exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	52fd3d8a20	DB: 2017-04-01 2 new exploits Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows XP/2003 - Samba Share Resource Exhaustion Exploit Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool Microsoft Windows Server 2003/XP - Remote Denial of Service Microsoft Windows XP/2003 - Remote Denial of Service Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service Microsoft Windows XP/2003 - IPv6 Remote Denial of Service Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (1) Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (1) Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (2) Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (2) Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows - cmd.exe Unicode Buffer Overflow (SEH) Microsoft Windows - 'cmd.exe' Unicode Buffer Overflow (SEH) Microsoft Windows Win32k!xxxRealDrawMenuItem() - Missing HBITMAP Bounds Checks Microsoft Windows - Win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks Microsoft Windows - (IcmpSendEcho2Ex Interrupting) Denial of Service Microsoft Windows - IcmpSendEcho2Ex Interrupting Denial of Service Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (1) Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (1) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (2) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (3) Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (2) Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (3) Microsoft Windows Server 2000/XP - GDI Denial of Service Microsoft Windows XP/2000 - GDI Denial of Service Microsoft Windows Help program - 'WinHlp32.exe' Crash (PoC) Microsoft Windows Help Program - 'WinHlp32.exe' Crash (PoC) Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows XP/2000/2003 - Graphical Device Interface Library Denial of Service Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows XP/2000/2003 - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service Microsoft Windows XP/2000 - Registry Access Local Denial of Service Microsoft Windows XP - cmd.exe Buffer Overflow Microsoft Windows XP - 'cmd.exe' Buffer Overflow Microsoft Windows Explorer - explorer.exe WMV File Handling Denial of Service Microsoft Windows Explorer - 'explorer.exe' .WMV File Handling Denial of Service Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101) Microsoft Windows Kernel - 'win32k.sys' Integer Overflow (MS13-101) Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007) Microsoft Windows - devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007) Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045) Microsoft Windows - ListBox/ComboBox Control Local Exploit (MS03-045) Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' Exploit (MS04-022) Microsoft Windows - (NtClose DeadLock) PoC (MS06-030) Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows - NtClose DeadLock PoC (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1) Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (1) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1) Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (1) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2) Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (2) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2) Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (2) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / Windows NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows XP/2003 - ReadDirectoryChangesW Information Disclosure Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows XP/2000/2003 - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation Microsoft Windows XP/Vista/2000/2003 - Double-Free Memory Corruption Privilege Escalation KiTTY Portable 0.65.0.2p (Windows 8.1 / Windows 10) - Local kitty.ini Overflow KiTTY Portable 0.65.0.2p (Windows 8.1/10) - Local kitty.ini Overflow Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2) Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows XP/2000 - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049) Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit Microsoft Windows XP/2000 - Workstation Service Overflow (MS03-049) Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043) Microsoft Windows Messenger Service (French) - Remote Exploit (MS03-043) Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows XP/2000 - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit) Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (3) Apple QuickTime 7.2/7.3 (Windows Vista / Windows XP) - RSTP Response Code Execution Apple QuickTime 7.2/7.3 (Windows Vista/XP) - RSTP Response Code Execution Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Windows XP/Vista/2003 - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft IIS4 (Windows NT) - Remote Web-Based Administration Microsoft IIS4 (Windows NT) - Log Avoidance Microsoft IIS 4 (Windows NT) - Remote Web-Based Administration Microsoft IIS 4 (Windows NT) - Log Avoidance Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - IIS IDC Path Mapping Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - '.IDC' Path Mapping Microsoft Internet Explorer 4 (Windows 95/Windows NT 4) - Setupctl ActiveX Control Buffer Overflow Microsoft Internet Explorer 4 (Windows 95/NT 4) - Setupctl ActiveX Control Buffer Overflow Microsoft Windows Server 2000 - telnet.exe NTLM Authentication Microsoft Windows Server 2000 - 'telnet.exe' NTLM Authentication Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Heap Overflow Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows Explorer 2000/2003/XP - Drag and Drop Remote Code Execution Microsoft Windows XP/2000/2003 - Explorer Drag and Drop Remote Code Execution Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1) Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Buffer Overflow Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 Shellcode Adjusted universal Windows XP/Vista/7 - JITed egg-hunter stage-0 Shellcode Adjusted Universal Dosya Yukle Scrtipi 1.0 - Arbitrary File Upload Dosya Yukle Scrtipi (DosyaYukle Scripti) 1.0 - Arbitrary File Upload DosyaYukle Scripti 1.0 - Arbitrary File Upload Splunk Enterprise - Information Disclosure Membership Formula - 'order' Parameter SQL Injection	2017-04-01 05:01:15 +00:00
Offensive Security	6d17bc529d	DB: 2017-03-31 4 new exploits dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow (PoC) dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow (PoC) Spider Solitaire - Denial of Service (PoC) Spider Solitaire - Denial of Service (PoC) Baby FTP Server 1.24 - Denial of Service Baby FTP Server 1.24 - Denial of Service (1) Baby FTP server 1.24 - Denial of Service Baby FTP server 1.24 - Denial of Service (2) Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation Evostream Media Server 1.7.1 (x64) - Denial of Service Evostream Media Server 1.7.1 (x64) - Denial of Service Cerberus FTP Server 8.0.10.1 - Denial of Service Cerberus FTP Server 8.0.10.1 - Denial of Service Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow Solaris 10 sysinfo() - Local Kernel Memory Disclosure Solaris 10 sysinfo() - Local Kernel Memory Disclosure (1) Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2) Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC) Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC) Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008) Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008) Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (2) Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (1) Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation Forticlient 5.2.3 (Windows 10 x64 Pre Anniversary) - Privilege Escalation Forticlient 5.2.3 (Windows 10 x64 Post Anniversary) - Privilege Escalation Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation Ubuntu 15.04 (Development) - 'Upstart' Logrotation Privilege Escalation Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (2) Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (1) Yahoo! Music Jukebox 2.2 - 'AddImage()' ActiveX Remote Buffer Overflow (1) dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow Apache Tomcat < 6.0.18 - utf8 Directory Traversal (1) Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (1) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (1) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (2) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1) Apache Tomcat < 6.0.18 - utf8 Directory Traversal (2) Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2) Samba 2.2.2 < 2.2.6 - nttrans Buffer Overflow (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (2) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (1) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (2) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2) D-Link Devices - 'command.php' Unauthenticated Remote Command Execution (Metasploit) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1) D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit) Azure Data Expert Ultimate 2.2.16 - Buffer Overflow Azure Data Expert Ultimate 2.2.16 - Buffer Overflow Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) Article Script 1.6.3 - 'rss.php' SQL Injection (1) Article Script 1.6.3 - 'rss.php' SQL Injection DBHcms 1.1.4 - Remote File Inclusion DBHcms 1.1.4 - 'code' Remote File Inclusion LaserNet CMS 1.5 - SQL Injection (2) LaserNet CMS 1.5 - SQL Injection Clever Copy 3.0 - 'postview.php' SQL Injection (1) Clever Copy 3.0 - 'postview.php' SQL Injection phpAuction - 'profile.php' SQL Injection phpAuction - 'profile.php' SQL Injection (1) Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (1) Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (2) Matterdaddy Market 1.1 - Multiple SQL Injections (1) Matterdaddy Market 1.1 - 'index.php' Multiple SQL Injections PHPWebGallery 1.3.4 - Blind SQL Injection PHPWebGallery 1.3.4 - Blind SQL Injection (1) PHPWebGallery 1.3.4 - Blind SQL Injection PHPWebGallery 1.3.4 - Blind SQL Injection (2) Zeeways Shaadi Clone 2.0 - Authentication Bypass Zeeways Shaadi Clone 2.0 - Authentication Bypass (1) Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (1) DBHcms 1.1.4 - Remote File Inclusion DBHcms 1.1.4 - 'dbhcms_core_dir' Remote File Inclusion E-book Store - Multiple Vulnerabilities (1) Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1) E-book Store - Multiple Vulnerabilities (2) E-book Store - Multiple Vulnerabilities Classifieds Script - SQL Injection Classifieds Script - 'rate' SQL Injection Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (2) DBHcms 1.1.4 - SQL Injection DBHcms 1.1.4 - 'dbhcms_pid' SQL Injection LaserNet CMS 1.5 - SQL Injection (1) Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (2) Article Script 1.6.3 - 'rss.php' SQL Injection (2) Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (1) Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (1) LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (2) Fonality trixbox 2.4.2 - Cross-Site Scripting Fonality trixbox 2.4.2 - Cross-Site Scripting (1) Fonality trixbox 2.4.2 - Cross-Site Scripting (2) Clever Copy 3.0 - 'postview.php' SQL Injection (2) phpAuction - 'profile.php' SQL Injection phpAuction - 'profile.php' SQL Injection (2) Zeeways Shaadi Clone 2.0 - Authentication Bypass Zeeways Shaadi Clone 2.0 - Authentication Bypass (2) DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (2) Matterdaddy Market 1.1 - Multiple SQL Injections (2) Matterdaddy Market 1.1 - 'cat_name' Multiple SQL Injections WordPress Plugin WP Private Messages 1.0.1 - SQL Injection WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (1) Huawei Flybox B660 - Cross-Site Request Forgery Huawei Flybox B660 - Cross-Site Request Forgery (1) Huawei Flybox B660 - Cross-Site Request Forgery Huawei Flybox B660 - Cross-Site Request Forgery (2) Classifieds Script - SQL Injection Classifieds Script - 'term' SQL Injection WordPress Plugin WP Private Messages 1.0.1 - SQL Injection WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (2)	2017-03-31 05:01:16 +00:00
Offensive Security	8e03027ae5	DB: 2017-03-30 18 new exploits FUSE fusermount Tool - Race Condition Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure Apache 2.2 - Scoreboard Invalid Free On Shutdown Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow FUSE fusermount Tool - Race Condition Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation Ubuntu 14.04/15.10 - User Namespace Overlayfs Xattr Setgid Privilege Escalation Ubuntu 15.10 - 'USERNS ' Overlayfs Over Fuse Privilege Escalation NTP - Privilege Escalation Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation Disk Sorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow DiskBoss Enterprise 7.8.16 - 'Import Command' Buffer Overflow Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow Sync Breeze Enterprise 9.5.16 - 'GET' Buffer Overflow (SEH) Linux/x86 - execve(/bin/sh_) Shellcode (19 bytes) Just Dial Clone Script - 'fid' SQL Injection Just Dial Clone Script - 'fid' Parameter SQL Injection Just Dial Clone Script - 'srch' SQL Injection Just Dial Clone Script - 'srch' Parameter SQL Injection Opensource Classified Ads Script - 'keyword' Parameter SQL Injection EyesOfNetwork (EON) 5.1 - SQL Injection	2017-03-30 05:01:15 +00:00
Offensive Security	1f8c35c0c0	DB: 2017-03-28 25 new exploits Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Samba < 3.6.2 (x86) - Denial of Service (PoC) Microsoft Visual Studio 2015 update 3 - Denial of Service Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow Apple Safari - 'DateTimeFormat.format' Type Confusion Apple Safari - Builtin JavaScript Allows Function.caller to be Used in Strict Mode Apple Safari - Out-of-Bounds Read when Calling Bound Function QNAP QTS < 4.2.4 - Domain Privilege Escalation Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory Github Enterprise - Default Session Secret And Deserialization (Metasploit) B2B Alibaba Clone Script - SQL Injection B2B Alibaba Clone Script - 'IndustryID' Parameter SQL Injection Just Another Video Script 1.4.3 - SQL Injection Adult Tube Video Script - SQL Injection Alibaba Clone Script - SQL Injection B2B Marketplace Script 2.0 - SQL Injection Php Real Estate Property Script - SQL Injection Courier Tracking Software 6.0 - SQL Injection Parcel Delivery Booking Script 1.0 - SQL Injection Delux Same Day Delivery Script 1.0 - SQL Injection Hotel Booking Script 1.0 - SQL Injection Tour Package Booking 1.0 - SQL Injection Professional Bus Booking Script - 'hid_Busid' Parameter SQL Injection CouponPHP CMS 3.1 - 'code' Parameter SQL Injection EyesOfNetwork (EON) 5.0 - Remote Code Execution EyesOfNetwork (EON) 5.0 - SQL Injection Nuxeo 6.0 / 7.1 / 7.2 / 7.3 - Remote Code Execution (Metasploit) inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation	2017-03-28 05:01:16 +00:00
Offensive Security	570f8aec26	DB: 2017-03-25 6 new exploits wifirxpower - Local Buffer Overflow Miele Professional PG 8528 - Directory Traversal NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow (Metasploit) Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit) Gr8 Tutorial Script - SQL Injection Gr8 Gallery Script - SQL Injection	2017-03-25 05:01:17 +00:00
Offensive Security	3ad96f313d	DB: 2017-03-24 39 new exploits Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection (Metasploit) Sun Java Web Start Plugin - Command Line Argument Injection (Metasploit) Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Remote Code Execution (Metasploit) Microsoft Silverlight - ScriptObject Unsafe Memory Access (MS13-022/MS13-087) (Metasploit) EMC Replication Manager < 5.3 - Command Execution (Metasploit) MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit) Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-041/MS16-070) (Metasploit) CA Arcserve D2D - GWT RPC Credential Information Disclosure (Metasploit) Lenovo System Update - Privilege Escalation (Metasploit) Firebird - Relational Database CNCT Group Number Buffer Overflow (Metasploit) HP Intelligent Management Center < 5.0 E0102 - UAM Buffer Overflow (Metasploit) VMware Host Guest Client Redirector - DLL Side Loading (Metasploit) CADA 3S CoDeSys Gateway Server - Directory Traversal (Metasploit) MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit) SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit) Ceragon FibeAir IP-10 - SSH Private Key Exposure (Metasploit) ExaGrid - Known SSH Key and Default Password (Metasploit) GIT 1.8.5.6 / 1.9.5 / 2.0.5 / 2.1.4/ 2.2.1 & Mercurial < 3.2.3 - Multiple Vulnerabilities (Metasploit) Ruby on Rails 4.0.x / 4.1.x / 4.2.x (Web Console v2) - Whitelist Bypass Code Execution (Metasploit) Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) SSH - User Code Execution (Metasploit) Redmine SCM Repository - Arbitrary Command Execution (Metasploit) Linux/x86 - Bind Shell Shellcode (42 bytes) Linux/x86 - Bind Shell Shellcode (44 bytes) Joomla! Component Modern Booking 1.0 - 'coupon' Parameter SQL Injection Flippa Clone - SQL Injection Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection (Metasploit) D-Link/TRENDnet - NCC Service Command Injection (Metasploit) Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit) MantisBT 1.2.0a3 < 1.2.17 - XmlImportExport Plugin PHP Code Injection (Metasploit) OP5 5.3.5 / 5.4.0 / 5.4.2 / 5.5.0 / 5.5.1 - 'license.php' Remote Command Execution (Metasploit) OP5 5.3.5 / 5.4.0 / 5.4.2 / 5.5.0 / 5.5.1 - 'welcome' Remote Command Execution (Metasploit) PHPMailer < 5.2.19 - Sendmail Argument Injection (Metasploit) SysAid Help Desk Administrator Portal < 14.4 - Arbitrary File Upload (Metasploit) WordPress Plugin Ninja Forms 2.9.36 < 2.9.42 - Unauthenticated File Upload (Metasploit) SixApart MovableType < 5.2.12 - Storable Perl Code Execution (Metasploit) WordPress Theme Holding Pattern - Arbitrary File Upload (Metasploit) Distinct TFTP 3.10 - Writable Directory Traversal Execution (Metasploit)	2017-03-24 05:01:16 +00:00
Offensive Security	8b5b662af9	DB: 2017-03-23 8 new exploits SpyCamLizard 1.230 - Denial of Service APNGDis 2.8 - 'chunk size descriptor' Heap Buffer Overflow APNGDis 2.8 - 'image width / height chunk' Heap Buffer Overflow APNGDis 2.8 - 'filename' Stack Buffer Overflow Disk Sorter Enterprise 9.5.12 - 'GET' Buffer Overflow (SEH) SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit) GLink Word Link Script 1.2.3 - SQL Injection Solare Datensysteme Solar-Log Devices 2.8.4-56 / 3.5.2-85 - Multiple Vulnerabilities	2017-03-23 05:01:16 +00:00
Offensive Security	93635f1158	DB: 2017-03-22 1 new exploits Joomla! Component Extra Search 2.2.8 - 'establename' Parameter SQL Injection	2017-03-22 05:01:16 +00:00
Offensive Security	07432556e0	DB: 2017-03-21 26 new exploits FTPShell Client 6.53 - Local Buffer Overflow FTPShell Client 6.53 - 'Session name' Local Buffer Overflow FTPShell Server 6.56 - 'ChangePassword' Buffer Overflow ExtraPuTTY 0.29-RC2 - Denial of Service Google Nest Cam 5.2.1  - Buffer Overflow Conditions Over Bluetooth LE Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages (MS17-017) Microsoft Windows - Uniscribe Font Processing Out-of-Bounds Read in usp10!otlChainRuleSetTable::rule (MS17-011) Microsoft Windows - 'USP10!otlList::insertAt' Uniscribe Font Processing Heap-Based Buffer Overflow (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Read/Write in 'USP10!AssignGlyphTypes' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!MergeLigRecords' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Buffer Overflow in 'USP10!ttoGetTableData' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Write in 'USP10!UpdateGlyphFlags' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption Around 'USP10!BuildFSM' (MS17-011) Microsoft Windows - Uniscribe Font Processing Buffer Overflow in 'USP10!FillAlternatesList' (MS17-011) Microsoft Windows - Uniscribe Font Processing Multiple Heap-Based Out-of-Bounds and Wild Reads (MS17-011) Microsoft GDI+ - 'gdiplus!GetRECTSForPlayback' Out-of-Bounds Read (MS17-013) Microsoft Color Management Module 'icm32.dll' - 'icm32!Fill_ushort_ELUTs_from_lut16Tag' Out-of-Bounds Read (MS17-013) Microsoft Windows - Uniscribe Heap-Based Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013) Microsoft Color Management Module 'icm32.dll' - 'icm32!LHCalc3toX_Di16_Do16_Lut8_G32' Out-of-Bounds Read (MS17-013) Mozilla Firefox - 'table' Use-After-Free Microsoft Internet Explorer - 'textarea.defaultValue' Memory Disclosure (MS17-006) HttpServer 1.0 - Directory Traversal Cobbler 2.8.0 - Authenticated Remote Code Execution Joomla! Component JooCart 2.x - 'product_id' Parameter SQL Injection Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection phplist 3.2.6 - SQL Injection D-Link DGS-1510 - Multiple Vulnerabilities	2017-03-21 05:01:17 +00:00
Offensive Security	e3778e5508	DB: 2017-03-20 5 new exploits Linux/x86 - Bind Shell Shellcode (51 bytes) Linux/x86 - Bind Shell Shellcode (42 bytes) Linux/x86 - File Reader Shellcode (54 Bytes) iFdate Social Dating Script 2.0 - SQL Injection DIGISOL DG-HR1400 1.00.02 Wireless Router - Privilege Escalation Omegle Clone - SQL Injection Secure Download Links - 'dc' Parameter SQL Injection	2017-03-20 05:01:17 +00:00
Offensive Security	4da96605a4	DB: 2017-03-18 8 new exploits Cerberus FTP Server 8.0.10.3 - 'MLST' Buffer Overflow FTPShell Client 6.53 - Local Buffer Overflow Linux/x86 - Encoded exceve(_/bin/sh_) Shellcode (44 Bytes) Linux/x86 - Bind Shell Shellcode (51 bytes) Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download AXIS Communications - Cross-Site Scripting / Content Injection AXIS Multiple Products - Cross-Site Request Forgery Departmental Store Management System 1.2 - SQL Injection	2017-03-18 05:01:24 +00:00
Offensive Security	66117c63f5	DB: 2017-03-16 16 new exploits Adobe Flash - Metadata Parsing Out-of-Bounds Read Adobe Flash - MovieClip Attach init Object Use-After-Free Adobe Flash - ATF Thumbnailing Heap Overflow Adobe Flash - ATF Planar Decompression Heap Overflow Adobe Flash - AVC Header Slicing Heap Overflow Microsoft Windows - 'LoadUvsTable()' Heap-based Buffer Overflow USBPcap - Privilege Escalation USBPcap 1.1.0.0 (WireShark 2.2.5) - Privilege Escalation PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012) Cisco Firepower Management Console 6.0 - Post Authentication UserAdd Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (Metasploit) IBM WebSphere - RCE Java Deserialization (Metasploit) Apache Struts Jakarta - Multipart Parser OGNL Injection (Metasploit) Joomla! Component Vik Appointments 1.5 - SQL Injection Joomla! Component Vik Rent Items 1.3 - SQL Injection Joomla! Component Vik Rent Car 1.11 - SQL Injection GitHub Enterprise 2.8.0 < 2.8.6 - Remote Code Execution Steam Profile Integration 2.0.11 - SQL injection Sitecore CMS 8.1 Update-3 - Cross-Site Scripting	2017-03-16 05:01:20 +00:00
Offensive Security	c7382d10cd	DB: 2017-03-15 4 new exploits MikroTik Router - ARP Table OverFlow Denial Of Service Netgear R7000 and R6400 - cgi-bin Command Injection (Metasploit) Netgear R7000 and R6400 - 'cgi-bin' Command Injection (Metasploit) D-Link DI-524 - Cross-Site Request Forgery Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection Joomla! Component Advertisement Board 3.0.4 - 'id' Parameter SQL Injection	2017-03-15 05:01:18 +00:00
Offensive Security	8359f0a6a2	DB: 2017-03-14 5 new exploits Cerberus FTP Server 8.0.10.1 - Denial of Service VirtualBox - Cooperating VMs can Escape from Shared Folder Netgear R7000 and R6400 - cgi-bin Command Injection (Metasploit) Car Workshop System - SQL Injection Fiyo CMS 2.0.6.1 - Privilege Escalation	2017-03-14 05:01:18 +00:00
Offensive Security	d36dc6b95d	DB: 2017-03-12 14 new exploits MobaXterm Personal Edition 9.4 - Directory Traversal Windows x86 - Hide Console Window Shellcode (182 bytes) e107 <= 2.1.4 - 'keyword' Blind SQL Injection Domain Marketplace Script - SQL Injection Global In - SQL Injection Global In - Arbitrary File Upload Vanelo - SQL Injection Mirage - SQL Injection Pet Listing Script 3.0 - SQL Injection Property Listing Script 3.1 - SQL Injection Travel Tours Script 2.0 - SQL Injection Yacht Listing Script 2.0 - SQL Injection Yellow Pages Script 3.2 - 'category_id' Parameter SQL Injection PHP Forum Script 3.0 - SQL Injection	2017-03-12 05:01:18 +00:00
Offensive Security	f2327bc214	DB: 2017-03-11 5 new exploits Price Comparison Script 2017.1.8 - SQL Injection Clickbank Affiliate Marketplace Script 2017 - SQL Injection Kinsey Infor/Lawson / ESBUS - SQL Injection WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery dnaLIMS DNA Sequencing - Directory Traversal / Session Hijacking / Cross-Site Scripting	2017-03-11 05:01:19 +00:00
Offensive Security	6e7ec5be32	DB: 2017-03-10 20 new exploits Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 - Denial of Service Apache Struts2 - Skill Name Remote Code Execution Apache Struts 2 - Skill Name Remote Code Execution Linux - Reverse Shell Shellcode (65 bytes) Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Linux - TCP Reverse Shell Shellcode (65 bytes) Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Windows x86 - Executable Directory Search Shellcode (130 bytes) Apache Struts2 < 2.3.1 - Multiple Vulnerabilities Apache Struts 2 < 2.3.1 - Multiple Vulnerabilities Country on Sale Script - SQL Injection Media Search Engine Script - 'search' Parameter SQL Injection Soundify 1.1 - 'tid' Parameter SQL Injection BistroStays 3.0 - 'guests' Parameter SQL Injection Nlance 2.2 - SQL Injection Busewe 1.2 - SQL Injection Fashmark 1.2 - 'category' Parameter SQL Injection TradeMart 1.1 - SQL Injection Drupal 7.x Module Services - Remote Code Execution WordPress Plugin Mac Photo Gallery 3.0 - Arbitrary File Download WordPress Plugin Apptha Slider Gallery 1.0 - SQL Injection WordPress Plugin Apptha Slider Gallery 1.0 - Arbitrary File Download WordPress Plugin PICA Photo Gallery 1.0 - SQL Injection Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Cross-Site Scripting ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Remote Code Execution FTP Voyager Scheduler 16.2.0 - Cross-Site Request Forgery	2017-03-10 05:01:18 +00:00
Offensive Security	06a7933be4	DB: 2017-03-09 8 new exploits USBPcap - Privilege Escalation Linux - Reverse Shell Shellcode (66 bytes) Linux - Reverse Shell Shellcode (65 bytes) Themeforest Clone Script - SQL Injection Graphicriver Clone Script - SQL Injection Codecanyon Clone Script - SQL Injection Audiojungle Clone Script - SQL Injection Videohive Clone Script - SQL Injection Envato Clone Script - SQL Injection Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery	2017-03-09 05:01:19 +00:00
Offensive Security	6883068111	DB: 2017-03-08 5 new exploits Evostream Media Server 1.7.1 (x64) - Denial of Service Azure Data Expert Ultimate 2.2.16 - Buffer Overflow Mini CMS 1.1 - 'name' Parameter SQL Injection Daily Deals Script 1.0 - 'id' Parameter SQL Injection Bull/IBM AIX Clusterwatch/Watchware - Multiple Vulnerabilities	2017-03-08 05:01:19 +00:00
Offensive Security	9aef664a7e	DB: 2017-03-07 31 new exploits iSQL 1.0 - isql_main.c Buffer Overflow (PoC) iSQL 1.0 - 'isql_main.c' Buffer Overflow (PoC) Memcached 1.4.33 - 'Crash' PoC Memcached 1.4.33 - 'Add' PoC Memcached 1.4.33 - 'sasl' PoC Memcached 1.4.33 - 'Crash' (PoC) Memcached 1.4.33 - 'Add' (PoC) Memcached 1.4.33 - 'sasl' (PoC) Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (POC) Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (PoC) Microsoft Windows gdi32.dll - EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads / Memory Disclosure Microsoft Windows - 'gdi32.dll' EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads / Memory Disclosure Microsoft Office PowerPoint 2010 GDI - 'GDI32!ConvertDxArray' Insufficient Bounds Check Microsoft Office PowerPoint 2010 - GDI 'GDI32!ConvertDxArray' Insufficient Bounds Check Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free PoC Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC) Conext ComBox 865-1058 - Denial of Service Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051) Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (PoC) (MS16-051) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (PoC) (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition (PoC) (Write Access) CyberGhost 6.0.4.2205 - Privilege Escalation FTPShell Client 6.53 - Buffer Overflow Linux/x86-64 - /bin/sh Shellcode Linux/x86-64 - /bin/sh Shellcode (34 bytes) Linux/x86-64 - Reverse Shell Shellcode Linux/x86-64 - Reverse Shell Shellcode (134 bytes) Linux/x86-64 - XOR Encode execve Shellcode Linux/x86-64 - XOR Encode execve Shellcode (84 bytes) Linux/x86_64 - Bind 5600 TCP Port - Shellcode (87 bytes) Linux/x86_64 - execve /bin/sh Shellcode (22 bytes) Linux/x86-64 - Bind 5600 TCP Port - Shellcode (87 bytes) Linux/x86-64 - execve /bin/sh Shellcode (22 bytes) Linux/x86_64 - Random Listener Shellcode (54 bytes) Linux/x86-64 - Random Listener Shellcode (54 bytes) Wordpress < 4.7.1 - Username Enumeration WordPress < 4.7.1 - Username Enumeration Advanced Bus Booking Script 2.04 - SQL Injection Entrepreneur Bus Booking Script 3.03 - 'hid_Busid' Parameter SQL Injection Single Theater Booking Script - 'newsid' Parameter SQL Injection Responsive Events & Movie Ticket Booking Script - SQL Injection Online Cinema and Event Booking Script 2.01 - 'newsid' Parameter SQL Injection Redbus Clone Script 3.05 - 'hid_Busid' Parameter SQL Injection Groupon Clone Script 3.01 - 'catid' Parameter SQL Injection Naukri Clone Script 3.02 - 'type' Parameter SQL Injection Yellow Pages Clone Script 1.3.4 - SQL Injection Advanced Matrimonial Script 2.0.3 - SQL Injection Advanced Real Estate Script 4.0.6 - SQL Injection PHP Classifieds Rental Script 3.6.0 - 'scatid' Parameter SQL Injection Entrepreneur B2B Script 2.0.4 - 'id' Parameter SQL Injection PHP Matrimonial Script 3.0 - SQL Injection MLM Binary Plan Script 2.0.5 - SQL Injection MLM Forced Matrix 2.0.7 - SQL Injection MLM Forex Market Plan Script 2.0.1 - SQL Injection MLM Membership Plan Script 2.0.5 - SQL Injection Multireligion Responsive Matrimonial Script 4.7.1 - SQL Injection Network Community Script 3.0.2 - SQL Injection PHP B2B Script 3.05 - SQL Injection Responsive Matrimonial Script 4.0.1 - SQL Injection Schools Alert Management Script 2.01 - 'list_id' Parameter SQL Injection Select Your College Script 2.01 - SQL Injection Social Network Script 3.01 - 'id' Parameter SQL Injection Website Broker Script 3.02 - 'view' Parameter SQL Injection WordPress Multiple Plugins - Arbitrary File Upload Deluge Web UI 1.3.13 - Cross-Site Request Forgery	2017-03-07 05:01:20 +00:00
Offensive Security	4811e36301	DB: 2017-03-06 9 new exploits Linux/x86-64 - Polymorphic Flush IPTables Shellcode (47 bytes) Linux/x86-64 - NetCat Reverse Shell Shellcode (72 bytes) Linux/x86-64 - Polymorphic NetCat Reverse Shell Shellcode (106 bytes) Joomla! Component com_jumi - (fileid) Blind SQL Injection Joomla! Component Jumi - 'fileid' Parameter Blind SQL Injection EPSON TMNet WebConfig 1.00 - Cross-Site Scripting Joomla! Component JUX EventOn 1.0.1 - 'id' Parameter SQL Injection Joomla! Component Monthly Archive 3.6.4 - 'author_form' Parameter SQL Injection Joomla! Component AYS Quiz 1.0 - 'id' Parameter SQL Injection Joomla! Component Content ConstructionKit 1.1 - SQL Injection Joomla! Component AltaUserPoints 1.1 - 'userid' Parameter SQL Injection	2017-03-06 05:01:18 +00:00
Offensive Security	d3106003d4	DB: 2017-03-04 5 new exploits Linux/x86-64 - Polymorphic Setuid(0) & Execve(/bin/sh) Shellcode (31 bytes) Wordpress < 4.7.1 - Username Enumeration NetGain Enterprise Manager 7.2.562 - 'Ping' Command Injection Joomla! Component Coupon 3.5 - SQL Injection pfSense 2.3.2 - Cross-Site Scripting / Cross-Site Request Forgery	2017-03-04 05:01:19 +00:00
Offensive Security	a3ee969c7d	DB: 2017-03-03 5 new exploits Php Classified OLX Clone Script - 'category' Parameter SQL Injection Joomla! Component Abstract 2.1 - SQL Injection Joomla! Component StreetGuessr Game 1.0 - SQL Injection Joomla! Component Guesser 1.0.4 - 'type' Parameter SQL Injection Joomla! Component Recipe Manager 2.2 - 'id' Parameter SQL Injection	2017-03-03 05:01:17 +00:00
Offensive Security	846ce42eca	DB: 2017-03-02 14 new exploits SysGauge 1.5.18 - Buffer Overflow WePresent WiPG-1500 - Backdoor Account Windows x86 - Reverse TCP Staged Alphanumeric Shellcode (332 Bytes) DLink DSL-2730U Wireless N 150 - Cross-Site Request Forgery Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting WordPress Plugin Contact Form Manager - Cross-Site Request Forgery / Cross-Site Scripting WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting WordPress Plugin Popup by Supsystic 1.7.6 - Cross-Site Request Forgery WordPress Plugin NewStatPress 1.2.4 - Cross-Site Scripting WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery WordPress Plugin File Manager 3.0.1 - Cross-Site Request Forgery SchoolDir - SQL Injection Rage Faces Script 1.3 - SQL Injection Meme Maker Script 2.1 - 'user' Parameter SQL Injection	2017-03-02 05:01:19 +00:00
Offensive Security	026ded7298	DB: 2017-02-28 12 new exploits MVPower DVR TV-7104HE 1.8.4 115215B9 - Shell Unauthenticated Command Execution (Metasploit) Windows x86 - Executable Directory Search Shellcode (130 bytes) Linux/x86_64 - Random Listener Shellcode (54 bytes) NETGEAR DGN2200v1/v2/v3/v4 - 'dnslookup.cgi' Remote Command Execution Joomla! Component Gnosis 1.1.2 - 'id' Parameter SQL Injection Trend Micro InterScan Messaging Security (Virtual Appliance) - Remote Code Execution (Metasploit) Joomla! Component Appointments for JomSocial 3.8.1 - SQL Injection Joomla! Component My MSG 3.2.1 - SQL Injection Joomla! Component Spinner 360 1.3.0 - SQL Injection Joomla! Component JomSocial - SQL Injection Grails PDF Plugin 0.6 - XML External Entity Injection Joomla! Component OneVote! 1.0 - SQL Injection	2017-02-28 05:01:17 +00:00
Offensive Security	5d75646fa8	DB: 2017-02-26 1 new exploits Joomla! Component Intranet Attendance Track 2.6.5 - SQL Injection	2017-02-26 05:01:19 +00:00
Offensive Security	438afbcaf8	DB: 2017-02-25 12 new exploits Microsoft Edge and Internet Explorer - 'HandleColumnBreakOnColumnSpanningElement' Type Confusion Joomla! Component JooDatabase 3.1.0 - SQL Injection Joomla! Component JO Facebook Gallery 4.5 - SQL Injection Joomla! Component AJAX Search for K2 2.2 - SQL Injection Joomla! Component Community Surveys 4.3 - SQL Injection Joomla! Component Community Polls 4.5.0 - SQL Injection Apple WebKit 10.0.2 - 'FrameLoader::clear' Universal Cross-Site Scripting Joomla! Component GPS Tools 4.0.1 - SQL Injection Apple WebKit 10.0.2 - Cross-Origin or Sandboxed IFRAME Pop-up Blocker Bypass Joomla! Component Community Quiz 4.3.5 - SQL Injection Apple WebKit 10.0.2 - 'Frame::setDocument' Universal Cross-Site Scripting memcache-viewer - Cross-Site Scripting	2017-02-25 05:01:19 +00:00
Offensive Security	3710b90d25	DB: 2017-02-24 6 new exploits macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read Linux/x86-64 - Egghunter Shellcode (38 bytes) WordPress Plugin Mail Masta 1.0 - SQL Injection Joomla! Component Store for K2 3.8.2 - SQL Injection Joomla! Component UserExtranet 1.3.1 - SQL Injection Joomla! Component MultiTier 3.1 - SQL Injection	2017-02-24 05:01:18 +00:00
Offensive Security	c7c1c7d92e	DB: 2017-02-23 13 new exploits EasyCom For PHP 4.0.0 - Buffer Overflow (PoC) EasyCom For PHP 4.0.0 - Denial of Service Google Chrome - 'layout' Out-of-Bounds Read Shutter 0.93.1 - Code Execution DiskSavvy Enterprise - GET Buffer Overflow (Metasploit) Disk Savvy Enterprise - GET Buffer Overflow (Metasploit) Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH) Joomla! Component ContentMap 1.3.8 - 'contentid' Parameter SQL Injection Joomla! Component VehicleManager 3.9 - SQL Injection Joomla! Component RealEstateManager 3.9 - SQL Injection Joomla! Component BookLibrary 3.6.1 - SQL Injection Joomla! Component MediaLibrary Basic 3.5 - SQL Injection Lock Photos Album&Videos Safe 4.3 - Directory Traversal ProjectSend r754 - Insecure Direct Object Reference Teradici Management Console 2.2.0 - Privilege Escalation	2017-02-23 05:01:18 +00:00
Offensive Security	ad7bd81657	DB: 2017-02-22 21 new exploits Microsoft Office PowerPoint 2010 - 'MSO!Ordinal5429' Missing Length Check Heap Corruption Microsoft Office PowerPoint 2010 - MSO/OART Heap Out-of-Bounds Access Microsoft Office PowerPoint 2010 GDI - 'GDI32!ConvertDxArray' Insufficient Bounds Check Adobe Flash - MP4 AMF Parsing Overflow Adobe Flash - SWF Stack Corruption Adobe Flash - Use-After-Free in Applying Bitmap Filter Adobe Flash - YUVPlane Decoding Heap Overflow DIGISOL DG-HR1400 Wireless Router - Cross-Site Request Forgery Joomla! Component J-HotelPortal 6.0.2 - 'review_id' Parameter SQL Injection Joomla! Component J-CruiseReservation Standard 3.0 - 'city' Parameter SQL Injection Joomla! Component Eventix Events Calendar 1.0 - SQL Injection Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' Parameter SQL Injection Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection Joomla! Component Magic Deals Web 1.2.0 - SQL Injection Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection Sophos Web Appliance 4.2.1.3 - block/unblock Remote Command Injection (Metasploit) Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection (Metasploit) Sonicwall 8.1.0.2-14sv - 'extensionsettings.cgi' Remote Command Injection (Metasploit) Sonicwall 8.1.0.2-14sv - 'viewcert.cgi' Remote Command Injection (Metasploit) AlienVault OSSIM/USM <= 5.3.1 - Remote Code Execution (Metasploit)	2017-02-22 05:01:19 +00:00
Offensive Security	4195f70ade	DB: 2017-02-21 6 new exploits EFS Easy Chat Server - Authentication Request Buffer Overflow (SEH) EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow (SEH) EFS Easy Chat Server - Cross-Site Request Forgery (Change Admin Password) EFS Easy Chat Server 2.2 - Cross-Site Request Forgery (Change Admin Password) EFS Easy Chat Server - Authentication Request Buffer Overflow (Perl) EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow (Perl) yaws 1.89 - Directory Traversal Yaws 1.89 - Directory Traversal Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Jogjacamp JProfile Gold - (id_news) SQL Injection Jogjacamp JProfile Gold - 'id_news' Parameter SQL Injection RSS News AutoPilot Script 1.0.1 / 3.0.3 - Cross-Site Request Forgery Joomla! Component MaQma Helpdesk 4.2.7 - 'id' Parameter SQL Injection Joomla! Component PayPal IPN for DOCman 3.1 - 'id' Parameter SQL Injection Album Lock 4.0 iOS - Directory Traversal Tenda N3 Wireless N150 Home Router - Authentication Bypass	2017-02-21 05:01:20 +00:00
Offensive Security	ae0dd9fa7c	DB: 2017-02-20 14 new exploits Linux - Reverse Shell Shellcode (66 bytes) Joomla! Component com_Joomlaoc - 'id' SQL Injection Joomla! Component Joomloc 1.0 - 'id' Parameter SQL Injection Joomla! Component com_awdwall 1.5.4 - Local File Inclusion / SQL Injection Joomla! Component AWDwall 1.5.4 - Local File Inclusion / SQL Injection Joomla! Component 'com_osproperty' 2.0.2 - Unrestricted Arbitrary File Upload Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload Horde 3.3.5 - Administration Interface admin/PHPshell.php PATH_INFO Parameter Cross-Site Scripting Horde 3.3.5 - Cross-Site Scripting Joomla! Component Joomloc-CAT 4.1.3 - 'ville' Parameter SQL Injection Joomla! Component Joomloc-Lite 1.3.2 - 'site_id' Parameter SQL Injection Joomla! Component JomWALL 4.0 - 'wuid' Parameter SQL Injection Joomla! Component OS Property 3.0.8 - SQL Injection Joomla! Component EShop 2.5.1 - 'id' Parameter SQL Injection Joomla! Component OS Services Booking 2.5.1 - SQL Injection Joomla! Component Room Management 1.0 - SQL Injection Joomla! Component Bazaar Platform 3.0 - SQL Injection Joomla! Component Google Map Store Locator 4.4 - SQL Injection Joomla! Component Most Wanted Real Estate 1.1.0 - SQL Injection NETGEAR DGN2200v1/v2/v3/v4 - 'ping.cgi' Remote Command Execution Sawmill Enterprise 8.7.9 - Authentication Bypass PHPShell 2.4 - Session Fixation	2017-02-20 05:01:17 +00:00
Offensive Security	2d72a9c8b9	DB: 2017-02-18 4 new exploits Netgear WGR614v9 Wireless Router - GET Request Denial of Service Netgear WGR614v9 Wireless Router - Denial of Service ZABBIX 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities ZABBIX 1.1x/1.4.x - File Checksum Request Denial of Service Zabbix 1.1x/1.4.x - File Checksum Request Denial of Service ZABBIX 1.1.4/1.4.2 - 'daemon_start' Privilege Escalation Zabbix 1.1.4/1.4.2 - 'daemon_start' Privilege Escalation Windows x86 - Protect Process Shellcode (229 bytes) Qwerty CMS - 'id' SQL Injection Qwerty CMS - 'id' Parameter SQL Injection Golabi CMS - Remote File Inclusion Golabi CMS 1.0 - Remote File Inclusion blogman 0.45 - Multiple Vulnerabilities EZ-Blog 1b - Delete All Posts / SQL Injection Blogman 0.45 - Multiple Vulnerabilities EZ-Blog beta1 - Delete All Posts / SQL Injection Access2asp - imageLibrary - (ASP) Arbitrary File Upload Access2asp - imageLibrary - Arbitrary File Upload Joomla! Component com_digistore - 'pid' Blind SQL Injection Joomla! Component com_digistore - 'pid' Parameter Blind SQL Injection EZ-Blog Beta2 - (category) SQL Injection EZ-Blog Beta2 - 'category' Parameter SQL Injection Joomla! Component Team Display 1.2.1 - 'filter_category' Parameter SQL Injection Joomla! Component Groovy Gallery 1.0.0 - SQL Injection Joomla! Component WMT Content Timeline 1.0 - 'id' Parameter SQL Injection	2017-02-18 05:01:17 +00:00
Offensive Security	2f2ccec5c2	DB: 2017-02-17 8 new exploits Linux - Dual/Multi mode Bind Shell Shellcode (156 bytes) Joomla! Component 'com_spidercalendar' - SQL Injection Joomla! Component Spider Calendar - SQL Injection Joomla! Component 'com_spidercatalog' - 'Product_ID' Parameter SQL Injection Joomla! Component Spider Catalog 1.1 - 'Product_ID' Parameter SQL Injection Joomla! Component 'com_spidercalendar' - 'date' Parameter Blind SQL Injection Joomla! Component Spider Calendar - 'date' Parameter Blind SQL Injection Joomla! Component 'com_spidercalendar' 3.2.6 - SQL Injection Joomla! Component Spider Calendar 3.2.6 - SQL Injection Joomla! Component 'com_spidercontacts' 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component Spider Contacts 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component 'com_spiderfaq' - SQL Injection Joomla! Component Spider FAQ - SQL Injection Joomla! Component Spider Calendar Lite 3.2.16 - SQL Injection Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection Joomla! Component Spider Facebook 1.6.1 - SQL Injection Joomla! Component Spider FAQ Lite 1.3.1 - SQL Injection WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting dotCMS 3.6.1 - Blind Boolean SQL Injection Joomla! Component JEmbedAll 1.4 - SQL Injection	2017-02-17 05:01:19 +00:00
Offensive Security	d9f5d919c6	DB: 2017-02-16 10 new exploits Microsoft Windows gdi32.dll - EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads / Memory Disclosure NVIDIA Driver 375.70 - DxgkDdiEscape 0x100008b Out-of-Bounds Read/Write NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission GOM Player 2.3.10.5266 - '.fpx' Denial of Service Cisco ASA - WebVPN CIFS Handling Buffer Overflow OpenText Documentum D2 - Remote Code Execution Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit) Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 - Multiple Vulnerabilities Joomla! Component JoomBlog 1.3.1 - SQL Injection Joomla! Component JSP Store Locator 2.2 - 'id' Parameter SQL Injection	2017-02-16 05:01:17 +00:00
Offensive Security	2f4b2745b1	DB: 2017-02-15 11 new exploits Linux Kernel 3.10.0 (CentOS7) - Denial of Service LG G4 - lgdrmserver Binder Service Multiple Race Conditions LG G4 - lghashstorageserver Directory Traversal LG G4 - Touchscreen Driver write_log Kernel Read/Write Google Android - Inter-process munmap in android.util.MemoryIntArray Google Android - android.util.MemoryIntArray Ashmem Race Conditions Microsoft Edge - TypedArray.sort Use-After-Free (MS16-145) ShadeYouVPN Client 2.0.1.11 - Privilege Escalation ntfs-3g - Unsanitized modprobe Environment Privilege Escalation MLdonkey 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure MLdonkey 2.9.7 - Arbitrary File Disclosure Mldonkey 2.5 -4 - Web Interface Error Message Cross-Site Scripting MLdonkey 2.5-4 - Cross-Site Scripting Piwik 2.14.0 / 2.16.0 / 2.17.1 / 3.0.1 - Superuser Plugin Upload (Metasploit) Joomla! Component NeoRecruit 1.4 - 'id' SQL Injection Joomla! Component NeoRecruit 1.4 - 'id' Parameter SQL Injection taifajobs 1.0 - (jobid) SQL Injection taifajobs 1.0 - 'jobid' Parameter SQL Injection Pyrophobia 2.1.3.1 - modules/out.php id Parameter Cross-Site Scripting Pyrophobia 2.1.3.1 - admin/index.php Multiple Parameter Traversal Arbitrary File Access Pyrophobia 2.1.3.1 - Cross-Site Scripting Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access Itech B2B Script 4.29 - Multiple Vulnerabilities	2017-02-15 05:01:16 +00:00
Offensive Security	d548da5f4f	DB: 2017-02-14 20 new exploits Nokia N95-8 - browser (setAttributeNode) Method Crash Nokia N95-8 browser - 'setAttributeNode' Method Crash Got All Media 7.0.0.3 - (t00t) Remote Denial of Service Got All Media 7.0.0.3 - Remote Denial of Service GeoVision Digital Video Surveillance System - (geohttpserver) DT GeoVision Digital Video Surveillance System 8.2 - Arbitrary File Disclosure pHNews alpha 1 - (templates_dir) Remote Code Execution pHNews alpha 1 - 'templates_dir' Parameter Remote Code Execution Bloggeruniverse 2.0 Beta - 'editcomments.php id' SQL Injection Den Dating 9.01 - 'searchmatch.php' SQL Injection InselPhoto 1.1 - (query) SQL Injection PHP Krazy Image Host Script 1.01 - 'viewer.php id' SQL Injection Bloggeruniverse 2.0 Beta - 'id' Parameter SQL Injection Den Dating 9.01 - 'txtlookgender' Parameter SQL Injection InselPhoto 1.1 - 'query' Parameter SQL Injection PHP Krazy Image Host Script 1.01 - 'id' Parameter SQL Injection Vlinks 1.1.6 - 'id' SQL Injection Vlinks 1.1.6 - 'id' Parameter SQL Injection CmsFaethon 2.2.0 - info.php item SQL Command Injection InselPhoto 1.1 - Persistent Cross-Site Scripting CmsFaethon 2.2.0 - 'item' Parameter SQL Injection InselPhoto 1.1 - Cross-Site Scripting SAS Hotel Management System - 'myhotel_info.asp' SQL Injection YACS CMS 8.11 - update_trailer.php Remote File Inclusion SAS Hotel Management System - 'id' Parameter SQL Injection YACS CMS 8.11 - 'update_trailer.php' Remote File Inclusion pHNews Alpha 1 - 'header.php mod' SQL Injection pHNews Alpha 1 - 'mod' Parameter SQL Injection Novaboard 1.0.1 - (message) Persistent Cross-Site Scripting Novaboard 1.0.1 - Cross-Site Scripting Joomla! Component JE Quiz - Blind SQL Injection Joomla! Component JE Quiz - 'eid' Parameter Blind SQL Injection SAS Hotel Management System - user_login.asp SQL Injection SAS Hotel Management System - 'notfound' Parameter SQL Injection JE Messenger 1.0 - Arbitrary File Upload Joomla! Component JE Messenger 1.0 - Arbitrary File Upload Joomla! Component 'com_jeauto' - Local File Inclusion Joomla! Component JE Auto - Local File Inclusion vlinks 2.0.3 - 'site.php id Parameter' SQL Injection Vlinks 2.0.3 - 'id' Parameter SQL Injection Yacs CMS 10.5.27 - 'context[path_to_root]' Parameter Remote File Inclusion YACS CMS 10.5.27 - 'context[path_to_root]' Parameter Remote File Inclusion Joomla! Component Soccer Bet 4.1.5 - 'userid' Parameter SQL Injection PHP Marketplace Script - SQL Injection Joomla! Component JE Classify Ads 1.2 - 'pro_id' Parameter SQL Injection Joomla! Component JE Gallery 1.3 - 'photo_id' Parameter SQL Injection Joomla! Component JE Directory 1.7 - 'ditemid' Parameter SQL Injection Joomla! Component JE QuoteForm - 'Itemid' Parameter SQL Injection Joomla! Component JE Property Finder 1.6.3 - SQL Injection Joomla! Component JE Tour 2.0 - SQL Injection Joomla! Component JE Video Rate 1.0 - SQL Injection Joomla! Component JE auction 1.6 - 'eid' Parameter SQL Injection Joomla! Component JE Auto 1.5 - 'd_itemid' Parameter SQL Injection Joomla! Component JE Awd Song 1.8 - SQL Injection Joomla! Component Hbooking 1.9.9 - 'h_id' Parameter SQL Injection Joomla! Component JE Quiz 2.3 - SQL Injection Joomla! Component JE Grid Folio - 'id' Parameter SQL Injection Joomla! Component JE K2 Multiple Form Story 1.3 - 'Itemid' Parameter SQL Injection Joomla! Component JE Form Creator 1.8 - 'Itemid' Parameter SQL Injection Joomla! Component JE Portfolio Creator 1.2 - 'd_itemid' Parameter SQL Injection Joomla! Component JE Ticket System 1.2 - SQL Injection Joomla! Component JE Messanger - SQL Injection	2017-02-14 05:01:17 +00:00
Offensive Security	8b6bfd7f93	DB: 2017-02-13 19 new exploits Cimetrics BACstac 6.2f - Privilege Escalation Cimetrics BACnet Explorer 4.0 - XML External Entity Injection SonicDICOM PACS 2.3.2 - Cross-Site Scripting SonicDICOM PACS 2.3.2 - Cross-Site Request Forgery (Add Admin) SonicDICOM PACS 2.3.2 - Privilege Escalation Kodi 17.1 - Arbitrary File Disclosure WhizBiz 1.9 - SQL Injection TI Online Examination System 2.0 - SQL Injection Viavi Real Estate - SQL Injection Viavi Movie Review - 'id' Parameter SQL Injection Viavi Product Review - 'id' Parameter SQL Injection Quadz School Management System 3.1 - 'uisd' Parameter SQL Injection Domains & Hostings Manager PRO 3.0 - 'entries' Parameter SQL Injection Joomla! Component onisPetitions 2.5 - 'tag' Parameter SQL Injection Joomla! Component onisQuotes 2.5 - 'tag' Parameter SQL Injection Joomla! Component onisMusic 2 - 'tag' Parameter SQL Injection Joomla! Component Sponsor Wall 7.0 - 'wallid' Parameter SQL Injection Joomla! Component Vik Booking 1.7 - SQL Injection Joomla! Component Soccer Bet 4.1.5 - 'cat' Parameter SQL Injection	2017-02-13 05:01:18 +00:00
Offensive Security	187fb60098	DB: 2017-02-12 1 new exploits WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection	2017-02-12 05:01:16 +00:00
Offensive Security	dcc7720ad6	DB: 2017-02-11 18 new exploits Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit) F5 BIG-IP SSL Virtual Server - Memory Disclosure CMS Lite 1.3.1 - SQL Injection Tiger Post 3.0.1 - SQL Injection Gram Post 1.0 - SQL Injection Youtube Analytics Multi Channel 3.0 - SQL Injection Collabo - Arbitrary File Download Takas Classified 1.1 - SQL Injection Zigaform - SQL Injection Multilanguage Estate Agency Pro 1.2 - SQL Injection QWIKIA 1.1.1 - SQL Injection Automated Job Portal Script - SQL Injection CLUB-8 EMS - SQL Injection Uploadr - SQL Injection CodePaul ClipMass - SQL Injection Video Subscription - SQL Injection D-link DIR-600M - Cross-Site Request Forgery HotelCMS with Booking Engine - SQL Injection	2017-02-11 05:01:16 +00:00
Offensive Security	a6133048b5	DB: 2017-02-10 6 new exploits Mobiketa 3.5 - SQL Injection Sendroid 5.2 - SQL Injection Fome SMS Portal 2.0 - SQL Injection SOA School Management - SQL Injection Client Expert 1.0.1 - SQL Injection EXAMPLO - SQL Injection	2017-02-10 05:01:16 +00:00
Offensive Security	d1a0e8f9fd	DB: 2017-02-09 3 new exploits Zookeeper 3.5.2 - Denial of Service Linux/x86 - Reverse TCP Alphanumeric Staged Shellcode (103 bytes) YapBB 1.2 - (forumID) Blind SQL Injection YapBB 1.2 - 'forumID' Parameter Blind SQL Injection ClearBudget 0.6.1 - (Misspelled htaccess) Insecure DD ClearBudget 0.6.1 - Insecure Database Download phpYabs 0.1.2 - (Azione) Remote File Inclusion phpYabs 0.1.2 - 'Azione' Parameter Remote File Inclusion IF-CMS 2.0 - 'frame.php id' Blind SQL Injection IF-CMS 2.0 - 'id' Parameter Blind SQL Injection BusinessSpace 1.2 - 'id' SQL Injection A Better Member-Based ASP Photo Gallery - 'entry' SQL Injection BusinessSpace 1.2 - 'id' Parameter SQL Injection A Better Member-Based ASP Photo Gallery - 'entry' Parameter SQL Injection FlexCMS - (catId) SQL Injection FlexCMS 2.5 - 'catId' Parameter SQL Injection Thyme 1.3 - (export_to) Local File Inclusion Papoo CMS 3.x - (pfadhier) Local File Inclusion q-news 2.0 - Remote Command Execution Potato News 1.0.0 - (user) Local File Inclusion Thyme 1.3 - 'export_to' Parameter Local File Inclusion Papoo CMS 3.x - 'pfadhier' Parameter Local File Inclusion Q-News 2.0 - Remote Command Execution Potato News 1.0.0 - Local File Inclusion Mynews 0_10 - Authentication Bypass Mynews 0.10 - Authentication Bypass Muviko Video CMS - SQL Injection Multi Outlets POS 3.1 - 'id' Parameter SQL Injection	2017-02-09 05:01:17 +00:00
Offensive Security	2ff74c7c1b	DB: 2017-02-08 9 new exploits Zookeeper 3.5.2 - Denial of Service OpenBSD HTTPd < 6.0 - Memory Exhaustion Denial of Service ThisIsWhyImBroke Clone Script 4.0.0 - 'id' Parameter SQL Injection Fully Featured News CMS 1.0 - 'id' Parameter SQL Injection MySQL File Uploader 1.0 - 'id' Parameter SQL Injection Easy Support Tools 1.0 - 'stt' Parameter SQL Injection Easy Web Search 3 - 'id' Parameter SQL Injection FTP Made Easy PRO 1.2 - Arbitrary File Download Easy File Uploader 1.2 - Arbitrary File Download Responsive Filemanger <= 9.11.0 - Arbitrary File Disclosure	2017-02-08 05:01:17 +00:00
Offensive Security	ebbc883f34	DB: 2017-02-07 13 new exploits IVPN Client 2.6.1 - Privilege Escalation Questions and Answers Script 1.1.3 - SQL Injection Questions and Answers Script 1.1.3 - 'id' Parameter SQL Injection ThisIsWhyImBroke Clone Script 4.0 - 'id' Parameter SQL Injection Upworthy Clone Script 1.1.0 - 'id' Parameter SQL Injection Ultimate Viral Media Script 1.0 - 'id' Parameter SQL Injection Visual Link Sharing Websites Builder Script 2.1.0 - SQL Injection ThisIsWhyImBroke Clone Script 4.0.0 - 'id' Parameter SQL Injection Funny Image and Video Script 2.0.0 - 'id' Parameter SQL Injection Clone Script Directory Script 1.1.0 - 'cid' Parameter SQL Injection Viral Pictures and Video Script 2.0.0 - 'id' Parameter SQL Injection NewsBee CMS - SQL Injection Web Inspiration Gallery Script 1.0.0 - 'id' Parameter SQL Injection Viral Fun Facts Sharing Script 1.1.0 - 'id' Parameter SQL Injection Questions and Answers Script 2.0.0 - 'cid' Parameter SQL Injection	2017-02-07 05:01:16 +00:00
Offensive Security	565aa68240	DB: 2017-02-06 4 new exploits iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities iScripts EasyCreate 2.0 - Multiple Vulnerabilities iScripts AutoHoster - /checktransferstatus.php cmbdomain Parameter SQL Injection iScripts AutoHoster - /checktransferstatusbck.php cmbdomain Parameter SQL Injection iScripts AutoHoster - /additionalsettings.php cmbdomain Parameter SQL Injection iScripts AutoHoster - /payinvoiceothers.php invno Parameter SQL Injection iScripts AutoHoster - /support/parser/main_smtp.php Unspecified Traversal iScripts AutoHoster - 'checktransferstatus.php' SQL Injection iScripts AutoHoster - 'checktransferstatusbck.php' SQL Injection iScripts AutoHoster - 'additionalsettings.php' SQL Injection iScripts AutoHoster - 'invno' Parameter SQL Injection iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal Job Portal Script 9.11 - Authentication Bypass Itech Job Portal Script 9.11 - Authentication Bypass Alstrasoft Template Seller Pro 3.25e - 'tempid' Parameter SQL Injection Itech Job Portal Script 9.13 - Multiple Vulnerabilities iScripts AutoHoster 3.0 - 'siteid' Parameter SQL Injection iScripts EasyCreate 3.2 - 'siteid' Parameter SQL Injection	2017-02-06 05:01:18 +00:00
Offensive Security	e07f1ff036	DB: 2017-02-05 7 new exploits Debian 9 ntfs-3g - Privilege Escalation ntfs-3g (Debian 9) - Privilege Escalation Alstrasoft EPay Enterprise 5.17 - SQL Injection Alstrasoft ProTaxi Enterprise 3.5 - Arbitrary File Upload Alstrasoft e-Friends 5.12 - SQL Injection Alstrasoft Video Share Enterprise 4.72 - SQL Injection Alstrasoft Flippa Clone MarketPlace Script 4.10 - Cross-Site Request Forgery (Add Admin) Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin) Alstrasoft Forum Pay Per Post Exchange Script 2.01 - SQL Injection	2017-02-05 05:01:16 +00:00
Offensive Security	9ea9da7098	DB: 2017-02-04 6 new exploits APC UPS 3.7.2 - (apcupsd) Local Denial of Service APC UPS 3.7.2 - 'apcupsd' Local Denial of Service Microsoft Windows 7 / Server 2008R2 - Remote Kernel Crash Microsoft Windows 7 / Server 2008 R2 - Remote Kernel Crash Debian 9 ntfs-3g - Privilege Escalation CUPS 1.1.x - .HPGL File Processor Buffer Overflow CUPS 1.1.x - '.HPGL' File Processor Buffer Overflow CUPS < 2.0.3 - Remote Command Execution Netwave IP Camera - Password Disclosure Itech Multi Vendor Script 6.49 - SQL Injection Itech Multi Vendor Script 6.49 - 'pl' Parameter SQL Injection SlimarUSER Management 1.0 - 'id' Parameter SQL Injection Itech Multi Vendor Script 6.49 - SQL Injection Zoneminder 1.29 / 1.30 - Cross-Site Scripting / SQL Injection / Session Fixation / Cross-Site Request Forgery	2017-02-04 05:01:18 +00:00
Offensive Security	8290029acb	DB: 2017-02-03 12 new exploits Microsoft Windows 2000 - RPC DCOM Interface Denial of Service Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service Microsoft Windows 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows 2003/XP - Remote Denial of Service Microsoft Windows Server 2003/XP - Remote Denial of Service Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows Server 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Microsoft Windows Server 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow Microsoft Windows Server 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow Microsoft Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service Microsoft Windows Server 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service NT 4.0 / Windows 2000 - TCP/IP Printing Service Denial of Service Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service Microsoft Windows 2000 - Telnet Server Denial of Service Microsoft Windows Server 2000 - Telnet Server Denial of Service Microsoft Windows 2000 - Telnet 'Username' Denial of Service Microsoft Windows Server 2000 - Telnet 'Username' Denial of Service Microsoft Windows 2000 - RunAs Service Denial of Service Microsoft Windows Server 2000 - RunAs Service Denial of Service Microsoft Windows 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows 2000/XP - GDI Denial of Service Microsoft Windows Server 2000/XP - GDI Denial of Service Microsoft Windows 2000 - Internet Key Exchange Denial of Service (1) Microsoft Windows 2000 - Internet Key Exchange Denial of Service (2) Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (1) Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (2) Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows 2000 - Lanman Denial of Service (1) Microsoft Windows 2000 - Lanman Denial of Service (2) Microsoft Windows Server 2000 - Lanman Denial of Service (1) Microsoft Windows Server 2000 - Lanman Denial of Service (2) Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows 2000/XP - Registry Access Local Denial of Service Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service Microsoft Windows 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows 10 - SMBv3 Tree Connect (PoC) Google Android - 'rkp_set_init_page_ro' RKP Memory Corruption Microsoft Windows 2003 - Token Kidnapping Local Exploit (PoC) Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows Server 2003 - Token Kidnapping Local Exploit (PoC) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows 2000/95/98/NT 4.0 - Long Filename Extension Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension Microsoft Windows 2000 - Named Pipes Predictability Microsoft Windows Server 2000 - Named Pipes Predictability Microsoft Windows 2000 - Still Image Service Privilege Escalation Microsoft Windows Server 2000 - Still Image Service Privilege Escalation Microsoft Windows 2000/NT 4 - DLL Search Path Microsoft Windows Server 2000/NT 4 - DLL Search Path Microsoft Windows 2000 - Debug Registers Microsoft Windows Server 2000 - Debug Registers Microsoft Windows 2000 - RunAs Service Named Pipe Hijacking Microsoft Windows Server 2000 - RunAs Service Named Pipe Hijacking Microsoft Windows 2000/NT 4 - NTFS File Hiding Microsoft Windows Server 2000/NT 4 - NTFS File Hiding Microsoft Windows 2000 / NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2) Microsoft Windows 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows Server 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (1) Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (2) Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1) Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2) Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT/2000/XP/2003/Vista/2008/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Privilege Escalation Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation Microsoft Windows 2000/XP/2003 - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows 2000/XP/2003/Vista - Double-Free Memory Corruption Privilege Escalation Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation Ghostscript 9.20 - 'Filename' Command Execution Microsoft Windows 2000 - RSVP Server Authority Hijacking (PoC) Microsoft Windows Server 2000 - RSVP Server Authority Hijacking (PoC) Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (1) Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (2) Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (1) Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (2) Microsoft Windows 2000 - WINS Remote Code Execution Microsoft Windows Server 2000 - WINS Remote Code Execution Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit) Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit) WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python) WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl) WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Python) WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Perl) Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow Microsoft Windows Server 2000 SP4 - DNS RPC Remote Buffer Overflow Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow (Windows 2000) Microsoft IIS 5.0/6.0 FTP Server (Windows 2000) - Remote Stack Overflow Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Internet Explorer 5 (Windows 2000/95/98/NT 4) - XML HTTP Redirect Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4) - XML HTTP Redirect Microsoft Index Server 2.0 / Indexing Services (Windows 2000) - Directory Traversal Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - Directory Traversal Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut Exploit Microsoft Windows 2000 - Remote CPU-overload Microsoft Windows Server 2000 - Remote CPU-overload Microsoft Windows 2000 - telnet.exe NTLM Authentication Microsoft Windows Server 2000 - telnet.exe NTLM Authentication Microsoft Indexing Services (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting Microsoft Indexing Service (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting Microsoft Indexing Services (Windows 2000) - File Verification Microsoft Indexing Service (Windows 2000) - File Verification SurfControl SuperScout WebFilter for windows 2000 - File Disclosure SurfControl SuperScout WebFilter for windows 2000 - SQL Injection Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow SurfControl SuperScout WebFilter for Windows 2000 - File Disclosure SurfControl SuperScout WebFilter for Windows 2000 - SQL Injection Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow Microsoft Windows 2000 - Active Directory Remote Stack Overflow Microsoft Windows Server 2000 - Active Directory Remote Stack Overflow Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Microsoft Windows Server 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Microsoft Windows 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows 2000/2003 - Recursive DNS Spoofing (1) Microsoft Windows 2000/2003 - Recursive DNS Spoofing (2) Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (1) Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2) Linux - Multi/Dual mode Reverse Shell Shellcode (129 bytes) Travel Portal Script 9.33 - SQL Injection Movie Portal Script 7.35 - SQL Injection Itech Travel Portal Script 9.33 - SQL Injection Itech Movie Portal Script 7.35 - SQL Injection Auction Script 6.49 - SQL Injection Itech Auction Script 6.49 - 'mcid' Parameter SQL Injection Itech News Portal Script 6.28 - SQL Injection Itech News Portal Script 6.28 - 'inf' Parameter SQL Injection Video Sharing Script 4.94 - SQL Injection Itech Video Sharing Script 4.94 - 'v' Parameter SQL Injection Itech Classifieds Script 7.27 - 'pid' Parameter SQL Injection Itech Classifieds Script 7.27 - SQL Injection Video Sharing Script 4.94 - 'uid' Parameter SQL Injection Itech Video Sharing Script 4.94 - SQL Injection WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Python) WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Ruby) Itech Travel Portal Script 9.35 - SQL Injection Property Listing Script - 'propid' Parameter Blind SQL Injection Itech Inventory Management Software 3.77 - SQL Injection Itech Movie Portal Script 7.37 - SQL Injection Itech News Portal Script 6.28 - 'sc' Parameter SQL Injection Itech Auction Script 6.49 - 'pid' Parameter SQL Injection	2017-02-03 05:01:17 +00:00
Offensive Security	893d590404	DB: 2017-02-02 12 new exploits PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP 5.2.0 (Windows x86) - 'PHP_win32sti' Local Buffer Overflow Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (1) PHP 5.3.0 - getopt() Denial of Service PHP 5.3.0 - 'getopt()' Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (2) PHP 4.3.x/5.0 - openlog() Buffer Overflow PHP 4.3.x/5.0 - 'openlog()' Buffer Overflow Google Android - 'cfp_ropp_new_key_reenc' and 'cfp_ropp_new_key' RKP Memory Corruption Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation Apple WebKit - 'HTMLFormElement::reset()' Use-After Free Google Chrome - 'HTMLKeygenElement::shadowSelect()' Type Confusion Apple WebKit - 'HTMLKeygenElement' Type Confusion Apple WebKit - Type Confusion in RenderBox with Accessibility Enabled Google Android - RKP Information Disclosure via s2-remapping Physical Ranges QNAP NVR/NAS - Buffer Overflow Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Privilege Escalation (1) Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) UDEV < 1.4.1 - Privilege Escalation (1) Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Privilege Escalation (2) Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) UDEV < 1.4.1 - Privilege Escalation (2) PHP 5.2.9 (Windows x86) - Local Safemod Bypass Exploit PHP 5.2.9 (Windows x86) - Local Safemod Bypass Linux udev - Netlink Privilege Escalation (Metasploit) Linux Kernel UDEV < 1.4.1 - Netlink Privilege Escalation (Metasploit) Google Android - RKP EL1 Code Loading Bypass Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes) Syntax Desktop 2.7 - (synTarget) Local File Inclusion Syntax Desktop 2.7 - 'synTarget' Parameter Local File Inclusion Joomla! Component JTAG Calendar 6.2.4 - 'search' Parameter SQL Injection LogoStore - 'query' Parameter SQL Injection	2017-02-02 05:01:18 +00:00
Offensive Security	1a4e6f50a9	DB: 2017-02-01 65 new exploits Quake 3 Engine Client (Windows x86) - CS_ITEms Remote Overflow Mercur IMAPD 5.00.14 (Windows x86) - Remote Denial of Service PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow (PoC) Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC) ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC) Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Adobe Flash - Bad Dereference at 0x23c on Linux x64 Adobe Flash (Linux x64) - Bad Dereference at 0x23c Linux (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited Core FTP Server 32-bit Build 587 - Heap Overflow Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC) Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (POC) RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation RedHat 6.2 /usr/bin/rcp - 'SUID' Privilege Escalation Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation Setuid perl - 'PerlIO_Debug()' Root Owned File Creation Privilege Escalation Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid) Qpopper 4.0.8 (Linux) - (poppassd) Privilege Escalation Wireless Tools 26 (IWConfig) - Privilege Escalation Qpopper 4.0.8 (Linux) - 'poppassd' Privilege Escalation Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure Rocks Clusters 4.1 - (umount-loop) Privilege Escalation Rocks Clusters 4.1 - (mount-loop) Privilege Escalation Rocks Clusters 4.1 - 'umount-loop' Privilege Escalation Rocks Clusters 4.1 - 'mount-loop' Privilege Escalation PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation Postfix 2.6-20080814 - (symlink) Privilege Escalation Postfix 2.6-20080814 - 'symlink' Privilege Escalation Oracle Database Vault - ptrace(2) Privilege Escalation Oracle Database Vault - 'ptrace(2)' Privilege Escalation Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off-by-One Local Exploit Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86-64) - set_selection() UTF-8 Off-by-One Local Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1) Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Privilege Escalation) GNU C Library 2.x (libc6) - (Dynamic Linker LD_AUDIT Arbitrary DSO Load) Privilege Escalation Linux Kernel < 2.6.34 (Ubuntu 10.10 x86) - 'CAP_SYS_ADMIN' Privilege Escalation (1) Free Download Manager - Torrent Parsing Buffer Overflow (Metasploit) Free Download Manager 3.0 Build 844 - Torrent Parsing Buffer Overflow (Metasploit) VideoLAN VLC Client (Windows x86) - 'smb://' URI Buffer Overflow (Metasploit) PolicyKit polkit-1 < 0.101 - Linux Privilege Escalation PolicyKit polkit-1 < 0.101 - Privilege Escalation Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail) (1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail 8.10.1) (2) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2) QNX RTOS 4.25/6.1 - phgrafxPrivilege Escalation QNX RTOS 4.25/6.1 - phgrafx-startup Privilege Escalation QNX RTOS 4.25/6.1 - 'phgrafx' Privilege Escalation QNX RTOS 4.25/6.1 - 'phgrafx-startup' Privilege Escalation Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) Microsoft Windows 10 10586 (x86/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) MySQL 3.23.x - mysqld Privilege Escalation MySQL 3.23.x - 'mysqld' Privilege Escalation Platform Load Sharing Facility 4/5/6 - EAuth Privilege Escalation MTools 3.9.x - MFormat Privilege Escalation Platform Load Sharing Facility 4/5/6 - 'EAuth' Privilege Escalation MTools 3.9.x - 'MFormat' Privilege Escalation Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1) sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass sudo 1.8.0 < 1.8.3p1 (sudo_debug) - glibc FORTIFY_SOURCE Bypass + Privilege Escalation Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2) ZABBIX 1.1.4/1.4.2 - daemon_start Privilege Escalation ZABBIX 1.1.4/1.4.2 - 'daemon_start' Privilege Escalation Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Privilege Escalation (3) LogMeIn Client 1.3.2462 (x64) - Local Credentials Disclosure Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit) Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Privilege Escalation (3) TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure Linux Kernel 3.13 - Privilege Escalation PoC (SGID) Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC) OSSEC 2.8 - hosts.deny Privilege Escalation OSSEC 2.8 - 'hosts.deny' Privilege Escalation Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation Linux espfix64 - Privilege Escalation (Nested NMIs Interrupting) Linux (x86) - Memory Sinkhole Privilege Escalation (PoC) Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation Linux (x86) - Memory Sinkhole Privilege Escalation (PoC) RHEL 7.0/7.1 - abrt/sosreport Privilege Escalation RHEL 7.0/7.1 - 'abrt/sosreport' Privilege Escalation MySQL 5.5.45 (x64) - Local Credentials Disclosure Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Privilege Escalation Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' bpf(BPF_PROG_LOAD) Privilege Escalation ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072) Microsoft Windows 7 (x86/x64) - Group Policy Privilege Escalation (MS16-072) Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) Viscosity 1.6.7 - Privilege Escalation BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution BeroFTPD 1.3.4(1) (Linux x86) - Remote Code Execution Solaris /bin/login (SPARC/x86) - Remote Code Execution gpsdrive 2.09 (x86) - (friendsd2) Remote Format String PrivateWire Gateway 3.7 (Windows x86) - Remote Buffer Overflow (Metasploit) dproxy-nexgen (Linux/x86) - Buffer Overflow dproxy-nexgen (Linux x86) - Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) Oracle 9i XDB (Windows x86) - FTP UNLOCK Overflow (Metasploit) AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit) 32bit FTP Client - Stack Buffer Overflow (Metasploit) Free Download Manager - Remote Control Server Buffer Overflow (Metasploit) Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit) Apache (Windows x86) - Chunked Encoding (Metasploit) PeerCast 0.1216 (Windows x86) - URL Handling Buffer Overflow (Metasploit) CA CAM (Windows x86) - log_security() Stack Buffer Overflow (Metasploit) Samba 3.3.12 (Linux/x86) - 'chain_reply' Memory Corruption (Metasploit) Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit) Samba 3.3.12 (Linux x86) - 'chain_reply' Memory Corruption (Metasploit) Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit) Samba 2.2.8 (*BSD x86) - 'trans2open' Overflow Exploit (Metasploit) Webmin 0.x - RPC Function Privilege Escalation Webmin 0.x - 'RPC' Function Privilege Escalation Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit Nginx 1.4.0 (x64) - (Generic Linux) Remote Exploit Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit technote 7.2 - Remote File Inclusion Technote 7.2 - Remote File Inclusion JAWS 0.2/0.3 - 'index.php' gadget Parameter Traversal Arbitrary File Access JAWS 0.2/0.3 - Cookie Manipulation Authentication Bypass JAWS 0.2/0.3 - 'index.php' action Parameter Cross-Site Scripting Jaws 0.2/0.3 - 'gadget' Parameter Traversal Arbitrary File Access Jaws 0.2/0.3 - Cookie Manipulation Authentication Bypass Jaws 0.2/0.3 - 'action' Parameter Cross-Site Scripting JAWS 0.2/0.3/0.4 - ControlPanel.php SQL Injection Jaws 0.2/0.3/0.4 - ControlPanel.php SQL Injection JAWS Glossary 0.4/0.5 - Cross-Site Scripting Jaws Glossary 0.4/0.5 - Cross-Site Scripting JAWS 0.x - Remote File Inclusion Jaws 0.x - Remote File Inclusion FlatNux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities Multiple Netgear Routers - Password Disclosure Video Sharing Script 4.94 - 'uid' Parameter SQL Injection Netman 204 - Backdoor Account / Password Reset	2017-02-01 05:01:19 +00:00

1 2 3 4 5 ...

892 commits