exploit-db-mirror

Author	SHA1	Message	Date
g0tmi1k	70d0496f8a	Note about dependencies	2016-10-26 16:44:58 +01:00
g0tmi1k	5834a2391c	Merge pull request #56 from g0tmi1k/searchsploit Link to the SearchSploit Manual	2016-10-26 16:04:57 +01:00
g0tmi1k	c1fe53ce4b	Hardcode ${gitpath} path	2016-10-26 13:13:51 +01:00
g0tmi1k	e5938fe900	Add a link to the SearchSploit Manual	2016-10-26 13:09:02 +01:00
Offensive Security	da63ed13a1	Add --nmap flag (Reads in XML from Nmap scans)	2016-10-26 11:09:45 +00:00
g0tmi1k	f0efa2c25a	Add '--nmap' flag. Able to load from Nmap's XML output	2016-10-26 12:07:52 +01:00
g0tmi1k	9a1da54ee2	Add more comments in	2016-10-26 12:07:20 +01:00
g0tmi1k	bd3cac3bb6	Escape slashes if using '-t'	2016-10-26 12:06:57 +01:00
Offensive Security	f1ca42d762	DB: 2016-10-26 1 new exploits WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python) WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl) Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) (PoC) Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) Apple QuickTime 7.2/7.3 - RTSP Response Universal Exploit (Internet Explorer 7 / Firefox / Opera) Apple QuickTime 7.2/7.3 (Internet Explorer 7 / Firefox / Opera) - RTSP Response Universal Exploit PHP-CON 1.3 - (include.php) Remote File Inclusion PHP-CON 1.3 - 'include.php' Remote File Inclusion RealPlayer 11 - Malformed AU File Denial of Service RealPlayer 11 - '.au' Denial of Service VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization (PoC) VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization Nullsoft Winamp 5.32 - MP4 tags Stack Overflow Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion ViArt CMS/Shop/Helpdesk 3.3.2 - Remote File Inclusion Samba 3.0.27a - send_mailslot() Remote Buffer Overflow (PoC) Samba 3.0.27a - send_mailslot() Remote Buffer Overflow Horde Web-Mail 3.x - (go.php) Remote File Disclosure CuteNews 1.1.1 - (html.php) Remote Code Execution Horde Web-Mail 3.x - 'go.php' Remote File Disclosure CuteNews 1.1.1 - 'html.php' Remote Code Execution TUTOS 1.3 - (cmd.php) Remote Command Execution TUTOS 1.3 - 'cmd.php' Remote Command Execution PHP Webquest 2.6 - (id_actividad) SQL Injection Move Networks Quantum Streaming Player - Overwrite (SEH) Gateway Weblaunch - ActiveX Control Insecure Method Exploit PHP Webquest 2.6 - 'id_actividad' Parameter SQL Injection Move Networks Quantum Streaming Player - SEH Overflow Gateway Weblaunch - ActiveX Control Insecure Method Microsoft FoxServer - (vfp6r.dll 6.0.8862.0) ActiveX Command Execution Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method Microsoft FoxServer - 'vfp6r.dll 6.0.8862.0' ActiveX Command Execution Microsoft Rich Textbox Control 6.0-SP6 - 'SaveFile()' Insecure Method McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC) McAfee E-Business Server 8.5.2 - Remote Unauthenticated Code Execution / Denial of Service (PoC) Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow StreamAudio ChainCast ProxyManager - ccpm_0237.dll Buffer Overflow StreamAudio ChainCast ProxyManager - 'ccpm_0237.dll' Buffer Overflow XnView 1.92.1 - Slideshow (FontName) Buffer Overflow XnView 1.92.1 - (FontName) Slideshow Buffer Overflow Phaos R4000 Version (file) - Remote File Disclosure Phaos R4000 Version - 'file' Remote File Disclosure ASPPortal Free Version (Topic_Id) - SQL Injection ASPPortal Free Version - 'Topic_Id' SQL Injection Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection Alibaba Clone Tritanium Version - 'news_desc.html' SQL Injection XnView 1.97.4 - MBM File Remote Heap Buffer Overflow XnView 1.97.4 - '.MBM' File Remote Heap Buffer Overflow Fortigate OS Version 4.x < 5.0.7 - SSH Backdoor Fortigate OS 4.x < 5.0.7 - SSH Backdoor Network Scanner Version 4.0.0.0 - SEH Crash (PoC) Network Scanner 4.0.0.0 - SEH Crash (PoC) Ruby on Rails - Dynamic Render File Upload Remote Code Execution Ruby on Rails - Dynamic Render File Upload / Remote Code Execution Network Scanner 4.0.0 - SEH Local Buffer Overflow	2016-10-26 05:01:17 +00:00
Offensive Security	8330920f32	DB: 2016-10-25 4 new exploits ATutor 1.5.3.1 - (links) Blind SQL Injection ATutor 1.5.3.1 - 'links' Blind SQL Injection Mihalism Multi Host 2.0.7 - download.php Remote File Disclosure Mihalism Multi Host 2.0.7 - 'download.php' Remote File Disclosure IBM Domino Web Access Upload Module - inotes6.dll Buffer Overflow IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow WebPortal CMS 0.6.0 - (index.php m) SQL Injection WebPortal CMS 0.6.0 - 'index.php' SQL Injection samPHPweb - 'db.php commonpath' Remote File Inclusion samPHPweb 4.2.2 - 'db.php' Remote File Inclusion samPHPweb - 'songinfo.php' SQL Injection samPHPweb 4.2.2 - 'songinfo.php' SQL Injection ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion ATutor 1.6.1-pl1 - 'import.php' Remote File Inclusion The Matt Wright Guestbook.pl 2.3.1 - Server Side Include The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include html2ps - 'include file' Server Side Include Directive Directory Traversal html2ps - 'include file' Server-Side Include Directive Directory Traversal ClanSphere 2011.3 - (cs_lang cookie Parameter) Local File Inclusion ClanSphere 2011.3 - 'cs_lang' Cookie Parameter Local File Inclusion Imatix Xitami 2.5 - Server Side Includes Cross-Site Scripting Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting Flatnux CMS 2013-01.17 - (index.php theme Parameter) Local File Inclusion Flatnux CMS 2013-01.17 - 'index.php' Local File Inclusion Network Weathermap 0.97a - (editor.php) Persistent Cross-Site Scripting Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting ATutor 1.4.3 - browse.php show_course Parameter Cross-Site Scripting ATutor 1.4.3 - contact.php subject Parameter Cross-Site Scripting ATutor 1.4.3 - content.php cid Parameter Cross-Site Scripting ATutor 1.4.3 - send_message.php l Parameter Cross-Site Scripting ATutor 1.4.3 - search.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - inbox/index.php view Parameter Cross-Site Scripting ATutor 1.4.3 - tile.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - subscribe_forum.php us Parameter Cross-Site Scripting ATutor 1.4.3 - Directory.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'browse.php' show_course Parameter Cross-Site Scripting ATutor 1.4.3 - 'contact.php' subject Parameter Cross-Site Scripting ATutor 1.4.3 - 'content.php' cid Parameter Cross-Site Scripting ATutor 1.4.3 - 'send_message.php' l Parameter Cross-Site Scripting ATutor 1.4.3 - 'search.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'inbox/index.php' view Parameter Cross-Site Scripting ATutor 1.4.3 - 'tile.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'subscribe_forum.php' us Parameter Cross-Site Scripting ATutor 1.4.3 - 'Directory.php' Multiple Parameter Cross-Site Scripting Cuppa CMS - 'alertConfigField.php urlConfig Parameter' Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php' Remote / Local File Inclusion Novell Zenworks Mobile Device Managment - Local File Inclusion (Metasploit) Novell Zenworks Mobile Device Managment 2.6.1 / 2.7.0 - Local File Inclusion (Metasploit) Weathermap 0.97c - (editor.php mapname Parameter) Local File Inclusion Weathermap 0.97c - 'mapname' Parameter Local File Inclusion ATutor 1.5.1 - password_reminder.php SQL Injection ATutor 1.5.1 - 'password_reminder.php' SQL Injection ATutor 1.x - forum.inc.php Arbitrary Command Execution ATutor 1.x - body_header.inc.php section Parameter Local File Inclusion ATutor 1.x - print.php section Parameter Remote File Inclusion ATutor 1.x - 'forum.inc.php' Arbitrary Command Execution ATutor 1.x - 'body_header.inc.php' section Parameter Local File Inclusion ATutor 1.x - 'print.php' section Parameter Remote File Inclusion ATutor 1.5.x - create_course.php Multiple Parameter Cross-Site Scripting ATutor 1.5.x - documentation/admin/index.php Cross-Site Scripting ATutor 1.5.x - password_reminder.php forgot Parameter Cross-Site Scripting ATutor 1.5.x - users/browse.php cat Parameter Cross-Site Scripting ATutor 1.5.x - 'create_course.php' Multiple Parameter Cross-Site Scripting ATutor 1.5.x - 'documentation/admin/index.php' Cross-Site Scripting ATutor 1.5.x - 'password_reminder.php' forgot Parameter Cross-Site Scripting ATutor 1.5.x - 'users/browse.php' cat Parameter Cross-Site Scripting Zimbra - Privilegie Escalation (via Local File Inclusion) Zimbra 2009-2013 - Local File Inclusion Zimbra Collaboration Server - Local File Inclusion (Metasploit) Zimbra Collaboration Server 7.2.2 / 8.0.2 - Local File Inclusion (Metasploit) Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file Parameter) Local File Inclusion Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion Cart Engine 3.0.0 - (task.php) Local File Inclusion Cart Engine 3.0.0 - 'task.php' Local File Inclusion Kemana Directory 1.5.6 - (run Parameter) Local File Inclusion Kemana Directory 1.5.6 - 'task.php' Local File Inclusion Railo - Remote File Inclusion (Metasploit) Railo 4.2.1 - Remote File Inclusion (Metasploit) LittleSite 0.1 - 'file' Parameter Local File Inclusion LittleSite 0.1 - 'index.php' Local File Inclusion OSClass 3.4.1 - (index.php file Parameter) Local File Inclusion OSClass 3.4.1 - 'index.php' Local File Inclusion Magento Server MAGMI Plugin - Remote File Inclusion Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion Cacti Superlinks Plugin 1.4-2 - Remote Code Execution (via Local File Inclusion + SQL Injection) Cacti Superlinks Plugin 1.4-2 - SQL Injection / Local File Inclusion Lotus Mail Encryption Server (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) u5CMS 3.9.3 - (thumb.php) Local File Inclusion u5CMS 3.9.3 - 'thumb.php' Local File Inclusion openSIS - 'modname' Parameter Local File Inclusion ATutor - 'tool_file' Parameter Local File Inclusion openSIS 5.1 - 'ajax.php' Local File Inclusion ATutor 2.1 - 'tool_file' Parameter Local File Inclusion Fork CMS - 'file' Parameter Local File Inclusion Fork CMS - 'js.php' Local File Inclusion HP Insight Diagnostics - Local File Inclusion HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion phpVibe - Information Disclosure / Remote File Inclusion phpVibe 3.1 - Information Disclosure / Remote File Inclusion CakePHP - AssetDispatcher Class Local File Inclusion CakePHP 2.2.8 / 2.3.7 - AssetDispatcher Class Local File Inclusion TomatoCart - 'install/rpc.php' Local File Inclusion TomatoCart 1.1.8.2 - 'class' Parameter Local File Inclusion NeoBill - /install/index.php language Parameter Traversal Local File Inclusion NeoBill 0.9-alpha - 'language' Parameter Local File Inclusion iScripts AutoHoster - /websitebuilder/showtemplateimage.php tmpid Parameter Traversal Local File Inclusion iScripts AutoHoster - /admin/downloadfile.php fname Parameter Traversal Local File Inclusion iScripts AutoHoster - /support/admin/csvdownload.php id Parameter Traversal Local File Inclusion iScripts AutoHoster - 'tmpid' Parameter Local File Inclusion iScripts AutoHoster - 'fname' Parameter Local File Inclusion iScripts AutoHoster - 'id' Parameter Local File Inclusion AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion AFCommerce - 'adblock.php' Remote File Inclusion AFCommerce - 'adminpassword.php' Remote File Inclusion AFCommerce - 'controlheader.php' Remote File Inclusion xBoard - 'post' Parameter Local File Inclusion xBoard 5.0 / 5.5 / 6.0 - 'view.php' Local File Inclusion BloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion BloofoxCMS 0.5.0 - 'fileurl' Parameter Local File Inclusion Rips Scanner 0.5 - (code.php) Local File Inclusion Rips Scanner 0.5 - 'code.php' Local File Inclusion MeiuPic - 'ctl' Parameter Local File Inclusion MeiuPic 2.1.2 - 'ctl' Parameter Local File Inclusion qEngine - 'run' Parameter Local File Inclusion qEngine 4.1.6 / 6.0.0 - 'task.php' Local File Inclusion WordPress Plugin BookX - 'includes/bookx_export.php' Local File Inclusion WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion Alfresco - /proxy endpoint Parameter Server Side Request Forgery Alfresco - /cmisbrowser url Parameter Server Side Request Forgery Alfresco - /proxy endpoint Parameter Server-Side Request Forgery Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery CMSimple - Remote file Inclusion CMSimple 4.4.4 - Remote file Inclusion VoipSwitch - 'action' Parameter Local File Inclusion VoipSwitch - 'user.php' Local File Inclusion Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion Concrete5 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062) EC-CUBE 2.12.6 - Server-Side Request Forgery Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration Management	2016-10-25 05:01:17 +00:00
Offensive Security	e380b207ce	DB: 2016-10-24 1 new exploits dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock) dhclient 4.1 - Bash Environment Variable Command Injection (PoC) (Shellshock) Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs Viscomsoft Calendar Active-X 2.0 - Multiple Crashes (PoC) Microsoft Excel 2010 - Crash PoC (2) Microsoft Excel 2010 - Crash (PoC) (2) Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit) Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit) The Unarchiver 3.11.1 - '.tar.Z' Crash PoC The Unarchiver 3.11.1 - '.tar.Z' Crash (PoC) Microsoft Edge - Function.apply Infomation Leak (MS16-119) Microsoft Edge - 'Function.apply' Information Leak (MS16-119) Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit) Zenbership 107 - Multiple Vulnerabilities	2016-10-24 05:01:19 +00:00
Offensive Security	6cd9390ff2	DB: 2016-10-23	2016-10-23 05:01:19 +00:00
Offensive Security	506182d72d	DB: 2016-10-22 7 new exploits RealSecure / Blackice - iss_pam1.dll Remote Overflow RealSecure / Blackice - 'iss_pam1.dll' Remote Overflow Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Exploit Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Mozilla Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll) Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll) TeamViewer 5.0.8703 - (dwmapi.dll) DLL Hijacking Exploit Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Exploit Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Exploit Microsoft Address Book 6.00.2900.5512 - (wab32res.dll) DLL Hijacking Exploit Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking Exploit TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking Exploit Mozilla Firefox 3.6.8 - 'dwmapi.dll' DLL Hijacking Microsoft Windows Movie Maker 2.6.4038.0 - 'hhctrl.ocx' DLL Hijacking Opera 10.61 - 'dwmapi.dll' DLL Hijacking Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Microsoft Address Book 6.00.2900.5512 - 'wab32res.dll' DLL Hijacking Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking BS.Player 2.56 build 1043 - (mfc71loc.dll) DLL Hijacking Exploit Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll) Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Exploit BS.Player 2.56 build 1043 - 'mfc71loc.dll' DLL Hijacking Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Exploit VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Exploit Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll) InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Exploit Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Exploit Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Exploit Ettercap NG-0.7.3 - (wpcap.dll) DLL Hijacking Exploit Microsoft Group Convertor - 'imm.dll' DLL Hijacking Exploit Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Ettercap NG-0.7.3 - 'wpcap.dll' DLL Hijacking Microsoft Group Convertor - 'imm.dll' DLL Hijacking TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking Exploit MediaPlayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll) Skype 4.2.0.169 - (wab32.dll) DLL Hijacking Exploit TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Exploit Nvidia Driver - DLL Hijacking Exploit (nview.dll) Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Exploit Cisco Packet Tracer 5.2 - (wintab32.dll) DLL Hijacking Exploit Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Exploit Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Nvidia Driver - 'nview.dll' DLL Hijacking Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Cisco Packet Tracer 5.2 - 'wintab32.dll' DLL Hijacking Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Exploit Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Exploit Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Exploit Mozilla Thunderbird - DLL Hijacking Exploit (dwmapi.dll) Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit (dwmapi.dll) Adobe ExtendedScript Toolkit CS5 3.5.0.52 - DLL Hijacking Exploit (dwmapi.dll) CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Media Player Classic 6.4.9.1 - (iacenc.dll) DLL Hijacking Exploit Nullsoft Winamp 5.581 - DLL Hijacking Exploit (wnaspi32.dll) Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll) Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Exploit Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Mozilla Thunderbird - 'dwmapi.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Adobe ExtendedScript Toolkit CS5 3.5.0.52 - 'dwmapi.dll' DLL Hijacking CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Media Player Classic 6.4.9.1 - 'iacenc.dll' DLL Hijacking Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Exploit Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Edge - 'Array.map' Heap Overflow (MS16-119) Microsoft Edge - Array.join Info Leak (MS16-119) Microsoft Edge - 'Array.join' Infomation Leak (MS16-119) Adobe Flash - Transform.colorTranform Getter Info Leak Adobe Flash - Transform.colorTranform Getter Infomation Leak Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124) Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123) Microsoft Windows - DeviceApi CMApi PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124) Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Windows - 'win32k.sys' TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Microsoft Windows - 'win32k.sys' TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Microsoft Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Infomation Leak (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access) Just Dial Clone Script - SQL Injection FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID) Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)	2016-10-22 05:01:17 +00:00
Offensive Security	07fdc778ee	DB: 2016-10-21 24 new exploits NetAuctionHelp 4.1 - search.asp SQL Injection Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow Microsoft Edge - Array.join Info Leak (MS16-119) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) HikVision Security Systems - Activex Buffer Overflow Oracle Netbeans IDE 8.1 - Directory Traversal MiCasa VeraLite - Remote Code Execution Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection Classifieds Rental Script - SQL Injection SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Event Calendar PHP 1.5 - SQL Injection SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal SPIP 3.1.2 - Cross-Site Request Forgery Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Edge - Spread Operator Stack Overflow (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)	2016-10-21 05:01:17 +00:00
Offensive Security	77b46b2163	DB: 2016-10-20 13 new exploits PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit PHP FFI Extension 5.0.5 - Local Safe_mode Bypass PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC) Apple QuickTime < 7.2 - SMIL Remote Integer Overflow Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC) Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow Integramod nederland 1.4.2 - Remote File Inclusion Integramod Nederland 1.4.2 - Remote File Inclusion CNDSOFT 2.3 - Cross-Site Request Forgery / Arbitrary File Upload NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation The Unarchiver 3.11.1 - '.tar.Z' Crash PoC XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege Escalation Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path Privilege Escalation PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege Escalation	2016-10-20 05:01:17 +00:00
Offensive Security	557f116d02	DB: 2016-10-19 8 new exploits TikiWiki 1.9 Sirius - (jhot.php) Remote Command Execution TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution TikiWiki 1.9.5 Sirius - (sort_mode) Information Disclosure TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution TikiWiki 1.9.8 - 'tiki-graph_formula.php' Command Execution TikiWiki < 1.9.9 - tiki-listmovies.php Directory Traversal TikiWiki < 1.9.9 - 'tiki-listmovies.php' Directory Traversal TikiWiki Project 1.8 - tiki-switch_theme.php theme Parameter Cross-Site Scripting TikiWiki Project 1.8 - img/wiki_up Arbitrary File Upload TikiWiki Project 1.8 - tiki-map.phtml Traversal Arbitrary File / Directory Enumeration TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload TikiWiki Project 1.8 - 'tiki-map.phtml' Traversal Arbitrary File / Directory Enumeration TikiWiki Project 1.8 - categorize.php Direct Request Full Path Disclosure TikiWiki Project 1.8 - messu-mailbox.php Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - messu-read.php Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-browse_categories.php parentId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-index.php comments_threshold Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-list_file_gallery.php galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure TikiWiki Project 1.8 - 'messu-mailbox.php' Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'messu-read.php' Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-read_article.php' articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-browse_categories.php' parentId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-index.php' comments_threshold Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-print_article.php' articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-upload_file.php galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-view_faq.php faqId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-view_chart.php chartId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-usermenu.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - tiki-list_file_gallery.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - 'tiki-upload_file.php' galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-view_faq.php' faqId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-view_chart.php' chartId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-usermenu.php' sort_mode Parameter SQL Injection TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' sort_mode Parameter SQL Injection Symantec pcAnywhere 12.5.0 Windows (x86) - Remote Code Execution Symantec pcAnywhere 12.5.0 (Windows x86) - Remote Code Execution Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046) Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page) LanSpy 2.0.0.155 - Local Buffer Overflow ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure Cgiemail 1.6 - Source Code Disclosure Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)	2016-10-19 05:01:18 +00:00
Offensive Security	558ab1fc67	DB: 2016-10-18 24 new exploits Entrepreneur Job Portal Script - SQL Injection Entrepreneur Job Portal Script 2.06 - SQL Injection NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation HP Client - Automation Command Injection / Remote Code Execution HP Client 9.1/9.0/8.1/7.9 - Command Injection NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation NO-IP DUC 4.1.1 - Unquoted Service Path Privilege Escalation Wondershare PDFelement 5.2.9 - Unquoted Service Path Privilege Escalation Firefox 49.0.1 - Denial of Service Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation Student Information System (SIS) 0.1 - Authentication Bypass Web Based Alumni Tracking System 0.1 - SQL Injection Simple Dynamic Web 0.1 - SQL Injection Learning Management System 0.1 - Authentication Bypass Fashion Shopping Cart 0.1 - SQL Injection Health Record System 0.1 - Authentication Bypass Windows x64 - WinExec() Shellcode (93 bytes) Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation PHP Telephone Directory - Multiple Vulnerabilities Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting PHP Image Database - Multiple Vulnerabilities Simple Shopping Cart Application 0.1 - SQL Injection PHP NEWS 1.3.0 - Cross-Site Request Forgery (Add Admin) School Full CBT 0.1 - SQL Injection PHP Business Directory - Multiple Vulnerabilities Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes) Ruby on Rails - Dynamic Render File Upload Remote Code Execution Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)	2016-10-18 05:01:18 +00:00
Offensive Security	113ab3e40e	DB: 2016-10-15 4 new exploits Open-Xchange App Suite 7.8.2 - Cross Site Scripting Open-Xchange App Suite 7.8.2 - Cross-Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vifi Radio v1 - Cross-Site Request Forgery Vifi Radio 1.0 - Cross-Site Request Forgery b374k Web Shell - Cross-Site Request Forgery / Command Injection b374k Web Shell 3.2.3 / 2.8 - Cross-Site Request Forgery / Command Injection PHP Press Release - Stored Cross Site Scripting PHP Press Release - Persistent Cross-Site Scripting ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting ApPHP MicroBlog 1.0.2 - Persistent Cross-Site Scripting ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting OpenCimetiere v3.0.0-a5 - Blind SQL Injection ApPHP MicroCMS 3.9.5 - Persistent Cross-Site Scripting OpenCimetiere 3.0.0-a5 - Blind SQL Injection Colorful Blog - Stored Cross Site Scripting Colorful Blog - Persistent Cross-Site Scripting Simple Forum PHP 2.4 - SQL Injection Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options) NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting	2016-10-15 05:01:17 +00:00
Offensive Security	f49abcf00f	DB: 2016-10-14 13 new exploits Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) Linux Kernel 4.6.3 - 'Netfilter' Privilege Escalation (Metasploit) ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation Thatware 0.4.6 - SQL Injection InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation Simple Blog PHP 2.0 - Multiple Vulnerabilities Simple Blog PHP 2.0 - SQL Injection Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow) Linux Kernel (Ubuntu 14.04.3) - 'perf_event_open()' Can Race with execve() (Access /etc/shadow) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) PHP Press Release - (Add Admin) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery BirdBlog 1.4.0 - Cross-Site Request Forgery (Add New Post) phpEnter 4.2.7 - Cross-Site Request Forgery (Add New Post) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery ApPHP MicroCMS 3.9.5 - Cross-Site Request Forgery (Add Admin) ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation VOX Music Player 2.8.8 - '.pls' Denial of Service IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation Colorful Blog - Stored Cross Site Scripting Colorful Blog - Cross-Site Request Forgery (Change Admin Password) Hotspot Shield 6.0.3 - Unquoted Service Path Privilege Escalation RSS News AutoPilot Script 1.0.1 / 3.1.0 - Admin Panel Authentication Bypass JonhCMS 4.5.1 - SQL Injection	2016-10-14 05:01:16 +00:00
Offensive Security	01eb066d9d	DB: 2016-10-13 11 new exploits IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) PHP Press Release - (Add Admin) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery Subversion 1.6.6 / 1.6.12 - Code Execution Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption Categorizator 0.3.1 - SQL Injection NetBilletterie 2.8 - Multiple Vulnerabilities ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting OpenCimetiere v3.0.0-a5 - Blind SQL Injection Android - Binder Generic ASLR Leak ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery	2016-10-13 05:01:17 +00:00
Offensive Security	f8b17d14a1	DB: 2016-10-12 12 new exploits Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection Android - 'gpsOneXtra' Data Files Denial of Service Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)	2016-10-12 05:01:17 +00:00
Offensive Security	a3dbf3113e	DB: 2016-10-11 9 new exploits ShoreTel Connect ONSITE - Blind SQL Injection Leap Service - Unquoted Service Path Privilege Escalation Wacom Consumer Service - Unquoted Service Path Privilege Escalation Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation Zend Studio IDE 13.5.1 - Insecure File Permissions Privilege Escalation HP Client - Automation Command Injection / Remote Code Execution Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)	2016-10-11 05:01:15 +00:00
Offensive Security	8ea4614148	DB: 2016-10-10 4 new exploits miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) Fitbit Connect Service - Unquoted Service Path Privilege Escalation PHP Press Release - Cross-Site Request Forgery (Add Admin) PHP Press Release - Stored Cross Site Scripting	2016-10-10 05:01:16 +00:00
Offensive Security	cda049fa54	DB: 2016-10-08 4 new exploits MLM Unilevel Plan Script v1.0.2 - SQL Injection MLM Unilevel Plan Script 1.0.2 - SQL Injection Comodo Dragon Browser - Unquoted Service Path Privilege Escalation Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) Entrepreneur Job Portal Script - SQL Injection BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation Waves Audio Service - Unquoted Service Path Privilege Escalation	2016-10-08 05:01:18 +00:00
Offensive Security	cd9e638108	DB: 2016-10-07 12 new exploits phpBB 2.0.10 - Remote Command Execution (CGI) Advance MLM Script - SQL Injection Picosafe Web Gui - Multiple Vulnerabilities Witbe - Remote Code Execution PHP Classifieds Rental Script - Blind SQL Injection B2B Portal Script - Blind SQL Injection MLM Unilevel Plan Script v1.0.2 - SQL Injection Just Dial Clone Script - SQL Injection Comodo Dragon Browser - Unquoted Service Path Privilege Escalation Billion Router 7700NR4 - Remote Command Execution Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Exagate WEBPack Management System - Multiple Vulnerabilities	2016-10-07 05:01:18 +00:00
Offensive Security	5fbed83086	DB: 2016-10-06 10 new exploits Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials Bind 9 DNS Server - Denial of Service ISC BIND 9 - Denial of Service Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution VX Search Enterprise 9.0.26 - Buffer Overflow Sync Breeze Enterprise 8.9.24 - Buffer Overflow Dup Scout Enterprise 9.0.28 - Buffer Overflow Disk Sorter Enterprise 9.0.24 - Buffer Overflow Disk Savvy Enterprise 9.0.32 - Buffer Overflow Abyss Web Server X1 2.11.1 - Unquoted Service Path Privilege Escalation Fortitude HTTP 1.0.4.0 - Unquoted Service Path Privilege Escalation	2016-10-06 05:01:22 +00:00
Offensive Security	77681134f4	DB: 2016-10-05 3 new exploits CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion E-SMARTCART 1.0 - (Product_ID) SQL Injection E-Smart Cart 1.0 - 'Product_ID' SQL Injection E-SMART CART - 'productsofcat.asp' SQL Injection E-Smart Cart - 'productsofcat.asp' SQL Injection CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection E-Smartcart - SQL Injection E-Smart Cart - SQL Injection CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection CubeCart PHP 4.3.x - 'shipkey' SQL Injection CS Cart 1.3.3 - (install.php) Cross-Site Scripting CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting dansie shopping cart 3.0.4 - Multiple Vulnerabilities Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities Sendmail 8.11.6 - Address Prescan Memory Corruption Joomla! Component RSfiles (cid parameter) - SQL Injection Joomla! Component RSfiles - (cid parameter) SQL Injection Dovecot with Exim sender_address Parameter - Remote Command Execution Dovecot with Exim - sender_address Parameter Remote Command Execution Exim sender_address Parameter - Remote Code Execution Exim - sender_address Parameter Remote Code Execution PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection AJ Classifieds 'listingid' Parameter - SQL Injection AJ Classifieds - 'listingid' Parameter SQL Injection PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Bind 9 DNS Server - Denial of Service Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC) OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution Disk Pulse Enterprise 9.0.34 - Buffer Overflow	2016-10-05 05:01:18 +00:00
Offensive Security	d9bdc2e376	DB: 2016-10-04 7 new exploits maplab ms4w 2.2.1 - Remote File Inclusion MapLab MS4W 2.2.1 - Remote File Inclusion Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow Grandsteam GXV3611_HD - SQL Injection Glassfish Server - Unquoted Service Path Privilege Escalation Windows Firewall Control - Unquoted Service Path Privilege Escalation Android - Insufficient Binder Message Verification Pointer Leak DWebPro 8.4.2 - Multiple Vulnerabilities Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)	2016-10-04 05:01:17 +00:00
Offensive Security	2963ce32a0	DB: 2016-10-01 1 new exploits Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege	2016-10-01 05:01:16 +00:00
Offensive Security	fa1b17f699	DB: 2016-09-30 1 new exploits Microsoft Windows - RPC DCOM Remote Exploit (18 Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (48 Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (1) Microsoft Windows - 'RPC DCOM' Remote Exploit (2) Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal) Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate Get Request Remote Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow PMSoftware Simple Web Server - GET Request Remote Buffer Overflow CUPS Server 1.1 - (Get Request) Denial of Service CUPS Server 1.1 - GET Request Denial of Service BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC) TFTPD32 2.81 - GET Request Format String Denial of Service (PoC) Fenice Oms 1.10 - (long get request) Remote Buffer Overflow Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow Multi-Threaded TFTP 1.1 - (Long Get Request) Denial of Service Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service Essentia Web Server 2.15 - (GET Request) Remote Denial of Service Essentia Web Server 2.15 - GET Request Remote Denial of Service webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Buffer Overflow webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield) webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (dnsname) Microsoft Windows Message Queuing Service - RPC Buffer Overflow Netgear WGR614v9 - Wireless Router Get Request Denial of Service Netgear WGR614v9 Wireless Router - GET Request Denial of Service XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow (PoC) XBMC 8.10 (Windows) - (GET Request) Remote Buffer Overflow XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC) XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow (SEH) httpdx 0.5b - FTP Server (USER) Remote Buffer Overflow (SEH) Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC) Mereo 1.8.0 - (Get Request) Remote Denial of Service Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC) Mereo 1.8.0 - GET Request Remote Denial of Service httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow (SEH) httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH) httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit ARD-9808 DVR Card Security Camera - (GET Request) Remote Denial of Service ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service Kolibri+ WebServer 2 - (Get Request) Denial of Service Kolibri+ WebServer 2 - GET Request Denial of Service Kolibri+ WebServer 2 - (GET Request) Remote Overwrite (SEH) Kolibri+ WebServer 2 - GET Request Remote Overwrite (SEH) httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service httpdx 1.4 - Get Request Buffer Overflow httpdx 1.4 - GET Request Buffer Overflow Httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC) httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC) HTTPDX - tolog() Function Format String (1) httpdx - tolog() Function Format String (1) HTTPDX - tolog() Function Format String (2) httpdx - tolog() Function Format String (2) HTTPDX - h_handlepeer() Function Buffer Overflow (Metasploit) httpdx - h_handlepeer() Function Buffer Overflow (Metasploit) glibc LD_AUDIT Arbitrary DSO - Load Privilege Escalation glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) httpdx 1.5.4 - Remote HTTP Server Denial of Service httpdx 1.5.4 - HTTP Server Remote Denial of Service Working Resources BadBlue 1.7.3 - Get Request Denial of Service Working Resources BadBlue 1.7.3 - GET Request Denial of Service KeepNote 0.7.8 - Command Execution My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service Snowblind Web Server 1.0/1.1 - (GET Request) Buffer Overflow Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow Proxomitron Proxy Server - Long Get Request Remote Denial of Service Proxomitron Proxy Server - Long GET Request Remote Denial of Service	2016-09-30 05:01:16 +00:00
Offensive Security	d86bdf5f80	DB: 2016-09-29 2 new exploits Symantec Messaging Gateway 10.6.1 - Directory Traversal VLC Media Player 2.2.1 - Buffer Overflow	2016-09-29 05:01:16 +00:00
Offensive Security	f421077feb	DB: 2016-09-28 6 new exploits UUCP Exploit - file creation/overwriting (symlinks) UUCP Exploit - File Creation/Overwriting (symlinks) Exploit Serv-U 3.x < 5.x - Privilege Escalation Serv-U FTP Server 3.x < 5.x - Privilege Escalation TiTan FTP Server - Long Command Heap Overflow (PoC) Titan FTP Server - Long Command Heap Overflow (PoC) Serv-U < 5.2 - Remote Denial of Service Serv-U FTP Server < 5.2 - Remote Denial of Service chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC) Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow WS_FTP Server 5.03 - (RNFR) Buffer Overflow Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow TYPSoft FTP Server 1.11 - (RETR) Denial of Service TYPSoft FTP Server 1.11 - 'RETR' Denial of Service XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC) XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC) WinFtp Server 2.0.2 - (PASV) Remote Denial of Service WinFTP Server 2.0.2 - (PASV) Remote Denial of Service DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service MiniWeb Http Server 0.8.x - Remote Denial of Service MiniWeb HTTP Server 0.8.x - Remote Denial of Service JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion JAF CMS 4.0 RC2 - Multiple Remote File Inclusion XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service Belkin wireless G router + ADSL2 modem - Authentication Bypass Belkin Wireless G router + ADSL2 modem - Authentication Bypass Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement WinFTP 2.3.0 - (PASV mode) Remote Denial of Service WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service Titan FTP server 6.26 build 630 - Remote Denial of Service Titan FTP Server 6.26 build 630 - Remote Denial of Service Netgear WG102 - Leaks SNMP write Password with read access Netgear WG102 - Leaks SNMP Write Password With Read Access WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Netgear embedded Linux for the SSL312 router - Denial of Service Netgear SSL312 Router - Denial of Service Belkin BullDog Plus UPS-Service - Buffer Overflow Belkin BullDog Plus - UPS-Service Buffer Overflow Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit Firebird SQL - op_connect_request main listener shutdown Firebird SQL - op_connect_request main listener shutdown Exploit HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service TYPSoft 1.10 - APPE DELE Denial of Service TYPSoft FTP Server 1.10 - APPE DELE Denial of Service WingFTP Server 3.2.4 - Cross-Site Request Forgery Wing FTP Server 3.2.4 - Cross-Site Request Forgery Quick Player 1.2 -Unicode BoF - bindshell Quick Player 1.2 - Unicode Buffer Overflow (Bindshell) UplusFtp Server 1.7.0.12 - Remote Buffer Overflow UplusFTP Server 1.7.0.12 - Remote Buffer Overflow Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC TopDownloads MP3 Player 1.0 - '.m3u' crash TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) uhttp Server - Directory Traversal uhttp Server 0.1.0-alpha - Directory Traversal eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - RETR Command Denial of Service SmallFTPd 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service SolarWinds 10.4.0.10 - TFTP Denial of Service SolarWinds TFTP Server 10.4.0.10 - Denial of Service e107 - Code Exec e107 - Code Exection HomeFTP Server r1.10.3 (build 144) - Denial of Service Home FTP Server r1.10.3 (build 144) - Denial of Service TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE) TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service SolarWinds 10.4.0.13 - Denial of Service SolarWinds TFTP Server 10.4.0.13 - Denial of Service ISC-DHCPD - Denial of Service ISC DHCPD - Denial of Service Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow deepin tftp server 1.25 - Directory Traversal Deepin TFTP Server 1.25 - Directory Traversal Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit JCMS 2010 - file download JCMS 2010 - File Download Exploit SolarFTP 2.0 - Multiple Commands Denial of Service Solar FTP Server 2.0 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - RETR CMD Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service Xynph 1.0 - USER Denial of Service Xynph FTP Server 1.0 - USER Denial of Service XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service Solar FTP 2.1 - Denial of Service Solar FTP Server 2.1 - Denial of Service Red Hat Linux - stickiness of /tmp Red Hat Linux - stickiness of /tmp Exploit home ftp server 1.12 - Directory Traversal Home FTP Server 1.12 - Directory Traversal NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit) RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit) Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow SmallFTPd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 - Denial of Service PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) Solar FTP 2.1.1 - PASV Buffer Overflow (PoC) Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC) BisonFTP Server 3.5 - Remote Buffer Overflow BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit) Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit) BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery zFTP Server - 'cwd/stat' Remote Denial of Service zFTPServer - 'cwd/stat' Remote Denial of Service Serv-U FTP - Jail Break Serv-U FTP Server - Jail Break Typsoft FTP Server 1.10 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service PeerBlock 1.1 - BSOD PeerBlock 1.1 - BSOD Exploit distinct tftp server 3.01 - Directory Traversal Distinct TFTP Server 3.01 - Directory Traversal PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection Berkeley Sendmail 5.58 - DEBUG Berkeley Sendmail 5.58 - Debug exploit SunView (SunOS 4.1.1) - selection_svc Digital Ultrix 4.0/4.1 - /usr/bin/chroot SunOS 4.1.1 - /usr/release/bin/makeinstall SunOS 4.1.1 - /usr/release/bin/winstall SunView (SunOS 4.1.1) - selection_svc Exploit Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit SunOS 4.1.3 - kmem setgid /etc/crash SunOS 4.1.3 - kmem setgid /etc/crash Exploit IRIX 6.4 - pfdisplay.cgi IRIX 6.4 - 'pfdisplay.cgi' Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit FreePBX < 13.0.188 - Remote Command Execution (Metasploit) HP JetAdmin 1.0.9 Rev. D - symlink HP JetAdmin 1.0.9 Rev. D - symlink Exploit Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation TP-Link Archer CR-700 - Cross-Site Scripting BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit Cat Soft Serv-U 2.5 - Buffer Overflow BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit Linux Kernel 2.0 / 2.1 / 2.2 - autofs Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit Debian 2.1 - httpd S.u.S.E. 5.2 - gnuplot Debian 2.1 - httpd Exploit S.u.S.E. Linux 5.2 - gnuplot Exploit Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit SGI IRIX 6.2 - /usr/lib/netaddpr SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - day5notifier SGI IRIX 6.2 - day5notifier Exploit SGI IRIX 6.4 - datman/cdman SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.3 - cgi-bin webdist.cgi SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit SGI IRIX 6.4 - cgi-bin handler SGI IRIX 6.4 - cgi-bin handler Exploit SGI IRIX 6.4 - login SGI IRIX 6.4 - login Exploit IBM AIX 3.2.5 - IFS IBM AIX 3.2.5 - IFS Exploit IBM AIX 3.2.5 - login(1) IBM AIX 3.2.5 - login(1) Exploit Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2) Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit GNU glibc 2.1/2.1.1 -6 - pt_chown GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit ProFTPd 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Exploit Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit S.u.S.E. Linux 6.1/6.2 - cwdtools S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit SCO Unixware 7.1 - 'pkg' commands SCO Unixware 7.1 - 'pkg' command Exploit Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service Nortel Networks Optivity NETarchitect 2.0 - PATH Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit SGI IRIX 6.2 - midikeys/soundplayer SGI IRIX 6.2 - midikeys/soundplayer Exploit Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Microsoft Windows 95/98/NT 4.0 - autorun.inf Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit Corel Linux OS 1.0 - buildxconfig Corel Linux OS 1.0 - setxconf Corel Linux OS 1.0 - buildxconfig Exploit Corel Linux OS 1.0 - setxconf Exploit TP Link Gateway 3.12.4 - Multiple Vulnerabilities TP-Link Gateway 3.12.4 - Multiple Vulnerabilities SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2) Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit Cisco IOS 11.x/12.x - HTTP %% Cisco IOS 11.x/12.x - HTTP %% Exploit RedHat Linux 6.0/6.1/6.2 - pam_console RedHat Linux 6.0/6.1/6.2 - pam_console Exploit HP-UX 10.20/11.0 man - /tmp symlink HP-UX 10.20/11.0 man - /tmp Symlink Exploit IRIX 5.3/6.x - mail IRIX 5.3/6.x - mail Exploit TYPSoft 0.7 x - FTP Server Remote Denial of Service TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service Oracle Internet Directory 2.0.6 - oidldap Oracle Internet Directory 2.0.6 - oidldap Exploit CatSoft FTP Serv-U 2.5.x - Brute Force Cat Soft Serv-U FTP Server 2.5.x - Brute Force Small HTTP server 2.0 1 - Non-Existent File Denial of Service Small HTTP Server 2.0 1 - Non-Existent File Denial of Service NCSA httpd-campas 1.2 - sample script NCSA httpd-campas 1.2 - sample script Exploit Novell NetWare Web Server 2.x - convert.bas Novell NetWare Web Server 2.x - convert.bas Exploit Serv-U 2.4/2.5 - FTP Directory Traversal Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal Novell Netware Web Server 3.x - files.pl Novell Netware Web Server 3.x - files.pl Exploit guido frassetto sedum http server 2.0 - Directory Traversal Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal robin twombly a1 http server 1.0 - Directory Traversal Robin Twombly A1 HTTP Server 1.0 - Directory Traversal SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit michael lamont savant http server 2.1 - Directory Traversal Michael Lamont Savant HTTP Server 2.1 - Directory Traversal zeroo http server 1.5 - Directory Traversal (1) zeroo http server 1.5 - Directory Traversal (2) Zeroo HTTP Server 1.5 - Directory Traversal (1) Zeroo HTTP Server 1.5 - Directory Traversal (2) Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting XLight FTP Server 1.x - Long Directory Request Remote Denial of Service Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service XLight FTP Server 1.52 - Remote Send File Request Denial of Service Xlight FTP Server 1.52 - Remote Send File Request Denial of Service gweb http server 0.5/0.6 - Directory Traversal GWeb HTTP Server 0.5/0.6 - Directory Traversal MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server (build 300) - Crash (PoC) TP-Link Print Server TL PS110U - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration PCMan's FTP Server 2.0.7 - Buffer Overflow PCMan FTP Server 2.0.7 - Buffer Overflow PCMan's FTP Server 2.0 - Remote Buffer Overflow PCMan FTP Server 2.0 - Remote Buffer Overflow PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3-5 - ZendEngine ECalloc Integer Overflow PHP 3 < 5 - ZendEngine ECalloc Integer Overflow NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static Http Server 1.0 - Denial of Service TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static HTTP Server 1.0 - Denial of Service NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2) Ipswitch 8.0 - WS_FTP Client Format String Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String NETGEAR WGR614 - Administration Interface Remote Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NetMan 204 - Backdoor Account NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Serv-U 11.1.0.3 - Denial of Service / Security Bypass Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND9 - TKEY (PoC) Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND 9 - TKEY (PoC) ISC BIND9 - TKEY Remote Denial of Service (PoC) ISC BIND 9 - TKEY Remote Denial of Service (PoC) NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Android (Stagefright) - Remote Code Execution Android - 'Stagefright' Remote Code Execution Microsoft Windows Media Center - MCL (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) Android libstagefright - Integer Overflow Remote Code Execution Android - libstagefright Integer Overflow Remote Code Execution NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution pdfium IsFlagSet (v8 memory management) - SIGSEGV pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) TallSoft SNMP TFTP Server 1.0.0 - Denial of Service TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service Metaphor - Stagefright Exploit with ASLR Bypass Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)	2016-09-28 11:55:43 +00:00
Offensive Security	35000196e1	DB: 2016-09-27 11 new exploits Berlios gpsd 2.7.x - Remote Format String Berlios GPSD 2.7.x - Remote Format String bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1) boastMachine 3.1 - (mail.php id) SQL Injection BoastMachine 3.1 - 'mail.php' id SQL Injection BIGACE 2.4 - Multiple Remote File Inclusion BigACE 2.4 - Multiple Remote File Inclusion attachmax dolphin 2.1.0 - Multiple Vulnerabilities Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH) AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH) BIGACE CMS 2.5 - 'Username' SQL Injection BigACE CMS 2.5 - 'Username' SQL Injection BIGACE CMS 2.6 - (cmd) Local File Inclusion BigACE CMS 2.6 - (cmd) Local File Inclusion Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (1) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1) Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption bitrix site manager 4.0.5 - Remote File Inclusion Bitrix Site Manager 4.0.5 - Remote File Inclusion boastMachine 3.1 - Arbitrary File Upload BoastMachine 3.1 - Arbitrary File Upload blog system 1.5 - Multiple Vulnerabilities Blog System 1.5 - Multiple Vulnerabilities b2b gold script - 'id' SQL Injection B2B Gold Script - 'id' SQL Injection TinyBrowser - Arbitrary File Upload Wordpress Plugin TinyBrowser - Arbitrary File Upload Nginx http server 0.6.36 - Directory Traversal Nginx 0.6.36 - Directory Traversal atomic photo album 1.0.2 - Multiple Vulnerabilities Atomic Photo Album 1.0.2 - Multiple Vulnerabilities Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1) Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) bitweaver 2.8.1 - Persistent Cross-Site Scripting Bitweaver 2.8.1 - Persistent Cross-Site Scripting bitweaver 2.8.0 - Multiple Vulnerabilities Bitweaver 2.8.0 - Multiple Vulnerabilities Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2) DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (2) Bigace 2.7.5 - Arbitrary File Upload BigACE 2.7.5 - Arbitrary File Upload atutor 2.0.2 - Multiple Vulnerabilities ATutor 2.0.2 - Multiple Vulnerabilities boastMachine 3.1 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin) Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111) atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution Macro Expert 4.0 - Multiple Privilege Escalations axigen mail server 8.0.1 - Persistent Cross-Site Scripting Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation Joomla! Component Event Booking 2.10.1 - SQL Injection NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation bitweaver 2.8.1 - Multiple Vulnerabilities Bitweaver 2.8.1 - Multiple Vulnerabilities Contrexx CMS egov Module 1.0.0 - SQL Injection Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting atutor 1.2 - Multiple Vulnerabilities ATutor 1.2 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection Clockstone and other CMSMasters Theme - Arbitrary File Upload Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload Nginx HTTP Server 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) BuilderEngine 3.5.0 - Arbitrary File Upload PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution Bigace CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - admin.php Cross-Site Scripting BoastMachine 3.1 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (1) Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery boastMachine 2.8 - 'index.php' Local File Inclusion BoastMachine 2.8 - 'index.php' Local File Inclusion TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting boastMachine 3.1 - 'key' Parameter Cross-Site Scripting BoastMachine 3.1 - 'key' Parameter Cross-Site Scripting Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Creative Contact Form 0.9.7 - Arbitrary File Upload Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Paid Memberships Pro 1.7.14.2 - Directory Traversal Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal DukaPress 2.5.2 - Directory Traversal Wordpress Plugin DukaPress 2.5.2 - Directory Traversal Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Duplicator 0.5.8 - Privilege Escalation Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Shareaholic 7.6.0.3 - Cross-Site Scripting Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting Paypal Currency Converter Basic For WooCommerce - File Read Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (2) Multiple WordPress Themes WPScientist - Arbitrary File Upload Multiple WordPress WPScientist Themes - Arbitrary File Upload EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Avast AntiVirus - X.509 Error Rendering Command Execution Avast! AntiVirus - X.509 Error Rendering Command Execution Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Avast - OOB Write Decrypting PEncrypt Packed executables Avast - JetDb::IsExploited4x Performs Unbounded Search on Input Avast - Heap Overflow Unpacking MoleBox Archives Avast - Integer Overflow Verifying numFonts in TTC Header Avast! - OOB Write Decrypting PEncrypt Packed executables Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input Avast! - Heap Overflow Unpacking MoleBox Archives Avast! - Integer Overflow Verifying numFonts in TTC Header BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal Simple Ads Manager 2.9.4.116 - SQL Injection Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation Avast - Authenticode Parsing Memory Corruption Avast! - Authenticode Parsing Memory Corruption Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Job Script by Scubez - Remote Code Execution Wordpress Plugin Job Script by Scubez - Remote Code Execution Premium SEO Pack 1.9.1.3 - wp_options Overwrite Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite Ocomon 2.0 - SQL Injection	2016-09-27 05:01:25 +00:00
Offensive Security	a387f0befc	DB: 2016-09-26	2016-09-26 05:05:50 +00:00
Offensive Security	102574cb3e	DB: 2016-09-24 5 new exploits EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Adobe Acrobat Reader 7<9 - U3D Buffer Overflow Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit) Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit) Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Adobe Flash - Crash When Freeing Memory After AVC decoding Adobe Flash - Video Decompression Memory Corruption Linux - SELinux W+X Protection Bypass via AIO Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass Microsoft Excel 95<2004 - Malformed Graphic File Code Execution Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution Git-1.9.5 - ssh-agent.exe Buffer Overflow Git 1.9.5 - ssh-agent.exe Buffer Overflow Skybox Platform <=7.0.611 - Multiple Vulnerabilities Skybox Platform <= 7.0.611 - Multiple Vulnerabilities SOLIDserver <=5.0.4 - Local File Inclusion SOLIDserver <= 5.0.4 - Local File Inclusion WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)	2016-09-24 05:05:07 +00:00
Offensive Security	12047d93f1	DB: 2016-09-23 9 new exploits Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Slackware Linux 3.5 - Missing /etc/group Privilege Escalation Matrimonial Website Script 1.0.2 - SQL Injection Metasploit Web UI - Diagnostic Console Command Execution Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Exponent CMS 2.3.9 - Blind SQL Injection JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101) phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - 'PHPWS_SOURCE_DIR' Parameter Multiple Remote File Inclusion Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Microix Timesheet Module - SQL Injection Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities	2016-09-23 05:05:20 +00:00
Offensive Security	b8ebed3824	DB: 2016-09-22 6 new exploits Setuid perl - PerlIO_Debug() Root owned file creation Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation Kaltura 11.1.0-2 - Remote Code Execution (Metasploit) Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1) VideoCache 1.9.2 - vccleaner Root VideoCache 1.9.2 - 'vccleaner' Privilege Escalation UK One Media CMS - 'id' Error Based SQL Injection UK One Media CMS - 'id' Error-Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) Ultimate eShop - Error Based SQL Injection Ultimate eShop - Error-Based SQL Injection WordPress Plugin Multiple - timthumb.php Vulnerabilities Multiple WordPress Plugins - timthumb.php File Upload Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service Slackware Linux 3.5 - /etc/group missing results in Root access Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service Sudo 1.6.3 - Unclean Environment Variable Root Program Execution Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure Microsoft Office PowerPoint 2010 - Invalid Pointer Reference Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass Microweber 0.905 - Error Based SQL Injection Microweber 0.905 - Error-Based SQL Injection WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution	2016-09-22 05:06:28 +00:00
Offensive Security	fdd9fd65e2	DB: 2016-09-21 2 new exploits Dolphin 7.3.0 - Error-Based SQL Injection VegaDNS 0.13.2 - Remote Command Injection	2016-09-21 05:07:40 +00:00
Offensive Security	91fedcad08	Merge branch 'g0tmi1k-searchsploit'	2016-09-20 22:38:15 +00:00
g0tmi1k	01cd5bae40	Fix an clipboard issue if it there wasn't $DISPLAY	2016-09-20 23:28:07 +01:00
Offensive Security	235761b103	DB: 2016-09-20 12 new exploits OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs ZineBasic 1.1 - Arbitrary File Disclosure SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities MyBB 1.8.6 - SQL Injection Kajona 4.7 - Cross-Site Scripting / Directory Traversal Docker Daemon - Privilege Escalation (Metasploit) SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow	2016-09-20 05:07:15 +00:00
Offensive Security	99fb353a74	Merge branch 'g0tmi1k-searchsploit'	2016-09-19 22:39:07 +00:00
g0tmi1k	52d612d57a	Able to update via package management	2016-09-19 23:37:14 +01:00
Offensive Security	c663f43049	DB: 2016-09-18	2016-09-18 05:06:48 +00:00
Offensive Security	4aa6d571e7	DB: 2016-09-17 3 new exploits Too many to list!	2016-09-17 05:08:43 +00:00
Offensive Security	54446fef7a	Merge branch 'g0tmi1k-searchsploit'	2016-09-16 15:53:11 +00:00
g0tmi1k	a53a982fb2	Fixed a few minor bugs in SearchSploit & more verbose output.	2016-09-16 16:22:52 +01:00
Offensive Security	5fefdd465d	Merge PR #46 , closes #44	2016-09-16 11:07:30 +00:00
Offensive Security	751e61a6bf	DB: 2016-09-16 3 new exploits Avaya IP Office Phone Manager - Local Password Disclosure BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities PA168 Chipset IP Phones - Weak Session Management Exploit CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash phpMyAdmin - '/scripts/setup.php' PHP Code Injection NScan 0.9.1 - (Target) Buffer Overflow NScan 0.9.1 - 'Target' Buffer Overflow Xerox WorkCentre - Multiple Models Denial of Service Xerox WorkCentre (Multiple Models) - Denial of Service Cisco EPC 3925 - Multiple Vulnerabilities httpdx 1.4 - h_handlepeer Buffer Overflow (Metasploit) Novell eDirectory 8.8sp5 - Buffer Overflow Uebimiau Webmail 3.2.0-2.0 - Email Disclosure ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC) Integard Home and Pro 2 - Remote HTTP Buffer Overflow Multiple D-Link Router Models - Authentication Bypass D-Link Router (Multiple Models) - Authentication Bypass iSO Air Files 2.6 - Directory Traversal iOS FtpDisc 1.0 - Directory Traversal iOS SideBooks 1.0 - Directory Traversal iOS FtpDisc 1.0 - Directory Traversal iOS SideBooks 1.0 - Directory Traversal iSO Filer Lite 2.1.0 - Directory Traversal iOS iDocManager 1.0.0 - Directory Traversal iOS myDBLite 1.1.10 - Directory Traversal iSO Filer Lite 2.1.0 - Directory Traversal iOS iDocManager 1.0.0 - Directory Traversal iOS myDBLite 1.1.10 - Directory Traversal iOS Share 1.0 - Directory Traversal iOS TIOD 1.3.3 - Directory Traversal Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation Zapya Desktop 1.803 - 'ZapyaService.exe' Privilege Escalation Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure Apache/mod_ssl 2.0.x - Remote Denial of Service SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation Airlive IP Cameras - Multiple Vulnerabilities Monkey CMS - Multiple Vulnerabilities NetBSD mail.local - Privilege Escalation (Metasploit) Apache Mina 2.0.13 - Remote Command Execution Apache Mina 2.0.13 - Remote Command Execution DeepOfix SMTP Server 3.3 - Authentication Bypass xEpan 1.0.4 - Multiple Vulnerabilities Humhub 0.10.0-rc.1 - SQL Injection Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities Humhub 0.10.0-rc.1 - SQL Injection Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness Koha 3.20.1 - Multiple SQL Injections Koha 3.20.1 - Directory Traversal Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities Koha 3.20.1 - Multiple SQL Injections Koha 3.20.1 - Directory Traversal Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities 8 TOTOLINK Router Models - Backdoor and Remote Code Execution 8 TOTOLINK Router Models - Backdoor / Remote Code Execution Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow TestLink 1.9.14 - Cross-Site Request Forgery PaKnPost Pro 1.14 - Multiple Vulnerabilities zFTP Client 20061220 - (Connection Name) Local Buffer Overflow zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access Cisco ASA 8.x - Authentication Bypass (EXTRABACON) Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass Watchguard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN) Cisco ASA / PIX - Privilege Escalation (EPICBANANA) TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT) TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE) TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL) TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR) Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER) Watchguard Firewalls - 'ESCALATEPLOWMAN' ifconfig Privilege Escalation Cisco ASA / PIX - 'EPICBANANA' Privilege Escalation TOPSEC Firewalls - 'ELIGIBLECONTESTANT' Remote Code Execution TOPSEC Firewalls - 'ELIGIBLECANDIDATE' Remote Code Execution TOPSEC Firewalls - 'ELIGIBLEBOMBSHELL' Remote Code Execution TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote Exploit Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution tcPbX - (tcpbx_lang) Local File Inclusion tcPbX - 'tcpbx_lang' Local File Inclusion	2016-09-16 05:08:37 +00:00
Offensive Security	f1e68e0b1d	DB: 2016-09-15 3 new exploits Android - getpidcon Usage binder Service Replacement Race Condition PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure Apache Mina 2.0.13 - Remote Command Execution	2016-09-15 05:07:49 +00:00

1 2 3 4 5 ...

1022 commits