MIMO Router F5D9230-4 - Authentication Bypass Belkin F5D9230-4 Wireless G Plus MIMO Router - Authentication Bypass Netgear WG102 - Leaks SNMP Write Password With Read Access NETGEAR WG102 - Leaks SNMP Write Password With Read Access XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow XBMC 8.10 (Windows) - GET Remote Buffer Overflow XBMC 8.10 - GET Request Remote Buffer Overflow (SEH) (Universal) XBMC 8.10 - GET Remote Buffer Overflow (SEH) (Universal) Netgear WNR2000 FW 1.2.0.8 - Information Disclosure NETGEAR WNR2000 FW 1.2.0.8 - Information Disclosure Kolibri+ Web Server 2 - GET Request Remote Overwrite (SEH) Kolibri+ Web Server 2 - GET Remote Overwrite (SEH) BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH) BigAnt Server 2.50 - GET Remote Buffer Overflow (SEH) BigAnt Server 2.50 - GET Request Universal Remote Buffer Overflow (SEH) BigAnt Server 2.50 - GET Universal Remote Buffer Overflow (SEH) httpdx 1.4 - GET Request Buffer Overflow httpdx 1.4 - GET Buffer Overflow Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) NETGEAR WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Proxy-Pro Professional GateKeeper 4.7 - GET Request Overflow (Metasploit) Proxy-Pro Professional GateKeeper 4.7 - GET Overflow (Metasploit) Linksys WRT54 (Access Point) - apply.cgi Buffer Overflow (Metasploit) Linksys WRT54 Access Point - apply.cgi Buffer Overflow (Metasploit) Oracle Weblogic Apache Connector - POST Request Buffer Overflow (Metasploit) Oracle Weblogic Apache Connector - POST Buffer Overflow (Metasploit) Berkeley Sendmail 5.58 - Debug exploit Berkeley Sendmail 5.58 - Debug Exploit A-V Tronics InetServ 3.0 - WebMail Long GET Request A-V Tronics InetServ 3.0 - WebMail GET Exploit Light HTTPD 0.1 - GET Request Buffer Overflow (1) Light HTTPD 0.1 - GET Request Buffer Overflow (2) Light HTTPD 0.1 - GET Buffer Overflow (1) Light HTTPD 0.1 - GET Buffer Overflow (2) Netgear FM114P Wireless Firewall - File Disclosure NETGEAR FM114P Wireless Firewall - File Disclosure Athttpd 0.4b - Remote GET Request Buffer Overrun Athttpd 0.4b - GET Remote Buffer Overrun IA WebMail Server 3.0/3.1 - Long GET Request Buffer Overrun IA WebMail Server 3.0/3.1 - GET Buffer Overrun Monit 1.4/2.x/3/4 - Overly Long HTTP Request Buffer Overrun Monit 1.4/2.x/3/4 - Long HTTP Request Buffer Overrun KarjaSoft Sami HTTP Server 1.0.4 - GET Request Buffer Overflow KarjaSoft Sami HTTP Server 1.0.4 - GET Buffer Overflow MyWeb HTTP Server 3.3 - GET Request Buffer Overflow MyWeb HTTP Server 3.3 - GET Buffer Overflow Omnicron OmniHTTPd 2.x/3.0 - GET Request Buffer Overflow Omnicron OmniHTTPd 2.x/3.0 - GET Buffer Overflow Netgear RP114 3.26 - Content Filter Bypass NETGEAR RP114 3.26 - Content Filter Bypass Netgear DGN1000B - setup.cgi Remote Command Execution (Metasploit) NETGEAR DGN1000B - setup.cgi Remote Command Execution (Metasploit) Netgear DGN2200B - pppoe.cgi Remote Command Execution (Metasploit) NETGEAR DGN2200B - pppoe.cgi Remote Command Execution (Metasploit) Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NETGEAR MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Zoom Player 3.30/5/6 - Crafted '.ZPL' File Error Message Arbitrary Code Execution Zoom Player 3.30/5/6 - '.ZPL' Error Message Arbitrary Code Execution Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow Ultra Mini HTTPD 1.21 - POST Stack Buffer Overflow Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow Kolibri Web Server 2.0 - GET Stack Buffer Overflow NetGear WNR2000 - Multiple Information Disclosure Vulnerabilities NETGEAR WNR2000 - Multiple Information Disclosure Vulnerabilities HTTP 1.1 - GET Request Directory Traversal HTTP 1.1 - GET Directory Traversal Kolibri Web Server 2.0 - GET Request (SEH) D-Link Devices - 'info.cgi' POST Request Buffer Overflow (Metasploit) Kolibri Web Server 2.0 - GET Exploit (SEH) D-Link Devices - 'info.cgi' POST Buffer Overflow (Metasploit) Belkin n750 - jump login Parameter Buffer Overflow Belkin N750 - jump login Parameter Buffer Overflow Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities NETGEAR WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Belkin Wireless Router Default - WPS PIN Security Belkin Wireless Router - Default WPS PIN Security Easy File Sharing Web Server 7.2 - GET Request Buffer Overflow (SEH) Easy File Sharing Web Server 7.2 - GET Buffer Overflow (SEH) Netgear D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution NETGEAR D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit) NETGEAR NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit) NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure NETGEAR JNR1010 ADSL Router - Authenticated Remote File Disclosure NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - Authenticated Remote File Disclosure Netgear R7000 and R6400 - 'cgi-bin' Command Injection (Metasploit) NETGEAR R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit) Easy File Sharing Web Server 7.2 - GET Request 'PassWD' Buffer Overflow (SEH) Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (SEH) Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit) Netgear DGN2200 - dnslookup.cgi Command Injection (Metasploit) NETGEAR DGN2200 - dnslookup.cgi Command Injection (Metasploit) Easy File Sharing Web Server 7.2 - GET Request 'PassWD' Buffer Overflow (DEP Bypass) Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (DEP Bypass) Belkin NetCam F7D7601 - Multiple Vulnerabilities Belkin F7D7601 NetCam - Multiple Vulnerabilities Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit) Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit) Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH) Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow Quezza BB 1.0 - (quezza_root_path) File Inclusion Quezza BB 1.0 - 'quezza_root_path' File Inclusion The Bible Portal Project 2.12 - (destination) File Inclusion The Bible Portal Project 2.12 - 'destination' File Inclusion Vivvo Article Manager 3.2 - (classified_path) File Inclusion Vivvo Article Manager 3.2 - 'classified_path' File Inclusion Forum82 < 2.5.2b - (repertorylevel) Multiple File Inclusion Forum82 < 2.5.2b - 'repertorylevel' Multiple File Inclusion OpenDock Easy Doc 1.4 - (doc_directory) File Inclusion OpenDock Easy Blog 1.4 - (doc_directory) File Inclusion WebYep 1.1.9 - (webyep_sIncludePath) File Inclusion OpenDock Easy Gallery 1.4 - (doc_directory) File Inclusion OpenDock Easy Doc 1.4 - 'doc_directory' File Inclusion OpenDock Easy Blog 1.4 - 'doc_directory' File Inclusion WebYep 1.1.9 - 'webyep_sIncludePath' File Inclusion OpenDock Easy Gallery 1.4 - 'doc_directory' File Inclusion Open Conference Systems 1.1.4 - (fullpath) File Inclusion Open Conference Systems 1.1.4 - 'fullpath' File Inclusion SpeedBerg 1.2beta1 - (SPEEDBERG_PATH) File Inclusion SpeedBerg 1.2beta1 - 'SPEEDBERG_PATH' File Inclusion PhpShop Core 0.9.0 RC1 - (PS_BASE) File Inclusion PhpShop Core 0.9.0 RC1 - 'PS_BASE' File Inclusion Phpjobscheduler 3.0 - (installed_config_file) File Inclusion Phpjobscheduler 3.0 - 'installed_config_file' File Inclusion Magic Photo Storage Website - _config[site_path] File Inclusion Magic Photo Storage Website - '_config[site_path]' File Inclusion Linksys Cisco WAG120N - Cross-Site Request Forgery Cisco Linksys WAG120N - Cross-Site Request Forgery Belkin G Wireless Router F5D7234-4 v5 - Exploit Belkin F5D7234-4 v5 G Wireless Router - Exploit Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Inclusion PHP-Nuke 6.x/7.x - 'Modpath' Parameter File Inclusion Netgear SPH200D - Multiple Vulnerabilities NETGEAR SPH200D - Multiple Vulnerabilities Netgear DGN1000B - Multiple Vulnerabilities NETGEAR DGN1000B - Multiple Vulnerabilities Netgear DGN2200B - Multiple Vulnerabilities NETGEAR DGN2200B - Multiple Vulnerabilities Netgear WNR1000 - Authentication Bypass NETGEAR WNR1000 - Authentication Bypass PHPMyVisites 1.3 - Set_Lang File Inclusion PHPMyVisites 1.3 - 'Set_Lang' File Inclusion PPA 0.5.6 - ppa_root_path File Inclusion PPA 0.5.6 - 'ppa_root_path' File Inclusion Netgear WPN824v3 - Unauthorized Config Download NETGEAR WPN824v3 - Unauthorized Config Download Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities NETGEAR DGN1000 / DGN2200 - Multiple Vulnerabilities Netgear ProSafe - Information Disclosure NETGEAR ProSafe - Information Disclosure Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit) NETGEAR WNR1000v3 - Password Recovery Credential Disclosure (Metasploit) Simple Machines Forum (SMF) 1.1.6 - POST Request Filter Security Bypass Simple Machines Forum (SMF) 1.1.6 - POST Filter Security Bypass Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass Belkin AC1200 Router Firmware 1.00.27 - Authentication Bypass Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure ManageEngine ADSelfService Plus 4.4 - POST Request Manipulation Security Question ManageEngine ADSelfService Plus 4.4 - POST Manipulation Security Question Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities NETGEAR Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities Belkin Router N150 1.00.08/1.00.09 - Directory Traversal Belkin N150 Router 1.00.08/1.00.09 - Directory Traversal eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / Denial of Service) eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Code Execution / Denial of Service) Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities Netgear WNR1000v4 - Authentication Bypass NETGEAR WNR1000v4 - Authentication Bypass Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities NETGEAR NMS300 ProSafe Network Management System - Multiple Vulnerabilities Netgear R7000 - Command Injection Netgear R7000 - Cross-Site Scripting NETGEAR R7000 - Command Injection NETGEAR R7000 - Cross-Site Scripting Tenda N3 Wireless N150 Home Router - Authentication Bypass Tenda N3 Wireless N150 Router - Authentication Bypass DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit) Lending And Borrowing - 'pid' Parameter SQL Injection Multi Level Marketing - SQL Injection Cash Back Comparison Script 1.0 - SQL Injection Claydip Airbnb Clone 1.0 - Arbitrary File Upload Secure E-commerce Script 1.02 - 'sid' Parameter SQL Injection PHP Auction Ecommerce Script 1.6 - SQL Injection JitBit HelpDesk < 9.0.2 - Authentication Bypass	2017-09-26 05:01:29 +00:00
Offensive Security	90ecd7f9e4	DB: 2017-09-23 1 new exploits Linux Kernel <= 4.13.1 - BlueTooth Buffer Overflow (PoC) Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC) Stock Photo Selling 1.0 - SQL Injection	2017-09-23 11:07:27 +00:00
Offensive Security	92bfb7616d	DB: 2017-09-22 7 new exploits Linux Kernel <= 4.13.1 - BlueTooth Buffer Overflow (PoC) Microsoft Edge - Chakra Incorrectly Parses Object Patterns Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes Microsoft Edge Chakra - 'Parser::ParseCatch' does not Handle 'eval' Microsoft Edge Chakra - 'JavascriptFunction::ReparseAsmJsModule' Incorrectly Re-parses Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit) PHPMyFAQ 2.9.8 - Cross-Site Scripting	2017-09-22 05:01:23 +00:00
Offensive Security	13a6e2baaf	DB: 2017-09-20 8 new exploits McAfee E-Business Server 8.5.2 - Remote Unauthenticated Code Execution / Denial of Service (PoC) McAfee E-Business Server 8.5.2 - Unauthenticated Remote Code Execution / Denial of Service (PoC) Apple macOS - Local Privilege Escalation Due to Lack of Bounds Checking in HIServices Custom CFObject Serialization Apple macOS - Privilege Escalation Due to Lack of Bounds Checking in HIServices Custom CFObject Serialization Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt' Out-of-Bounds Read Xcode OpenBase 9.1.5 (OSX) - (root file create) Privilege Escalation Xcode OpenBase 9.1.5 (OSX) - (Root File Create) Privilege Escalation Xcode OpenBase 10.0.0 (OSX) - (unsafe system call) Privilege Escalation Xcode OpenBase 10.0.0 (OSX) - (Unsafe System Call) Privilege Escalation eTrust AntiVirus Agent r8 - Local Privilege Escalation eTrust AntiVirus Agent r8 - Privilege Escalation WICD 1.7.1 - Local Privilege Escalation WICD 1.7.1 - Privilege Escalation Novell Client 4.91 SP4 - Local Privilege Escalation Novell Client 4.91 SP4 - Privilege Escalation H-Sphere Webshell 2.4 - Privilege Escalation H-Sphere WebShell 2.4 - Privilege Escalation Zend Platform 2.2.1 - PHP.INI File Modification Zend Platform 2.2.1 - 'PHP.INI' File Modification AIX 7.1 - lquerylv Privilege Escalation AIX 7.1 - 'lquerylv' Privilege Escalation sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation Sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation Serviio PRO 1.8 DLNA Media Streaming Server - Local Privilege Escalation Serviio PRO 1.8 DLNA Media Streaming Server - Privilege Escalation Automated Logic WebCTRL 6.5 - Local Privilege Escalation Automated Logic WebCTRL 6.5 - Privilege Escalation Netdecision 5.8.2 - Local Privilege Escalation Netdecision 5.8.2 - Privilege Escalation H-Sphere Webshell 2.4 - Remote Command Execution H-Sphere WebShell 2.4 - Remote Command Execution NetIQ Privileged User Manager 2.3.1 - 'ldapagnt_eval()' Remote Perl Code Execution (Metasploit) NetIQ Privileged User Manager 2.3.1 - 'ldapagnt_eval()' Perl Remote Code Execution (Metasploit) STUNSHELL Web Shell - Remote PHP Code Execution (Metasploit) STUNSHELL Web Shell - PHP Remote Code Execution (Metasploit) v0pCr3w Web Shell - Remote Code Execution (Metasploit) v0pCr3w (Web Shell) - Remote Code Execution (Metasploit) InstantCMS 1.6 - Remote PHP Code Execution (Metasploit) InstantCMS 1.6 - PHP Remote Code Execution (Metasploit) Drupal Module RESTWS 7.x - Remote PHP Code Execution (Metasploit) Drupal Module RESTWS 7.x - PHP Remote Code Execution (Metasploit) HPE < 7.2 - Java Deserialization Tecnovision DLX Spot - SSH Backdoor phpBB 2.0.15 - (highlight) Remote PHP Code Execution phpBB 2.0.15 - 'highlight' PHP Remote Code Execution phpBB 2.0.15 - Remote PHP Code Execution (Metasploit) phpBB 2.0.15 - PHP Remote Code Execution (Metasploit) versatileBulletinBoard 1.00 RC2 - (board takeover) SQL Injection versatileBulletinBoard 1.00 RC2 - 'board takeover' SQL Injection VuBB Forum RC1 - (m) SQL Injection VuBB Forum RC1 - 'm' SQL Injection Wizz Forum 1.20 - (TopicID) SQL Injection PHPWebThings 1.4 - (msg/forum) SQL Injection Wizz Forum 1.20 - 'TopicID' SQL Injection PHPWebThings 1.4 - 'msg'/'forum' SQL Injection webSPELL 4.01 - (title_op) SQL Injection webSPELL 4.01 - 'title_op' SQL Injection YapBB 1.2 - (cfgIncludeDirectory) Remote Command Execution YapBB 1.2 - 'cfgIncludeDirectory' Remote Command Execution TopList 1.3.8 - (phpBB Hack) Remote File Inclusion (1) Advanced Guestbook 2.4.0 - (phpBB) File Inclusion TopList 1.3.8 - (phpBB Hack) Remote File Inclusion (2) Advanced Guestbook 2.4.0 - (phpBB) Remote File Inclusion TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (1) Advanced Guestbook 2.4.0 - 'phpBB' File Inclusion TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (2) Advanced Guestbook 2.4.0 - 'phpBB' Remote File Inclusion Knowledge Base Mod 2.0.2 - (phpBB) Remote File Inclusion Knowledge Base Mod 2.0.2 - 'phpBB' Remote File Inclusion phpRaid 3.0.b3 - (phpBB/SMF) Remote File Inclusion pafileDB 2.0.1 - (mxBB/phpBB) Remote File Inclusion phpRaid 3.0.b3 - 'phpBB'/'SMF' Remote File Inclusion pafileDB 2.0.1 - 'mxBB'/'phpBB' Remote File Inclusion Foing 0.7.0 - (phpBB) Remote File Inclusion Foing 0.7.0 - 'phpBB' Remote File Inclusion Activity MOD Plus 1.1.0 - (phpBB Mod) File Inclusion Activity MOD Plus 1.1.0 - 'phpBB Mod' File Inclusion Blend Portal 1.2.0 - (phpBB Mod) Remote File Inclusion Blend Portal 1.2.0 - 'phpBB Mod' Remote File Inclusion XMB 1.9.6 - (u2uid) SQL Injection (mq=off) XMB 1.9.6 - (mq=off) 'u2uid' SQL Injection Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion Web3news 0.95 - 'PHPSECURITYADMIN_PATH' Remote File Inclusion Yappa-ng 2.3.1 - (admin_modules) Remote File Inclusion Yappa-ng 2.3.1 - 'admin_modules' Remote File Inclusion TualBLOG 1.0 - (icerikno) SQL Injection TualBLOG 1.0 - 'icerikno' SQL Injection Tekman Portal 1.0 - (tr) SQL Injection Tekman Portal 1.0 - 'tr' SQL Injection MyReview 1.9.4 - (email) SQL Injection / Code Execution MyReview 1.9.4 - 'email' SQL Injection / Code Execution phpQuestionnaire 3.12 - (phpQRootDir) Remote File Inclusion phpQuestionnaire 3.12 - 'phpQRootDir' Remote File Inclusion phpBB Static Topics 1.0 - phpbb_root_path File Inclusion phpBB Static Topics 1.0 - 'phpbb_root_path' File Inclusion CentiPaid 1.4.2 - centipaid_class.php Remote File Inclusion CentiPaid 1.4.2 - 'centipaid_class.php' Remote File Inclusion webSPELL 4.01.01 - (getsquad) SQL Injection webSPELL 4.01.01 - 'getsquad' SQL Injection Osprey 1.0 - GetRecord.php Remote File Inclusion Osprey 1.0 - 'GetRecord.php' Remote File Inclusion Techno Dreams Announcement - (key) SQL Injection Techno Dreams Guestbook 1.0 - (key) SQL Injection Techno Dreams Announcement - 'key' SQL Injection Techno Dreams Guestbook 1.0 - 'key' SQL Injection GEPI 1.4.0 - gestion/savebackup.php Remote File Inclusion GEPI 1.4.0 - 'gestion/savebackup.php' Remote File Inclusion PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Inclusion PHPGiggle 12.08 - 'CFG_PHPGIGGLE_ROOT' File Inclusion mxBB Module Meeting 1.1.2 - Remote FileInclusion mxBB Module Meeting 1.1.2 - Remote File Inclusion Uploader & Downloader 3.0 - (id_user) SQL Injection Uploader & Downloader 3.0 - 'id_user' SQL Injection The Classified Ad System 1.0 - (main) SQL Injection The Classified Ad System 1.0 - 'main' SQL Injection VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion VisoHotlink 1.01 - 'functions.visohotlink.php' Remote File Inclusion vhostadmin 0.1 - (MODULES_DIR) Remote File Inclusion vhostadmin 0.1 - 'MODULES_DIR' Remote File Inclusion XLAtunes 0.1 - (album) SQL Injection XLAtunes 0.1 - 'album' SQL Injection webSPELL 4.01.02 - (topic) SQL Injection webSPELL 4.01.02 - 'topic' SQL Injection webSPELL 4.01.02 - Remote PHP Code Execution webSPELL 4.01.02 - PHP Remote Code Execution PHP-Nuke - iFrame (iframe.php) Remote File Inclusion PHP-Nuke - 'iframe.php' Remote File Inclusion XOOPS Module Camportail 1.1 - (camid) SQL Injection XOOPS Module Camportail 1.1 - 'camid' SQL Injection Mutant 0.9.2 - mutant_functions.php Remote File Inclusion Mutant 0.9.2 - 'mutant_functions.php' Remote File Inclusion Original 0.11 - config.inc.php x[1] Remote File Inclusion Original 0.11 - 'config.inc.php' 'x[1]' Remote File Inclusion Glossword 1.8.1 - custom_vars.php Remote File Inclusion Glossword 1.8.1 - 'custom_vars.php' Remote File Inclusion GeekLog 2.x - ImageImageMagick.php Remote File Inclusion GeekLog 2.x - 'ImageImageMagick.php' Remote File Inclusion Vizayn Urun Tanitim Sistemi 0.2 - (tr) SQL Injection Vizayn Urun Tanitim Sistemi 0.2 - 'tr' SQL Injection WBB2-Addon: Acrotxt 1.0 - (show) SQL Injection WBB2-Addon: Acrotxt 1.0 - 'show' SQL Injection STPHPLibrary - (STPHPLIB_DIR) Remote File Inclusion STPHPLibrary - 'STPHPLIB_DIR' Remote File Inclusion phpFFL 1.24 - PHPFFL_FILE_ROOT Remote File Inclusion phpFFL 1.24 - 'PHPFFL_FILE_ROOT' Remote File Inclusion phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion phpBB Mod OpenID 0.2.0 - 'BBStore.php' Remote File Inclusion LiveAlbum 0.9.0 - common.php Remote File Inclusion LiveAlbum 0.9.0 - 'common.php' Remote File Inclusion Pindorama 0.1 - client.php Remote File Inclusion Pindorama 0.1 - 'client.php' Remote File Inclusion Socketmail 2.2.8 - fnc-readmail3.php Remote File Inclusion TOWeLS 0.1 - scripture.php Remote File Inclusion Socketmail 2.2.8 - 'fnc-readmail3.php' Remote File Inclusion TOWeLS 0.1 - 'scripture.php' Remote File Inclusion Sige 0.1 - sige_init.php Remote File Inclusion Sige 0.1 - 'sige_init.php' Remote File Inclusion Scribe 0.2 - Remote PHP Code Execution Scribe 0.2 - PHP Remote Code Execution patBBcode 1.0 - bbcodeSource.php Remote File Inclusion patBBcode 1.0 - 'bbcodeSource.php' Remote File Inclusion Tilde CMS 4.x - (aarstal) SQL Injection Tilde CMS 4.x - 'aarstal' SQL Injection CityWriter 0.9.7 - head.php Remote File Inclusion CityWriter 0.9.7 - 'head.php' Remote File Inclusion PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) Remote File Inclusion PhpMyDesktop/Arcade 1.0 Final - 'phpdns_basedir' Remote File Inclusion WebSihirbazi 5.1.1 - (pageid) SQL Injection WebSihirbazi 5.1.1 - 'pageid' SQL Injection Blakord Portal Beta 1.3.A - (all modules) SQL Injection Blakord Portal Beta 1.3.A - (All Modules) SQL Injection PHP Links 1.3 - smarty.php Remote File Inclusion PHP Links 1.3 - 'smarty.php' Remote File Inclusion Aterr 0.9.1 - Local File Inclusion (PHP5) Aterr 0.9.1 - PHP5 Local File Inclusion phpEmployment - (PHP upload) Arbitrary File Upload phpEmployment - 'PHP Upload' Arbitrary File Upload XOOPS 2.3.2 - 'mydirname' Remote PHP Code Execution XOOPS 2.3.2 - 'mydirname' PHP Remote Code Execution Xplode CMS - (wrap_script) SQL Injection Xplode CMS - 'wrap_script' SQL Injection VS PANEL 7.3.6 - (Cat_ID) SQL Injection VS PANEL 7.3.6 - 'Cat_ID' SQL Injection WebMember 1.0 - (formID) SQL Injection WebMember 1.0 - 'formID' SQL Injection Dokuwiki 2009-02-14 - Remote/Temporary File Inclusion Dokuwiki 2009-02-14 - Temporary/Remote File Inclusion Kjtechforce mailman b1 - (code) SQL Injection Delete Row Kjtechforce mailman b1 - (Delete Row) 'code' SQL Injection Virtue Classifieds - (category) SQL Injection Virtue Classifieds - 'category' SQL Injection XOOPS Celepar Module Qas - (codigo) SQL Injection XOOPS Celepar Module Qas - 'codigo' SQL Injection URA 3.0 - (cat) SQL Injection URA 3.0 - 'cat' SQL Injection TYPO3 CMS 4.0 - (showUid) SQL Injection TYPO3 CMS 4.0 - 'showUid' SQL Injection Typing Pal 1.0 - (idTableProduit) SQL Injection Typing Pal 1.0 - 'idTableProduit' SQL Injection Videos Broadcast Yourself 2 - (UploadID) SQL Injection Videos Broadcast Yourself 2 - 'UploadID' SQL Injection Uiga Church Portal - (year) SQL Injection Uiga Church Portal - 'year' SQL Injection Network Management/Inventory System - header.php Remote File Inclusion Network Management/Inventory System - 'header.php' Remote File Inclusion BASE 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit) BASE 1.2.4 - 'base_qry_common.php' Remote File Inclusion (Metasploit) PHP-Nuke 8.0 - ' News Module Cross-Site Scripting / HTML Code Injection PHP-Nuke 8.0 - (News Module) Cross-Site Scripting / HTML Code Injection Vivid Ads Shopping Cart - (prodid) SQL Injection Vivid Ads Shopping Cart - 'prodid' SQL Injection WorldPay Script Shop - (productdetail) SQL Injection WorldPay Script Shop - 'productdetail' SQL Injection tincan ltd - (section) SQL Injection tincan ltd - 'section' SQL Injection Template Seller Pro 3.25 - (tempid) SQL Injection Template Seller Pro 3.25 - 'tempid' SQL Injection Webloader 7 < 8 - (vid) SQL Injection Webloader 7 < 8 - 'vid' SQL Injection web5000 - (page_show) SQL Injection web5000 - 'page_show' SQL Injection Cosmos Solutions CMS - (id= / page=) SQL Injection Cosmos Solutions CMS - 'id=' / 'page=' SQL Injection iBoutique - (page) SQL Injection / Cross-Site Scripting iBoutique - 'page' SQL Injection / Cross-Site Scripting OpenX - (phpAdsNew) Remote File Inclusion OpenX - 'phpAdsNew' Remote File Inclusion System Shop - (Module aktka) SQL Injection System Shop - 'Module aktka' SQL Injection TikiWiki tiki-graph_formula - Remote PHP Code Execution (Metasploit) TikiWiki tiki-graph_formula - PHP Remote Code Execution (Metasploit) vBulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection vBulletin 4.0.x 4.1.3 - 'messagegroupid' SQL Injection PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (1) PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (1) YABB SE 0.8/1.4/1.5 - Packages.php Remote File Inclusion YABB SE 0.8/1.4/1.5 - 'Packages.php' Remote File Inclusion Invision Board 1.1.1 - ipchat.php Remote File Inclusion Invision Board 1.1.1 - 'ipchat.php' Remote File Inclusion Typo3 3.5 b5 - Translations.php Remote File Inclusion Typo3 3.5 b5 - 'Translations.php' Remote File Inclusion Webchat 0.77 - Defines.php Remote File Inclusion Webchat 0.77 - 'Defines.php' Remote File Inclusion PHP-Nuke 6.5 - Multiple Downloads Module SQL Injection PHP-Nuke 6.5 - (Multiple Downloads Module) SQL Injection ttCMS 2.2/2.3 - header.php Remote File Inclusion ttCMS 2.2/2.3 - 'header.php' Remote File Inclusion PMachine 2.2.1 - Lib.Inc.php Remote File Inclusion Command Execution PMachine 2.2.1 - 'Lib.Inc.php' Remote File Inclusion / Command Execution HolaCMS 1.2.x - HTMLtags.php Local File Inclusion HolaCMS 1.2.x - 'HTMLtags.php' Local File Inclusion WebCalendar 0.9.x - Multiple Module SQL Injection WebCalendar 0.9.x - (Multiple Modules) SQL Injection PHP-Nuke 6.x - Multiple Module SQL Injection PHP-Nuke 6.x - (Multiple Modules) SQL Injection EasyDynamicPages 1.0 - 'config_page.php' Remote PHP File Inclusion EasyDynamicPages 1.0 - 'config_page.php' PHP Remote File Inclusion VisualShapers EZContents 1.4/2.0 - module.php Remote Command Execution VisualShapers EZContents 1.4/2.0 - 'module.php' Remote Command Execution Mambo Open Source 4.5/4.6 - mod_mainmenu.php Remote File Inclusion Mambo Open Source 4.5/4.6 - 'mod_mainmenu.php' Remote File Inclusion PHPGedView 2.x - [GED_File]_conf.php Remote File Inclusion PHPGedView 2.x - '[GED_File]_conf.php' Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script fonctions.lib.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script 'fonctions.lib.php' Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script 'derniers_commentaires.php' Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script 'admin.php' Remote File Inclusion VisualShapers EZContents 1.x/2.0 - db.php Arbitrary File Inclusion VisualShapers EZContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion VisualShapers EZContents 1.x/2.0 - 'db.php' Arbitrary File Inclusion VisualShapers EZContents 1.x/2.0 - 'archivednews.php' Arbitrary File Inclusion VirtuaSystems VirtuaNews 1.0.x - Multiple Module Cross-Site Scripting Vulnerabilities VirtuaSystems VirtuaNews 1.0.x - (Multiple Modules) Cross-Site Scripting Vulnerabilities WarpSpeed 4nAlbum Module 0.92 - displaycategory.php basepath Parameter Remote File Inclusion WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php' 'basepath' Parameter Remote File Inclusion Gemitel 3.50 - affich.php Remote File Inclusion Command Injection Gemitel 3.50 - 'affich.php' Remote File Inclusion / Command Injection phpBB 2.0.x - album_portal.php Remote File Inclusion phpBB 2.0.x - 'album_portal.php' Remote File Inclusion Mail Manage EX 3.1.8 MMEX - Script Settings Parameter Remote PHP File Inclusion Mail Manage EX 3.1.8 MMEX - Script Settings Parameter PHP Remote File Inclusion Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - Common.php Remote File Inclusion Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - 'Common.php' Remote File Inclusion @lexPHPTeam @lex Guestbook 3.12 - Remote PHP File Inclusion @lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion phpBB 2.0.x - 'admin_cash.php' Remote PHP File Inclusion phpBB 2.0.x - 'admin_cash.php' PHP Remote File Inclusion Stadtaus.Com Download Center Lite 1.5 - Remote PHP File Inclusion Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion Work System eCommerce 3.0.3/3.0.4 - forum.php Remote File Inclusion Work System eCommerce 3.0.3/3.0.4 - 'forum.php' Remote File Inclusion phpGroupWare 0.9.14 - Tables_Update.Inc.php Remote File Inclusion phpGroupWare 0.9.14 - 'Tables_Update.Inc.php' Remote File Inclusion PANews 2.0 - Remote PHP Script Code Execution PANews 2.0 - PHP Remote Code Execution VoteBox 2.0 - Votebox.php Remote File Inclusion VoteBox 2.0 - 'Votebox.php' Remote File Inclusion McNews 1.x - install.php Arbitrary File Inclusion McNews 1.x - 'install.php' Arbitrary File Inclusion Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion Vortex Portal 2.0 - 'content.php' act Parameter Remote File Inclusion phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection phpBB 1.x/2.0.x - (Knowledge Base Module) 'KB.php' SQL Injection GrayCMS 1.1 - error.php Remote File Inclusion GrayCMS 1.1 - 'error.php' Remote File Inclusion PHP Poll Creator 1.0.1 - Poll_Vote.php Remote File Inclusion PHP Poll Creator 1.0.1 - 'Poll_Vote.php' Remote File Inclusion MWChat 6.7 - Start_Lobby.php Remote File Inclusion MWChat 6.7 - 'Start_Lobby.php' Remote File Inclusion Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion Popper Webmail 1.41 - 'ChildWindow.Inc.php' Remote File Inclusion RaXnet Cacti 0.5/0.6/0.8 - Config_Settings.php Remote File Inclusion RaXnet Cacti 0.5/0.6/0.8 - 'Config_Settings.php' Remote File Inclusion RaXnet Cacti 0.5/0.6/0.8 - Top_Graph_Header.php Remote File Inclusion RaXnet Cacti 0.5/0.6/0.8 - 'Top_Graph_Header.php' Remote File Inclusion MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion MyGuestbook 0.6.1 - 'Form.Inc.php3' Remote File Inclusion Comdev eCommerce 3.0 - config.php Remote File Inclusion Comdev eCommerce 3.0 - 'config.php' Remote File Inclusion PHPWebNotes 2.0 - Api.php Remote File Inclusion PHPWebNotes 2.0 - 'Api.php' Remote File Inclusion Autolinks 2.1 Pro - Al_initialize.php Remote File Inclusion Autolinks 2.1 Pro - 'Al_initialize.php' Remote File Inclusion MySource 2.14 - Socket.php PEAR_PATH Remote File Inclusion MySource 2.14 - Request.php PEAR_PATH Remote File Inclusion MySource 2.14 - 'Socket.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Request.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - mail.php PEAR_PATH Remote File Inclusion MySource 2.14 - Date.php PEAR_PATH Remote File Inclusion MySource 2.14 - Span.php PEAR_PATH Remote File Inclusion MySource 2.14 - mimeDecode.php PEAR_PATH Remote File Inclusion MySource 2.14 - mime.php PEAR_PATH Remote File Inclusion MySource 2.14 - 'mail.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Date.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'Span.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mimeDecode.php' 'PEAR_PATH' Remote File Inclusion MySource 2.14 - 'mime.php' 'PEAR_PATH' Remote File Inclusion Help Center Live 1.0/1.2/2.0 - module.php Local File Inclusion Help Center Live 1.0/1.2/2.0 - 'module.php' Local File Inclusion Tru-Zone Nuke ET 3.x - Search Module SQL Injection Tru-Zone Nuke ET 3.x - (Search Module) SQL Injection vtiger CRM 4.2 - RSS Aggregation Module Feed Cross-Site Scripting vtiger CRM 4.2 - (RSS Aggregation Module Feed) Cross-Site Scripting CF_Nuke 4.6 - index.cfm Local File Inclusion CF_Nuke 4.6 - 'index.cfm' Local File Inclusion Tolva 0.1 - Usermods.php Remote File Inclusion Tolva 0.1 - 'Usermods.php' Remote File Inclusion SPiD 1.3.1 - Scan_Lang_Insert.php Local File Inclusion SPiD 1.3.1 - 'Scan_Lang_Insert.php' Local File Inclusion PHORUM 3.x/5.x - Common.php Remote File Inclusion PHORUM 3.x/5.x - 'Common.php' Remote File Inclusion SPIP 1.8.3 - Spip_login.php Remote File Inclusion SPIP 1.8.3 - 'Spip_login.php' Remote File Inclusion CyBoards PHP Lite 1.21/1.25 - Common.php Remote File Inclusion CyBoards PHP Lite 1.21/1.25 - 'Common.php' Remote File Inclusion Monster Top List 1.4 - functions.php Remote File Inclusion Monster Top List 1.4 - 'functions.php' Remote File Inclusion I-RATER Platinum - Common.php Remote File Inclusion I-RATER Platinum - 'Common.php' Remote File Inclusion I-RATER Platinum - Config_settings.TPL.php Remote File Inclusion I-RATER Platinum - 'Config_settings.TPL.php' Remote File Inclusion Advanced Guestbook 2.x - Addentry.php Remote File Inclusion Advanced Guestbook 2.x - 'Addentry.php' Remote File Inclusion DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion DMCounter 0.9.2 -b - 'Kopf.php' Remote File Inclusion phpBB Knowledge Base 2.0.2 - 'Mod KB_constants.php' Remote File Inclusion ISPConfig 2.2.2/2.2.3 - Session.INC.php Remote File Inclusion ISPConfig 2.2.2/2.2.3 - 'Session.INC.php' Remote File Inclusion RadScripts RadLance 7.0 - popup.php Local File Inclusion RadScripts RadLance 7.0 - 'popup.php' Local File Inclusion osTicket 1.x - Open_form.php Remote File Inclusion osTicket 1.x - 'Open_form.php' Remote File Inclusion Squirrelmail 1.4.x - Redirect.php Local File Inclusion Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion phpBB 2.0.x - template.php Remote File Inclusion phpBB 2.0.x - 'template.php' Remote File Inclusion phpBB - BBRSS.php Remote File Inclusion phpBB - 'BBRSS.php' Remote File Inclusion eNpaper1 - Root_Header.php Remote File Inclusion eNpaper1 - 'Root_Header.php' Remote File Inclusion CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion CrisoftRicette 1.0 - 'Cookbook.php' Remote File Inclusion MF Piadas 1.0 - admin.php Remote File Inclusion MF Piadas 1.0 - 'admin.php' Remote File Inclusion SiteBuilder-FX - top.php Remote File Inclusion SiteBuilder-FX - 'top.php' Remote File Inclusion Blog:CMS 4.1 - Thumb.php Remote File Inclusion Blog:CMS 4.1 - 'Thumb.php' Remote File Inclusion Extcalendar 2.0 - Extcalendar.php Remote File Inclusion Extcalendar 2.0 - 'Extcalendar.php' Remote File Inclusion RW::Download - stats.php Remote File Inclusion RW::Download - 'stats.php' Remote File Inclusion PHP Event Calendar 1.4 - calendar.php Remote File Inclusion PHP Event Calendar 1.4 - 'calendar.php' Remote File Inclusion Forum 5 - pm.php Local File Inclusion Forum 5 - 'pm.php' Local File Inclusion Advanced Poll 2.0.2 - common.inc.php Remote File Inclusion Advanced Poll 2.0.2 - 'common.inc.php' Remote File Inclusion Prince Clan Chess Club 0.8 - Include.PCchess.php Remote File Inclusion Prince Clan Chess Club 0.8 - 'Include.PCchess.php' Remote File Inclusion Bosdates 3.x/4.0 - Payment.php Remote File Inclusion Bosdates 3.x/4.0 - 'Payment.php' Remote File Inclusion Moskool 1.5 Component - Admin.Moskool.php Remote File Inclusion Moskool 1.5 Component - 'Admin.Moskool.php' Remote File Inclusion WoW Roster 1.5 - hsList.php subdir Parameter Remote File Inclusion WoW Roster 1.5 - 'hsList.php' 'subdir' Parameter Remote File Inclusion VWar 1.5 - war.php vwar_root Parameter Remote File Inclusion VWar 1.5 - member.php vwar_root Parameter Remote File Inclusion VWar 1.5 - calendar.php vwar_root Parameter Remote File Inclusion VWar 1.5 - challenge.php vwar_root Parameter Remote File Inclusion VWar 1.5 - joinus.php vwar_root Parameter Remote File Inclusion VWar 1.5 - news.php vwar_root Parameter Remote File Inclusion VWar 1.5 - stats.php vwar_root Parameter Remote File Inclusion VWar 1.5 - 'war.php' vwar_root Parameter Remote File Inclusion VWar 1.5 - 'member.php' vwar_root Parameter Remote File Inclusion VWar 1.5 - 'calendar.php' vwar_root Parameter Remote File Inclusion VWar 1.5 - 'challenge.php' vwar_root Parameter Remote File Inclusion VWar 1.5 - 'joinus.php' vwar_root Parameter Remote File Inclusion VWar 1.5 - 'news.php' vwar_root Parameter Remote File Inclusion VWar 1.5 - 'stats.php' vwar_root Parameter Remote File Inclusion Mafia Moblog 6 - Big.php Remote File Inclusion Mafia Moblog 6 - 'Big.php' Remote File Inclusion WEBinsta Mailing List Manager 1.3 - Install3.php Remote File Inclusion WEBinsta Mailing List Manager 1.3 - 'Install3.php' Remote File Inclusion Zen Cart Web Shopping Cart 1.x - autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion Zen Cart Web Shopping Cart 1.x - 'autoload_func.php' 'autoLoadConfig[999][0][loadFile]' Parameter Remote File Inclusion Jetbox CMS 2.1 - Search_function.php Remote File Inclusion Jetbox CMS 2.1 - 'Search_function.php' Remote File Inclusion In-portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion In-portal In-Link 2.3.4 - 'ADODB_DIR.php' Remote File Inclusion PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion PHP-Proxima 6.0 - 'BB_Smilies.php' Local File Inclusion WM-News 0.5 - print.php Local File Inclusion Ractive Popper 1.41 - Childwindow.Inc.php Remote File Inclusion WM-News 0.5 - 'print.php' Local File Inclusion Ractive Popper 1.41 - 'Childwindow.Inc.php' Remote File Inclusion Exporia 0.3 - Common.php Remote File Inclusion Exporia 0.3 - 'Common.php' Remote File Inclusion My-BIC 0.6.5 - Mybic_Server.php Remote File Inclusion My-BIC 0.6.5 - 'Mybic_Server.php' Remote File Inclusion Geotarget - script.php Remote File Inclusion Geotarget - 'script.php' Remote File Inclusion PHPSelect Web Development - index.php3 Remote File Inclusion PHPSelect Web Development - 'index.php3' Remote File Inclusion PHP Web Scripts Easy Banner - functions.php Remote File Inclusion PHP Web Scripts Easy Banner - 'functions.php' Remote File Inclusion PHP Polling Creator 1.03 - functions.inc.php Remote File Inclusion PHP Polling Creator 1.03 - 'functions.inc.php' Remote File Inclusion Softerra PHP Developer Library 1.5.3 - Grid3.lib.php Remote File Inclusion BlueShoes Framework 4.6 - GoogleSearch.php Remote File Inclusion Tagit2b - DelTagUser.php Remote File Inclusion Softerra PHP Developer Library 1.5.3 - 'Grid3.lib.php' Remote File Inclusion BlueShoes Framework 4.6 - 'GoogleSearch.php' Remote File Inclusion Tagit2b - 'DelTagUser.php' Remote File Inclusion CommunityPortals 1.0 - bug.php Remote File Inclusion CommunityPortals 1.0 - 'bug.php' Remote File Inclusion PHP TopSites FREE 1.022b - config.php Remote File Inclusion PHP TopSites FREE 1.022b - 'config.php' Remote File Inclusion Buzlas 2006-1 Full - Archive_Topic.php Remote File Inclusion Buzlas 2006-1 Full - 'Archive_Topic.php' Remote File Inclusion phpBB Add Name Module - Not_Mem.php Remote File Inclusion phpBB Add Name Module - 'Not_Mem.php' Remote File Inclusion RamaCMS - ADODB.Inc.php Remote File Inclusion H-Sphere Webshell 2.x - 'login.php' Cross-Site Scripting Mambo Module MOStlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion Lodel CMS 0.7.3 - Calcul-page.php Remote File Inclusion RamaCMS - 'ADODB.Inc.php' Remote File Inclusion H-Sphere WebShell 2.x - 'login.php' Cross-Site Scripting Mambo Module MOStlyCE 4.5.4 - 'HTMLTemplate.php' Remote File Inclusion Lodel CMS 0.7.3 - 'Calcul-page.php' Remote File Inclusion Maintain 3.0.0-RC2 - Example6.php Remote File Inclusion Maintain 3.0.0-RC2 - 'Example6.php' Remote File Inclusion Zorum 3.5 - DBProperty.php Remote File Inclusion Zorum 3.5 - 'DBProperty.php' Remote File Inclusion PHPMyConferences 8.0.2 - Init.php Remote File Inclusion PHPMyConferences 8.0.2 - 'Init.php' Remote File Inclusion PHPTreeView 1.0 - TreeViewClass.php Remote File Inclusion PHPTreeView 1.0 - 'TreeViewClass.php' Remote File Inclusion PLS-Bannieres 1.21 - Bannieres.php Remote File Inclusion PLS-Bannieres 1.21 - 'Bannieres.php' Remote File Inclusion The Search Engine Project 0.942 - Configfunction.php Remote File Inclusion The Search Engine Project 0.942 - 'Configfunction.php' Remote File Inclusion KnowledgeBuilder 2.2 - visEdit_Control.Class.php Remote File Inclusion KnowledgeBuilder 2.2 - 'visEdit_Control.Class.php' Remote File Inclusion NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion NewP News Publishing System 1.0 - 'Class.Database.php' Remote File Inclusion Advanced Guestbook 2.3.1 - admin.php Remote File Inclusion Advanced Guestbook 2.3.1 - 'admin.php' Remote File Inclusion @cid Stats 2.3 - Install.php3 Remote File Inclusion @cid Stats 2.3 - 'Install.php3' Remote File Inclusion PHPMyChat 0.14/0.15 - Languages.Lib.php Local File Inclusion PHPMyChat 0.14/0.15 - 'Languages.Lib.php' Local File Inclusion PHPdebug 1.1 - Debug_test.php Remote File Inclusion PHPdebug 1.1 - 'Debug_test.php' Remote File Inclusion eXtreme-fusion 4.02 - Fusion_Forum_View.php Local File Inclusion eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion Easy Banner Pro 2.8 - info.php Remote File Inclusion Edit-X - Edit_Address.php Remote File Inclusion Easy Banner Pro 2.8 - 'info.php' Remote File Inclusion Edit-X - 'Edit_Address.php' Remote File Inclusion OpenEMR 2.8.2 - Import_XML.php Remote File Inclusion OpenEMR 2.8.2 - 'Import_XML.php' Remote File Inclusion PHPProbid 5.24 - Lang.php Remote File Inclusion PHPProbid 5.24 - 'Lang.php' Remote File Inclusion MySQLNewsEngine - Affichearticles.php3 Remote File Inclusion MySQLNewsEngine - 'Affichearticles.php3' Remote File Inclusion Meganoide's News 1.1.1 - Include.php Remote File Inclusion Meganoide's News 1.1.1 - 'Include.php' Remote File Inclusion Shop Kit Plus - StyleCSS.php Local File Inclusion Shop Kit Plus - 'StyleCSS.php' Local File Inclusion Pickle 0.3 - download.php Local File Inclusion Active Calendar 1.2 - showcode.php Local File Inclusion Pickle 0.3 - 'download.php' Local File Inclusion Active Calendar 1.2 - 'showcode.php' Local File Inclusion JCCorp URLShrink Free 1.3.1 - CreateURL.php Remote File Inclusion JCCorp URLShrink Free 1.3.1 - 'CreateURL.php' Remote File Inclusion Weekly Drawing Contest 0.0.1 - Check_Vote.php Local File Inclusion Weekly Drawing Contest 0.0.1 - 'Check_Vote.php' Local File Inclusion WordPress < 2.1.2 - PHP_Self Cross-Site Scripting WordPress < 2.1.2 - 'PHP_Self' Cross-Site Scripting Satel Lite - Satellite.php Local File Inclusion Satel Lite - 'Satellite.php' Local File Inclusion eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion eCardMAX HotEditor 4.0 - 'Keyboard.php' Local File Inclusion MyNews 4.2.2 - Week_Events.php Remote File Inclusion MyNews 4.2.2 - 'Week_Events.php' Remote File Inclusion Web Service Deluxe News Manager 1.0.1 Deluxe - footer.php Local File Inclusion Actionpoll 1.1 - Actionpoll.php Remote File Inclusion Web Service Deluxe News Manager 1.0.1 Deluxe - 'footer.php' Local File Inclusion Actionpoll 1.1 - 'Actionpoll.php' Remote File Inclusion Fully Modded PHPBB2 - phpbb_root_path Remote File Inclusion Fully Modded PHPBB2 - 'phpbb_root_path' Remote File Inclusion PHP Turbulence 0.0.1 - Turbulence.php Remote File Inclusion PHP Turbulence 0.0.1 - 'Turbulence.php' Remote File Inclusion Allfaclassifieds 6.04 - Level2.php Remote File Inclusion PHPMyBibli 1.32 - Init.Inc.php Remote File Inclusion Allfaclassifieds 6.04 - 'Level2.php' Remote File Inclusion PHPMyBibli 1.32 - 'Init.Inc.php' Remote File Inclusion ACVSWS - Transport.php Remote File Inclusion ACVSWS - 'Transport.php' Remote File Inclusion Lms 1.5.x - RTMessageAdd.php Remote File Inclusion Lms 1.5.x - 'RTMessageAdd.php' Remote File Inclusion MyNewsGroups 0.6 - Include.php Remote File Inclusion PHPMyTGP 1.4 - AddVIP.php Remote File Inclusion MyNewsGroups 0.6 - 'Include.php' Remote File Inclusion PHPMyTGP 1.4 - 'AddVIP.php' Remote File Inclusion Comus 2.0 - Accept.php Remote File Inclusion Comus 2.0 - 'Accept.php' Remote File Inclusion HTMLEditBox 2.2 - config.php Remote File Inclusion DynaTracker 1.5.1 - includes_handler.php base_path Remote File Inclusion DynaTracker 1.5.1 - action.php base_path Remote File Inclusion HTMLEditBox 2.2 - 'config.php' Remote File Inclusion DynaTracker 1.5.1 - 'includes_handler.php' 'base_path' Remote File Inclusion DynaTracker 1.5.1 - 'action.php' 'base_path' Remote File Inclusion Doruk100Net - Info.php Remote File Inclusion Doruk100Net - 'Info.php' Remote File Inclusion PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion PHPSecurityAdmin 4.0.2 - 'Logout.php' Remote File Inclusion PHP Content Architect 0.9 pre 1.2 - MFA_Theme.php Remote File Inclusion PHP Content Architect 0.9 pre 1.2 - 'MFA_Theme.php' Remote File Inclusion PHPHostBot 1.05 - Authorize.php Remote File Inclusion PHPHostBot 1.05 - 'Authorize.php' Remote File Inclusion PHMe 0.0.2 - Function_List.php Local File Inclusion PHMe 0.0.2 - 'Function_List.php' Local File Inclusion VietPHP - _functions.php dirpath Parameter Remote File Inclusion VietPHP - admin/index.php language Parameter Remote File Inclusion VietPHP - '_functions.php' dirpath Parameter Remote File Inclusion VietPHP - 'admin/index.php' language Parameter Remote File Inclusion Coppermine Photo Gallery 1.3/1.4 - YABBSE.INC.php Remote File Inclusion Coppermine Photo Gallery 1.3/1.4 - 'YABBSE.INC.php' Remote File Inclusion Shoutbox 1.0 - Shoutbox.php Remote File Inclusion Shoutbox 1.0 - 'Shoutbox.php' Remote File Inclusion Web News 1.1 - feed.php config[root_ordner] Parameter Remote File Inclusion Web News 1.1 - news.php config[root_ordner] Parameter Remote File Inclusion Lib2 PHP Library 0.2 - My_Statistics.php Remote File Inclusion Web News 1.1 - 'feed.php' 'config[root_ordner]' Parameter Remote File Inclusion Web News 1.1 - 'news.php' 'config[root_ordner]' Parameter Remote File Inclusion Lib2 PHP Library 0.2 - 'My_Statistics.php' Remote File Inclusion Dalai Forum 1.1 - forumreply.php Local File Inclusion Firesoft - Class_TPL.php Remote File Inclusion Dalai Forum 1.1 - 'forumreply.php' Local File Inclusion Firesoft - 'Class_TPL.php' Remote File Inclusion PHP-Nuke 8.0 - autohtml.php Local File Inclusion PHP-Nuke 8.0 - 'autohtml.php' Local File Inclusion Content Builder 0.7.5 - postComment.php Remote File Inclusion Content Builder 0.7.5 - 'postComment.php' Remote File Inclusion Jeebles Technology Jeebles Directory 2.9.60 - download.php Local File Inclusion Jeebles Technology Jeebles Directory 2.9.60 - 'download.php' Local File Inclusion PHPbasic basicFramework 1.0 - Includes.php Remote File Inclusion PHPbasic basicFramework 1.0 - 'Includes.php' Remote File Inclusion Galmeta Post 0.2 - Upload_Config.php Remote File Inclusion Galmeta Post 0.2 - 'Upload_Config.php' Remote File Inclusion MyBlog 1.x - Games.php ID Remote File Inclusion MyBlog 1.x - 'Games.php' 'ID' Remote File Inclusion PHPMyTourney 2 - tourney/index.php Remote File Inclusion PHPMyTourney 2 - 'tourney/index.php' Remote File Inclusion W-Agora 4.0 - add_user.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - create_forum.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - create_user.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - delete_notes.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - delete_user.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - edit_forum.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - mail_users.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - moderate_notes.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - reorder_forums.php bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'add_user.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'create_forum.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'create_user.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'delete_notes.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'delete_user.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'edit_forum.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'mail_users.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'moderate_notes.php' bn_dir_default Parameter Remote File Inclusion W-Agora 4.0 - 'reorder_forums.php' bn_dir_default Parameter Remote File Inclusion XOOPS 2.0.18 - modules/system/admin.php fct Parameter Traversal Local File Inclusion XOOPS 2.0.18 - 'modules/system/admin.php' 'fct' Parameter Traversal Local File Inclusion Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Web Shell C99Shell 1.0 Pre-Release build 16 - 'ch99.php' Cross-Site Scripting C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting C99 Shell - 'c99.php' Authentication Bypass C99Shell (Web Shell) - 'c99.php' Authentication Bypass W-Agora 4.2.1 - search.php3 bn Parameter Traversal Local File Inclusion W-Agora 4.2.1 - 'search.php3' 'bn' Parameter Traversal Local File Inclusion Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' Remote PHP Code Execution Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' PHP Remote Code Execution MySQLDumper 1.24.4 - 'menu.php' Remote PHP Code Execution MySQLDumper 1.24.4 - 'menu.php' PHP Remote Code Execution Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / PHP Remote Code Execution Zend Framework 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection Nuts CMS - Remote PHP Code Injection / Execution Nuts CMS - PHP Remote Code Injection / Execution WordPress Plugin WP Super Cache - Remote PHP Code Execution WordPress Plugin WP Super Cache - PHP Remote Code Execution b374k Web Shell 3.2.3/2.8 - Cross-Site Request Forgery / Command Injection b374k 3.2.3/2.8 (Web Shell) - Cross-Site Request Forgery / Command Injection Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion Ovidentia online Module 2.8 - 'GLOBALS[babAddonPhpPath]' Remote File Inclusion XOOPS Glossaire Module- '/modules/glossaire/glossaire-aff.php' SQL Injection XOOPS Glossaire Module - '/modules/glossaire/glossaire-aff.php' SQL Injection ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials Remote SYSTEM Code Execution ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution Apache - HTTP OPTIONS Memory Leak Apache < 2.2.34 / < 2.4.27 - HTTP OPTIONS Memory Leak Foodspotting Clone 1.0 - SQL Injection iTech Gigs Script 1.20 - 'cat' Parameter SQL Injection Tecnovision DLX Spot - Authentication Bypass Tecnovision DLX Spot - Arbitrary File Upload	2017-09-20 05:01:20 +00:00
Offensive Security	ef4c288da7	DB: 2017-09-19 16 new exploits Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (1) Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (1) Cam2pc 4.6.2 - BMP Image Processing Integer Overflow Cam2pc 4.6.2 - '.BMP' Image Processing Integer Overflow Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering Unspecified Buffer Overflow Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering CMP Fencepost Denial of Service Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering CMP Fencepost Denial of Service Apple QuickTime 6.4/6.5/7.0.x - PictureViewer JPEG/PICT File Buffer Overflow Apple QuickTime 6.4/6.5/7.0.x - PictureViewer '.JPEG'/.PICT' File Buffer Overflow Tony Cook Imager 0.4x - JPEG and TGA Images Denial of Service Tony Cook Imager 0.4x - '.JPEG' / '.TGA' Images Denial of Service Microsoft Windows Kernel - 'win32k!NtQueryCompositionSurfaceBinding' Stack Memory Disclosure Microsoft Windows Kernel - 'win32k!NtGdiGetFontResourceInfoInternalW' Stack Memory Disclosure Microsoft Windows Kernel - 'win32k!NtGdiGetGlyphOutline' Pool Memory Disclosure Microsoft Windows Kernel - 'win32k!NtGdiGetPhysicalMonitorDescription' Stack Memory Disclosure Microsoft Windows Kernel - 'nt!NtSetIoCompletion / nt!NtRemoveIoCompletion' Pool Memory Disclosure Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Read with Malformed _glyf_ Table (win32k!fsc_CalcGrayRow) Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclosure Microsoft Windows Kernel - 'win32k!NtGdiDoBanding' Stack Memory Disclosure Adobe Reader X 10.1.4.38 - BMP/RLE Heap Corruption Adobe Reader X 10.1.4.38 - '.BMP'/'.RLE' Heap Corruption XV 3.x - BMP Parsing Local Buffer Overflow XV 3.x - '.BMP' Parsing Local Buffer Overflow Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (2) Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (2) GeoVision Digital Surveillance System 6.0 4/6.1 - Unauthorized JPEG Image Access GeoVision Digital Surveillance System 6.0 4/6.1 - Unauthorized '.JPEG' Image Access Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload (Metasploit) Kaseya Virtual System Administrator (VSA) - 'uploader.aspx' Arbitrary File Upload (Metasploit) XOOPS 2.3.2 - (mydirname) Remote PHP Code Execution XOOPS 2.3.2 - 'mydirname' Remote PHP Code Execution Tuleap Project Wiki 8.3 < 9.6.99.86 - Command Injection Digirez 3.4 - Cross-Site Request Forgery (Update Admin) Digileave 1.2 - Cross-Site Request Forgery (Update Admin) DigiAffiliate 1.4 - Cross-Site Request Forgery (Update Admin) UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass iBall ADSL2+ Home Router - Authentication Bypass Apache - HTTP OPTIONS Memory Leak	2017-09-19 05:01:33 +00:00
Offensive Security	bc6f82924c	DB: 2017-09-18 3 new exploits Netdecision 5.8.2 - Local Privilege Escalation PTCEvolution 5.50 - SQL Injection Contact Manager 1.0 - 'femail' Parameter SQL Injection	2017-09-18 05:01:20 +00:00
Offensive Security	db8b5bc2fe	DB: 2017-09-16 6 new exploits D-Link (Wireless Access Point) - (Fragmented UDP) Denial of Service D-Link Wireless Access Point - Fragmented UDP Denial of Service D-Link Router - UPNP Stack Overflow Denial of Service (PoC) D-Link Devices - UPNP Stack Overflow Denial of Service (PoC) Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation MusicDaemon 0.0.3 - Remote Denial of Service / /etc/shadow Stealer (2) MusicDaemon 0.0.3 - Remote Denial of Service / '/etc/shadow' Stealer (2) D-Link (DWL Series) Access-Point 2.10na - Config Disclosure D-Link DWL Series Access-Point 2.10na - Config Disclosure Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing and Cross Frame Access Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access D-Link Airspot DSA-3100 Gateway - Login_error.SHTML Cross-Site Scripting D-Link Airspot DSA-3100 Gateway - 'Login_error.SHTML' Cross-Site Scripting D-Link - Authentication.cgi Buffer Overflow (Metasploit) D-Link - hedwig.cgi Buffer Overflow in Cookie Header (Metasploit) D-Link Devices - Authentication.cgi Buffer Overflow (Metasploit) D-Link Devices - 'hedwig.cgi' Buffer Overflow in Cookie Header (Metasploit) D-Link - info.cgi POST Request Buffer Overflow (Metasploit) D-Link Devices - 'info.cgi' POST Request Buffer Overflow (Metasploit) D-Link - Unauthenticated UPnP M-SEARCH Multicast Command Injection (Metasploit) D-Link Devices - Unauthenticated UPnP M-SEARCH Multicast Command Injection (Metasploit) D-Link - Cookie Command Execution (Metasploit) D-Link Devices - Cookie Command Execution (Metasploit) D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure D-Link DSL-2730U/2750U/2750E ADSL Router - Remote File Disclosure Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) D-Link DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) Astaro Security Gateway 7 - Remote Code Execution D-link DIR-600M - Cross-Site Request Forgery D-Link DIR-600M - Cross-Site Request Forgery DLink DSL-2730U Wireless N 150 - Cross-Site Request Forgery D-Link DSL-2730U Wireless N 150 - Cross-Site Request Forgery XYZ Auto Classifieds 1.0 - SQL Injection Consumer Review Script 1.0 - SQL Injection D-Link DIR8xx Routers - Leak Credentials D-Link DIR8xx Routers - Root Remote Code Execution D-Link DIR8xx Routers - Local Firmware Upload	2017-09-16 05:01:22 +00:00
Offensive Security	6e81f8d635	DB: 2017-09-15 13 new exploits MPlayer - '.SAMI' Subtitle File Buffer Overflow (DEP Bypass) (Metasploit) Trend Micro Control Manager - ImportFile Directory Traversal RCE (Metasploit) Trend Micro Control Manager - ImportFile Directory Traversal Remote Code Execution (Metasploit) EMC AlphaStor Library Manager < 4.0 build 910 - Opcode 0x4f Buffer Overflow (Metasploit) EMC AlphaStor Device Manager - Opcode 0x72 Buffer Overflow (Metasploit) Lockstep Backup for Workgroups 4.0.3 - Buffer Overflow (Metasploit) Disk Pulse Server 2.2.34 - GetServerInfo Buffer Overflow (Metasploit) haneWIN DNS Server 1.5.3 - Buffer Overflow (Metasploit) KingScada AlarmServer 3.1.2.13 - Stack Buffer Overflow (Metasploit) Cloudview NMS 2.00b - Writable Directory Traversal Execution (Metasploit) Enterprise Edition Payment Processor Script 3.7 - SQL Injection Adserver Script 5.6 - SQL Injection PTC KSV1 Script 1.7 - 'type' Parameter SQL Injection Theater Management Script - SQL Injection Justdial Clone Script - 'fid' Parameter SQL Injection	2017-09-15 05:01:22 +00:00
Offensive Security	183eb53e48	DB: 2017-09-14 44 new exploits Mako Web Server 2.5 - Multiple Vulnerabilities ZScada Modbus Buffer 2.0 - Stack-Based Buffer Overflow (Metasploit) Trend Micro Control Manager - ImportFile Directory Traversal RCE (Metasploit) Viap Automation WinPLC7 5.0.45.5921 - Recv Buffer Overflow (Metasploit) Sielco Sistemi Winlog 2.07.16 - Buffer Overflow (Metasploit) Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit) Motorola Netopia Netoctopus SDCS - Stack Buffer Overflow (Metasploit) Alienvault Open Source SIEM (OSSIM) < 4.7.0 - 'get_license' Remote Command Execution (Metasploit) Infinite Automation Mango Automation - Command Injection (Metasploit) Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack-Based Buffer Overflow (Metasploit) EMC CMCNE Inmservlets.war FileUploadController 11.2.1 - Remote Code Execution (Metasploit) EMC CMCNE 11.2.1 - FileUploadController Remote Code Execution (Metasploit) Dameware Mini Remote Control 4.0 - Username Stack Buffer Overflow (Metasploit) Cloudview NMS < 2.00b - Arbitrary File Upload (Metasploit) Alienvault OSSIM av-centerd Util.pm sync_rserver - Command Execution (Metasploit) Alienvault OSSIM av-centerd 4.7.0 - 'get_log_line' Command Injection (Metasploit) Microsoft Windows .NET Framework - Remote Code Execution ICLowBidAuction 3.3 - SQL Injection ICMLM 2.1 - 'key' Parameter SQL Injection ICHotelReservation 3.3 - 'key' Parameter SQL Injection ICAuction 2.2 - 'id' Parameter SQL Injection ICDoctor Appointment 1.3 - 'key' Parameter SQL Injection ICRestaurant software 1.4 - 'key' Parameter SQL Injection ICDutchAuction 1.2 - SQL Injection ICAutosales 2.2 - SQL Injection ICTraveling 2.2 - Authentication Bypass ICStudents 1.2 - 'key' Parameter SQL Injection ICClassifieds 1.1 - SQL Injection ICSurvey 1.1 - SQL Injection ICJewelry 1.1 - 'key' Parameter SQL Injection IC-T-Shirt 1.2 - 'key' Parameter SQL Injection ICProductConfigurator 1.1 - 'key' Parameter SQL Injection ICGrocery 1.1 - 'key' Parameter SQL Injection ICCallLimousine 1.1 - 'key' Parameter SQL Injection ICProjectBidding 1.1 - SQL Injection ICDental Clinic 1.2 - 'key' Parameter SQL Injection ICEstate 1.1 - 'id' Parameter SQL Injection ICHelpDesk 1.1 - 'pk' Parameter SQL Injection ICSiteBuilder 1.1 - SQL Injection ICAffiliateTracking 1.1 - Authentication Bypass Indusoft Web Studio - Directory Traversal Information Disclosure (Metasploit) Carlo Gavazzi Powersoft 2.1.1.1 - Directory Traversal File Disclosure (Metasploit) Carel PlantVisor 2.4.4 - Directory Traversal Information Disclosure (Metasploit) Carel PlantVisor 2.4.4 - Directory Traversal	2017-09-14 05:01:22 +00:00
Offensive Security	590c03106b	DB: 2017-09-13 15 new exploits tcprewrite - Heap-Based Buffer Overflow WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization Docker Daemon - Unprotected TCP Socket Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting osTicket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting PHP Dashboards NEW 4.4 - Arbitrary File Read PHP Dashboards NEW 4.4 - SQL Injection JobStar Monster Clone Script 1.0 - SQL Injection iTech Book Store Script 2.02 - SQL Injection iTech StockPhoto Script 2.02 - SQL Injection EduStar Udemy Clone Script 1.0 - SQL Injection AirStar Airbnb Clone Script 1.0 - SQL Injection osTicket 1.10 - SQL Injection FoodStar 1.0 - SQL Injection Gr8 Multiple Search Engine Script 1.0 - SQL Injection inClick Cloud Server 5.0 - SQL Injection	2017-09-13 05:01:22 +00:00
Offensive Security	36667e62bc	DB: 2017-09-12 6 new exploits Docker Daemon - Unprotected TCP Socket (Metasploit) Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (192 bytes) Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (192.168.0.12:4444/TCP) Shellcode (160 bytes) Nimble Professional 1.0 - Cross-Site Request Forgery (Update Admin) FiberHome ADSL AN1020-25 - Improper Access Restrictions WiseGiga NAS - Multiple Vulnerabilities	2017-09-12 05:01:25 +00:00
Offensive Security	7744909119	DB: 2017-09-11 11 new exploits Just Dial Marketplace Script - Authentication Bypass Just Dial Marketplace - Authentication Bypass Online Print Business 1.0 - SQL Injection Escort Marketplace 1.0 - SQL Injection Babysitter Website Script 1.0 - SQL Injection Job Board Software 1.0 - SQL Injection RPi Cam Control <= 6.3.14 - Multiple Vulnerabilities Just Dial Marketplace 1.0 - SQL Injection Professional Service Booking 1.0 - SQL Injection Restaurant Website Script 1.0 - SQL Injection Law Firm 1.0 - SQL Injection Topsites Script 1.0 - Cross-Site Request Forgery / PHP Code Injection My Builder Marketplace 1.0 - SQL Injection	2017-09-11 05:01:21 +00:00
Offensive Security	8ab6c39fe1	DB: 2017-09-09 4 new exploits Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC) Hexamail Server 3.0.0.001 - 'pop3' Unauthenticated Remote Overflow (PoC) Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service Noticeware E-mail Server 5.1.2.2 - 'POP3' Unauthenticated Denial of Service BIND 8.2.2-P5 - Denial of Service ISC BIND 8.2.2-P5 - Denial of Service opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2) Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2) Photoshop CC2014 and Bridge CC 2014 - '.gif' Parsing Memory Corruption Photoshop CC2014 and Bridge CC 2014 - '.png' Parsing Memory Corruption Photoshop CC2014 / Bridge CC 2014 - '.gif' Parsing Memory Corruption Photoshop CC2014 / Bridge CC 2014 - '.png' Parsing Memory Corruption /usr/bin/trn - Local Exploit (not suid) /usr/bin/trn (Not SUID) - Local Exploit Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection (1) Oracle 10g - 'SYS.LT.COMPRESSWORKSPACETREE' SQL Injection (1) Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection (2) Oracle 10g - 'SYS.LT.COMPRESSWORKSPACETREE' SQL Injection (2) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4) Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4) Jungo DriverWizard WinDriver - Kernel Pool Overflow Jungo DriverWizard WinDriver - Kernel Out-of-Bounds Write Privilege Escalation Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation Jungo DriverWizard WinDriver < v12.4.0 - Kernel Out-of-Bounds Write Privilege Escalation ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (1) ProFTPd 1.2.9 rc2 - '.ASCII' File Remote Code Execution (1) BIND 8.2.x - 'TSIG' Stack Overflow (1) BIND 8.2.x - 'TSIG' Stack Overflow (2) BIND 8.2.x - 'TSIG' Stack Overflow (3) BIND 8.2.x - 'TSIG' Stack Overflow (4) ISC BIND 8.2.x - 'TSIG' Stack Overflow (1) ISC BIND 8.2.x - 'TSIG' Stack Overflow (2) ISC BIND 8.2.x - 'TSIG' Stack Overflow (3) ISC BIND 8.2.x - 'TSIG' Stack Overflow (4) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2) Mercury/32 Mail Server 4.01 - 'Pegasus' IMAP Buffer Overflow (1) Mercury/32 Mail Server 4.01 - 'Pegasus' IMAP Buffer Overflow (2) Mercur MailServer 5.0 SP3 - (IMAP) Remote Buffer Overflow (1) Mercur MailServer 5.0 SP3 - 'IMAP' Remote Buffer Overflow (1) Mercur MailServer 5.0 SP3 - (IMAP) Remote Buffer Overflow (2) Mercur MailServer 5.0 SP3 - 'IMAP' Remote Buffer Overflow (2) QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (1) QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (1) ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (2) ProFTPd 1.2.9 rc2 - '.ASCII' File Remote Code Execution (2) QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (2) QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (2) ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow (1) ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (1) BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit) BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python) BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning Exploit (Metasploit) BIND 9.x - Remote DNS Cache Poisoning Exploit (Python) BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit BIND 9.x - Remote DNS Cache Poisoning Exploit BIND 9.5.0-P2 - (randomized ports) Remote DNS Cache Poisoning Exploit BIND 9.5.0-P2 - 'Randomized Ports' Remote DNS Cache Poisoning Exploit Belkin Wireless G router + ADSL2 modem - Authentication Bypass Belkin Wireless G Router / ADSL2 Modem - Authentication Bypass Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (1) Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (1) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (2) Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (2) Solaris in.TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit) Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit) Solaris in.TelnetD - TTYPROMPT Buffer Overflow (Metasploit) Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit) Multiple OSes - BIND Buffer Overflow (1) Multiple OSes - BIND Buffer Overflow (2) ISC BIND (Linux/BSD) - Buffer Overflow (1) ISC BIND (Multiple OSes) - Buffer Overflow (2) Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (1) Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (2) Oracle 10g Database - 'SUBSCRIPTION_NAME' SQL Injection (1) Oracle 10g Database - 'SUBSCRIPTION_NAME' SQL Injection (2) Shuttle Tech ADSL Modem-Router 915 WM - Unauthenticated Remote DNS Change Shuttle Tech ADSL Modem/Router 915 WM - Unauthenticated Remote DNS Change Poison Ivy 2.1.x - C2 Buffer Overflow (Metasploit) Poison Ivy 2.1.x (C2 Server) - Buffer Overflow (Metasploit) Gh0st Client - Buffer Overflow (Metasploit) Gh0st Client (C2 Server) - Buffer Overflow (Metasploit) zFeeder 1.6 - 'admin.php' Unauthenticated zFeeder 1.6 - 'admin.php' Unauthenticated Admin Bypass CompactCMS 1.4.0 - (tiny_mce) Arbitrary File Upload CompactCMS 1.4.0 - 'tiny_mce' Arbitrary File Upload Achievo 1.4.3 - Multiple Authorisation Flaws Achievo 1.4.3 - Multiple Authorisation Vulnerabilities CompactCMS 1.4.1 - Multiple Vulnerabilities phpDenora 1.4.6 - Multiple SQL Injections Joomla! Component 'com_niceajaxpoll' 1.3.0 - SQL Injection Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (1) Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (2) Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1) Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (2) CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2) PlaySms 1.4 - Remote Code Execution PlaySMS 1.4 - 'sendfromfile.php' Remote Code Execution / Unrestricted File Upload Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting Ultimate HR System < 1.2 - Directory Traversal / Cross-Site Scripting EzBan 5.3 - 'id' Parameter SQL Injection EzInvoice 6.02 - SQL Injection Roteador Wireless Intelbras WRN150 - Cross-Site Scripting Huawei HG255s - Directory Traversal	2017-09-09 05:01:22 +00:00
Offensive Security	67b3da92e4	DB: 2017-09-08 4 new exploits Tor - Linux Sandbox Breakout via X11 Tor (Linux) - X11 Linux Sandbox Breakout Apache Struts 2.5 < 2.5.12 - REST Plugin XStream Remote Code Execution Gh0st Client - Buffer Overflow (Metasploit) TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Remote Code Execution as Root TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Root Remote Code Execution Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting Online Invoice System 3.0 - SQL Injection	2017-09-08 05:01:20 +00:00
Offensive Security	a1eeba1263	DB: 2017-09-07 9 new exploits Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Sambar FTP Server 6.4 - 'SIZE' Remote Denial of Service Samba 3.0.29 (client) - 'receive_smb_raw()' Buffer Overflow (PoC) Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC) 2WIRE DSL Router (xslt) - Denial of Service 2WIRE DSL Router - 'xslt' Denial of Service ooVoo 1.7.1.35 - (URL Protocol) Remote Unicode Buffer Overflow (PoC) ooVoo 1.7.1.35 - 'URL Protocol' Remote Unicode Buffer Overflow (PoC) Optimal Archive 1.38 - '.zip' File (SEH) (PoC) Optimal Archive 1.38 - '.zip' File Exploit (SEH) (PoC) Subtitle Translation Wizard 3.0.0 - (SEH) (PoC) Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC) Virtual DJ Trial 6.1.2 - Buffer Overflow (SEH) Crash (PoC) Virtual DJ Trial 6.1.2 - Buffer Overflow Crash (SEH) (PoC) VideoLAN VLC Media Player 1.1.9 - XSPF Local File Integer Overflow in XSPF Playlist parser VideoLAN VLC Media Player 1.1.9 - XSPF Playlist Local File Integer Overflow Winlog Lite SCADA HMI system - (SEH) Overwrite Winlog Lite SCADA HMI system - Overwrite (SEH) FL Studio 10 Producer Edition - (SEH) Buffer Overflow (PoC) FL Studio 10 Producer Edition -Buffer Overflow (SEH) (PoC) Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - 'DownloadURLToFile()' Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - 'Load()' Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - 'CheckCompatibility()' Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - 'Admin_RemoveDirectory()' Stack Based Unicode Buffer Overflow Sambar Server 6.0 - results.stm Post Request Buffer Overflow Sambar Server 6.0 - 'results.stm' POST Request Buffer Overflow Samba nttrans Reply - Integer Overflow Samba 3.5.22/3.6.17/4.0.8 - nttrans Reply Integer Overflow Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (SEH) Denial of Service Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (SEH) Denial of Service Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (SEH) (Denial of Service) Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (SEH) (Denial of Service) i.FTP 2.21 - (SEH) Overflow Crash (PoC) i.FTP 2.21 - Overflow Crash (SEH) (PoC) Sam Spade 1.14 - Scan From IP Address Field (SEH) Overflow Crash (SEH) (PoC) Sam Spade 1.14 - Scan From IP Address Field Overflow Crash (SEH) (PoC) TECO SG2 FBD Client 3.51 - '.gfb' Overwrite (SEH) Buffer Overflow TECO SG2 FBD Client 3.51 - '.gfb' Overwrite Buffer Overflow (SEH) Network Scanner 4.0.0.0 - (SEH)Crash (PoC) Network Scanner 4.0.0.0 - Crash (SEH) (PoC) Zortam Mp3 Media Studio 20.15 - Overflow (SEH) Denial of Service Zortam Mp3 Media Studio 20.15 - Overflow (SEH) (Denial of Service) Symantec AntiVirus - Remote Stack Buffer Overflow in dec2lha Library Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow WebKit JSC - Heap Buffer Overflow in Intl.getCanonicalLocales WebKit JSC - 'Intl.getCanonicalLocales' Heap Buffer Overflow Firebird 1.0.2 FreeBSD 4.7-RELEASE - Privilege Escalation Firebird 1.0.2 (FreeBSD 4.7-RELEASE) - Privilege Escalation CyberLink Power2Go Essential 9.0.1002.0 - Registry Buffer Overflow (Unicode SEH) CyberLink Power2Go Essential 9.0.1002.0 - Registry Buffer Overflow (SEH Unicode) Quick Player 1.2 - Unicode Buffer Overflow DJ Studio Pro 5.1.6.5.2 - (SEH) Exploit Quick Player 1.2 - Unicode Buffer Overflow (1) DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) Quick Player 1.2 - Unicode Buffer Overflow (Bindshell) Quick Player 1.2 - Unicode Buffer Overflow (2) Winamp 5.572 - (SEH) Exploit Winamp 5.572 - Exploit (SEH) ZipScan 2.2c - (SEH) Exploit ZipScan 2.2c - Exploit (SEH) Winamp 5.572 - 'whatsnew.txt' (SEH) (Metasploit) Winamp 5.572 - 'whatsnew.txt' Exploit (SEH) (Metasploit) Mediacoder 0.7.3.4672 - (SEH) Exploit Mediacoder 0.7.3.4672 - Exploit (SEH) SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow (PoC) SureThing CD Labeler - '.m3u/.pls' Unicode Stack Overflow (PoC) MoreAmp - '.maf' Local Stack Buffer Overflow (SEH) (calc) BlazeDVD 6.0 - '.plf' File (SEH) Universal Buffer Overflow MoreAmp - '.maf' Local Stack Buffer Overflow (SEH) BlazeDVD 6.0 - '.plf' File Universal Buffer Overflow (SEH) ASX to MP3 Converter 3.1.2.1 - (SEH) Multiple OS ASLR + DEP Bypass (Metasploit) ASX to MP3 Converter 3.1.2.1 - Multiple OS ASLR + DEP Bypass (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - (SEH) Exploit MP3 Workstation 9.2.1.1.2 - Exploit (SEH) DJ Studio Pro 8.1.3.2.1 - (SEH) Exploit DJ Studio Pro 8.1.3.2.1 - Exploit (SEH) MP3 Workstation 9.2.1.1.2 - (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit) iworkstation 9.3.2.1.4 - (SEH) Exploit iworkstation 9.3.2.1.4 - Exploit (SEH) Winamp 5.6 - Arbitrary Code Execution in MIDI Parser Winamp 5.6 - 'MIDI Parser' Arbitrary Code Execution BS.Player 2.57 - Buffer Overflow (Unicode SEH) BS.Player 2.57 - Buffer Overflow (SEH Unicode) Nokia MultiMedia Player 1.0 - (SEH Unicode) Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode) POP Peeper 3.7 - (SEH) Exploit POP Peeper 3.7 - Exploit (SEH) Download Accelerator Plus (DAP) 9.7 - '.M3U' File Buffer Overflow (Unicode SEH) Download Accelerator Plus (DAP) 9.7 - '.M3U' File Buffer Overflow (SEH Unicode) BS.Player 2.57 - Buffer Overflow (Unicode SEH) (Metasploit) BS.Player 2.57 - Buffer Overflow (SEH Unicode) (Metasploit) DJ Studio Pro 5.1.6.5.2 - (SEH) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit) Samba 2.0.7 SWAT - Logfile Permissions Samba 2.0.7 - SWAT Logfile Permissions Static HTTP Server 1.0 - (SEH) Overflow Static HTTP Server 1.0 - Overflow (SEH) ALLPlayer 5.6.2 - '.m3u' File Local Buffer Overflow (Unicode SEH) ALLPlayer 5.6.2 - '.m3u' File Local Buffer Overflow (SEH Unicode) Light Alloy 4.7.3 - '.m3u' Buffer Overflow (SEH) 'UNICODE' Light Alloy 4.7.3 - '.m3u' Buffer Overflow (SEH Unicode) GOM Player 2.2.53.5169 - Buffer Overflow (SEH) (.reg) GOM Player 2.2.53.5169 - '.reg' Buffer Overflow (SEH) Quick Search 1.1.0.189 - 'search textbox Buffer Overflow (Unicode SEH) (Egghunter) Quick Search 1.1.0.189 - search textbox Buffer Overflow (SEH Unicode) (Egghunter) Total Commander 8.52 - Overwrite (SEH) Buffer Overflow Total Commander 8.52 - Overwrite Buffer Overflow (SEH) TECO SG2 LAD Client 3.51 - '.gen' Overwrite (SEH) Buffer Overflow TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite (SEH) Buffer Overflow TECO SG2 LAD Client 3.51 - '.gen' Overwrite Buffer Overflow (SEH) TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite Buffer Overflow (SEH) Jungo DriverWizard WinDriver - Kernel Pool Overflow Jungo DriverWizard WinDriver - Kernel Out-of-Bounds Write Privilege Escalation Tor - Linux Sandbox Breakout via X11 Samba < 2.2.8 (Linux/BSD) - Remote Code Execution Samba 3.0.4 SWAT - Authorisation Buffer Overflow Samba 3.0.4 - SWAT Authorisation Buffer Overflow BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH) Universal BigAnt Server 2.50 - GET Request Universal Remote Buffer Overflow (SEH) Samba 2.2.x - nttrans Overflow (Metasploit) Samba 2.2.x - 'nttrans' Overflow (Metasploit) BigAnt Server 2.52 - (SEH) Exploit BigAnt Server 2.52 - Exploit (SEH) File Sharing Wizard 1.5.0 - (SEH) Exploit File Sharing Wizard 1.5.0 - Exploit (SEH) Samba - 'Username' map script' Command Execution (Metasploit) Samba 3.0.20 < 3.0.25rc3 - 'Username' map script' Command Execution (Metasploit) Samba 2.2.8 (*BSD x86) - 'trans2open' Overflow Exploit (Metasploit) Samba 2.2.8 (BSD x86) - 'trans2open' Overflow Exploit (Metasploit) Samba 2.0.7 SWAT - Logging Failure Samba 2.0.7 - SWAT Logging Failure Sambar Server 4.4/5.0 - pagecount File Overwrite Sambar Server 4.4/5.0 - 'pagecount' File Overwrite Sambar Server 5.x - results.stm Cross-Site Scripting Sambar Server 5.x - 'results.stm' Cross-Site Scripting Samba SMB 2.2.x - CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow Samba 2.2.x - CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow BigAnt Server 2.52 SP5 - (SEH) Stack Overflow ROP-Based Exploit (ASLR + DEP Bypass) BigAnt Server 2.52 SP5 - Stack Overflow ROP-Based Exploit (SEH) (ASLR + DEP Bypass) Sambar 5.x - Open Proxy / Authentication Bypass Sambar Server 5.x - Open Proxy / Authentication Bypass Sambar Server 6.1 Beta 2 - show.asp show Parameter Cross-Site Scripting Sambar Server 6.1 Beta 2 - showperf.asp title Parameter Cross-Site Scripting Sambar Server 6.1 Beta 2 - showini.asp Arbitrary File Access Sambar Server 6.1 Beta 2 - 'show.asp' show Parameter Cross-Site Scripting Sambar Server 6.1 Beta 2 - 'showperf.asp' title Parameter Cross-Site Scripting Sambar Server 6.1 Beta 2 - 'showini.asp' Arbitrary File Access Sambar Server 5.x/6.0/6.1 - results.stm indexname Cross-Site Scripting Sambar Server 5.x/6.0/6.1 - 'results.stm' indexname Cross-Site Scripting Ruby 1.9.1 - WEBrick Terminal Escape Sequence in Logs Command Injection Ruby 1.9.1 - WEBrick 'Terminal Escape Sequence in Logs' Command Injection Varnish 2.0.6 - Terminal Escape Sequence in Logs Command Injection Varnish 2.0.6 - 'Terminal Escape Sequence in Logs' Command Injection Yaws 1.55 - Terminal Escape Sequence in Logs Command Injection Orion Application Server 2.0.7 - Terminal Escape Sequence in Logs Command Injection Yaws 1.55 - 'Terminal Escape Sequence in Logs' Command Injection Orion Application Server 2.0.7 - 'Terminal Escape Sequence in Logs' Command Injection Sysax Multi Server 6.50 - HTTP File Share Overflow (SEH) Remote Code Execution (SEH) Sysax Multi Server 6.50 - HTTP File Share Overflow Remote Code Execution (SEH) Easy File Sharing Web Server 7.2 - (SEH) Overflow (Egghunter) Easy File Sharing Web Server 7.2 - Overflow (Egghunter) (SEH) Samba - 'is_known_pipename()' Arbitrary Module Load (Metasploit) Samba 3.5.0 < 4.4.14/4.5.10/4.6.4 - 'is_known_pipename()' Arbitrary Module Load (Metasploit) WordPress Core & MU & Plugins - Privileges Unchecked in 'admin.php' / Multiple Information Disclosures WordPress Core & MU & Plugins - 'admin.php' Privileges Unchecked / Multiple Information Disclosures PHP-Nuke 8.0 - Cross-Site Scripting / HTML Code Injection in News Module PHP-Nuke 8.0 - ' News Module Cross-Site Scripting / HTML Code Injection PHP-decoda - Cross-Site Scripting In Video Tag PHP-decoda - 'Video Tag' Cross-Site Scripting vBulletin 4.x/5.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API vBulletin 4.x/5.x - AdminCP/ApiLog via xmlrpc API Authenticated Persistent Cross-Site Scripting vBulletin 4.x - breadcrumbs via xmlrpc API Authenticated SQL Injection Advertiz PHP Script 0.2 - Cross-Site Request Forgery (Update Admin) WebKit - Stealing Variables via Page Navigation in 'FrameLoader::clear' WebKit - 'FrameLoader::clear' Stealing Variables via Page Navigation FineCMS 1.0 - Multiple Vulnerabilities FineCMS 1.0 - Multiple Vulnerabilities A2billing 2.x - SQL Injection Cory Support - 'pr' Parameter SQL Injection Pay Banner Text Link Ad 1.0.6.1 - Cross-Site Request Forgery (Update Admin) Pay Banner Text Link Ad 1.0.6.1 - SQL Injection	2017-09-07 05:01:26 +00:00
Offensive Security	69443c8521	DB: 2017-09-06 5 new exploits Samba 2.2.8 - Remote Code Execution Samba < 2.2.8 (Linux/BSD) - Remote Code Execution Mongoose Web Server 6.5 - Cross-Site Request Forgery / Remote Code Execution A2billing 2.x - Backup File Download / Remote Code Execution iGreeting Cards 1.0 - SQL Injection WordPress Plugin Participants Database < 1.7.5.10 - Cross-Site Scripting The Car Project 1.0 - SQL Injection	2017-09-06 05:01:20 +00:00
Offensive Security	427165968d	DB: 2017-09-05 9 new exploits IBM Notes 8.5.x/9.0.x - Denial of Service (2) Lotus Notes Diagnostic Tool 8.5/9.0 - Privilege Escalation RubyGems < 2.6.13 - Arbitrary File Overwrite Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow Joomla! Component Survey Force Deluxe 3.2.4 - 'invite' Parameter SQL Injection Joomla! Component CheckList 1.1.0 - SQL Injection Wireless Repeater BE126 - Remote Code Execution CodeMeter 6.50 - Cross-Site Scripting Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery	2017-09-05 05:01:31 +00:00
Offensive Security	572d7c5002	DB: 2017-09-04 2 new exploits IBM Notes 8.5.x/9.0.x - Denial of Service FineCMS 1.0 - Multiple Vulnerabilities	2017-09-04 05:01:22 +00:00
Offensive Security	a160bc0c68	DB: 2017-09-02 2 new exploits Mozilla Firefox 3.6.3 - Fork Bomb Denial of Service Mozilla Firefox 3.6.3 - Fork Bomb (Denial of Service) OpenJPEG - 'mqc.c' Heap-Based Buffer Overflow Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass Git <= 2.7.5 - Command Injection (Metasploit) Git < 2.7.5 - Command Injection (Metasploit) Joomla! 1.0.7 / Mambo 4.5.3 - (feed) Full Path Disclosure / Denial of Service Joomla! 1.0.7 / Mambo 4.5.3 - 'feed' Full Path Disclosure / Denial of Service Joomla! 1.0.9 - (Weblinks) Blind SQL Injection Joomla! 1.0.9 - 'Weblinks' Blind SQL Injection Joomla! 1.5.x - (Token) Remote Admin Change Password Joomla! 1.5.x - 'Token' Remote Admin Change Password Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion Joomla! Component & Plugin 'JE Tooltip' 1.0 - Local File Inclusion Joomla! 'com_djClassifieds' 0.9.1 - Arbitrary File Upload Joomla! Component 'com_djClassifieds' 0.9.1 - Arbitrary File Upload Joomla! 1.6.0-Alpha2 - Cross-Site Scripting Joomla! 1.6.0 Alpha2 - Cross-Site Scripting Joomla! - Spam Mail Relay Joomla! 1.5.22 / 1.6.0 - 'com_mailto' Spam Mail Relay Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection Joomla! Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection	2017-09-02 05:01:21 +00:00
Offensive Security	f94c5966a1	DB: 2017-09-01 5 new exploits Git <= 2.7.5 - Command Injection (Metasploit) Linux/x86 - Fork Bomb Shellcode (9 bytes) Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection	2017-09-01 05:01:24 +00:00
Offensive Security	6b9cb90c81	DB: 2017-08-31 4 new exploits Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection Joomla! Component Joomanager 2.0.0 - Arbitrary File Download iBall Baton 150M Wireless Router - Authentication Bypass Invoice Manager 3.1 - Cross-Site Request Forgery (Add Admin)	2017-08-31 05:01:22 +00:00
Offensive Security	13819fd065	DB: 2017-08-30 10 new exploits ProFTPd 1.2.0 (rc2) - memory leakage example Exploit ProFTPd 1.2.0pre10 - Remote Denial of Service ProFTPd 1.2.0 rc2 - Memory Leakage Exploit ProFTPd 1.2.0 pre10 - Remote Denial of Service ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPd 1.3.0a - 'mod_ctrls support' Local Buffer Overflow (PoC) ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC) ProFTPd - 'mod_sftp' Integer Overflow Denial of Service (PoC) ProFTPd 1.2 - SIZE Remote Denial of Service ProFTPd 1.2 - 'SIZE' Remote Denial of Service ProFTPd 1.2.x - STAT Command Denial of Service ProFTPd 1.2.x - 'STAT' Denial of Service ProFTPd - (ftpdctl) Local pr_ctrls_connect ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' Local Overflow (exec-shield) ProFTPd 1.3.0 - mod_ctrls Local Stack Overflow (OpenSUSE) ProFTPd 1.3.0 (OpenSUSE) - 'mod_ctrls' Local Stack Overflow Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH) ProFTPd 1.2.9RC1 - 'mod_sql' SQL Injection ProFTPd 1.2.9 RC1 - 'mod_sql' SQL Injection ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPd 1.3.0 - 'sreplace' Remote Stack Overflow (Metasploit) ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow ProFTPd 1.x - 'mod_tls module' Remote Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow (Metasploit) ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow (Metasploit) ProFTPd 1.3.2 rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow (Metasploit) ProFTPd 1.2 < 1.3.0 (Linux) - 'sreplace' Buffer Overflow (Metasploit) ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow (Metasploit) ProFTPd 1.3.2 rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow (Metasploit) FreeBSD ftpd and ProFTPd on FreeBSD - Remote Command Execution ftpd / ProFTPd (FreeBSD) - Remote Command Execution ProFTPd 1.2 pre6 - snprintf Exploit ProFTPd 1.2 pre6 - 'snprintf' Remote Root Exploit D-Link DIR-645 / DIR-815 - diagnostic.php Command Execution (Metasploit) D-Link DIR-645 / DIR-815 - 'diagnostic.php' Command Execution (Metasploit) D-Link DIR615h - OS Command Injection (Metasploit) D-Link DIR-615H - OS Command Injection (Metasploit) ProFTPd 1.3.5 - (mod_copy) Remote Command Execution ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution ProFTPd 1.3.5 - 'Mod_Copy' Command Execution (Metasploit) ProFTPd 1.3.5 - 'mod_copy' Command Execution (Metasploit) QNAP Transcode Server - Command Execution (Metasploit) D-Link DIR-600 / DIR-300 (rev B) - Multiple Vulnerabilities D-Link DIR-600 / DIR-300 (Rev B) - Multiple Vulnerabilities D-Link DIR-615 rev H - Multiple Vulnerabilities D-Link DIR-615 Rev H - Multiple Vulnerabilities D-Link DIR-615 Hardware rev D3 / DIR-300 Hardware rev A - Multiple Vulnerabilities D-Link DIR-615 Rev D3 / DIR-300 Rev A - Multiple Vulnerabilities D-Link DIR-615 Hardware vE4 Firmware 5.10 - Cross-Site Request Forgery D-Link DIR-615 vE4 Firmware 5.10 - Cross-Site Request Forgery D-Link DIR-600L Hardware Version AX Firmware 1.00 - Cross-Site Request Forgery D-Link DIR-600L AX 1.00 - Cross-Site Request Forgery NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access) D-Link DIR-600 - Authentication Bypass Car or Cab Booking Script - Authentication Bypass PHP Appointment Booking Script - Authentication Bypass User Login and Management - Multiple Vulnerabilities PHP Video Battle Script 1.0 - SQL Injection Brickcom IP Camera - Credentials Disclosure	2017-08-30 05:01:38 +00:00
Offensive Security	711d6a6a43	DB: 2017-08-29 21 new exploits Easy DVD Creator 2.5.11 - Buffer Overflow (SEH) Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Buffer Overflow (SEH) Easy RM RMVB to DVD Burner 1.8.11 - Buffer Overflow (SEH) Dup Scout Enterprise 9.9.14 - Buffer Overflow (SEH) Disk Savvy Enterprise 9.9.14 - Buffer Overflow (SEH) Sync Breeze Enterprise 9.9.16 - Buffer Overflow (SEH) Disk Pulse Enterprise 9.9.16 - Buffer Overflow (SEH) Joomla! Component MasterForms 1.0.3 - SQL Injection Joomla! Component Photo Contest 1.0.2 - SQL Injection Wireless Repeater BE126 - Local File Inclusion Joomla! Component OSDownloads 1.7.4 - SQL Injection AutoCar 1.1 - 'category' Parameter SQL Injection Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection Matrimonial Script 2.7 - Authentication Bypass Smart Chat 1.0.0 - SQL Injection FTP Made Easy PRO 1.2 - SQL Injection WYSIWYG HTML Editor PRO 1.0 - Arbitrary File Download Easy Web Search 4.0 - SQL Injection PHP Search Engine 1.0 - SQL Injection Flash Poker 2.0 - 'game' Parameter SQL Injection Login-Reg Members Management PHP 1.0 - Arbitrary File Upload Schools Alert Management Script - Authentication Bypass	2017-08-29 05:01:21 +00:00

1 2 3 4 5 ...

1019 commits