exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Offensive Security	b4c96a5864	DB: 2021-09-03 28807 changes to exploits/shellcodes	2021-09-03 20:19:21 +00:00
Offensive Security	36c084c351	DB: 2021-09-03 45419 changes to exploits/shellcodes 2 new exploits/shellcodes Too many to list!	2021-09-03 13:39:06 +00:00
Offensive Security	641d6cca75	DB: 2018-06-28 3 changes to exploits/shellcodes WinEggDropShell 1.7 - Unauthenticated Multiple Remote Stack Overflows (PoC) WinEggDropShell 1.7 - Multiple Remote Stack Overflows (PoC) FileCOPA FTP Server 1.01 - 'USER' Unauthenticated Remote Denial of Service FileCOPA FTP Server 1.01 - 'USER' Remote Denial of Service Asterisk 1.2.15/1.4.0 - Unauthenticated Remote Denial of Service Asterisk 1.2.15/1.4.0 - Remote Denial of Service Mercury/32 Mail SMTPD - Unauthenticated Remote Stack Overrun (PoC) Mercury/32 Mail SMTPD - Remote Stack Overrun (PoC) Hexamail Server 3.0.0.001 - 'pop3' Unauthenticated Remote Overflow (PoC) Hexamail Server 3.0.0.001 - 'pop3' Remote Overflow (PoC) Airsensor M520 - HTTPd Unauthenticated Remote Denial of Service / Buffer Overflow (PoC) Airsensor M520 - HTTPd Remote Denial of Service / Buffer Overflow (PoC) McAfee E-Business Server 8.5.2 - Unauthenticated Remote Code Execution / Denial of Service (PoC) McAfee E-Business Server 8.5.2 - Remote Code Execution / Denial of Service (PoC) freeSSHd 1.2.1 - Authenticated Remote Stack Overflow (PoC) freeSSHd 1.2.1 - (Authenticated) Remote Stack Overflow (PoC) vsftpd 2.0.5 - 'CWD' Authenticated Remote Memory Consumption vsftpd 2.0.5 - 'CWD' (Authenticated) Remote Memory Consumption Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow (Denial of Service) (PoC) Surgemail 39e-1 - (Authenticated) IMAP Remote Buffer Overflow (Denial of Service) (PoC) Oracle Internet Directory 10.1.4 - Unauthenticated Remote Denial of Service Oracle Internet Directory 10.1.4 - Remote Denial of Service RhinoSoft Serv-U FTP Server 7.3 - Authenticated 'stou con:1' Denial of Service RhinoSoft Serv-U FTP Server 7.3 - (Authenticated) 'stou con:1' Denial of Service Noticeware E-mail Server 5.1.2.2 - 'POP3' Unauthenticated Denial of Service Noticeware E-mail Server 5.1.2.2 - 'POP3' Denial of Service freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow (PoC) Addonics NAS Adapter - Authenticated Denial of Service Addonics NAS Adapter - (Authenticated) Denial of Service RhinoSoft Serv-U FTP Server 7.4.0.1 - 'SMNT' Authenticated Denial of Service RhinoSoft Serv-U FTP Server 7.4.0.1 - 'SMNT' (Authenticated) Denial of Service XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC) XRDP 0.4.1 - Remote Buffer Overflow (PoC) Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service Addonics NAS Adapter - 'bts.cgi' (Authenticated) Remote Denial of Service MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String (PoC) MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String (PoC) FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service Cerberus FTP server 3.0.6 - Denial of Service FtpXQ 3.0 - Authenticated Remote Denial of Service FtpXQ 3.0 - (Authenticated) Remote Denial of Service httpdx 1.5.2 - Unauthenticated Remote Denial of Service (PoC) httpdx 1.5.2 - Remote Denial of Service (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Crash (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (PoC) httpdx 1.5.3b - Multiple Unauthenticated Remote Denial of Service Vulnerabilities (PoC) Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC) httpdx 1.5.3b - Multiple Remote Denial of Service Vulnerabilities (PoC) Kerio MailServer 6.2.2 - Remote Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Crashs (SEH) (PoC) eDisplay Personal FTP Server 1.0.0 - Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - (Authenticated) Multiple Crashs (SEH) (PoC) IncrediMail 2.0 - ActiveX (Authenticate) Buffer Overflow (PoC) IncrediMail 2.0 - ActiveX (Authenticated) Buffer Overflow (PoC) (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Denial of Service Microsoft Windows Server 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow Microsoft Windows Server 2003 - AD BROWSER ELECTION Remote Heap Overflow IPComp - encapsulation Unauthenticated Kernel Memory Corruption IPComp - encapsulation Kernel Memory Corruption Wyse - Unauthenticated Machine Remote Power Off (Denial of Service) (Metasploit) Wyse - Machine Remote Power Off (Denial of Service) (Metasploit) WFTPD 2.4.1RC11 - Unauthenticated MLST Command Remote Denial of Service WFTPD 2.4.1RC11 - MLST Command Remote Denial of Service RobotFTP Server 1.0/2.0 - Unauthenticated Remote Command Denial of Service RobotFTP Server 1.0/2.0 - Remote Command Denial of Service Alt-N MDaemon 2-8 - IMAP Unauthenticated Remote Buffer Overflow Alt-N MDaemon 2-8 - IMAP Remote Buffer Overflow Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Unauthenticated Remote Reboot (Denial of Service) Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Remote Reboot (Denial of Service) Microsoft Windows - Unauthenticated SMB Remote Code Execution Scanner (MS17-010) (Metasploit) Microsoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit) OpenVPN 2.4.0 - Unauthenticated Denial of Service OpenVPN 2.4.0 - Denial of Service NetAccess IP3 - Authenticated Ping Option Command Injection NetAccess IP3 - (Authenticated) Ping Option Command Injection Cobalt Linux 6.0 - RaQ Authenticate Privilege Escalation Cobalt Linux 6.0 - RaQ (Authenticated) Privilege Escalation Hosting Controller 0.6.1 - Unauthenticated User Registration (1) Hosting Controller 0.6.1 - User Registration (1) Hosting Controller 0.6.1 - Unauthenticated User Registration (2) Hosting Controller 0.6.1 - User Registration (2) HP-UX FTP Server - Unauthenticated Directory Listing (Metasploit) HP-UX FTP Server - Directory Listing (Metasploit) IBM Lotus Domino Server 6.5 - Unauthenticated Remote Overflow IBM Lotus Domino Server 6.5 - Remote Overflow Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2) Frontbase 4.2.7 - (Authenticated) Remote Buffer Overflow (2.2) IBM Tivoli Provisioning Manager - Unauthenticated Remote Overflow (Egghunter) IBM Tivoli Provisioning Manager - Remote Overflow (Egghunter) Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Remote Overflow SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow Mercury/32 Mail Server 3.32 < 4.51 - SMTP Unauthenticated EIP Overwrite SIDVault LDAP Server - Remote Buffer Overflow Mercury/32 Mail Server 3.32 < 4.51 - SMTP EIP Overwrite Mercury/32 4.52 IMAPD - 'SEARCH' Authenticated Overflow Mercury/32 4.52 IMAPD - 'SEARCH' (Authenticated) Overflow SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution SAP MaxDB 7.6.03.07 - Remote Command Execution MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow MailEnable Professional/Enterprise 3.13 - 'Fetch' (Authenticated) Remote Buffer Overflow NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal NetWin Surgemail 3.8k4-4 - IMAP (Authenticated) Remote LIST Universal HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'OVAS.exe' Unauthenticated Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'OVAS.exe' Overflow (SEH) BigAnt Server 2.2 - Unauthenticated Remote Overflow (SEH) BigAnt Server 2.2 - Remote Overflow (SEH) freeSSHd 1.2.1 - Authenticated Remote Overflow (SEH) freeSSHd 1.2.1 - (Authenticated) Remote Overflow (SEH) Debian OpenSSH - Authenticated Remote SELinux Privilege Escalation Debian OpenSSH - (Authenticated) Remote SELinux Privilege Escalation Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement Serv-U FTP Server 7.3 - (Authenticated) Remote FTP File Replacement WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow WinFTP Server 2.3.0 - 'LIST' (Authenticated) Remote Buffer Overflow Telnet-Ftp Service Server 1.x - Multiple Authenticated Vulnerabilities Femitter FTP Server 1.x - Multiple Authenticated Vulnerabilities Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities cPanel - Authenticated 'lastvisit.html Domain' Arbitrary File Disclosure cPanel - (Authenticated) 'lastvisit.html Domain' Arbitrary File Disclosure Adobe JRun 4 - 'logfile' Authenticated Directory Traversal Adobe JRun 4 - 'logfile' (Authenticated) Directory Traversal HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Unauthenticated Remote Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Remote Buffer Overflow Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Overflow (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Remote Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1) EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (1) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Buffer Overflow (Metasploit) eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (1) eDisplay Personal FTP Server 1.0.0 - (Authenticated) Multiple Stack Buffer Overflows (1) eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (2) eDisplay Personal FTP Server 1.0.0 - (Authenticated) Multiple Stack Buffer Overflows (2) EasyFTP Server 1.7.0.2 - 'MKD' Authenticated Remote Buffer Overflow EasyFTP Server 1.7.0.2 - 'MKD' (Authenticated) Remote Buffer Overflow Iomega Home Media Network Hard Drive 2.038 < 2.061 - Unauthenticated File-system Access Iomega Home Media Network Hard Drive 2.038 < 2.061 - File-system Access ProSSHD 1.2 - Authenticated Remote (ASLR + DEP Bypass) ProSSHD 1.2 - (Authenticated) Remote (ASLR + DEP Bypass) Tiki Wiki 15.1 - Unauthenticated File Upload (Metasploit) Tiki Wiki 15.1 - File Upload (Metasploit) EasyFTP Server 1.7.0.11 - 'MKD' Authenticated Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'CWD' Authenticated Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'MKD' (Authenticated) Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'LIST' (Authenticated) Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'CWD' (Authenticated) Remote Buffer Overflow EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - 'LIST' (Authenticated) Remote Buffer Overflow (Metasploit) UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflows EasyFTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflows Home FTP Server 1.11.1.149 - Authenticated Directory Traversal Home FTP Server 1.11.1.149 - (Authenticated) Directory Traversal Linksys WAP610N - Unauthenticated Root Access Security Linksys WAP610N - Root Access Security ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow Axis2 - Authenticated Code Execution (via REST) (Metasploit) Axis2 - (Authenticated) Code Execution (via REST) (Metasploit) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) (Metasploit) Axis2 / SAP BusinessObjects - (Authenticated) Code Execution (via SOAP) (Metasploit) Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit) Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit) Microsoft Windows - Authenticated User Code Execution (Metasploit) Microsoft Windows - (Authenticated) User Code Execution (Metasploit) Novell NetMail 3.52d - IMAP Authenticate Buffer Overflow (Metasploit) Novell NetMail 3.52d - IMAP (Authenticated) Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Stack Buffer Overflow (Metasploit) Squid - NTLM Authenticate Overflow (Metasploit) Squid - NTLM (Authenticated) Overflow (Metasploit) ManageEngine Applications Manager - Authenticated Code Execution (Metasploit) ManageEngine Applications Manager - (Authenticated) Code Execution (Metasploit) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (2) EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (2) ActFax Server FTP - Authenticated Remote Buffer Overflow ActFax Server FTP - (Authenticated) Remote Buffer Overflow Blue Coat Reporter - Unauthenticated Directory Traversal Blue Coat Reporter - Directory Traversal Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution Avaya WinPDM UniteHostRouter 3.8.2 - Remote Command Execution Sysax Multi Server 5.53 - SFTP Authenticated (SEH) Sysax 5.53 - SSH 'Username' Remote Buffer Overflow Unauthenticated Remote Code Execution (Egghunter) Sysax Multi Server 5.53 - SFTP (Authenticated) (SEH) Sysax 5.53 - SSH 'Username' Remote Buffer Overflow Remote Code Execution (Egghunter) MailMax 4.6 - POP3 'USER' Unauthenticated Remote Buffer Overflow MailMax 4.6 - POP3 'USER' Remote Buffer Overflow Webmin 0.9x / Usermin 0.9x/1.0 - Unauthenticated Access Session ID Spoofing Webmin 0.9x / Usermin 0.9x/1.0 - Access Session ID Spoofing MySQL - Unauthenticated Remote User Enumeration MySQL - Remote User Enumeration DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3) DameWare Mini Remote Control Server 3.7x - Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Buffer Overflow (3) NetWin SurgeFTP - Authenticated Admin Command Injection (Metasploit) NetWin SurgeFTP - (Authenticated) Admin Command Injection (Metasploit) Ubiquiti AirOS 5.5.2 - Authenticated Remote Command Execution Ubiquiti AirOS 5.5.2 - (Authenticated) Remote Command Execution Firebird 1.0 - Unauthenticated Remote Database Name Buffer Overrun Firebird 1.0 - Remote Database Name Buffer Overrun Novell NCP - Unauthenticated Remote Command Execution Novell NCP - Remote Command Execution Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload (Metasploit) Kordil EDms 2.2.60rc3 - Arbitrary File Upload (Metasploit) SAP ConfigServlet - Unauthenticated Remote Payload Execution (Metasploit) SAP ConfigServlet - Remote Payload Execution (Metasploit) phpMyAdmin - 'preg_replace' Authenticated Remote Code Execution (Metasploit) phpMyAdmin - 'preg_replace' (Authenticated) Remote Code Execution (Metasploit) D-Link Devices - 'command.php' Unauthenticated Remote Command Execution (Metasploit) D-Link Devices - 'command.php' Remote Command Execution (Metasploit) D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit) D-Link Devices - 'tools_vct.xgi' Remote Command Execution (Metasploit) MikroTik RouterOS - sshd (ROSSSH) Unauthenticated Remote Heap Corruption MikroTik RouterOS - sshd (ROSSSH) Remote Heap Corruption Raidsonic NAS Devices - Unauthenticated Remote Command Execution (Metasploit) Raidsonic NAS Devices - Remote Command Execution (Metasploit) vTiger CRM 5.3.0 5.4.0 - Authenticated Remote Code Execution (Metasploit) vTiger CRM 5.3.0 5.4.0 - (Authenticated) Remote Code Execution (Metasploit) Zabbix - Authenticated Remote Command Execution (Metasploit) ISPConfig - Authenticated Arbitrary PHP Code Execution (Metasploit) Zabbix - (Authenticated) Remote Command Execution (Metasploit) ISPConfig - (Authenticated) Arbitrary PHP Code Execution (Metasploit) ProcessMaker Open Source - Authenticated PHP Code Execution (Metasploit) ProcessMaker Open Source - (Authenticated) PHP Code Execution (Metasploit) Linksys E-series - Unauthenticated Remote Code Execution Linksys E-series - Remote Code Execution Apache Tomcat Manager - Application Upload Authenticated Code Execution (Metasploit) Apache Tomcat Manager - Application Upload (Authenticated) Code Execution (Metasploit) Fritz!Box Webcm - Unauthenticated Command Injection (Metasploit) Fritz!Box Webcm - Command Injection (Metasploit) Sophos Web Protection Appliance Interface - Authenticated Arbitrary Command Execution (Metasploit) Sophos Web Protection Appliance Interface - (Authenticated) Arbitrary Command Execution (Metasploit) Vtiger - 'Install' Unauthenticated Remote Command Execution (Metasploit) Vtiger - 'Install' Remote Command Execution (Metasploit) Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root Remote Code Execution (Metasploit) Unitrends Enterprise Backup 7.3.0 - Root Remote Code Execution (Metasploit) Gitlist - Unauthenticated Remote Command Execution (Metasploit) WordPress Plugin MailPoet Newsletters 2.6.8 - 'wysija-newsletters' Unauthenticated Arbitrary File Upload (Metasploit) Gitlist - Remote Command Execution (Metasploit) WordPress Plugin MailPoet Newsletters 2.6.8 - 'wysija-newsletters' Arbitrary File Upload (Metasploit) D-Link Devices - Unauthenticated UPnP M-SEARCH Multicast Command Injection (Metasploit) D-Link Devices - UPnP M-SEARCH Multicast Command Injection (Metasploit) F5 Big-IP - Unauthenticated rsync Access F5 Big-IP - rsync Access Wing FTP Server - Authenticated Command Execution (Metasploit) Wing FTP Server - (Authenticated) Command Execution (Metasploit) Tincd - Authenticated Remote TCP Stack Buffer Overflow (Metasploit) Tincd - (Authenticated) Remote TCP Stack Buffer Overflow (Metasploit) Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Remote Code Execution Shuttle Tech ADSL Modem/Router 915 WM - Unauthenticated Remote DNS Change Shuttle Tech ADSL Modem/Router 915 WM - Remote DNS Change ManageEngine (Multiple Products) - Authenticated Arbitrary File Upload (Metasploit) ManageEngine (Multiple Products) - (Authenticated) Arbitrary File Upload (Metasploit) D-Link DSL-2740R - Unauthenticated Remote DNS Change D-Link DSL-2740R - Remote DNS Change LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure LG DVR LE6016D - Remote Users/Passwords Disclosure Symantec Web Gateway 5 - 'restore.php' Authenticated Command Injection (Metasploit) Symantec Web Gateway 5 - 'restore.php' (Authenticated) Command Injection (Metasploit) Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit) Seagate Business NAS - Remote Command Execution (Metasploit) ElasticSearch - Unauthenticated Remote Code Execution ElasticSearch - Remote Code Execution Barracuda Firmware 5.0.0.012 - Authenticated Remote Command Execution (Metasploit) Barracuda Firmware 5.0.0.012 - (Authenticated) Remote Command Execution (Metasploit) Konica Minolta FTP Utility 1.00 - Authenticated CWD Command Overflow (SEH) (Metasploit) Konica Minolta FTP Utility 1.00 - (Authenticated) CWD Command Overflow (SEH) (Metasploit) Zpanel - Unauthenticated Remote Code Execution (Metasploit) Zpanel - Remote Code Execution (Metasploit) SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities SKIDATA Freemotion.Gate - Web Services Multiple Command Execution Vulnerabilities D-Link DCS-930L - Authenticated Remote Command Execution (Metasploit) D-Link DCS-930L - (Authenticated) Remote Command Execution (Metasploit) OpenSSH 7.2p1 - Authenticated xauth Command Injection OpenSSH 7.2p1 - (Authenticated) xauth Command Injection Novell ServiceDesk - Authenticated Arbitrary File Upload (Metasploit) Novell ServiceDesk - (Authenticated) Arbitrary File Upload (Metasploit) Bomgar Remote Support - Unauthenticated Code Execution (Metasploit) Bomgar Remote Support - Code Execution (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - (Authenticated) Remote Command Execution (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - (Authenticated) Remote Command Execution (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - (Authenticated) Remote Command Execution (Metasploit) AsusWRT Router < 3.0.0.4.380.7743 - Unauthenticated LAN Remote Code Execution AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution NETGEAR JNR1010 ADSL Router - Authenticated Remote File Disclosure NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - Authenticated Remote File Disclosure NETGEAR JNR1010 ADSL Router - (Authenticated) Remote File Disclosure NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - (Authenticated) Remote File Disclosure D-Link DIR-Series Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) D-Link DIR-Series Routers - HNAP Login Stack Buffer Overflow (Metasploit) MVPower DVR TV-7104HE 1.8.4 115215B9 - Shell Unauthenticated Command Execution (Metasploit) MVPower DVR TV-7104HE 1.8.4 115215B9 - Shell Command Execution (Metasploit) HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit) HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit) HPE iMC - dbman 'RestoreDBase' Remote Command Execution (Metasploit) HPE iMC - dbman 'RestartDB' Remote Command Execution (Metasploit) phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit) phpCollab 2.5.1 - File Upload (Metasploit) Supervisor 3.0a1 < 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit) Supervisor 3.0a1 < 3.3.2 - XML-RPC (Authenticated) Remote Code Execution (Metasploit) NETGEAR WNR2000v5 - Unauthenticated 'hidden_lang_avi' Remote Stack Overflow (Metasploit) NETGEAR WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit) Tenable Appliance < 4.5 - Unauthenticated Root Remote Code Execution Tenable Appliance < 4.5 - Root Remote Code Execution Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution Octopus Deploy - Authenticated Code Execution (Metasploit) Octopus Deploy - (Authenticated) Code Execution (Metasploit) Logpoint < 5.6.4 - Unauthenticated Root Remote Code Execution Logpoint < 5.6.4 - Root Remote Code Execution VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Unauthenticated Command Execution (Metasploit) VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Command Execution (Metasploit) UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code Execution UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution (Metasploit) Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit) Wireless IP Camera (P2P) WIFICAM - Unauthenticated Remote Code Execution Wireless IP Camera (P2P) WIFICAM - Remote Code Execution D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit) D-Link DIR-850L - OS Command Execution (Metasploit) pfSense - Authenticated Group Member Remote Command Execution (Metasploit) pfSense - (Authenticated) Group Member Remote Command Execution (Metasploit) AsusWRT LAN - Unauthenticated Remote Code Execution (Metasploit) AsusWRT LAN - Remote Code Execution (Metasploit) Tenda AC15 Router - Unauthenticated Remote Code Execution Tenda AC15 Router - Remote Code Execution Unitrends UEB 10.0 - Unauthenticated Root Remote Code Execution Unitrends UEB 10.0 - Root Remote Code Execution xdebug < 2.5.5 - Unauthenticated OS Command Execution (Metasploit) xdebug < 2.5.5 - OS Command Execution (Metasploit) PlaySMS - 'import.php' Authenticated CSV File Upload Code Execution (Metasploit) PlaySMS 1.4 - 'sendfromfile.php?Filename' Authenticated 'Code Execution (Metasploit) PlaySMS - 'import.php' (Authenticated) CSV File Upload Code Execution (Metasploit) PlaySMS 1.4 - 'sendfromfile.php?Filename' (Authenticated) 'Code Execution (Metasploit) Quest KACE Systems Management - Command Injection (Metasploit) Hosting Controller 0.6.1 - Unauthenticated User Registration (3) Hosting Controller 0.6.1 - User Registration (3) Hosting Controller 6.1 Hotfix 3.2 - Unauthenticated Access Hosting Controller 6.1 Hotfix 3.2 - Access e107 0.7.8 - 'mailout.php' Authenticated Access Escalation e107 0.7.8 - 'mailout.php' (Authenticated) Access Escalation Joomla! Component JPad 1.0 - Authenticated SQL Injection Joomla! Component JPad 1.0 - (Authenticated) SQL Injection AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload zFeeder 1.6 - 'admin.php' Unauthenticated Admin Bypass zFeeder 1.6 - 'admin.php' Admin Bypass Hannon Hill Cascade Server - Authenticated Command Execution Hannon Hill Cascade Server - (Authenticated) Command Execution Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution Gravity Board X 2.0 Beta - SQL Injection / (Authenticated) Code Execution Papoo CMS 3.7.3 - Authenticated Arbitrary Code Execution Papoo CMS 3.7.3 - (Authenticated) Arbitrary Code Execution HP Release Control - Authenticated XML External Entity (Metasploit) HP Release Control - (Authenticated) XML External Entity (Metasploit) 3Com* iMC (Intelligent Management Center) - Unauthenticated Traversal File Retrieval 3Com* iMC (Intelligent Management Center) - Traversal File Retrieval Apache Axis2 Administration Console - Authenticated Cross-Site Scripting Apache Axis2 Administration Console - (Authenticated) Cross-Site Scripting dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting) dotDefender 3.8-5 - Remote Code Execution (via Cross-Site Scripting) Mitel AWC - Unauthenticated Command Execution Mitel AWC - Command Execution TYPO3 - Unauthenticated Arbitrary File Retrieval TYPO3 - Arbitrary File Retrieval vTiger CRM 5.0.4 - Unauthenticated Local File Inclusion vTiger CRM 5.0.4 - Local File Inclusion N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code N_CMS 1.1E - Local File Inclusion / Remote Code IF-CMS 2.07 - Unauthenticated Local File Inclusion (1) IF-CMS 2.07 - Local File Inclusion (1) SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit SQL-Ledger 2.8.33 - (Authenticated) Local File Inclusion / Edit IF-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2) IF-CMS 2.07 - Local File Inclusion (Metasploit) (2) Sun/Oracle GlassFish Server - Authenticated Code Execution (Metasploit) Sun/Oracle GlassFish Server - (Authenticated) Code Execution (Metasploit) TomatoCart 1.1 - Authenticated Local File Inclusion TomatoCart 1.1 - (Authenticated) Local File Inclusion ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Unauthenticated Directory Traversal ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal PHP Grade Book 1.9.4 - Unauthenticated SQL Database Export PHP Grade Book 1.9.4 - SQL Database Export Dolibarr ERP/CRM 3 - Authenticated OS Command Injection (Metasploit) Dolibarr ERP/CRM 3 - (Authenticated) OS Command Injection (Metasploit) WebCalendar 1.2.4 - Unauthenticated Remote Code Injection (Metasploit) WebCalendar 1.2.4 - Remote Code Injection (Metasploit) SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / (Authenticated) SQL Injection PostNuke 0.6 - Unauthenticated User Login PostNuke 0.6 - User Login Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection Trend Micro Control Manager 5.5/6.0 AdHocQuery - (Authenticated) Blind SQL Injection WordPress Theme Archin 3.2 - Unauthenticated Configuration Access WordPress Theme Archin 3.2 - Configuration Access Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change Exper EWM-01 ADSL/MODEM - DNS Change Geeklog 1.3.x - Authenticated SQL Injection Geeklog 1.3.x - (Authenticated) SQL Injection FirePass SSL VPN - Unauthenticated Local File Inclusion FirePass SSL VPN - Local File Inclusion vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection vbPortal 2.0 alpha 8.1 - (Authenticated) SQL Injection IRIS Citations Management Tool - Authenticated Remote Command Execution IRIS Citations Management Tool - (Authenticated) Remote Command Execution BetaParticle blog 2.0/3.0 - 'upload.asp' Unauthenticated Arbitrary File Upload BetaParticle blog 2.0/3.0 - 'myFiles.asp' Unauthenticated File Manipulation BetaParticle blog 2.0/3.0 - 'upload.asp' Arbitrary File Upload BetaParticle blog 2.0/3.0 - 'myFiles.asp' File Manipulation YeaLink IP Phone Firmware 9.70.0.100 - Unauthenticated Phone Call YeaLink IP Phone Firmware 9.70.0.100 - Phone Call HelpDeskZ 1.0.2 - Unauthenticated Arbitrary File Upload HelpDeskZ 1.0.2 - Arbitrary File Upload aoblogger 2.3 - 'create.php' Unauthenticated Entry Creation aoblogger 2.3 - 'create.php' Entry Creation WordPress Plugin Dexs PM System - Authenticated Persistent Cross-Site Scripting WordPress Plugin Dexs PM System - (Authenticated) Persistent Cross-Site Scripting ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change ASUS DSL-X11 ADSL Router - DNS Change COMTREND ADSL Router CT-5367 C01_R12 / CT-5624 C01_R03 - Unauthenticated DNS Change COMTREND ADSL Router CT-5367 C01_R12 / CT-5624 C01_R03 - DNS Change Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change Tenda ADSL2/2+ Modem 963281TAN - DNS Change PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change PLANET VDR-300NU ADSL Router - DNS Change PIKATEL 96338WS_ 96338L-2M-8M - Unauthenticated DNS Change PIKATEL 96338WS_ 96338L-2M-8M - DNS Change Inteno EG101R1 VoIP Router - Unauthenticated DNS Change Inteno EG101R1 VoIP Router - DNS Change LifeSize UVC 1.2.6 - Authenticated Remote Code Execution LifeSize UVC 1.2.6 - (Authenticated) Remote Code Execution Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Web Shell Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell EMC Cloud Tiering Appliance 10.0 - Unauthenticated XML External Entity Arbitrary File Read (Metasploit) EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit) Alienvault 4.5.0 - Authenticated SQL Injection (Metasploit) Alienvault 4.5.0 - (Authenticated) SQL Injection (Metasploit) Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting Alienvault 4.3.1 - SQL Injection / Cross-Site Scripting Alienvault Open Source SIEM (OSSIM) 4.6.1 - Authenticated SQL Injection (Metasploit) Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit) FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution FreePBX 13.0.x < 13.0.154 - Remote Command Execution Lunar CMS 3.3 - Unauthenticated Remote Command Execution Lunar CMS 3.3 - Remote Command Execution ISPConfig 3.0.54p1 - Authenticated Admin Privilege Escalation ISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation Plogger 1.0-RC1 - Authenticated Arbitrary File Upload Plogger 1.0-RC1 - (Authenticated) Arbitrary File Upload ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution ActualAnalyzer Lite 2.81 - Command Execution WordPress Plugin Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection WordPress Plugin Premium Gallery Manager - Unauthenticated Configuration Access WordPress Plugin Premium Gallery Manager - Configuration Access ZTE ZXDSL-931VII - Unauthenticated Configuration Dump ZTE ZXDSL-931VII - Configuration Dump IPFire - Cgi Web Interface Authenticated Bash Environment Variable Code Injection IPFire - CGI Web Interface (Authenticated) Bash Environment Variable Code Injection SEO Control Panel 3.6.0 - Authenticated SQL Injection SEO Control Panel 3.6.0 - (Authenticated) SQL Injection Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection Subex Fms 7.4 - Unauthenticated SQL Injection Tapatalk for vBulletin 4.x - Blind SQL Injection Subex Fms 7.4 - SQL Injection WordPress Plugin wpDataTables 1.5.3 - Unauthenticated Arbitrary File Upload WordPress Plugin wpDataTables 1.5.3 - Arbitrary File Upload WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload PMB 4.1.3 - Authenticated SQL Injection PMB 4.1.3 - (Authenticated) SQL Injection D-Link DSL-2640B ADSL Router - 'ddnsmngr' Unauthenticated Remote DNS Change D-Link DSL-2640B ADSL Router - 'ddnsmngr' Remote DNS Change Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution Seagate Business NAS 2014.00319 - Remote Code Execution WordPress Plugin Ultimate Product Catalogue - Unauthenticated SQL Injection (1) WordPress Plugin Ultimate Product Catalogue - Unauthenticated SQL Injection (2) WordPress Plugin Ultimate Product Catalogue - SQL Injection (1) WordPress Plugin Ultimate Product Catalogue - SQL Injection (2) WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection WordPress Plugin Freshmail 1.5.8 - SQL Injection Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change Broadlight Residential Gateway DI3124 - Remote DNS Change D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change D-Link DSL-2780B DLink_1.01.14 - Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Remote DNS Change D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change D-Link DSL-526B ADSL2+ AU_2.01 - Remote DNS Change phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access phpCollab 2.5 - Direct Request Multiple Protected Page Access AirDroid - Unauthenticated Arbitrary File Upload AirDroid - Arbitrary File Upload D-Link DSL-2750u / DSL-2730u - Authenticated Local File Disclosure D-Link DSL-2750u / DSL-2730u - (Authenticated) Local File Disclosure Zenoss 3.2.1 - Authenticated Remote Command Execution Zenoss 3.2.1 - (Authenticated) Remote Command Execution WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - Authenticated Persistent Cross-Site Scripting WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - (Authenticated) Persistent Cross-Site Scripting Magento CE < 1.9.0.1 - Authenticated Remote Code Execution Magento CE < 1.9.0.1 - (Authenticated) Remote Code Execution BigTree CMS 4.2.3 - Authenticated SQL Injection BigTree CMS 4.2.3 - (Authenticated) SQL Injection vTiger CRM 6.3.0 - Authenticated Remote Code Execution vTiger CRM 6.3.0 - (Authenticated) Remote Code Execution ZTE ZXHN H108N Router - Unauthenticated Configuration Disclosure ZTE ZXHN H108N Router - Configuration Disclosure vBulletin 5.1.x - Unauthenticated Remote Code Execution vBulletin 5.1.x - Remote Code Execution Jenkins 1.633 - Unauthenticated Credential Recovery Jenkins 1.633 - Credential Recovery MediaAccess TG788vn - Unauthenticated File Disclosure MediaAccess TG788vn - File Disclosure WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution WhatsUp Gold 16.3 - Remote Code Execution WordPress Plugin Booking Calendar Contact Form 1.1.23 - Unauthenticated SQL Injection WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection Dell OpenManage Server Administrator 8.2 - Authenticated Directory Traversal Dell OpenManage Server Administrator 8.2 - (Authenticated) Directory Traversal Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Unauthenticated Remote Command Execution (Metasploit) Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Remote Command Execution (Metasploit) Observium 0.16.7533 - Authenticated Arbitrary Command Execution Observium 0.16.7533 - (Authenticated) Arbitrary Command Execution Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize / Arbitrary Write File Magento < 2.0.6 - Arbitrary Unserialize / Arbitrary Write File Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Unauthenticated Arbitrary File Upload Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Arbitrary File Upload CyberPower Systems PowerPanel 3.1.2 - Unauthenticated XML External Entity Out-Of-Band Data Retrieval CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval vBulletin 4.x/5.x - AdminCP/ApiLog via xmlrpc API Authenticated Persistent Cross-Site Scripting vBulletin 4.x - breadcrumbs via xmlrpc API Authenticated SQL Injection vBulletin 4.x/5.x - AdminCP/ApiLog via xmlrpc API (Authenticated) Persistent Cross-Site Scripting vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection AXIS (Multiple Products) - 'devtools ' Authenticated Remote Command Execution AXIS (Multiple Products) - 'devtools ' (Authenticated) Remote Command Execution PHP gettext 1.0.12 - 'gettext.php' Unauthenticated Code Execution PHP gettext 1.0.12 - 'gettext.php' Code Execution phpMyAdmin 4.6.2 - Authenticated Remote Code Execution phpMyAdmin 4.6.2 - (Authenticated) Remote Code Execution vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery vBulletin 5.2.2 - Server-Side Request Forgery MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change MESSOA IP Cameras (Multiple Models) - Password Change D-Link DSL-2640R - Unauthenticated DNS Change D-Link DSL-2640R - DNS Change GitStack 2.3.10 - Unauthenticated Remote Code Execution GitStack 2.3.10 - Remote Code Execution InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Command Execution InfraPower PPS-02-S Q213V1 - Remote Command Execution Kaseya Virtual System Administrator (VSA) 7.0 < 9.1 - Authenticated Arbitrary File Upload Kaseya Virtual System Administrator (VSA) 7.0 < 9.1 - (Authenticated) Arbitrary File Upload Pirelli DRG A115 ADSL Router - Unauthenticated DNS Change Tenda ADSL2/2+ Modem D840R - Unauthenticated DNS Change Pirelli DRG A115 ADSL Router - DNS Change Tenda ADSL2/2+ Modem D840R - DNS Change Tenda ADSL2/2+ Modem D820R - Unauthenticated DNS Change Tenda ADSL2/2+ Modem D820R - DNS Change Pirelli DRG A115 v3 ADSL Router - Unauthenticated DNS Change Pirelli DRG A115 v3 ADSL Router - DNS Change HelpDeskZ < 1.0.2 - Authenticated SQL Injection / Unauthorized File Download HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Python) WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Ruby) WordPress 4.7.0/4.7.1 - Content Injection (Python) WordPress 4.7.0/4.7.1 - Content Injection (Ruby) vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion vBulletin 5 - 'routestring' Remote Code Execution vBulletin 5 - 'cacheTemplates' Remote Arbitrary File Deletion Cobbler 2.8.0 - Authenticated Remote Code Execution Cobbler 2.8.0 - (Authenticated) Remote Code Execution FiberHome AN5506 - Unauthenticated Remote DNS Change FiberHome AN5506 - Remote DNS Change GitStack - Unauthenticated Remote Code Execution Ametys CMS 4.0.2 - Unauthenticated Password Reset GitStack - Remote Code Execution Ametys CMS 4.0.2 - Password Reset Geneko Routers - Unauthenticated Path Traversal Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Unauthenticated Remote Code Execution Geneko Routers - Path Traversal Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Remote Code Execution WordPress Plugin Ninja Forms 2.9.36 < 2.9.42 - Unauthenticated File Upload (Metasploit) WordPress Plugin Ninja Forms 2.9.36 < 2.9.42 - File Upload (Metasploit) WordPress 4.6 - Unauthenticated Remote Code Execution WordPress 4.6 - Remote Code Execution TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Root Remote Code Execution TerraMaster F2-420 NAS TOS 3.0.30 - Root Remote Code Execution iBall Baton iB-WRA150N - Unauthenticated DNS Change iBall Baton iB-WRA150N - DNS Change UTstarcom WA3002G4 - Unauthenticated DNS Change D-Link DSL-2640U - Unauthenticated DNS Change Beetel BCM96338 Router - Unauthenticated DNS Change D-Link DSL-2640B ADSL Router - 'dnscfg' Unauthenticated Remote DNS Change UTstarcom WA3002G4 - DNS Change D-Link DSL-2640U - DNS Change Beetel BCM96338 Router - DNS Change D-Link DSL-2640B ADSL Router - 'dnscfg' Remote DNS Change Symantec Messaging Gateway 10.6.3-2 - Unauthenticated Root Remote Command Execution Symantec Messaging Gateway 10.6.3-2 - Root Remote Command Execution TP-Link WR940N - Authenticated Remote Code TP-Link WR940N - (Authenticated) Remote Code Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload Accesspress Anonymous Post Pro < 3.2.0 - Arbitrary File Upload ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit) ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit) Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit) Vtiger CRM 6.3.0 - (Authenticated) Arbitrary File Upload (Metasploit) Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC) Drupal < 7.58 - 'drupalgeddon3' (Authenticated) Remote Code Execution (PoC) HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting HRSALE The Ultimate HRM 1.0.2 - (Authenticated) Cross-Site Scripting Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command Execution Jfrog Artifactory < 4.16 - Arbitrary File Upload / Remote Command Execution GitList 0.6 - Unauthenticated Remote Code Execution TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot GitList 0.6 - Remote Code Execution TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Remote Reboot Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit) Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit) WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent Cross-Site Scripting WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - (Authenticated) Persistent Cross-Site Scripting JasperReports - Authenticated File Read JasperReports - (Authenticated) File Read Wordpress < 4.9.6 - (Authenticated) Arbitrary File Deletion HPE VAN SDN 2.7.18.0503 - Remote Root	2018-06-28 05:01:45 +00:00

Author

SHA1

Message

Date

Offensive Security

b4c96a5864

DB: 2021-09-03

28807 changes to exploits/shellcodes

2021-09-03 20:19:21 +00:00

Offensive Security

36c084c351

DB: 2021-09-03

45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!

2021-09-03 13:39:06 +00:00

Offensive Security

641d6cca75

DB: 2018-06-28

3 changes to exploits/shellcodes

WinEggDropShell 1.7 - Unauthenticated Multiple Remote Stack Overflows (PoC)
WinEggDropShell 1.7 - Multiple Remote Stack Overflows (PoC)

FileCOPA FTP Server 1.01 - 'USER' Unauthenticated Remote Denial of Service
FileCOPA FTP Server 1.01 - 'USER' Remote Denial of Service

Asterisk 1.2.15/1.4.0 - Unauthenticated Remote Denial of Service
Asterisk 1.2.15/1.4.0 - Remote Denial of Service

Mercury/32 Mail SMTPD - Unauthenticated Remote Stack Overrun (PoC)
Mercury/32 Mail SMTPD - Remote Stack Overrun (PoC)

Hexamail Server 3.0.0.001 - 'pop3' Unauthenticated Remote Overflow (PoC)
Hexamail Server 3.0.0.001 - 'pop3' Remote Overflow (PoC)

Airsensor M520 - HTTPd Unauthenticated Remote Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPd Remote Denial of Service / Buffer Overflow (PoC)

McAfee E-Business Server 8.5.2 - Unauthenticated Remote Code Execution / Denial of Service (PoC)
McAfee E-Business Server 8.5.2 - Remote Code Execution / Denial of Service (PoC)

freeSSHd 1.2.1 - Authenticated Remote Stack Overflow (PoC)
freeSSHd 1.2.1 - (Authenticated) Remote Stack Overflow (PoC)

vsftpd 2.0.5 - 'CWD' Authenticated Remote Memory Consumption
vsftpd 2.0.5 - 'CWD' (Authenticated) Remote Memory Consumption

Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow (Denial of Service) (PoC)
Surgemail 39e-1 - (Authenticated) IMAP Remote Buffer Overflow (Denial of Service) (PoC)

Oracle Internet Directory 10.1.4 - Unauthenticated Remote Denial of Service
Oracle Internet Directory 10.1.4 - Remote Denial of Service

RhinoSoft Serv-U FTP Server 7.3 - Authenticated 'stou con:1' Denial of Service
RhinoSoft Serv-U FTP Server 7.3 - (Authenticated) 'stou con:1' Denial of Service

Noticeware E-mail Server 5.1.2.2 - 'POP3' Unauthenticated Denial of Service
Noticeware E-mail Server 5.1.2.2 - 'POP3' Denial of Service

freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow (PoC)
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow (PoC)

freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow (PoC)
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow (PoC)

Addonics NAS Adapter - Authenticated Denial of Service
Addonics NAS Adapter - (Authenticated) Denial of Service

RhinoSoft Serv-U FTP Server 7.4.0.1 - 'SMNT' Authenticated Denial of Service
RhinoSoft Serv-U FTP Server 7.4.0.1 - 'SMNT' (Authenticated) Denial of Service

XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)
XRDP 0.4.1 - Remote Buffer Overflow (PoC)

Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service
Addonics NAS Adapter - 'bts.cgi' (Authenticated) Remote Denial of Service

MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String (PoC)
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String (PoC)

FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service

Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service
Cerberus FTP server 3.0.6 - Denial of Service

FtpXQ 3.0 - Authenticated Remote Denial of Service
FtpXQ 3.0 - (Authenticated) Remote Denial of Service

httpdx 1.5.2 - Unauthenticated Remote Denial of Service (PoC)
httpdx 1.5.2 - Remote Denial of Service (PoC)

(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Crash (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (SEH) (PoC)
EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (PoC)
httpdx 1.5.3b - Multiple Unauthenticated Remote Denial of Service Vulnerabilities (PoC)
Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)
httpdx 1.5.3b - Multiple Remote Denial of Service Vulnerabilities (PoC)
Kerio MailServer 6.2.2 - Remote Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Crashs (SEH) (PoC)
eDisplay Personal FTP Server 1.0.0 - Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - (Authenticated) Multiple Crashs (SEH) (PoC)

IncrediMail 2.0 - ActiveX (Authenticate) Buffer Overflow (PoC)
IncrediMail 2.0 - ActiveX (Authenticated) Buffer Overflow (PoC)

(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Denial of Service

Microsoft Windows Server 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow
Microsoft Windows Server 2003 - AD BROWSER ELECTION Remote Heap Overflow

IPComp - encapsulation Unauthenticated Kernel Memory Corruption
IPComp - encapsulation Kernel Memory Corruption

Wyse - Unauthenticated Machine Remote Power Off (Denial of Service) (Metasploit)
Wyse - Machine Remote Power Off (Denial of Service) (Metasploit)

WFTPD 2.4.1RC11 - Unauthenticated MLST Command Remote Denial of Service
WFTPD 2.4.1RC11 - MLST Command Remote Denial of Service

RobotFTP Server 1.0/2.0 - Unauthenticated Remote Command Denial of Service
RobotFTP Server 1.0/2.0 - Remote Command Denial of Service

Alt-N MDaemon 2-8 - IMAP Unauthenticated Remote Buffer Overflow
Alt-N MDaemon 2-8 - IMAP Remote Buffer Overflow

Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Unauthenticated Remote Reboot (Denial of Service)
Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Remote Reboot (Denial of Service)

Microsoft Windows - Unauthenticated SMB Remote Code Execution Scanner (MS17-010) (Metasploit)
Microsoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit)

OpenVPN 2.4.0 - Unauthenticated Denial of Service
OpenVPN 2.4.0 - Denial of Service

NetAccess IP3 - Authenticated Ping Option Command Injection
NetAccess IP3 - (Authenticated) Ping Option Command Injection

Cobalt Linux 6.0 - RaQ Authenticate Privilege Escalation
Cobalt Linux 6.0 - RaQ (Authenticated) Privilege Escalation

Hosting Controller 0.6.1 - Unauthenticated User Registration (1)
Hosting Controller 0.6.1 - User Registration (1)

Hosting Controller 0.6.1 - Unauthenticated User Registration (2)
Hosting Controller 0.6.1 - User Registration (2)

HP-UX FTP Server - Unauthenticated Directory Listing (Metasploit)
HP-UX FTP Server - Directory Listing (Metasploit)

IBM Lotus Domino Server 6.5 - Unauthenticated Remote Overflow
IBM Lotus Domino Server 6.5 - Remote Overflow

Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2)
Frontbase 4.2.7 - (Authenticated) Remote Buffer Overflow (2.2)

IBM Tivoli Provisioning Manager - Unauthenticated Remote Overflow (Egghunter)
IBM Tivoli Provisioning Manager - Remote Overflow (Egghunter)

Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Remote Overflow
SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow
Mercury/32 Mail Server 3.32 < 4.51 - SMTP Unauthenticated EIP Overwrite
SIDVault LDAP Server - Remote Buffer Overflow
Mercury/32 Mail Server 3.32 < 4.51 - SMTP EIP Overwrite

Mercury/32 4.52 IMAPD - 'SEARCH' Authenticated Overflow
Mercury/32 4.52 IMAPD - 'SEARCH' (Authenticated) Overflow

SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution
SAP MaxDB 7.6.03.07 - Remote Command Execution

MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow
MailEnable Professional/Enterprise 3.13 - 'Fetch' (Authenticated) Remote Buffer Overflow

NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal
NetWin Surgemail 3.8k4-4 - IMAP (Authenticated) Remote LIST Universal

HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'OVAS.exe' Unauthenticated Overflow (SEH)
HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'OVAS.exe' Overflow (SEH)

BigAnt Server 2.2 - Unauthenticated Remote Overflow (SEH)
BigAnt Server 2.2 - Remote Overflow (SEH)

freeSSHd 1.2.1 - Authenticated Remote Overflow (SEH)
freeSSHd 1.2.1 - (Authenticated) Remote Overflow (SEH)

Debian OpenSSH - Authenticated Remote SELinux Privilege Escalation
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Escalation

Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement
Serv-U FTP Server 7.3 - (Authenticated) Remote FTP File Replacement

WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
WinFTP Server 2.3.0 - 'LIST' (Authenticated) Remote Buffer Overflow
Telnet-Ftp Service Server 1.x - Multiple Authenticated Vulnerabilities
Femitter FTP Server 1.x - Multiple Authenticated Vulnerabilities
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities

cPanel - Authenticated 'lastvisit.html Domain' Arbitrary File Disclosure
cPanel - (Authenticated) 'lastvisit.html Domain' Arbitrary File Disclosure

Adobe JRun 4 - 'logfile' Authenticated Directory Traversal
Adobe JRun 4 - 'logfile' (Authenticated) Directory Traversal

HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Unauthenticated Remote Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Remote Buffer Overflow

Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow

(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Overflow
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Remote Overflow

EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1)
EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (1)

(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Buffer Overflow (Metasploit)

eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (1)
eDisplay Personal FTP Server 1.0.0 - (Authenticated) Multiple Stack Buffer Overflows (1)

eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (2)
eDisplay Personal FTP Server 1.0.0 - (Authenticated) Multiple Stack Buffer Overflows (2)

EasyFTP Server 1.7.0.2 - 'MKD' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - 'MKD' (Authenticated) Remote Buffer Overflow

Iomega Home Media Network Hard Drive 2.038 < 2.061 - Unauthenticated File-system Access
Iomega Home Media Network Hard Drive 2.038 < 2.061 - File-system Access

ProSSHD 1.2 - Authenticated Remote (ASLR + DEP Bypass)
ProSSHD 1.2 - (Authenticated) Remote (ASLR + DEP Bypass)

Tiki Wiki 15.1 - Unauthenticated File Upload (Metasploit)
Tiki Wiki 15.1 - File Upload (Metasploit)
EasyFTP Server 1.7.0.11 - 'MKD' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'CWD' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'MKD' (Authenticated) Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'LIST' (Authenticated) Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'CWD' (Authenticated) Remote Buffer Overflow

EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - 'LIST' (Authenticated) Remote Buffer Overflow (Metasploit)

UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow

EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflows
EasyFTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflows

Home FTP Server 1.11.1.149 - Authenticated Directory Traversal
Home FTP Server 1.11.1.149 - (Authenticated) Directory Traversal

Linksys WAP610N - Unauthenticated Root Access Security
Linksys WAP610N - Root Access Security

ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow

Axis2 - Authenticated Code Execution (via REST) (Metasploit)
Axis2 - (Authenticated) Code Execution (via REST) (Metasploit)

Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) (Metasploit)
Axis2 / SAP BusinessObjects - (Authenticated) Code Execution (via SOAP) (Metasploit)

Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)

Microsoft Windows - Authenticated User Code Execution (Metasploit)
Microsoft Windows - (Authenticated) User Code Execution (Metasploit)

Novell NetMail 3.52d - IMAP Authenticate Buffer Overflow (Metasploit)
Novell NetMail 3.52d - IMAP (Authenticated) Buffer Overflow (Metasploit)

HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Unauthenticated Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Stack Buffer Overflow (Metasploit)

Squid - NTLM Authenticate Overflow (Metasploit)
Squid - NTLM (Authenticated) Overflow (Metasploit)

ManageEngine Applications Manager - Authenticated Code Execution (Metasploit)
ManageEngine Applications Manager - (Authenticated) Code Execution (Metasploit)

EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (2)
EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (2)

ActFax Server FTP - Authenticated Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow

Blue Coat Reporter - Unauthenticated Directory Traversal
Blue Coat Reporter - Directory Traversal

Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Command Execution
Sysax Multi Server 5.53 - SFTP Authenticated (SEH)
Sysax 5.53 - SSH 'Username' Remote Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)
Sysax Multi Server 5.53 - SFTP (Authenticated) (SEH)
Sysax 5.53 - SSH 'Username' Remote Buffer Overflow Remote Code Execution (Egghunter)

MailMax 4.6 - POP3 'USER' Unauthenticated Remote Buffer Overflow
MailMax 4.6 - POP3 'USER' Remote Buffer Overflow

Webmin 0.9x / Usermin 0.9x/1.0 - Unauthenticated Access Session ID Spoofing
Webmin 0.9x / Usermin 0.9x/1.0 - Access Session ID Spoofing

MySQL - Unauthenticated Remote User Enumeration
MySQL - Remote User Enumeration
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)
DameWare Mini Remote Control Server 3.7x - Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Buffer Overflow (3)

NetWin SurgeFTP - Authenticated Admin Command Injection (Metasploit)
NetWin SurgeFTP - (Authenticated) Admin Command Injection (Metasploit)

Ubiquiti AirOS 5.5.2 - Authenticated Remote Command Execution
Ubiquiti AirOS 5.5.2 - (Authenticated) Remote Command Execution

Firebird 1.0 - Unauthenticated Remote Database Name Buffer Overrun
Firebird 1.0 - Remote Database Name Buffer Overrun

Novell NCP - Unauthenticated Remote Command Execution
Novell NCP - Remote Command Execution

Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload (Metasploit)
Kordil EDms 2.2.60rc3 - Arbitrary File Upload (Metasploit)

SAP ConfigServlet - Unauthenticated Remote Payload Execution (Metasploit)
SAP ConfigServlet - Remote Payload Execution (Metasploit)

phpMyAdmin - 'preg_replace' Authenticated Remote Code Execution (Metasploit)
phpMyAdmin - 'preg_replace' (Authenticated) Remote Code Execution (Metasploit)

D-Link Devices - 'command.php' Unauthenticated Remote Command Execution (Metasploit)
D-Link Devices - 'command.php' Remote Command Execution (Metasploit)

D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit)
D-Link Devices - 'tools_vct.xgi' Remote Command Execution (Metasploit)

MikroTik RouterOS - sshd (ROSSSH) Unauthenticated Remote Heap Corruption
MikroTik RouterOS - sshd (ROSSSH) Remote Heap Corruption

Raidsonic NAS Devices - Unauthenticated Remote Command Execution (Metasploit)
Raidsonic NAS Devices - Remote Command Execution (Metasploit)

vTiger CRM 5.3.0 5.4.0 - Authenticated Remote Code Execution (Metasploit)
vTiger CRM 5.3.0 5.4.0 - (Authenticated) Remote Code Execution (Metasploit)
Zabbix - Authenticated Remote Command Execution (Metasploit)
ISPConfig - Authenticated Arbitrary PHP Code Execution (Metasploit)
Zabbix - (Authenticated) Remote Command Execution (Metasploit)
ISPConfig - (Authenticated) Arbitrary PHP Code Execution (Metasploit)

ProcessMaker Open Source - Authenticated PHP Code Execution (Metasploit)
ProcessMaker Open Source - (Authenticated) PHP Code Execution (Metasploit)

Linksys E-series - Unauthenticated Remote Code Execution
Linksys E-series - Remote Code Execution

Apache Tomcat Manager - Application Upload Authenticated Code Execution (Metasploit)
Apache Tomcat Manager - Application Upload (Authenticated) Code Execution (Metasploit)

Fritz!Box Webcm - Unauthenticated Command Injection (Metasploit)
Fritz!Box Webcm - Command Injection (Metasploit)

Sophos Web Protection Appliance Interface - Authenticated Arbitrary Command Execution (Metasploit)
Sophos Web Protection Appliance Interface - (Authenticated) Arbitrary Command Execution (Metasploit)

Vtiger - 'Install' Unauthenticated Remote Command Execution (Metasploit)
Vtiger - 'Install' Remote Command Execution (Metasploit)

Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root Remote Code Execution (Metasploit)
Unitrends Enterprise Backup 7.3.0 - Root Remote Code Execution (Metasploit)
Gitlist - Unauthenticated Remote Command Execution (Metasploit)
WordPress Plugin MailPoet Newsletters 2.6.8 - 'wysija-newsletters' Unauthenticated Arbitrary File Upload (Metasploit)
Gitlist - Remote Command Execution (Metasploit)
WordPress Plugin MailPoet Newsletters 2.6.8 - 'wysija-newsletters' Arbitrary File Upload (Metasploit)

D-Link Devices - Unauthenticated UPnP M-SEARCH Multicast Command Injection (Metasploit)
D-Link Devices - UPnP M-SEARCH Multicast Command Injection (Metasploit)

F5 Big-IP - Unauthenticated rsync Access
F5 Big-IP - rsync Access

Wing FTP Server - Authenticated Command Execution (Metasploit)
Wing FTP Server - (Authenticated) Command Execution (Metasploit)

Tincd - Authenticated Remote TCP Stack Buffer Overflow (Metasploit)
Tincd - (Authenticated) Remote TCP Stack Buffer Overflow (Metasploit)

Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Remote Code Execution

Shuttle Tech ADSL Modem/Router 915 WM - Unauthenticated Remote DNS Change
Shuttle Tech ADSL Modem/Router 915 WM - Remote DNS Change

ManageEngine (Multiple Products) - Authenticated Arbitrary File Upload (Metasploit)
ManageEngine (Multiple Products) - (Authenticated) Arbitrary File Upload (Metasploit)

D-Link DSL-2740R - Unauthenticated Remote DNS Change
D-Link DSL-2740R - Remote DNS Change

LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure
LG DVR LE6016D - Remote Users/Passwords Disclosure

Symantec Web Gateway 5 - 'restore.php' Authenticated Command Injection (Metasploit)
Symantec Web Gateway 5 - 'restore.php' (Authenticated) Command Injection (Metasploit)

Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit)
Seagate Business NAS - Remote Command Execution (Metasploit)

ElasticSearch - Unauthenticated Remote Code Execution
ElasticSearch - Remote Code Execution

Barracuda Firmware 5.0.0.012 - Authenticated Remote Command Execution (Metasploit)
Barracuda Firmware 5.0.0.012 - (Authenticated) Remote Command Execution (Metasploit)

Konica Minolta FTP Utility 1.00 - Authenticated CWD Command Overflow (SEH) (Metasploit)
Konica Minolta FTP Utility 1.00 - (Authenticated) CWD Command Overflow (SEH) (Metasploit)

Zpanel - Unauthenticated Remote Code Execution (Metasploit)
Zpanel - Remote Code Execution (Metasploit)

SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities
SKIDATA Freemotion.Gate - Web Services Multiple Command Execution Vulnerabilities

D-Link DCS-930L - Authenticated Remote Command Execution (Metasploit)
D-Link DCS-930L - (Authenticated) Remote Command Execution (Metasploit)

OpenSSH 7.2p1 - Authenticated xauth Command Injection
OpenSSH 7.2p1 - (Authenticated) xauth Command Injection

Novell ServiceDesk - Authenticated Arbitrary File Upload (Metasploit)
Novell ServiceDesk - (Authenticated) Arbitrary File Upload (Metasploit)

Bomgar Remote Support - Unauthenticated Code Execution (Metasploit)
Bomgar Remote Support - Code Execution (Metasploit)

Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit)
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - (Authenticated) Remote Command Execution (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - (Authenticated) Remote Command Execution (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - (Authenticated) Remote Command Execution (Metasploit)

AsusWRT Router < 3.0.0.4.380.7743 - Unauthenticated LAN Remote Code Execution
AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution
NETGEAR JNR1010 ADSL Router - Authenticated Remote File Disclosure
NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - Authenticated Remote File Disclosure
NETGEAR JNR1010 ADSL Router - (Authenticated) Remote File Disclosure
NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - (Authenticated) Remote File Disclosure

D-Link DIR-Series Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
D-Link DIR-Series Routers - HNAP Login Stack Buffer Overflow (Metasploit)

MVPower DVR TV-7104HE 1.8.4 115215B9 - Shell Unauthenticated Command Execution (Metasploit)
MVPower DVR TV-7104HE 1.8.4 115215B9 - Shell Command Execution (Metasploit)
HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)
HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)
HPE iMC - dbman 'RestoreDBase' Remote Command Execution (Metasploit)
HPE iMC - dbman 'RestartDB' Remote Command Execution (Metasploit)

phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit)
phpCollab 2.5.1 - File Upload (Metasploit)

Supervisor 3.0a1 < 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)
Supervisor 3.0a1 < 3.3.2 - XML-RPC (Authenticated) Remote Code Execution (Metasploit)

NETGEAR WNR2000v5 - Unauthenticated 'hidden_lang_avi' Remote Stack Overflow (Metasploit)
NETGEAR WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)

Tenable Appliance < 4.5 - Unauthenticated Root Remote Code Execution
Tenable Appliance < 4.5 - Root Remote Code Execution

Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution
Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution

Octopus Deploy - Authenticated Code Execution (Metasploit)
Octopus Deploy - (Authenticated) Code Execution (Metasploit)

Logpoint < 5.6.4 - Unauthenticated Root Remote Code Execution
Logpoint < 5.6.4 - Root Remote Code Execution

VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Unauthenticated Command Execution (Metasploit)
VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Command Execution (Metasploit)

UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code Execution
UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution

Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution (Metasploit)
Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit)

Wireless IP Camera (P2P) WIFICAM - Unauthenticated Remote Code Execution
Wireless IP Camera (P2P) WIFICAM - Remote Code Execution

D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit)
D-Link DIR-850L - OS Command Execution (Metasploit)

pfSense - Authenticated Group Member Remote Command Execution (Metasploit)
pfSense - (Authenticated) Group Member Remote Command Execution (Metasploit)

AsusWRT LAN - Unauthenticated Remote Code Execution (Metasploit)
AsusWRT LAN - Remote Code Execution (Metasploit)

Tenda AC15 Router - Unauthenticated Remote Code Execution
Tenda AC15 Router - Remote Code Execution

Unitrends UEB 10.0 - Unauthenticated Root Remote Code Execution
Unitrends UEB 10.0 - Root Remote Code Execution

xdebug < 2.5.5 - Unauthenticated OS Command Execution (Metasploit)
xdebug < 2.5.5 - OS Command Execution (Metasploit)
PlaySMS - 'import.php' Authenticated CSV File Upload Code Execution (Metasploit)
PlaySMS 1.4 - 'sendfromfile.php?Filename' Authenticated 'Code Execution (Metasploit)
PlaySMS - 'import.php' (Authenticated) CSV File Upload Code Execution (Metasploit)
PlaySMS 1.4 - 'sendfromfile.php?Filename' (Authenticated) 'Code Execution (Metasploit)

Quest KACE Systems Management - Command Injection (Metasploit)

Hosting Controller 0.6.1 - Unauthenticated User Registration (3)
Hosting Controller 0.6.1 - User Registration (3)

Hosting Controller 6.1 Hotfix 3.2 - Unauthenticated Access
Hosting Controller 6.1 Hotfix 3.2 - Access

e107 0.7.8 - 'mailout.php' Authenticated Access Escalation
e107 0.7.8 - 'mailout.php' (Authenticated) Access Escalation

Joomla! Component JPad 1.0 - Authenticated SQL Injection
Joomla! Component JPad 1.0 - (Authenticated) SQL Injection

AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload

zFeeder 1.6 - 'admin.php' Unauthenticated Admin Bypass
zFeeder 1.6 - 'admin.php' Admin Bypass

Hannon Hill Cascade Server - Authenticated Command Execution
Hannon Hill Cascade Server - (Authenticated) Command Execution

Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution
Gravity Board X 2.0 Beta - SQL Injection / (Authenticated) Code Execution

Papoo CMS 3.7.3 - Authenticated Arbitrary Code Execution
Papoo CMS 3.7.3 - (Authenticated) Arbitrary Code Execution

HP Release Control - Authenticated XML External Entity (Metasploit)
HP Release Control - (Authenticated) XML External Entity (Metasploit)

3Com* iMC (Intelligent Management Center) - Unauthenticated Traversal File Retrieval
3Com* iMC (Intelligent Management Center) - Traversal File Retrieval

Apache Axis2 Administration Console - Authenticated Cross-Site Scripting
Apache Axis2 Administration Console - (Authenticated) Cross-Site Scripting

dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)
dotDefender 3.8-5 - Remote Code Execution (via Cross-Site Scripting)

Mitel AWC - Unauthenticated Command Execution
Mitel AWC - Command Execution

TYPO3 - Unauthenticated Arbitrary File Retrieval
TYPO3 - Arbitrary File Retrieval

vTiger CRM 5.0.4 - Unauthenticated Local File Inclusion
vTiger CRM 5.0.4 - Local File Inclusion

N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code
N_CMS 1.1E - Local File Inclusion / Remote Code

IF-CMS 2.07 - Unauthenticated Local File Inclusion (1)
IF-CMS 2.07 - Local File Inclusion (1)

SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit
SQL-Ledger 2.8.33 - (Authenticated) Local File Inclusion / Edit

IF-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)
IF-CMS 2.07 - Local File Inclusion (Metasploit) (2)

Sun/Oracle GlassFish Server - Authenticated Code Execution (Metasploit)
Sun/Oracle GlassFish Server - (Authenticated) Code Execution (Metasploit)

TomatoCart 1.1 - Authenticated Local File Inclusion
TomatoCart 1.1 - (Authenticated) Local File Inclusion

ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Unauthenticated Directory Traversal
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal

PHP Grade Book 1.9.4 - Unauthenticated SQL Database Export
PHP Grade Book 1.9.4 - SQL Database Export

Dolibarr ERP/CRM 3 - Authenticated OS Command Injection (Metasploit)
Dolibarr ERP/CRM 3 - (Authenticated) OS Command Injection (Metasploit)

WebCalendar 1.2.4 - Unauthenticated Remote Code Injection (Metasploit)
WebCalendar 1.2.4 - Remote Code Injection (Metasploit)

SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / (Authenticated) SQL Injection

PostNuke 0.6 - Unauthenticated User Login
PostNuke 0.6 - User Login

Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection
Trend Micro Control Manager 5.5/6.0 AdHocQuery - (Authenticated) Blind SQL Injection

WordPress Theme Archin 3.2 - Unauthenticated Configuration Access
WordPress Theme Archin 3.2 - Configuration Access

Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change
Exper EWM-01 ADSL/MODEM - DNS Change

Geeklog 1.3.x - Authenticated SQL Injection
Geeklog 1.3.x - (Authenticated) SQL Injection

FirePass SSL VPN - Unauthenticated Local File Inclusion
FirePass SSL VPN - Local File Inclusion

vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection
vbPortal 2.0 alpha 8.1 - (Authenticated) SQL Injection

IRIS Citations Management Tool - Authenticated Remote Command Execution
IRIS Citations Management Tool - (Authenticated) Remote Command Execution
BetaParticle blog 2.0/3.0 - 'upload.asp' Unauthenticated Arbitrary File Upload
BetaParticle blog 2.0/3.0 - 'myFiles.asp' Unauthenticated File Manipulation
BetaParticle blog 2.0/3.0 - 'upload.asp' Arbitrary File Upload
BetaParticle blog 2.0/3.0 - 'myFiles.asp' File Manipulation

YeaLink IP Phone Firmware 9.70.0.100 - Unauthenticated Phone Call
YeaLink IP Phone Firmware 9.70.0.100 - Phone Call

HelpDeskZ 1.0.2 - Unauthenticated Arbitrary File Upload
HelpDeskZ 1.0.2 - Arbitrary File Upload

aoblogger 2.3 - 'create.php' Unauthenticated Entry Creation
aoblogger 2.3 - 'create.php' Entry Creation

WordPress Plugin Dexs PM System - Authenticated Persistent Cross-Site Scripting
WordPress Plugin Dexs PM System - (Authenticated) Persistent Cross-Site Scripting

ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change
ASUS DSL-X11 ADSL Router - DNS Change

COMTREND ADSL Router CT-5367 C01_R12 / CT-5624 C01_R03 - Unauthenticated DNS Change
COMTREND ADSL Router CT-5367 C01_R12 / CT-5624 C01_R03 - DNS Change

Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change
Tenda ADSL2/2+ Modem 963281TAN - DNS Change

PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change
PLANET VDR-300NU ADSL Router - DNS Change

PIKATEL 96338WS_ 96338L-2M-8M - Unauthenticated DNS Change
PIKATEL 96338WS_ 96338L-2M-8M - DNS Change

Inteno EG101R1 VoIP Router - Unauthenticated DNS Change
Inteno EG101R1 VoIP Router - DNS Change

LifeSize UVC 1.2.6 - Authenticated Remote Code Execution
LifeSize UVC 1.2.6 - (Authenticated) Remote Code Execution

Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Web Shell
Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell

EMC Cloud Tiering Appliance 10.0 - Unauthenticated XML External Entity Arbitrary File Read (Metasploit)
EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit)

Alienvault 4.5.0 - Authenticated SQL Injection (Metasploit)
Alienvault 4.5.0 - (Authenticated) SQL Injection (Metasploit)

Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting
Alienvault 4.3.1 - SQL Injection / Cross-Site Scripting

Alienvault Open Source SIEM (OSSIM) 4.6.1 - Authenticated SQL Injection (Metasploit)
Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit)

FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution
FreePBX 13.0.x < 13.0.154 - Remote Command Execution

Lunar CMS 3.3 - Unauthenticated Remote Command Execution
Lunar CMS 3.3 - Remote Command Execution

ISPConfig 3.0.54p1 - Authenticated Admin Privilege Escalation
ISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation

Plogger 1.0-RC1 - Authenticated Arbitrary File Upload
Plogger 1.0-RC1 - (Authenticated) Arbitrary File Upload

ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution
ActualAnalyzer Lite 2.81 - Command Execution

WordPress Plugin Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection
WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection

WordPress Plugin Premium Gallery Manager - Unauthenticated Configuration Access
WordPress Plugin Premium Gallery Manager - Configuration Access

ZTE ZXDSL-931VII - Unauthenticated Configuration Dump
ZTE ZXDSL-931VII - Configuration Dump

IPFire - Cgi Web Interface Authenticated Bash Environment Variable Code Injection
IPFire - CGI Web Interface (Authenticated) Bash Environment Variable Code Injection

SEO Control Panel 3.6.0 - Authenticated SQL Injection
SEO Control Panel 3.6.0 - (Authenticated) SQL Injection
Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection
Subex Fms 7.4 - Unauthenticated SQL Injection
Tapatalk for vBulletin 4.x - Blind SQL Injection
Subex Fms 7.4 - SQL Injection

WordPress Plugin wpDataTables 1.5.3 - Unauthenticated Arbitrary File Upload
WordPress Plugin wpDataTables 1.5.3 - Arbitrary File Upload

WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload

PMB 4.1.3 - Authenticated SQL Injection
PMB 4.1.3 - (Authenticated) SQL Injection

D-Link DSL-2640B ADSL Router - 'ddnsmngr' Unauthenticated Remote DNS Change
D-Link DSL-2640B ADSL Router - 'ddnsmngr' Remote DNS Change

Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution
Seagate Business NAS 2014.00319 - Remote Code Execution
WordPress Plugin Ultimate Product Catalogue - Unauthenticated SQL Injection (1)
WordPress Plugin Ultimate Product Catalogue - Unauthenticated SQL Injection (2)
WordPress Plugin Ultimate Product Catalogue - SQL Injection (1)
WordPress Plugin Ultimate Product Catalogue - SQL Injection (2)

WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection
WordPress Plugin Freshmail 1.5.8 - SQL Injection

Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change
Broadlight Residential Gateway DI3124 - Remote DNS Change
D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change
TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change
D-Link DSL-2780B DLink_1.01.14 - Remote DNS Change
TP-Link TD-W8950ND ADSL2+ - Remote DNS Change

D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change
D-Link DSL-526B ADSL2+ AU_2.01 - Remote DNS Change

phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access
phpCollab 2.5 - Direct Request Multiple Protected Page Access

AirDroid - Unauthenticated Arbitrary File Upload
AirDroid - Arbitrary File Upload

D-Link DSL-2750u / DSL-2730u - Authenticated Local File Disclosure
D-Link DSL-2750u / DSL-2730u - (Authenticated) Local File Disclosure

Zenoss 3.2.1 - Authenticated Remote Command Execution
Zenoss 3.2.1 - (Authenticated) Remote Command Execution

WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - Authenticated Persistent Cross-Site Scripting
WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - (Authenticated) Persistent Cross-Site Scripting

Magento CE < 1.9.0.1 - Authenticated Remote Code Execution
Magento CE < 1.9.0.1 - (Authenticated) Remote Code Execution

BigTree CMS 4.2.3 - Authenticated SQL Injection
BigTree CMS 4.2.3 - (Authenticated) SQL Injection

vTiger CRM 6.3.0 - Authenticated Remote Code Execution
vTiger CRM 6.3.0 - (Authenticated) Remote Code Execution

ZTE ZXHN H108N Router - Unauthenticated Configuration Disclosure
ZTE ZXHN H108N Router - Configuration Disclosure

vBulletin 5.1.x - Unauthenticated Remote Code Execution
vBulletin 5.1.x - Remote Code Execution

Jenkins 1.633 - Unauthenticated Credential Recovery
Jenkins 1.633 - Credential Recovery

MediaAccess TG788vn - Unauthenticated File Disclosure
MediaAccess TG788vn - File Disclosure

WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution
WhatsUp Gold 16.3 - Remote Code Execution

WordPress Plugin Booking Calendar Contact Form 1.1.23 - Unauthenticated SQL Injection
WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection

Dell OpenManage Server Administrator 8.2 - Authenticated Directory Traversal
Dell OpenManage Server Administrator 8.2 - (Authenticated) Directory Traversal

Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Unauthenticated Remote Command Execution (Metasploit)
Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Remote Command Execution (Metasploit)

Observium 0.16.7533 - Authenticated Arbitrary Command Execution
Observium 0.16.7533 - (Authenticated) Arbitrary Command Execution

Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize / Arbitrary Write File
Magento < 2.0.6 - Arbitrary Unserialize / Arbitrary Write File

Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Unauthenticated Arbitrary File Upload
Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Arbitrary File Upload

CyberPower Systems PowerPanel 3.1.2 - Unauthenticated XML External Entity Out-Of-Band Data Retrieval
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval
vBulletin 4.x/5.x - AdminCP/ApiLog via xmlrpc API Authenticated Persistent Cross-Site Scripting
vBulletin 4.x - breadcrumbs via xmlrpc API Authenticated SQL Injection
vBulletin 4.x/5.x - AdminCP/ApiLog via xmlrpc API (Authenticated) Persistent Cross-Site Scripting
vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection

AXIS (Multiple Products) - 'devtools ' Authenticated Remote Command Execution
AXIS (Multiple Products) - 'devtools ' (Authenticated) Remote Command Execution

PHP gettext 1.0.12 - 'gettext.php' Unauthenticated Code Execution
PHP gettext 1.0.12 - 'gettext.php' Code Execution

phpMyAdmin 4.6.2 - Authenticated Remote Code Execution
phpMyAdmin 4.6.2 - (Authenticated) Remote Code Execution

vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery
vBulletin 5.2.2 - Server-Side Request Forgery

MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change
MESSOA IP Cameras (Multiple Models) - Password Change

D-Link DSL-2640R - Unauthenticated DNS Change
D-Link DSL-2640R - DNS Change

GitStack 2.3.10 - Unauthenticated Remote Code Execution
GitStack 2.3.10 - Remote Code Execution

InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Command Execution
InfraPower PPS-02-S Q213V1 - Remote Command Execution

Kaseya Virtual System Administrator (VSA) 7.0 < 9.1 - Authenticated Arbitrary File Upload
Kaseya Virtual System Administrator (VSA) 7.0 < 9.1 - (Authenticated) Arbitrary File Upload
Pirelli DRG A115 ADSL Router - Unauthenticated DNS Change
Tenda ADSL2/2+ Modem D840R - Unauthenticated DNS Change
Pirelli DRG A115 ADSL Router - DNS Change
Tenda ADSL2/2+ Modem D840R - DNS Change

Tenda ADSL2/2+ Modem D820R - Unauthenticated DNS Change
Tenda ADSL2/2+ Modem D820R - DNS Change

Pirelli DRG A115 v3 ADSL Router - Unauthenticated DNS Change
Pirelli DRG A115 v3 ADSL Router - DNS Change

HelpDeskZ < 1.0.2 - Authenticated SQL Injection / Unauthorized File Download
HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download
WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Python)
WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Ruby)
WordPress 4.7.0/4.7.1 - Content Injection (Python)
WordPress 4.7.0/4.7.1 - Content Injection (Ruby)
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
vBulletin 5 - 'routestring' Remote Code Execution
vBulletin 5 - 'cacheTemplates' Remote Arbitrary File Deletion

Cobbler 2.8.0 - Authenticated Remote Code Execution
Cobbler 2.8.0 - (Authenticated) Remote Code Execution

FiberHome AN5506 - Unauthenticated Remote DNS Change
FiberHome AN5506 - Remote DNS Change
GitStack - Unauthenticated Remote Code Execution
Ametys CMS 4.0.2 - Unauthenticated Password Reset
GitStack - Remote Code Execution
Ametys CMS 4.0.2 - Password Reset
Geneko Routers - Unauthenticated Path Traversal
Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Unauthenticated Remote Code Execution
Geneko Routers - Path Traversal
Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Remote Code Execution

WordPress Plugin Ninja Forms 2.9.36 < 2.9.42 - Unauthenticated File Upload (Metasploit)
WordPress Plugin Ninja Forms 2.9.36 < 2.9.42 - File Upload (Metasploit)

WordPress 4.6 - Unauthenticated Remote Code Execution
WordPress 4.6 - Remote Code Execution

TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Root Remote Code Execution
TerraMaster F2-420 NAS TOS 3.0.30 - Root Remote Code Execution

iBall Baton iB-WRA150N - Unauthenticated DNS Change
iBall Baton iB-WRA150N - DNS Change
UTstarcom WA3002G4 - Unauthenticated DNS Change
D-Link DSL-2640U - Unauthenticated DNS Change
Beetel BCM96338 Router - Unauthenticated DNS Change
D-Link DSL-2640B ADSL Router - 'dnscfg' Unauthenticated Remote DNS Change
UTstarcom WA3002G4 - DNS Change
D-Link DSL-2640U - DNS Change
Beetel BCM96338 Router - DNS Change
D-Link DSL-2640B ADSL Router - 'dnscfg' Remote DNS Change

Symantec Messaging Gateway 10.6.3-2 - Unauthenticated Root Remote Command Execution
Symantec Messaging Gateway 10.6.3-2 - Root Remote Command Execution

TP-Link WR940N - Authenticated Remote Code
TP-Link WR940N - (Authenticated) Remote Code

Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload
Accesspress Anonymous Post Pro < 3.2.0 - Arbitrary File Upload

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)
ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit)

Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
Vtiger CRM 6.3.0 - (Authenticated) Arbitrary File Upload (Metasploit)

Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)
Drupal < 7.58 - 'drupalgeddon3' (Authenticated) Remote Code Execution (PoC)

HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting
HRSALE The Ultimate HRM 1.0.2 - (Authenticated) Cross-Site Scripting

Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command Execution
Jfrog Artifactory < 4.16 - Arbitrary File Upload / Remote Command Execution
GitList 0.6 - Unauthenticated Remote Code Execution
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot
GitList 0.6 - Remote Code Execution
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Remote Reboot

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)
Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)

WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent Cross-Site Scripting
WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - (Authenticated) Persistent Cross-Site Scripting

JasperReports - Authenticated File Read
JasperReports - (Authenticated) File Read

Wordpress < 4.9.6 - (Authenticated) Arbitrary File Deletion

HPE VAN SDN 2.7.18.0503 - Remote Root

2018-06-28 05:01:45 +00:00

3 commits