Offensive Security
|
3b565e4e9d
|
DB: 2016-10-29
7 new exploits
SetCMS 3.6.5 - (setcms.org) Remote Command Execution
SetCMS 3.6.5 - Remote Command Execution
PHP-Nuke < 8.0 - 'sid' SQL Injection
PHP-Nuke 8.0 Final - 'sid' SQL Injection
PHP-Nuke < 8.0 - 'sid' Parameter SQL Injection
PHP-Nuke 8.0 Final - 'sid' Parameter SQL Injection
Foojan Wms 1.0 - (index.php story) SQL Injection
Foojan Wms 1.0 - 'story' Parameter SQL Injection
Web Wiz Forums 9.07 - (sub) Directory Traversal
Web Wiz Forums 9.07 - 'sub' Parameter Directory Traversal
Web Wiz NewsPad 1.02 - (sub) Directory Traversal
Siteman 1.1.9 - (cat) Remote File Disclosure
Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution
SLAED CMS 2.5 Lite - (newlang) Local File Inclusion
Liquid-Silver CMS 0.1 - (update) Local File Inclusion
Web Wiz NewsPad 1.02 - 'sub' Parameter Directory Traversal
Siteman 1.1.9 - 'cat' Parameter Remote File Disclosure
Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution
SLAED CMS 2.5 Lite - 'newlang' Parameter Local File Inclusion
Liquid-Silver CMS 0.1 - 'update' Parameter Local File Inclusion
Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure
ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod (PoC)
Seagull 0.6.3 - 'files' Parameter Remote File Disclosure
ImageShack Toolbar 4.5.7 - 'FileUploader' Class InsecureMethod (PoC)
flinx 1.3 - (category.php id) SQL Injection
flinx 1.3 - 'id' Parameter SQL Injection
Persits XUpload 3.0 - AddFile() Remote Buffer Overflow
Persits XUpload 3.0 - 'AddFile()' Remote Buffer Overflow
simple forum 3.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Simple Forum 3.2 - File Disclosure / Cross-Site Scripting
WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection
WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection
Oracle 10g R1 - pitrig_drop PLSQL Injection (get users hash)
Oracle 10g R1 - PITRIG_TRUNCATE PLSQL Injection (get users hash)
WordPress Plugin WP-Cal 0.3 - 'editevent.php' SQL Injection
WordPress Plugin fGallery 2.4.1 - 'fimrss.php' SQL Injection
Oracle 10g R1 - 'pitrig_drop' PLSQL Injection (get users hash)
Oracle 10g R1 - 'PITRIG_TRUNCATE' PLSQL Injection (get users hash)
phpMyClub 0.0.1 - (page_courante) Local File Inclusion
bubbling library 1.32 - dispatcher.php Remote File Disclosure
Bigware Shop 2.0 - pollid SQL Injection
Smart Publisher 1.0.1 - (disp.php) Remote Code Execution
SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit
phpMyClub 0.0.1 - 'page_courante' Parameter Local File Inclusion
bubbling library 1.32 - 'uri' Parameter Remote File Disclosure
Bigware Shop 2.0 - 'pollid' Parameter SQL Injection
Smart Publisher 1.0.1 - 'filedata' Parameter Remote Code Execution
SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit
phpCMS 1.2.2 - (parser.php) Remote File Disclosure
Mambo Component NewsLetter - (listid) SQL Injection
Mambo Component Fq - (listid) SQL Injection
Mambo Component MaMML - (listid) SQL Injection
phpCMS 1.2.2 - 'file' Parameter Remote File Disclosure
Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection
Mambo 'com_fq' - 'listid' Parameter SQL Injection
Mambo 'com_mamml' - 'listid' Parameter SQL Injection
phpCMS 1.1.7 - counter.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - parser.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - include/class.parser_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - PHPCMS include/class.session_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - include/class.edit_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - include/class.http_indexer_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - include/class.cache_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - include/class.search_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - include/class.lib_indexer_universal_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - include/class.layout_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
phpCMS 1.1.7 - 'counter.php' Remote File Inclusion
phpCMS 1.1.7 - 'parser.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.parser_PHPcms.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.session_PHPcms.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.edit_PHPcms.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.http_indexer_PHPcms.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.cache_PHPcms.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.search_PHPcms.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.lib_indexer_universal_PHPcms.php' Remote File Inclusion
phpCMS 1.1.7 - 'class.layout_PHPcms.php' Remote File Inclusion
phpCMS 2008 - 'ask/search_ajax.php' SQL Injection
phpCMS 2008 - 'search_ajax.php' SQL Injection
InfraPower PPS-02-S Q213V1 - Local File Disclosure
InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference
InfraPower PPS-02-S Q213V1 - Authentication Bypass
InfraPower PPS-02-S Q213V1 - Multiple XSS
InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery
InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials
InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution
|
2016-10-29 05:01:21 +00:00 |
|