exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	c65daa1397	DB: 2016-11-05 7 new exploits Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (3) Exim 4.41 - dns_build_reverse Local Exploit Exim 4.41 - 'dns_build_reverse' Local Exploit 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow BolinTech DreamFTP - (USER) Remote Buffer Overflow (PoC) BolinTech DreamFTP - 'USER' Remote Buffer Overflow (PoC) ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow (1) Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow Exploit Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow Winamp 5.551 - MAKI Parsing Integer Overflow Exploit Winamp 5.551 - MAKI Parsing Integer Overflow Icarus 2.0 - '.icp' Local Stack Overflow (PoC) Icarus 2.0 - '.ICP' Local Stack Overflow (PoC) ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (2) Rock Band CMS 0.10 - news.php Multiple SQL Injection Rock Band CMS 0.10 - 'news.php' Multiple SQL Injection (1) Winamp 5.572 - whatsnew.txt Stack Overflow Exploit Winamp 5.572 - whatsnew.txt Stack Overflow Joomla! Component com_wmtpic 1.0 - SQL Injection Joomla! Component 'com_wmtpic' 1.0 - SQL Injection TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (1) Joomla! Component MediQnA 1.1 - Local File Inclusion Joomla! Component 'com_mediqna' 1.1 - Local File Inclusion Joomla! Component My Car - Multiple Vulnerabilities Joomla! Component BF Quiz - SQL Injection (1) Joomla! Component com_jepoll - (pollid) SQL Injection Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection Joomla! Component 'com_mycar' - Multiple Vulnerabilities Joomla! Component 'com_bfquiztrial' - SQL Injection (1) Joomla! Component 'com_jepoll' - 'pollid' Parameter SQL Injection Joomla! Component 'com_jejob' 1.0 - 'catid' Parameter SQL Injection Joomla! Component BF Quiz - SQL Injection (2) Joomla! Component 'com_bfquiztrial' - SQL Injection (2) Joomla! Component com_quran - SQL Injection Joomla! Component 'com_quran' - SQL Injection Joomla! Component com_g2bridge - Local File Inclusion Joomla! Component 'com_g2bridge' - Local File Inclusion Joomla! Component com_jsjobs - SQL Injection Joomla! Component 'com_jsjobs' - SQL Injection Joomla! Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Joomla! Component ChronoForms (com_chronocontact) - Blind SQL Injection Joomla! Component 'com_chronoconnectivity' - Blind SQL Injection Joomla! Component 'com_chronocontact' - Blind SQL Injection Joomla! Component com_lead - SQL Injection Joomla! Component 'com_lead' - SQL Injection Joomla! Component com_djartgallery - Multiple Vulnerabilities Joomla! Component 'com_djartgallery' - Multiple Vulnerabilities Joomla! Component com_searchlog - SQL Injection Joomla! Component 'com_searchlog' - SQL Injection Joomla! Component com_annonces - Arbitrary File Upload Joomla! Component 'com_annonces' - Arbitrary File Upload Joomla! Component cinema - SQL Injection Joomla! Component 'com_cinema' - SQL Injection Joomla! Component Jreservation 1.5 - SQL Injection / Cross-Site Scripting Joomla! Component 'Jreservation' 1.5 - SQL Injection / Cross-Site Scripting Joomla! Component com_jstore - SQL Injection Joomla! Component com_jtickets - SQL Injection Joomla! Component com_jcommunity - SQL Injection Joomla! Component com_jmarket - SQL Injection Joomla! Component com_jsubscription - SQL Injection Joomla! Component 'com_jstore' - SQL Injection Joomla! Component 'com_jtickets' - SQL Injection Joomla! Component 'com_jcommunity' - SQL Injection Joomla! Component 'com_jmarket' - SQL Injection Joomla! Component 'com_jsubscription' - SQL Injection Joomla! Component com_jnewsletter - SQL Injection Joomla! Component 'com_jnewsletter' - SQL Injection Joomla! Component com_joomdocs - Cross-Site Scripting Joomla! Component Answers 2.3beta - Multiple Vulnerabilities Joomla! Component ozio Gallery 2 - Multiple Vulnerabilities Joomla! Component listbingo 1.3 - Multiple Vulnerabilities Joomla! Component 'com_joomdocs' - Cross-Site Scripting Joomla! Component 'com_answers' 2.3beta - Multiple Vulnerabilities Joomla! Component 'com_oziogallery' 2 - Multiple Vulnerabilities Joomla! Component 'com_listbingo' 1.3 - Multiple Vulnerabilities Joomla! Component RSComments 1.0.0 - Persistent Cross-Site Scripting Joomla! Component 'RSComments' 1.0.0 - Persistent Cross-Site Scripting Joomla! Component com_eportfolio - Arbitrary File Upload Joomla! Component 'com_eportfolio' - Arbitrary File Upload Joomla! Component Template BizWeb com_community - Persistent Cross-Site Scripting Joomla! Component Hot Property com_jomestate - Remote File Inclusion Joomla! Component 'com_community' - Persistent Cross-Site Scripting Joomla! Component 'com_jomestate' - Remote File Inclusion Joomla! Component JomSocial 1.6.288 - Multiple Cross-Site Scripting Joomla! Component 'JomSocial' 1.6.288 - Multiple Cross-Site Scripting Joomla! Component com_ybggal 1.0 - 'catid' SQL Injection Joomla! Component 'com_ybggal' 1.0 - 'catid' Parameter SQL Injection Joomla! Component Picasa2Gallery - Local File Inclusion Joomla! Component 'com_picasa2gallery' - Local File Inclusion Joomla! Component JE Ajax Event Calendar - SQL Injection Joomla! Component 'jeeventcalendar' - SQL Injection Joomla! Component com_realtyna - Local File Inclusion Joomla! Component 'com_realtyna' - Local File Inclusion Joomla! Component JE Story Submit - SQL Injection Joomla! Component com_sef - Remote File Inclusion Joomla! Component 'jesubmit' - SQL Injection Joomla! Component 'com_sef' - Remote File Inclusion Joomla! Component JE Awd Song - Persistent Cross-Site Scripting Joomla! Component JE Media Player - Local File Inclusion Joomla! Component 'com_awd_song' - Persistent Cross-Site Scripting Joomla! Component 'JE Media Player' - Local File Inclusion Joomla! Component JE Event Calendar - Local File Inclusion Joomla! Component JE Job com_jejob - Local File Inclusion Joomla! Component JE Section Finder - Local File Inclusion Joomla! Component 'jeeventcalendar' - Local File Inclusion Joomla! Component 'com_jejob' - Local File Inclusion Joomla! Component 'jesectionfinder' - Local File Inclusion Joomla! Component gamesbox com_gamesbox 1.0.2 - 'id' SQL Injection Joomla! Component Joomanager - SQL Injection Joomla! Component 'com_gamesbox' 1.0.2 - 'id' SQL Injection Joomla! Component 'Joomanager' - SQL Injection Joomla! Component com_dateconverter 0.1 - SQL Injection Joomla! Component 'com_dateconverter' 0.1 - SQL Injection Joomla! Component Front-End Article Manager System - Arbitrary File Upload Joomla! Component 'Front-End Article Manager System' - Arbitrary File Upload Joomla! Component Seyret Video (com_seyret) - Blind SQL Injection Joomla! Component 'com_seyret' - Blind SQL Injection Joomla! Component Seyret (com_seyret) - Local File Inclusion Joomla! Component 'com_seyret' - Local File Inclusion Joomla! Component eventcal 1.6.4 com_eventcal - Blind SQL Injection Joomla! Component 'com_eventcal' 1.6.4 - Blind SQL Injection Joomla! Component SocialAds com_socialads - Persistent Cross-Site Scripting Joomla! Component 'com_socialads' - Persistent Cross-Site Scripting Joomla! Component Phoca Gallery (com_phocagallery) - SQL Injection Joomla! Component Front-edit Address Book (com_addressbook) - Blind SQL Injection Joomla! Component 'com_phocagallery' - SQL Injection Joomla! Component 'com_addressbook' - Blind SQL Injection Joomla! Component NijnaMonials (com_ninjamonials) - Blind SQL Injection Joomla! Component SEF (com_sef) - Local File Inclusion Joomla! Component 'com_ninjamonials' - Blind SQL Injection Joomla! Component 'com_sef' - Local File Inclusion Joomla! Component JPodium (com_jpodium) - SQL Injection Joomla! Component 'com_jpodium' - SQL Injection Joomla! Component com_autartimonial - SQL Injection Joomla! Component 'com_autartimonial' - SQL Injection TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (2) Joomla! Plugin tinybrowser 1.5.12 - Arbitrary File Upload / Code Execution (Metasploit) Joomla! Plugin 'tinybrowser' 1.5.12 - Arbitrary File Upload / Code Execution (Metasploit) Microsoft Excel 2010 - Crash PoC (1) Microsoft Excel 2010 - Crash (PoC) (1) Brooky CubeCart 2.0.1 - SQL Injection Brooky CubeCart 2.0.1/2.0.4 - ndex.php language Parameter Cross-Site Scripting Brooky CubeCart 2.0.1/2.0.4 - 'index.php' language Parameter Cross-Site Scripting Joomla! Component com_easygb - 'Itemid' Parameter Cross-Site Scripting Joomla! Component Percha Downloads Attach 1.1 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component Percha Gallery 1.6 Beta - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchadownloadsattach' 1.1 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchagallery' 1.6 Beta - 'Controller' Parameter Traversal Arbitrary File Access Joomla! 1.5.x - Multiple Modules 'search' Parameter Cross-Site Scripting Vulnerabilities Joomla! Component com_sar_news - 'id' Parameter SQL Injection Joomla! Component 'com_sar_news' - 'id' Parameter SQL Injection Joomla! Component Jreservation - Cross-Site Scripting Joomla! Component com_videowhisper_2wvc - Cross-Site Scripting Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion Joomla! Component 'com_galleryxml' 1.1 - SQL Injection / Local File Inclusion Joomla! Component Miniwork Studio Canteen 1.0 - SQL Injection / Local File Inclusion Joomla! Component 'com_canteen' 1.0 - Local File Inclusion Rock Band CMS 0.10 - 'news.php' Multiple SQL Injection Rock Band CMS 0.10 - 'news.php' Multiple SQL Injection (2) IBM AIX 6.1/7.1/7.2.0.2 - 'lsmcode' Privilege Escalation VLC Media Player 2.2.1 - Buffer Overflow VideoLAN VLC Media Player 2.2.1 - Buffer Overflow Just Dial Clone Script - SQL Injection Just Dial Clone Script - SQL Injection (1) Just Dial Clone Script - SQL Injection Just Dial Clone Script - SQL Injection (2) IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Privilege Escalation Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'NLST' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'SITE CHMOD' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow BolinTech DreamFTP 1.02 - 'RETR' Command Remote Buffer Overflow	2016-11-05 05:01:20 +00:00
Offensive Security	1edbc5ecc4	DB: 2016-11-04 14 new exploits Microsoft Windows - Metafile (.WMF) Remote File Download Exploit Generator Microsoft Windows - Metafile '.WMF' Arbitrary File Download (Generator) Redaxo CMS 3.2 - 'INCLUDE_PATH' Remote File Inclusion Redaxo 3.2 - 'INCLUDE_PATH' Remote File Inclusion Mambo Component com_loudmouth 4.0j - Remote File Inclusion Mambo Component com_loudmouth 4.0j - Remote File Inclusion Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download Sisfo Kampus 2006 - 'dwoprn.php f' Arbitrary File Download Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection Joomla! / Mambo Component com_catalogproduction - 'id' SQL Injection Joomla! / Mambo Component 'com_catalogproduction' - 'id' SQL Injection Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit Megacubo 5.0.7 - 'mega://' Arbitrary File Download and Execute DMXReady SDK 1.1 - Remote File Download DMXReady SDK 1.1 - Arbitrary File Download Joomla! 1.5.12 RCE via TinyMCE - Arbitrary File Upload Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload) Joomla! Component Jw_allVideos - Remote File Download Joomla! Component Jw_allVideos - Arbitrary File Download Trouble Ticket Software - ttx.cgi Remote File Download Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download Redaxo CMS 4.2.1 - Remote File Inclusion Redaxo 4.2.1 - Remote File Inclusion Joomla! Component Music Manager - Local File Inclusion Joomla! Component 'Music Manager' - Local File Inclusion Joomla! Component NeoRecruit (com_neorecruit Itemid) - Blind SQL Injection Joomla! Component 'com_neorecruit' - 'Itemid' Parameter Blind SQL Injection Joomla! Component artforms 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component PaymentsPlus - Mtree 2.1.5 - Blind SQL Injection Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component 'PaymentsPlus' 2.1.5 - Blind SQL Injection Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting Joomla! Component IXXO Cart - SQL Injection Joomla! Component com_jomtube - (user_id) Blind SQL Injection / SQL Injection Joomla! Component redSHOP 1.0 (com_redshop pid) - SQL Injection Joomla! Component QuickFAQ (com_quickfaq) - Blind SQL Injection Joomla! Component 'Minify4Joomla' - Arbitrary File Upload / Persistent Cross-Site Scripting Joomla! Component 'IXXO Cart' - SQL Injection Joomla! Component 'com_jomtube' - 'user_id' Parameter Blind SQL Injection Joomla! Component 'com_redshop' 1.0 - 'pid' Parameter SQL Injection Joomla! Component 'com_quickfaq' - Blind SQL Injection Joomla! Component MyHome (com_myhome) - Blind SQL Injection Joomla! Component MySms (com_mysms) - Arbitrary File Upload Joomla! Component Health & Fitness Stats - Persistent Cross-Site Scripting Joomla! Component 'com_myhome' - Blind SQL Injection Joomla! Component 'com_mysms' - Arbitrary File Upload Joomla! Component 'healthstats' - Persistent Cross-Site Scripting Joomla! Component Rapid Recipe - Persistent Cross-Site Scripting Joomla! Component 'Rapid-Recipe' - Persistent Cross-Site Scripting Joomla! Component EasyBlog - Persistent Cross-Site Scripting Joomla! Component 'EasyBlog' - Persistent Cross-Site Scripting Joomla! Component QContacts (com_qcontacts) - SQL Injection Joomla! Component 'com_qcontacts' - SQL Injection Joomla! Component RedShop 1.0.23.1 - Blind SQL Injection Joomla! Component 'com_redshop' 1.0.23.1 - Blind SQL Injection Joomla! Component com_spa - SQL Injection (2) Joomla! Component com_staticxt - SQL Injection Joomla! Component 'com_spa' - SQL Injection (2) Joomla! Component 'com_staticxt' - SQL Injection Joomla! Component com_spa - SQL Injection (1) Joomla! Component 'com_spa' - SQL Injection (1) Joomla! Component com_golfcourseguide) 0.9.6.0 (Beta) / 1 (Beta - SQL Injection Joomla! Component com_huruhelpdesk - SQL Injection Joomla! Component com_iproperty - SQL Injection Joomla! Component 'com_golfcourseguide' 0.9.6.0 - SQL Injection Joomla! Component 'com_huruhelpdesk' - SQL Injection Joomla! Component 'com_iproperty' - SQL Injection Joomla! Component Ozio Gallery (com_oziogallery) - SQL Injection Joomla! Component ITArmory (com_itarmory) - SQL Injection Joomla! Component 'com_oziogallery' - SQL Injection Joomla! Component 'com_itarmory' - SQL Injection Joomla! Component com_joomdle) 0.24 - SQL Injection Joomla! Component com_youtube - SQL Injection Joomla! Component 'com_joomdle' 0.24 - SQL Injection Joomla! Component 'com_youtube' - SQL Injection Joomla! Component com_Joomla-visites - Remote File Inclusion Joomla! Component 'com_Joomla-visites' - Remote File Inclusion Joomla! Component TTVideo 1.0 - SQL Injection Joomla! Component 'com_ttvideo' 1.0 - SQL Injection Joomla! Component appointinator 1.0.1 - Multiple Vulnerabilities Joomla! Component 'com_appointinator' 1.0.1 - Multiple Vulnerabilities Joomla! Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injections Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections Joomla! Component com_beamospetition - SQL Injection Joomla! Component 'com_beamospetition' - SQL Injection Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload ADA IMGSVR 0.4 - Remote File Download ADA IMGSVR 0.4 - Arbitrary File Download Joomla! / Mambo Component com_buslicense - 'aid' Parameter SQL Injection Joomla! / Mambo Component 'com_buslicense' - 'aid' Parameter SQL Injection Joomla! / Mambo Component com_sermon 0.2 - 'gid' Parameter SQL Injection Joomla! / Mambo Component 'com_sermon' 0.2 - 'gid' Parameter SQL Injection Joomla! / Mambo Component com_comments 0.5.8.5g - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_comments' 0.5.8.5g - 'id' Parameter SQL Injection Joomla! / Mambo Component com_iomezun - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_iomezun' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_Joomlavvz - 'id' Parameter SQL Injection Joomla! / Mambo Component com_most - 'secid' Parameter SQL Injection Joomla! / Mambo Component com_asortyment - 'katid' Parameter SQL Injection Joomla! / Mambo Component 'com_Joomlavvz' - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_most' - 'secid' Parameter SQL Injection Joomla! / Mambo Component 'com_asortyment' - 'katid' Parameter SQL Injection Joomla! / Mambo Component com_model - 'objid' Parameter SQL Injection Joomla! / Mambo Component com_omnirealestate - 'objid' Parameter SQL Injection Joomla! / Mambo Component 'com_model' - 'objid' Parameter SQL Injection Joomla! / Mambo Component 'com_omnirealestate' - 'objid' Parameter SQL Injection Joomla! / Mambo Component com_smslist - 'listid' Parameter SQL Injection Joomla! / Mambo Component com_activities - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_smslist' - 'listid' Parameter SQL Injection Joomla! / Mambo Component 'com_activities' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_lexikon - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_lexikon' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_team - SQL Injection Joomla! / Mambo Component com_iigcatalog - 'cat' Parameter SQL Injection Joomla! / Mambo Component com_formtool - 'catid' Parameter SQL Injection Joomla! / Mambo Component com_genealogy - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_team' - SQL Injection Joomla! / Mambo Component 'com_iigcatalog' - 'cat' Parameter SQL Injection Joomla! / Mambo Component 'com_formtool' - 'catid' Parameter SQL Injection Joomla! / Mambo Component 'com_genealogy' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_hello_world - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_hello_world' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_publication - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_blog - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_publication' - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_blog' - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_wines 1.0 - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_wines' 1.0 - 'id' Parameter SQL Injection Joomla! / Mambo Component com_inter - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_inter' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_guide - 'category' Parameter SQL Injection Joomla! / Mambo Component 'com_guide' - 'category' Parameter SQL Injection Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections Joomla! / Mambo Component 'com_is' 1.0.1 - Multiple SQL Injections Joomla! / Mambo Component com_utchat 0.2 - Multiple Remote File Inclusion Joomla! / Mambo Component 'com_utchat' 0.2 - Multiple Remote File Inclusion Vana CMS - 'Filename' Parameter Remote File Download Vana CMS - 'Filename' Parameter Arbitrary File Download Joomla! Component Rapid-Recipe - HTML Injection Joomla! Component 'Rapid-Recipe' - HTML Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Joomla! Component 'FreiChat' 1.0/2.x - Unspecified HTML Injection REDAXO - 'subpage' Parameter Cross-Site Scripting Redaxo CMS 5.0.0 - Multiple Vulnerabilities Redaxo 5.0.0 - Multiple Vulnerabilities DarkComet Server - Remote File Download Exploit (Metasploit) DarkComet Server - Arbitrary File Download (Metasploit) WinaXe 7.7 'FTP client' - Remote Buffer Overflow Rapid PHP Editor 14.1 - Remote Command Execution Memcached 1.4.33 - PoC (1) Memcached 1.4.33 - PoC (2) Memcached 1.4.33 - PoC (3) SweetRice 1.5.1 - Arbitrary File Download Axessh 4.2 - Denial Of Service SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution ETchat 3.7 - Cross-Site Request Forgery sNews 1.7.1 - Cross-Site Request Forgery sNews 1.7.1 - Arbitrary File Upload PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow nodCMS - Cross-Site Request Forgery Redaxo 5.2.0 - Cross-Site Request Forgery	2016-11-04 05:01:21 +00:00
Offensive Security	1f59ca27c2	DB: 2016-11-03 15 new exploits Joomla! Component PBBooking 1.0.4_3 - Multiple Blind SQL Injection Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection Joomla! Component SimpleShop (com_SimpleShop) - SQL Injection Joomla! Component 'com_SimpleShop' - SQL Injection Joomla! Component Spielothek 1.6.9 - Multiple Blind SQL Injection Joomla! Component 'com_spielothek' 1.6.9 - Multiple Blind SQL Injection Joomla! Component CamelcityDB 2.2 - SQL Injection Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection Joomla! Component cgtestimonial 2.2 - Multiple Vulnerabilities Joomla! Component 'com_cgtestimonial' 2.2 - Multiple Vulnerabilities Joomla! Component com_neorecruit 1.4 - SQL Injection Joomla! Component 'com_neorecruit' 1.4 - SQL Injection Joomla! Component Teams - Multiple Blind SQL Injection Joomla! Component 'com_teams' - Multiple Blind SQL Injection Joomla! Component Yellowpages - SQL Injection Joomla! Component 'com_yellowpages' - SQL Injection Joomla! Component Amblog 1.0 - Multiple SQL Injections Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections Joomla! Component com_equipment - SQL Injection Joomla! Component Jgrid 1.0 - Local File Inclusion Joomla! Component OnGallery - SQL Injection Joomla! Component 'com_equipment' - SQL Injection Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion Joomla! Component 'com_ongallery' - SQL Injection Joomla! Component com_Fabrik - SQL Injection Joomla! Component com_extcalendar - Blind SQL Injection Joomla! Component 'com_Fabrik' - SQL Injection Joomla! Component 'com_extcalendar' - Blind SQL Injection Joomla! Component com_zina - SQL Injection Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections Joomla! Component 'com_zina' - SQL Injection Joomla! Component 'com_biblioteca' 1.0 Beta - Multiple SQL Injections Joomla! Component com_zoomportfolio - SQL Injection Joomla! Component 'com_zoomportfolio' - SQL Injection Joomla! Component com_remository - Arbitrary File Upload Joomla! Component 'com_remository' - Arbitrary File Upload Joomla! Component com_picsell - Local File Disclosure Joomla! Component com_jefaqpro - Multiple Blind SQL Injection Joomla! Component 'com_picsell' - Local File Disclosure Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection Joomla! Component iJoomla! magazine 3.0.1 - Remote File Inclusion Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion Joomla! Component Clantools 1.5 - Blind SQL Injection Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection Joomla! Component 'com_clantools' 1.5 - Blind SQL Injection Joomla! Component 'com_clantools' 1.2.3 - Multiple Blind SQL Injection Joomla! Component Gantry Framework 3.0.10 - Blind SQL Injection Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection Joomla! Component Aardvertiser 2.1 Free - Blind SQL Injection Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection Joomla! Component RSform! 1.0.5 - Multiple Vulnerabilities Joomla! Component 'com_forme' 1.0.5 - Multiple Vulnerabilities Joomla! Component com_jphone - Local File Inclusion Joomla! Component 'com_jphone' - Local File Inclusion Joomla! Component Mosets Tree 2.1.5 - Arbitrary File Upload Joomla! Component 'com_mtree' 2.1.5 - Arbitrary File Upload Joomla! Component com_jgen - SQL Injection Joomla! Component 'com_jgen' - SQL Injection Joomla! Component com_restaurantguide - Multiple Vulnerabilities Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities Joomla! Component com_elite_experts - SQL Injection Joomla! Component 'com_elite_experts' - SQL Injection Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection Joomla! Component com_ezautos - SQL Injection Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection Joomla! Component 'com_ezautos' - SQL Injection Joomla! Component je Guestbook 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities Joomla! Component JE Job - SQL Injection Joomla! Component JE Directory - SQL Injection Joomla! Component 'com_jejob' - SQL Injection Joomla! Component 'com_jedirectory' - SQL Injection Joomla! Component Community Builder Enhenced (CBE) - Local File Inclusion / Remote Code Execution Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution Joomla! Component js Calendar 1.5.1 Joomla! - Multiple Vulnerabilities Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities Joomla! Component JE Ajax Event Calendar (com_jeajaxeventcalendar) - SQL Injection Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload Joomla! Component Flip Wall (com_flipwall) - SQL Injection Joomla! Component Sponsor Wall (com_sponsorwall) - SQL Injection Joomla! Component 'com_flipwall' - SQL Injection Joomla! Component 'com_sponsorwall' - SQL Injection sweetrice CMS 0.6.7 - Multiple Vulnerabilities SweetRice 0.6.7 - Multiple Vulnerabilities Joomla! Component ccInvoices (com_ccinvoices) - SQL Injection Joomla! Component 'com_ccinvoices' - SQL Injection Joomla! Component com_connect - Local File Inclusion Joomla! Component DCNews com_dcnews - Local File Inclusion Joomla! Component 'com_connect' - Local File Inclusion Joomla! Component 'com_dcnews' - Local File Inclusion Joomla! Component com_ckforms - Local File Inclusion Joomla! Component com_clan - SQL Injection Joomla! Component 'com_ckforms' - Local File Inclusion Joomla! Component 'com_clan' - SQL Injection Joomla! Component com_clanlist - SQL Injection Joomla! Component 'com_clanlist' - SQL Injection Joomla! Component ProDesk 1.5 - Local File Inclusion Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection Joomla! Component com_markt - SQL Injection Joomla! Component com_img - Local File Inclusion Joomla! Component 'btg_oglas' - HTML / Cross-Site Scripting Injection Joomla! Component 'com_markt' - SQL Injection Joomla! Component 'com_img' - Local File Inclusion Joomla! Component com_jsupport - Cross-Site Scripting Joomla! Component com_jsupport - SQL Injection Joomla! Component 'com_jsupport' - Cross-Site Scripting Joomla! Component 'com_jsupport' - SQL Injection Joomla! Component ccBoard 1.2-RC - Multiple Vulnerabilities Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities Joomla! Component com_alfurqan15x - SQL Injection Joomla! Component 'com_alfurqan15x' - SQL Injection Joomla! Component Maian Media (com_maianmedia) - SQL Injection Joomla! Component 'com_maianmedia' - SQL Injection Joomla! Component Template Mosets Tree 2.1.6 - Overwrite Cross-Site Request Forgery Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery Joomla! Component com_jimtawl - Local File Inclusion Joomla! Component 'com_jimtawl' - Local File Inclusion Joomla! Component JE Auto 1.0 - SQL Injection Joomla! Component 'com_jeauto' 1.0 - SQL Injection Joomla! Component Billy Portfolio 1.1.2 - Blind SQL Injection Joomla! Component 'com_billyportfolio' 1.1.2 - Blind SQL Injection Joomla! Component JRadio (com_jradio) - Local File Inclusion Joomla! Component 'com_jradio' - Local File Inclusion Joomla! Component JE Auto (com_jeauto) - Local File Inclusion Joomla! Component 'com_jeauto' - Local File Inclusion Joomla! Component Jotloader 2.2.1 - Local File Inclusion Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion Joomla! Component com_xgallery 1.0 - Local File Inclusion Joomla! Component 'com_xgallery' 1.0 - Local File Inclusion Joomla! Component com_ponygallery - Remote File Inclusion Joomla! Component com_adsmanager - Remote File Inclusion Joomla! Component 'com_ponygallery' - Remote File Inclusion Joomla! Component 'com_adsmanager' - Remote File Inclusion Joomla! Component com_xmovie 1.0 - Local File Inclusion Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion Joomla! Component com_idoblog - SQL Injection Joomla! Component 'com_idoblog' - SQL Injection Joomla! Plugin Captcha 4.5.1 - Local File Disclosure Joomla! Plugin 'Captcha' 4.5.1 - Local File Disclosure Joomla! Component People 1.0.0 - SQL Injection Joomla! Component 'com_people' 1.0.0 - SQL Injection Joomla! Component People 1.0.0 - Local File Inclusion Joomla! Component 'com_people' 1.0.0 - Local File Inclusion Joomla! Component allCineVid 1.0.0 - Blind SQL Injection Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection Joomla! Component B2 Portfolio 1.0.0 - Multiple SQL Injections Joomla! Component 'com_b2portfolio' 1.0.0 - Multiple SQL Injections Joomla! Component XCloner (com_xcloner-backupandrestore) - Remote Command Execution Joomla! Component 'com_xcloner-backupandrestore' - Remote Command Execution Joomla! Component com_booklibrary - SQL Injection Joomla! Component 'com_booklibrary' - SQL Injection Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection Joomla! Component JCE (com_jce) - Blind SQL Injection Joomla! Component 'com_jce' - Blind SQL Injection Joomla! Component com_versioning - SQL Injection Joomla! Component com_hello - SQL Injection Joomla! Component 'com_versioning' - SQL Injection Joomla! Component 'com_hello' - SQL Injection Joomla! Component com_question - SQL Injection Joomla! Component 'com_question' - SQL Injection Joomla! Component 1.0 jDownloads - Arbitrary File Upload Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload Joomla! Component com_jmsfileseller - Local File Inclusion Joomla! Component 'com_jmsfileseller' - Local File Inclusion Joomla! Component com_joomnik - SQL Injection Joomla! Component 'com_joomnik' - SQL Injection Joomla! Plugin Scriptegrator 1.5 - File Inclusion Joomla! Component 'Scriptegrator' 1.5 - File Inclusion Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion Joomla! Component com_team - SQL Injection Joomla! Component 'com_acooldebate' 1.0.3 - Local File Inclusion Joomla! Component 'com_team' - SQL Injection Joomla! Component Calc Builder - 'id' Blind SQL Injection Joomla! Component 'com_calcbuilder' - 'id' Parameter Blind SQL Injection Joomla! Component JoomlaXi - Persistent Cross-Site Scripting Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting Joomla! Component mdigg - SQL Injection Joomla! Component 'mdigg' - SQL Injection Joomla! Component Xmap 1.2.11 - Blind SQL Injection Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection Joomla! Component SOBI2 2.9.3.2 - Blind SQL Injections Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections Joomla! Component Appointment Booking Pro - Local File Inclusion Joomla! Component 'com_rsappt_pro2' - Local File Inclusion Joomla! Component JE K2 Story Submit - Local File Inclusion Joomla! Component 'com_jesubmit' - Local File Inclusion Joomla! Component mod_spo - SQL Injection Joomla! Component 'mod_spo' - SQL Injection Joomla! Component com_virtuemart 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit) Joomla! Component 'com_virtuemart' 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit) Joomla! Component com_obSuggest - Local File Inclusion Joomla! Component 'com_obSuggest' - Local File Inclusion Joomla! Component com_jdirectory - SQL Injection Joomla! Component 'com_jdirectory' - SQL Injection Joomla! Component TNR Enhanced Joomla! Search - SQL Injection Joomla! Component 'com_esearch' - SQL Injection Joomla! Component JoomTouch - Local File Inclusion Joomla! Component 'com_joomtouch' - Local File Inclusion Joomla! Extension JCE 2.0.10 - Multiple Vulnerabilities Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities Joomla! Component simple file lister module 1.0 - Directory Traversal Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal Joomla! Component YJ Contact us - Local File Inclusion Joomla! Component 'com_yjcontactus' - Local File Inclusion Joomla! Component Time Returns (com_timereturns) 2.0 - SQL Injection Joomla! Component 'com_timereturns' 2.0 - SQL Injection Joomla! Component Techfolio 1.0 - SQL Injection Joomla! Component 'com_techfolio' 1.0 - SQL Injection Joomla! Component JEEMA Sms 3.2 - Multiple Vulnerabilities Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jeemasms' 3.2 - Multiple Vulnerabilities Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities Joomla! Component HM-Community com_hmcommunity - Multiple Vulnerabilities Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities Joomla! Component Alameda (com_alameda) 1.0 - SQL Injection Joomla! Component 'com_alameda' 1.0 - SQL Injection Joomla! Component Jobprofile (com_jobprofile) - SQL Injection Joomla! Component 'com_jobprofile' - SQL Injection Joomla! Component QContacts 1.0.6 - SQL Injection Joomla! Component 'com_qcontacts' 1.0.6 - SQL Injection Joomla! Component com_dshop - SQL Injection Joomla! Component 'com_dshop' - SQL Injection Joomla! Component Discussions (com_discussions) - SQL Injection Joomla! Component 'com_discussions' - SQL Injection Joomla! Component The Estate Agent (com_estateagent) - SQL Injection Joomla! Component com_bearleague - SQL Injection Joomla! Component 'com_estateagent' - SQL Injection Joomla! Component 'com_bearleague' - SQL Injection Joomla! Component com_ponygallery - SQL Injection Joomla! Component 'com_ponygallery' - SQL Injection Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal Joomla! Component com_weblinks - 'Itemid' Parameter SQL Injection Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection Joomla! Component com_dirfrm - Multiple SQL Injections Joomla! Component 'com_dirfrm' - Multiple SQL Injections Joomla! Component Spain - 'nv' Parameter SQL Injection Joomla! Component 'com_spain' - 'nv' Parameter SQL Injection Joomla! Component com_tax - 'eid' Parameter SQL Injection Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection Joomla! / Mambo Component com_trade - 'PID' Parameter Cross-Site Scripting Joomla! / Mambo Component 'com_trade' - 'PID' Parameter Cross-Site Scripting Joomla! Component com_jstore - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion Joomla! Component Catalogue - SQL Injection / Local File Inclusion Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion Joomla! Component AutoArticles 3000 - 'id' Parameter SQL Injection Joomla! Component 'com_a3000' - 'id' Parameter SQL Injection Joomla! Component Store Directory - 'id' Parameter SQL Injection Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection Joomla! Component Annuaire - 'id' Parameter SQL Injection Joomla! Component 'com_annuaire' - 'id' Parameter SQL Injection Joomla! Component Jeformcr - 'id' Parameter SQL Injection Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component Redirect 'com_redirect' 1.5.19 - Local File Inclusion Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion Joomla! Component Classified - SQL Injection Joomla! Component 'com_classified' - SQL Injection Joomla! Component com_frontenduseraccess - Local File Inclusion Joomla! Component 'com_frontenduseraccess' - Local File Inclusion Joomla! Component VirtueMart eCommerce 1.1.6 - SQL Injection Joomla! Component 'com_virtuemart' 1.1.6 - SQL Injection Joomla! Component com_clan_members - 'id' Parameter SQL Injection Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection Joomla! Component com_phocadownload - Local File Inclusion Joomla! Component 'com_phocadownload' - Local File Inclusion Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection Joomla! Component com_maplocator - 'cid' Parameter SQL Injection Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection Joomla! Component com_shop - SQL Injection Joomla! Component 'com_shop' - SQL Injection Joomla! Component Virtual Money 'com_virtualmoney' 1.5 - SQL Injection Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion Joomla! Component com_voj - SQL Injection Joomla! Component 'com_voj' - SQL Injection Joomla! Component Foto - 'id_categoria' Parameter SQL Injection Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection Joomla! Component com_hospital - SQL Injection Joomla! Component Controller - 'Itemid' Parameter SQL Injection Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection Joomla! Component 'com_hospital' - SQL Injection Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection Joomla! Component com_resman - Cross-Site Scripting Joomla! Component com_newssearch - SQL Injection Joomla! Component 'com_newssearch' - SQL Injection Joomla! Component Slideshow Gallery - 'id' Parameter SQL Injection Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection Joomla! Component com_community - 'userid' Parameter SQL Injection Joomla! Component 'com_community' - 'userid' Parameter SQL Injection Joomla! Component com_biitatemplateshop - 'groups' Parameter SQL Injection Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection Joomla! Component com_expedition - 'id' Parameter SQL Injection Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection Joomla! Component com_tree - 'key' Parameter SQL Injection Joomla! Component com_br - 'state_id' Parameter SQL Injection Joomla! Component com_shop - 'id' Parameter SQL Injection Joomla! Component 'com_tree' - 'key' Parameter SQL Injection Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection Joomla! Component 'com_shop' - 'id' Parameter SQL Injection Joomla! Component Sgicatalog 1.0 - 'id' Parameter SQL Injection Joomla! Component 'com_sgicatalog' 1.0 - 'id' Parameter SQL Injection Joomla! Extension com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_alfcontact' 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component Content - 'year' Parameter SQL Injection Joomla! Component 'com_content' - 'year' Parameter SQL Injection Joomla! Component com_tsonymf - 'idofitem' Parameter SQL Injection Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection Joomla! Component com_caproductprices - 'id' Parameter SQL Injection Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection Joomla! Component HD Video Share 1.3 - 'id' Parameter SQL Injection Joomla! Component 'com_contushdvideoshare' 1.3 - 'id' Parameter SQL Injection Joomla! Component com_br - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion Joomla! Component Full 'com_full' - 'id' Parameter SQL Injection Joomla! Component com_sanpham - Multiple SQL Injections Joomla! Component com_xball - 'team_id' Parameter SQL Injection Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion Joomla! Component com_car - Multiple SQL Injections Joomla! Component com_some - 'Controller' Parameter Local File Inclusion Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_full' - 'id' Parameter SQL Injection Joomla! Component 'com_sanpham' - Multiple SQL Injections Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_car' - Multiple SQL Injections Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion Joomla! Component com_jesubmit - 'index.php' Arbitrary File Upload Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload Joomla! Component com_motor - 'cid' Parameter SQL Injection Joomla! Component com_products - Multiple SQL Injections Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection Joomla! Component 'com_products' - Multiple SQL Injections Joomla! Component com_visa - Local File Inclusion / SQL Injection Joomla! Component com_firmy - 'Id' Parameter SQL Injection Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection Joomla! Component com_crhotels - 'catid' Parameter SQL Injection Joomla! Component com_propertylab - 'id' Parameter SQL Injection Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection Joomla! Component com_bbs - Multiple SQL Injections Joomla! Component 'com_bbs' - Multiple SQL Injections Joomla! Component com_cmotour - 'id' Parameter SQL Injection Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection Joomla! Component Currency Converter - 'from' Parameter Cross-Site Scripting Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting Joomla! Component X-Shop - 'idd' Parameter SQL Injection Joomla! Component Xcomp 'com_xcomp' - Local File Inclusion Joomla! Component 'com_x-shop' - 'idd' Parameter SQL Injection Joomla! Component 'com_xcomp' - Local File Inclusion Joomla! Component com_xvs - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_xvs' - 'Controller' Parameter Local File Inclusion Joomla! Component Machine - Multiple SQL Injections Joomla! Component 'com_machine' - Multiple SQL Injections Joomla! Component CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection Joomla! Component Video Gallery - Local File Inclusion / SQL Injection Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection Joomla! Component 'com_videogallery' - Local File Inclusion / SQL Injection Joomla! Component Alphacontent - 'limitstart' Parameter SQL Injection Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload Joomla! Component Simple SWFupload - 'uploadhandler.php' Arbitrary File Upload Joomla! Component Art Uploader - 'upload.php' Arbitrary File Upload Joomla! Component DentroVideo - 'upload.php' Arbitrary File Upload Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit) PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow Alienvault OSSIM/USM 5.3.1 - PHP Object Injection Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting Alienvault OSSIM/USM 5.3.1 - SQL Injection Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056) Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass SunellSecurity NVR / Camera - Denial Of Service Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit) MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' Privilege Escalation Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution (Metasploit) LifeSize Room 5.0.9 - Multiple Vulnerabilities Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free SweetRice 1.5.1 - Cross-Site Request Forgery	2016-11-03 05:01:18 +00:00
Offensive Security	c76e893f94	DB: 2016-11-02 12 new exploits KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow Apple iOS 4.0.3 - DPAP Server Denial of Service KarjaSoft Sami FTP Server 2.02 - USER Overflow (Metasploit) KarjaSoft Sami FTP Server 2.0.2 - USER Remote Buffer Overflow (Metasploit) Freefloat FTP Server - (LIST command) Buffer Overflow Freefloat FTP Server - 'LIST' Command Buffer Overflow Freefloat FTP Server 1.00 - MKD Buffer Overflow Freefloat FTP Server - MKD Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - 'MKD' Buffer Overflow Freefloat FTP Server - 'MKD' Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - REST & PASV Buffer Overflow Freefloat FTP Server 1.0 - 'REST' / 'PASV' Buffer Overflow Freefloat FTP Server - REST Buffer Overflow (Metasploit) Freefloat FTP Server - 'REST' Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - ACCL Buffer Overflow Freefloat FTP Server 1.0 - 'ACCL' Buffer Overflow Nagios Plugin check_ups - Local Buffer Overflow (PoC) Nagios Plugins check_ups - Local Buffer Overflow (PoC) Joomla! Component KISS Advertiser - Remote File / Bypass Upload Joomla! Component 'com_ksadvertiser' - Remote File / Bypass Upload Joomla! Component OS Property 2.0.2 - Unrestricted Arbitrary File Upload Joomla! Component 'com_osproperty' 2.0.2 - Unrestricted Arbitrary File Upload Joomla! Component com_niceajaxpoll 1.3.0 - SQL Injection Joomla! Component 'com_niceajaxpoll' 1.3.0 - SQL Injection Joomla! Extension Movm Extension (com_movm) - SQL Injection Joomla! Component 'com_movm' - SQL Injection Joomla! Component joomgalaxy 1.2.0.4 - Multiple Vulnerabilities Joomla! Component 'com_joomgalaxy' 1.2.0.4 - Multiple Vulnerabilities Joomla! Component En Masse 1.2.0.4 - SQL Injection Joomla! Component 'com_enmasse' 1.2.0.4 - SQL Injection Joomla! Component FireBoard (com_fireboard) - SQL Injection Joomla! Component 'com_fireboard' - SQL Injection Joomla! Component Spider Calendar Lite (com_spidercalendar) - SQL Injection Joomla! Component 'com_spidercalendar' - SQL Injection Joomla! Component RokModule - 'index.php module Parameter' Blind SQL Injection Joomla! Component 'com_rokmodule' - 'module' Parameter Blind SQL Injection Joomla! Component iCagenda - (id Parameter) Multiple Vulnerabilities Joomla! Component 'com_icagenda' - 'id' Parameter Multiple Vulnerabilities Joomla! Component FreeStyle Support com_fss 1.9.1.1447 - SQL Injection Joomla! Component Tags - 'index.php tag Parameter' SQL Injection Joomla! Component 'com_fss' 1.9.1.1447 - SQL Injection Joomla! Component 'com_tag' - 'tag' Parameter SQL Injection Joomla! Plugin Commedia - 'index.php task Parameter' SQL Injection Joomla! Component Kunena - 'index.php search Parameter' SQL Injection Joomla! Component 'com_commedia' - 'task' Parameter SQL Injection Joomla! Component 'com_kunena' - 'search' Parameter SQL Injection Freefloat FTP Server - PUT Command Buffer Overflow Freefloat FTP Server - 'PUT' Command Buffer Overflow Joomla! Component Spider Catalog - 'index.php Product_ID Parameter' SQL Injection Joomla! Component 'com_spidercatalog' - 'Product_ID' Parameter SQL Injection Free Float FTP Server - USER Command Buffer Overflow Freefloat FTP Server - 'USER' Command Buffer Overflow Joomla! Component JooProperty 1.13.0 - Multiple Vulnerabilities Joomla! Component 'com_jooproperty' 1.13.0 - Multiple Vulnerabilities Joomla! Component Spider Calendar - 'index.php date Parameter' Blind SQL Injection Joomla! Component 'com_spidercalendar' - 'date' Parameter Blind SQL Injection Joomla! Component com_collector - Arbitrary File Upload Joomla! Component 'com_collector' - Arbitrary File Upload Freefloat FTP 1.0 - Raw Commands Buffer Overflow Freefloat FTP Server 1.0 - 'Raw' Commands Buffer Overflow Joomla! 3.0.2 - (highlight.php) PHP Object Injection Joomla! 3.0.2 - 'highlight.php' PHP Object Injection Joomla! Component RSfiles - (cid parameter) SQL Injection Joomla! Component 'com_rsfiles' - 'cid' Parameter SQL Injection Joomla! Component CiviCRM 4.2.2 - Remote Code Injection Joomla! Component 'com_civicrm' 4.2.2 - Remote Code Injection Freefloat FTP 1.0 - DEP Bypass with ROP Freefloat FTP Server 1.0 - DEP Bypass with ROP Joomla! 3.0.3 - (remember.php) PHP Object Injection Joomla! 3.0.3 - 'remember.php' PHP Object Injection Joomla! Extension DJ Classifieds 2.0 - Blind SQL Injection Joomla! Component 'dj-classifieds' 2.0 - Blind SQL Injection Joomla! Component S5 Clan Roster com_s5clanroster - 'index.php id Parameter' SQL Injection Joomla! Component 'com_s5clanroster' - 'id' Parameter SQL Injection Joomla! Component Sectionex 2.5.96 - SQL Injection Joomla! Component 'com_sectionex' 2.5.96 - SQL Injection Joomla! Component redSHOP 1.2 - SQL Injection Joomla! Component 'com_redshop' 1.2 - SQL Injection Joomla! Component Media Manager - Arbitrary File Upload (Metasploit) Joomla! Component 'com_media' - Arbitrary File Upload (Metasploit) Apple iOS Mobile Safari - Memory Exhaustion Remote Denial of Service check_dhcp - Nagios Plugins 2.0.1 - Arbitrary Option File Read Nagios Plugins check_dhcp 2.0.1 - Arbitrary Option File Read check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Nagios Plugins check_dhcp 2.0.2 - Arbitrary Option File Read Race Condition Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation Joomla! Component IDoEditor - 'image.php' Arbitrary File Upload Joomla! Component jFancy - 'script.php' Arbitrary File Upload Joomla! Component 'IDoEditor' - 'image.php' Arbitrary File Upload Joomla! Component 'mod_jfancy' - 'script.php' Arbitrary File Upload Joomla! Component hwdVideoShare - 'flash_upload.php' Arbitrary File Upload Joomla! Component 'com_hwdvideoshare' - 'flash_upload.php' Arbitrary File Upload Joomla! Component Maian Media - 'uploadhandler.php' Arbitrary File Upload Joomla! Component JCal Pro Calendar - SQL Injection Joomla! Component 'com_maianmedia' - 'uploadhandler.php' Arbitrary File Upload Joomla! Component 'com_jcalpro' - SQL Injection Joomla! Component com_szallasok - 'id' Parameter SQL Injection Joomla! Component 'com_szallasok' - 'id' Parameter SQL Injection Joomla! Module Language Switcher 2.5.x - Multiple Cross-Site Scripting Vulnerabilities My Little Forum 2.3.7 - Multiple Vulnerabilities Joomla! Component com_hello - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_hello' - 'Controller' Parameter Local File Inclusion Joomla! Component Odudeprofile - 'profession' Parameter SQL Injection Joomla! Component 'com_odudeprofile' - 'profession' Parameter SQL Injection Joomla! Component com_photo - Multiple SQL Injections Joomla! Component 'com_photo' - Multiple SQL Injections Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities Joomla! Component 'com_civicrm' - Multiple Arbitrary File Upload Vulnerabilities Joomla! Component Komento - 'cid' Parameter SQL Injection Joomla! Component 'Komento' - 'cid' Parameter SQL Injection Joomla! Component com_quiz - SQL Injection Joomla! Component 'com_quiz' - SQL Injection Joomla! Component com_parcoauto - 'idVeicolo' Parameter SQL Injection Joomla! Component 'com_parcoauto' - 'idVeicolo' Parameter SQL Injection Joomla! Component ZT Autolinks - 'Controller' Parameter Local File Inclusion Joomla! Component Bit - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_ztautolink' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_bit' - 'Controller' Parameter Local File Inclusion Joomla! Component Incapsula - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_incapsula' - Multiple Cross-Site Scripting Vulnerabilities Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit) Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit) Joomla! Component RokDownloads - Arbitrary File Upload Joomla! Component 'com_rokdownloads' - Arbitrary File Upload Apple Intel HD 3000 Graphics driver 10.0.0 - Privilege Escalation Apple Intel HD 3000 Graphics Driver 10.0.0 - Privilege Escalation MyLittleForum 2.3.5 - PHP Command Injection My Little Forum 2.3.5 - PHP Command Injection Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free OS X/iOS Kernel - IOSurface Use-After-Free OS X/iOS - mach_ports_register Multiple Memory Safety Issues Apple OS X - Kernel IOBluetoothFamily.kext Use-After-Free Apple OS X/iOS - Kernel IOSurface Use-After-Free Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues MacOS 10.12 - 'task_t' Privilege Escalation Apple MacOS 10.12 - 'task_t' Privilege Escalation Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow School Registration and Fee System - Authentication Bypass Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow Freefloat FTP Server 1.0 - 'HOST' Command Buffer Overflow KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (SEH) Freefloat FTP Server 1.0 - 'RENAME' Command Buffer Overflow MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation	2016-11-02 05:01:19 +00:00
Offensive Security	18f707fb94	DB: 2016-11-01 24 new exploits Serendipity 0.7-beta1 - SQL Injection (PoC) S9Y Serendipity 0.7-beta1 - SQL Injection (PoC) Serendipity 0.8beta4 - exit.php SQL Injection S9Y Serendipity 0.8beta4 - exit.php SQL Injection CBSms Mambo Module 1.0 - Remote File Inclusion Pearl For Mambo 1.6 - Multiple Remote File Inclusion Mambo Module CBSms 1.0 - Remote File Inclusion Mambo Component Pearl 1.6 - Multiple Remote File Inclusion galleria Mambo Module 1.0b - Remote File Inclusion Mambo Module galleria 1.0b - Remote File Inclusion SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion Mambo Component SimpleBoard 1.1.0 - Remote File Inclusion Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion com_videodb Mambo Component 0.3en - Remote File Inclusion SMF Forum Mambo Component 1.3.1.3 - Include com_extcalendar Mambo Component 2.0 - Include com_loudmouth Mambo Component 4.0j - Include pc_cookbook Mambo Component 0.3 - Include perForms Mambo Component 1.0 - Remote File Inclusion com_hashcash Mambo Component 1.2.1 - Include HTMLArea3 Mambo Module 1.5 - Remote File Inclusion Sitemap Mambo Component 2.0.0 - Remote File Inclusion pollxt Mambo Component 1.22.07 - Remote File Inclusion MiniBB Mambo Component 1.5a - Remote File Inclusion Mambo Component com_videodb 0.3en - Remote File Inclusion Mambo Component SMF Forum 1.3.1.3 - Remote File Inclusion Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion Mambo Component com_loudmouth 4.0j - Remote File Inclusion Mambo Component pc_cookbook 0.3 - Remote File Inclusion Mambo Component perForms 1.0 - Remote File Inclusion Mambo Component com_hashcash 1.2.1 - Remote File Inclusion Mambo Module HTMLArea3 1.5 - Remote File Inclusion Mambo Component Sitemap 2.0.0 - Remote File Inclusion Mambo Component pollxt 1.22.07 - Remote File Inclusion Mambo Component MiniBB 1.5a - Remote File Inclusion MoSpray Mambo Component 18RC1 - Remote File Inclusion Mambo Component MoSpray 18RC1 - Remote File Inclusion Mam-Moodle Mambo Component alpha - Remote File Inclusion Mambo Component Mam-Moodle alpha - Remote File Inclusion multibanners Mambo Component 1.0.1 - Remote File Inclusion Mambo Component multibanners 1.0.1 - Remote File Inclusion PrinceClan Chess Mambo Com 0.8 - Remote File Inclusion Mambo Component PrinceClan Chess 0.8 - Remote File Inclusion a6mambohelpdesk Mambo Component 18RC1 - Include Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion Mambo Security Images Component 3.0.5 - Inclusion Mambo MGM Component 0.95r2 - Remote File Inclusion Mambo Colophon Component 1.2 - Remote File Inclusion Mambo mambatStaff Component 3.1b - Remote File Inclusion Mambo Component Security Images 3.0.5 - Inclusion Mambo Component MGM 0.95r2 - Remote File Inclusion Mambo Component 'com_colophon' 1.2 - Remote File Inclusion Mambo Component mambatStaff 3.1b - Remote File Inclusion Mambo User Home Pages Component 0.5 - Remote File Inclusion Mambo Component User Home Pages 0.5 - Remote File Inclusion Mambo Remository Component 3.25 - Remote File Inclusion Mambo Component Remository 3.25 - Remote File Inclusion Mambo mmp Component 1.2 - Remote File Inclusion Mambo Component MMP 1.2 - Remote File Inclusion Mambo Peoplebook Component 1.0 - Remote File Inclusion Mambo Component Peoplebook 1.0 - Remote File Inclusion Mambo CopperminePhotoGalery Component - Remote File Inclusion Mambo Component CopperminePhotoGalery - Remote File Inclusion Mambo mambelfish Component 1.1 - Remote File Inclusion Mambo Component mambelfish 1.1 - Remote File Inclusion Mambo phpShop Component 1.2 RC2b - File Inclusion Mambo a6mambocredits Component 1.0.0 - File Inclusion Mambo Component 'com_phpshop' 1.2 RC2b - File Inclusion Mambo Component 'com_a6mambocredits' 1.0.0 - File Inclusion Mambo MamboWiki Component 0.9.6 - Remote File Inclusion Mambo Component MamboWiki 0.9.6 - Remote File Inclusion Mambo cropimage Component 1.0 - Remote File Inclusion Mambo Component cropimage 1.0 - Remote File Inclusion Mambo com_lurm_constructor Component 0.6b - Include Mambo Component com_lurm_constructor 0.6b - Remote File Inclusion mambo com_babackup Component 1.1 - File Inclusion Mambo Component com_babackup 1.1 - File Inclusion Mambo com_serverstat Component 0.4.4 - File Inclusion Mambo Component com_serverstat 0.4.4 - File Inclusion Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Include Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion Mambo com_registration_detailed 4.1 - Remote File Inclusion Mambo Component com_registration_detailed 4.1 - Remote File Inclusion MambWeather Mambo Module 1.8.1 - Remote File Inclusion Mambo Module MambWeather 1.8.1 - Remote File Inclusion com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure Mambo Component com_flyspray <= 1.0.1 - Remote File Disclosure Serendipity 1.0.3 - 'comment.php' Local File Inclusion S9Y Serendipity 1.0.3 - 'comment.php' Local File Inclusion Hewlett-Packard FTP Print Server 2.4.5 - Buffer Overflow (PoC) Hewlett-Packard (HP) FTP Print Server 2.4.5 - Buffer Overflow (PoC) mambo Component nfnaddressbook 0.4 - Remote File Inclusion Mambo Component nfnaddressbook 0.4 - Remote File Inclusion Joomla! / Mambo Component SWmenuFree 4.0 - Remote File Inclusion Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion Irfanview 3.99 - '.ani' Local Buffer Overflow (1) IrfanView 3.99 - '.ani' Local Buffer Overflow (1) Irfanview 3.99 - '.ani' Local Buffer Overflow (2) IrfanView 3.99 - '.ani' Local Buffer Overflow (2) Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion Joomla! / Mambo Component article 1.1 - Remote File Inclusion Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion Irfanview 4.00 - '.iff' Buffer Overflow IrfanView 4.00 - '.iff' Buffer Overflow Mambo com_yanc 1.4 Beta - 'id' SQL Injection Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' SQL Injection Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection Irfanview 4.10 - '.fpx' Memory Corruption IrfanView 4.10 - '.fpx' Memory Corruption Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection Mambo 'com_fq' - 'listid' Parameter SQL Injection Mambo 'com_mamml' - 'listid' Parameter SQL Injection Mambo Component Glossary 2.0 - 'catid' SQL Injection Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection Mambo Component 'com_fq' - 'listid' Parameter SQL Injection Mambo Component 'com_mamml' - 'listid' Parameter SQL Injection Mambo Component 'com_glossary' 2.0 - 'catid' SQL Injection Mambo Component AkoGallery 2.5b - SQL Injection Mambo Component Catalogshop 1.0b1 - SQL Injection Mambo Component 'com_akogallery' 2.5b - SQL Injection Mambo Component 'com_catalogshop' 1.0b1 - SQL Injection Mambo Component Awesom 0.3.2 - (listid) SQL Injection Mambo Component 'com_awesom' 0.3.2 - (listid) SQL Injection Mambo Component Portfolio 1.0 - 'categoryId' SQL Injection Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection Mambo Component accombo 1.x - 'id' SQL Injection Mambo Component 'com_accombo' 1.x - 'id' SQL Injection Mambo Component ahsShop 1.51 - (vara) SQL Injection Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection Mambo Component Galleries 1.0 - (aid) SQL Injection Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection Mambo 4.6.4 - (Output.php) Remote File Inclusion Mambo 4.6.4 - 'Output.php' Remote File Inclusion Mambo Component Articles - (artid) Blind SQL Injection Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection Mambo Component n-gallery - Multiple SQL Injections Mambo Component 'com_n-gallery' - Multiple SQL Injections Irfanview 3.99 - IFF File Local Stack Buffer Overflow IrfanView 3.99 - '.IFF' File Local Stack Buffer Overflow Mambo Component n-form - (form_id) Blind SQL Injection Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection Mambo com_sim 0.8 - Blind SQL Injection Mambo Component 'com_sim' 0.8 - Blind SQL Injection Mambo Component com_hestar - SQL Injection Mambo Component 'com_hestar' - SQL Injection Mambo com_koesubmit 1.0.0 - Remote File Inclusion Mambo Component com_koesubmit 1.0.0 - Remote File Inclusion Joomla! / Mambo Component Tupinambis - SQL Injection Joomla! / Mambo Component 'com_tupinambis' - SQL Injection Joomla! / Mambo Component com_ezine 2.1 - Remote File Inclusion Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion Mambo Component Material Suche 1.0 - SQL Injection Mambo Component 'com_materialsuche' 1.0 - SQL Injection Mambo com_akogallery - SQL Injection Mambo Component 'com_akogallery' - SQL Injection Mambo Component com_acnews - [id] SQL Injection Mambo Component 'com_acnews' - 'id' Parameter SQL Injection Mambo Component com_mambads - SQL Injection Mambo Component 'com_mambads' - SQL Injection Rumba ftp Client 4.2 - PASV Buffer Overflow (SEH) Rumba FTP Client 4.2 - PASV Buffer Overflow (SEH) Serendipity 1.5.4 - Arbitrary File Upload S9Y Serendipity 1.5.4 - Arbitrary File Upload Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service IrfanView 4.27 - 'JP2000.dll' plugin Denial of Service Irfanview 4.28 - Multiple Denial of Service Vulnerabilities IrfanView 4.28 - Multiple Denial of Service Vulnerabilities Irfanview 4.28 - ICO With Transparent Colour Denial of Service & RDenial of Service Irfanview 4.28 - ICO Without Transparent Colour Denial of Service & RDenial of Service IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit) Mambo CMS 4.6.x - (4.6.5) SQL Injection Mambo 4.6.x < 4.6.5 - SQL Injection Mambo CMS 4.x - (Zorder) SQL Injection Mambo 4.x - 'Zorder' SQL Injection Irfanview - '.tiff' Image Processing Buffer Overflow IrfanView - '.tiff' Image Processing Buffer Overflow Irfanview FlashPix PlugIn - Double-Free IrfanView FlashPix PlugIn - Double-Free Irfanview FlashPix PlugIn - Decompression Heap Overflow IrfanView FlashPix PlugIn - Decompression Heap Overflow Serendipity 1.6 - Backend Cross-Site Scripting / SQL Injection S9Y Serendipity 1.6 - (Backend) Cross-Site Scripting / SQL Injection Irfanview 4.33 - Format PlugIn ECW Decompression Heap Overflow IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow Irfanview 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow IrfanView 4.33 - Format PlugIn .TTF File Parsing Stack Based Overflow Irfanview 4.33 - '.DJVU' Image Processing Heap Overflow IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow Irfanview JLS Formats PlugIn - Heap Overflow IrfanView JLS Formats PlugIn - Heap Overflow Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit) IrfanView JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit) Irfan Skiljan IrfanView32 3.0.7 - Image File Buffer Overflow IrfanView32 3.0.7 - Image File Buffer Overflow Joomla! Component Event Booking 2.10.1 - SQL Injection Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla! Component 'com_videogallerylite' 1.0.9 - SQL Injection Irfanview - '.RLE' Image Decompression Buffer Overflow Irfanview - '.TIF' Image Decompression Buffer Overflow IrfanView - '.RLE' Image Decompression Buffer Overflow IrfanView - '.TIF' Image Decompression Buffer Overflow Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution IrfanView 4.33 - 'IMXCF.dll' Plugin Code Execution Serendipity 0.x - exit.php HTTP Response Splitting S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting PCMan FTP Server 2.07 - PASS Command Buffer Overflow PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow PCMan FTP Server 2.07 - STOR Command Buffer Overflow PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH) freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow Joomla! Component VirtueMart 2.0.22a - SQL Injection Joomla! Component 'com_virtuemart' 2.0.22a - SQL Injection phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusion Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit) PCMan FTP Server 2.07 - 'STOR' Command Stack Overflow (Metasploit) Irfanview 3.98 - '.ANI' Image File Denial of Service IrfanView 3.98 - '.ANI' Image File Denial of Service Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion Mambo Component Reporter 1.0 - 'Reporter.sql.php' Remote File Inclusion Mambo LMTG Myhomepage 1.2 Component - Multiple Remote File Inclusion Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion Mambo Display MOSBot Manager Component - MosConfig_absolute_path Remote File Inclusion Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion Mambo EstateAgent 1.0.2 Component - MosConfig_absolute_path Remote File Inclusion Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion Joomla! / Mambo Component Com_comprofiler 1.0 - class.php Remote File Inclusion Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion Hewlett-Packard 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery Hewlett-Packard (HP) 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery Mambo MostlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion Mambo Module MOStlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion Irfanview 3.99 - Multiple BMP Denial of Service Vulnerabilities IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities Joomla! / Mambo Component Mod_Forum - PHPBB_Root.php Remote File Inclusion Joomla! / Mambo Component Mod_Forum - 'PHPBB_Root.php' Remote File Inclusion Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting Mambo Module MOStlyCE 2.4 - 'connector.php' Cross-Site Scripting Mambo MOStlyCE Module 2.4 Image Manager Utility - Arbitrary File Upload Mambo Module MOStlyCE 2.4 Image Manager Utility - Arbitrary File Upload Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting S9Y Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting Joomla! Extension Komento 1.7.2 - Persistent Cross-Site Scripting Joomla! Extension JV Comment 3.0.2 - (index.php id Parameter) SQL Injection Joomla! Component 'com_komento' 1.7.2 - Persistent Cross-Site Scripting Joomla! Component 'com_jvcomment' 3.0.2 - 'id' Parameter SQL Injection Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection Joomla! / Mambo Component com_filebase - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection PCMan FTP Server 2.07 - ABOR Command Buffer Overflow PCMan FTP Server 2.07 - CWD Command Buffer Overflow PCMan FTP Server 2.07 - 'ABOR' Command Buffer Overflow PCMan FTP Server 2.07 - 'CWD' Command Buffer Overflow Joomla! Component JomSocial 2.6 - Code Execution Joomla! Component 'com_community' 2.6 - Code Execution Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities S9Y Serendipity 1.7.5 - (Backend) Multiple Vulnerabilities Joomla! / Mambo Component Joomlaearn Lms - 'cat' Parameter SQL Injection Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection Joomla! Component YouTube Gallery - SQL Injection Joomla! Component 'com_youtubegallery' - SQL Injection Joomla! Component Spider Form Maker 3.4 - SQL Injection Joomla! Component 'com_formmaker' 3.4 - SQL Injection Joomla! Component Spider Calendar 3.2.6 - SQL Injection Joomla! Component 'com_spidercalendar' 3.2.6 - SQL Injection Joomla! Component Spider Contacts 1.3.6 - (index.php contacts_id Parameter)SQL Injection Joomla! Component 'com_spidercontacts' 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component Face Gallery 1.0 - Multiple Vulnerabilities Joomla! Component Mac Gallery 1.5 - Arbitrary File Download Joomla! Component 'com_facegallery' 1.0 - Multiple Vulnerabilities Joomla! Component 'com_macgallery' 1.5 - Arbitrary File Download Joomla! Component HD FLV Player < 2.1.0.1 - SQL Injection Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - SQL Injection Joomla! Component HD FLV Player < 2.1.0.1 - Arbitrary File Download Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - Arbitrary File Download Mambo - 'com_docman' 1.3.0 Component Multiple SQL Injection Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting Mambo CMS 4.6.x - Multiple Cross-Site Scripting Vulnerabilities Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities Hewlett-Packard UCMDB - JMX-Console Authentication Bypass Hewlett-Packard (HP) UCMDB - JMX-Console Authentication Bypass PCMan FTP Server 2.0.7 - Buffer Overflow MKD Command PCMan FTP Server 2.0.7 - 'MKD' Command Buffer Overflow Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery Mambo 4.6.5 - 'index.php' Cross-Site Request Forgery Serendipity 1.5.1 - 'research_display.php' SQL Injection S9Y Serendipity 1.5.1 - 'research_display.php' SQL Injection Mambo CMS N-Skyrslur - Cross-Site Scripting Mambo Component 'com_n-skyrslur' - Cross-Site Scripting Mambo CMS N-Gallery Component - SQL Injection Mambo CMS AHS Shop Component - SQL Injection Mambo Component 'com_n-gallery' - SQL Injection Mambo Component 'com_ahsshop' - SQL Injection Mambo CMS N-Press Component - SQL Injection Mambo Component 'com_n-press' - SQL Injection Mambo CMS N-Frettir Component - SQL Injection Mambo CMS N-Myndir Component - SQL Injection Mambo Component 'com_n-frettir' - SQL Injection Mambo Component 'com_n-myndir' - SQL Injection Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting S9Y Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting Joomla! Component Simple Photo Gallery 1.0 - Arbitrary File Upload Joomla! Component 'com_simplephotogallery' 1.0 - Arbitrary File Upload Joomla! Component Simple Photo Gallery 1.0 - SQL Injection Joomla! Component 'com_simplephotogallery' 1.0 - SQL Injection Joomla! Plugin eCommerce-WD 1.2.5 - SQL Injection Joomla! Component 'com_ecommercewd' 1.2.5 - SQL Injection Joomla! Component Spider FAQ - SQL Injection Joomla! Component 'com_spiderfaq' - SQL Injection Joomla! Component Gallery WD - SQL Injection Joomla! Component Contact Form Maker 1.0.1 - SQL Injection Joomla! Component 'com_gallery_wd' - SQL Injection Joomla! Component 'com_contactformmaker' 1.0.1 - SQL Injection Joomla! Component Spider Random Article - SQL Injection Joomla! Component 'com_rand' - SQL Injection Joomla! Component SimpleImageUpload - Arbitrary File Upload Joomla! Component 'com_simpleimageupload' - Arbitrary File Upload Joomla! Component DOCman - Multiple Vulnerabilities Joomla! Component 'com_docman' - Multiple Vulnerabilities Joomla! Plugin Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities Joomla! Component 'com_helpdeskpro' < 1.4.0 - Multiple Vulnerabilities PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow PCMan FTP Server 2.0.7 - 'PUT' Command Buffer Overflow Joomla! Component Event Manager 2.1.4 - Multiple Vulnerabilities Joomla! Component 'com_jem' 2.1.4 - Multiple Vulnerabilities Joomla! Component com_memorix - SQL Injection Joomla! Component com_informations - SQL Injection Joomla! Component 'com_memorix' - SQL Injection Joomla! Component 'com_informations' - SQL Injection PCMan FTP Server 2.0.7 - GET Command Buffer Overflow PCMan FTP Server 2.0.7 - 'GET' Command Buffer Overflow PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow Joomla! Component Real Estate Manager 3.7 - SQL Injection Joomla! Component 'com_realestatemanager' 3.7 - SQL Injection Joomla! Extension Realtyna RPL 8.9.2 - Multiple SQL Injections Joomla! Extension Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Joomla! Component 'com_rpl' 8.9.2 - Multiple SQL Injections Joomla! Component 'com_rpl' 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Joomla! Component JNews (com_jnews) 8.5.1 - SQL Injection Joomla! Component 'com_jnews' 8.5.1 - SQL Injection Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting S9Y Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting Joomla! Component JVideoClip - 'uid' Parameter SQL Injection Joomla! Component 'com_jvideoclip' - 'uid' Parameter SQL Injection Joomla! Component Content History - SQL Injection / Remote Code Execution (Metasploit) Joomla! Component 'com_contenthistory' - SQL Injection / Remote Code Execution (Metasploit) Joomla! Component Maian15 - 'name' Parameter Arbitrary File Upload Joomla! Component 'com_maian15' - 'name' Parameter Arbitrary File Upload Joomla! Component Aclsfgpl - 'index.php' Arbitrary File Upload Joomla! Component 'com_aclsfgpl' - 'index.php' Arbitrary File Upload Joomla! Component Wire Immogest - 'index.php' SQL Injection Joomla! Component 'com_wire_immogest' - 'index.php' SQL Injection Joomla! Component Almond Classifieds - Arbitrary File Upload Joomla! Component 'com_aclassfb' - Arbitrary File Upload Joomla! Extension Sexy Polling - 'answer_id' Parameter SQL Injection Joomla! Component 'com_sexypolling' - 'answer_id' Parameter SQL Injection Joomla! 1.5 < 3.4.5 - Object Injection x-forwarded-for Header Remote Code Execution Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution Joomla! Plugin Projoom NovaSFH - 'upload.php' Arbitrary File Upload Joomla! Component 'com_novasfh' - 'upload.php' Arbitrary File Upload Joomla! Component Inneradmission - 'index.php' SQL Injection Joomla! Component 'com_inneradmission' - 'index.php' SQL Injection Joomla! Extension Spider Video Player - 'theme' Parameter SQL Injection Joomla! Component 'spidervideoplayer' - 'theme' Parameter SQL Injection Joomla! Extension JSN Poweradmin 2.3.0 - Multiple Vulnerabilities Joomla! Component 'com_poweradmin' 2.3.0 - Multiple Vulnerabilities Joomla! Component Easy YouTube Gallery 1.0.2 - SQL Injection Joomla! Component 'com_easy_youtube_gallery' 1.0.2 - SQL Injection PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow (Metasploit) Joomla! Extension SecurityCheck 2.8.9 - Multiple Vulnerabilities Joomla! Component 'SecurityCheck' 2.8.9 - Multiple Vulnerabilities Joomla! Extension PayPlans (com_payplans) 3.3.6 - SQL Injection Joomla! Component 'com_payplans' 3.3.6 - SQL Injection Joomla! Component En Masse (com_enmasse) 5.1 < 6.4 - SQL Injection Joomla! Component 'com_enmasse' 5.1 < 6.4 - SQL Injection Joomla! Component BT Media (com_bt_media) - SQL Injection Joomla! Component 'com_bt_media' - SQL Injection Joomla! Component Publisher Pro (com_publisher) - SQL Injection Joomla! Component 'com_publisher' - SQL Injection Joomla! Component Guru Pro (com_guru) - SQL Injection PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit) Joomla! Component 'com_guru' - SQL Injection PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit) Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097) Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) Microsoft Windows - GDI+ DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097) Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097) Microsoft Windows - GDI+ EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) Microsoft Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) freeFTPd 1.0.8 - 'mkd' Command Denial Of Service Micro Focus Rumba 9.4 - Local Denial Of Service Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow S9Y Serendipity 2.0.4 - Cross-Site Scripting Rumba FTP Client 4.x - Stack buffer overflow (SEH) Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free OS X/iOS Kernel - IOSurface Use-After-Free OS X/iOS - mach_ports_register Multiple Memory Safety Issues NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths Privilege Escalation NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d NVIDIA Driver - No Bounds Checking in Escape 0x7000194 NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x600000D NVIDIA Driver - NvStreamKms Stack Buffer Overflow in PsSetCreateProcessNotifyRoutineEx Callback Privilege Escalation NVIDIA Driver - Escape 0x100010b Missing Bounds Check NVIDIA Driver - No Bounds Checking in Escape 0x7000170 NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027 NVIDIA Driver - Incorrect Bounds Check in Escape 0x70001b2 NVIDIA Driver - Missing Bounds Check in Escape 0x100009a NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5 NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014 NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9 MacOS 10.12 - 'task_t' Privilege Escalation PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow	2016-11-01 05:01:18 +00:00
Offensive Security	3130ef8f9b	DB: 2016-10-31	2016-10-31 05:01:20 +00:00
Offensive Security	a0b01841af	DB: 2016-10-30	2016-10-30 05:01:19 +00:00
Offensive Security	3b565e4e9d	DB: 2016-10-29 7 new exploits SetCMS 3.6.5 - (setcms.org) Remote Command Execution SetCMS 3.6.5 - Remote Command Execution PHP-Nuke < 8.0 - 'sid' SQL Injection PHP-Nuke 8.0 Final - 'sid' SQL Injection PHP-Nuke < 8.0 - 'sid' Parameter SQL Injection PHP-Nuke 8.0 Final - 'sid' Parameter SQL Injection Foojan Wms 1.0 - (index.php story) SQL Injection Foojan Wms 1.0 - 'story' Parameter SQL Injection Web Wiz Forums 9.07 - (sub) Directory Traversal Web Wiz Forums 9.07 - 'sub' Parameter Directory Traversal Web Wiz NewsPad 1.02 - (sub) Directory Traversal Siteman 1.1.9 - (cat) Remote File Disclosure Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution SLAED CMS 2.5 Lite - (newlang) Local File Inclusion Liquid-Silver CMS 0.1 - (update) Local File Inclusion Web Wiz NewsPad 1.02 - 'sub' Parameter Directory Traversal Siteman 1.1.9 - 'cat' Parameter Remote File Disclosure Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution SLAED CMS 2.5 Lite - 'newlang' Parameter Local File Inclusion Liquid-Silver CMS 0.1 - 'update' Parameter Local File Inclusion Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod (PoC) Seagull 0.6.3 - 'files' Parameter Remote File Disclosure ImageShack Toolbar 4.5.7 - 'FileUploader' Class InsecureMethod (PoC) flinx 1.3 - (category.php id) SQL Injection flinx 1.3 - 'id' Parameter SQL Injection Persits XUpload 3.0 - AddFile() Remote Buffer Overflow Persits XUpload 3.0 - 'AddFile()' Remote Buffer Overflow simple forum 3.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Simple Forum 3.2 - File Disclosure / Cross-Site Scripting WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection Oracle 10g R1 - pitrig_drop PLSQL Injection (get users hash) Oracle 10g R1 - PITRIG_TRUNCATE PLSQL Injection (get users hash) WordPress Plugin WP-Cal 0.3 - 'editevent.php' SQL Injection WordPress Plugin fGallery 2.4.1 - 'fimrss.php' SQL Injection Oracle 10g R1 - 'pitrig_drop' PLSQL Injection (get users hash) Oracle 10g R1 - 'PITRIG_TRUNCATE' PLSQL Injection (get users hash) phpMyClub 0.0.1 - (page_courante) Local File Inclusion bubbling library 1.32 - dispatcher.php Remote File Disclosure Bigware Shop 2.0 - pollid SQL Injection Smart Publisher 1.0.1 - (disp.php) Remote Code Execution SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit phpMyClub 0.0.1 - 'page_courante' Parameter Local File Inclusion bubbling library 1.32 - 'uri' Parameter Remote File Disclosure Bigware Shop 2.0 - 'pollid' Parameter SQL Injection Smart Publisher 1.0.1 - 'filedata' Parameter Remote Code Execution SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit phpCMS 1.2.2 - (parser.php) Remote File Disclosure Mambo Component NewsLetter - (listid) SQL Injection Mambo Component Fq - (listid) SQL Injection Mambo Component MaMML - (listid) SQL Injection phpCMS 1.2.2 - 'file' Parameter Remote File Disclosure Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection Mambo 'com_fq' - 'listid' Parameter SQL Injection Mambo 'com_mamml' - 'listid' Parameter SQL Injection phpCMS 1.1.7 - counter.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - parser.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.parser_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - PHPCMS include/class.session_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.edit_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.http_indexer_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.cache_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.search_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.lib_indexer_universal_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.layout_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - 'counter.php' Remote File Inclusion phpCMS 1.1.7 - 'parser.php' Remote File Inclusion phpCMS 1.1.7 - 'class.parser_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.session_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.edit_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.http_indexer_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.cache_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.search_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.lib_indexer_universal_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.layout_PHPcms.php' Remote File Inclusion phpCMS 2008 - 'ask/search_ajax.php' SQL Injection phpCMS 2008 - 'search_ajax.php' SQL Injection InfraPower PPS-02-S Q213V1 - Local File Disclosure InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference InfraPower PPS-02-S Q213V1 - Authentication Bypass InfraPower PPS-02-S Q213V1 - Multiple XSS InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution	2016-10-29 05:01:21 +00:00
Offensive Security	d97b4f7c48	DB: 2016-10-28	2016-10-28 11:54:09 +00:00
Offensive Security	da85686a94	DB: 2016-10-28 6 new exploits Real Server < 8.0.2 - Remote Exploit (Windows Platforms) RealServer < 8.0.2 - Remote Exploit (Windows Platforms) OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh) OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident CdRecord 2.0 - Mandrake Privilege Escalation CDRTools CDRecord 2.0 - Mandrake Privilege Escalation LeapFTP 2.7.x - Remote Buffer Overflow LeapWare LeapFTP 2.7.x - Remote Buffer Overflow GNU Cfengine 2.-2.0.3 - Remote Stack Overflow GNU CFEngine 2.-2.0.3 - Remote Stack Overflow IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP) IPSwitch IMail LDAP Daemon - Remote Buffer Overflow Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow IPSwitch IMail LDAP Daemon/Service - Buffer Overflow RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow Traceroute - Privilege Escalation LBL Traceroute - Privilege Escalation Perl (Redhat 6.2) - Restore and Dump Local Exploit Redhat 6.2 Restore and Dump - Local Exploit (Perl) HP-UX 11.00/10.20 - crontab Overwrite Files Exploit Solaris/SPARC 2.7 / 7 - locale Format String HP-UX 11.00/10.20 crontab - Overwrite Files Exploit Solaris/SPARC 2.7 / 7 locale - Format String Solaris - locale Format Strings (noexec stack) Exploit Solaris locale - Format Strings (noexec stack) Exploit glibc - locale bug mount Exploit GLIBC locale - bug mount Exploit Red Hat 6.2 xsoldier-0.96 - Exploit Red Hat 6.2 xsoldier 0.96 - Exploit OpenBSD 2.6 / 2.7 ftpd - Remote Exploit OpenBSD ftpd 2.6 / 2.7 - Remote Exploit GLIBC - Locale Format Strings Exploit GLIBC locale - Format Strings Exploit IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit SquirrelMail - chpasswd Buffer Overflow SquirrelMail - 'chpasswd' Buffer Overflow rlpr 2.04 - msg() Remote Format String Rlpr 2.04 - msg() Remote Format String Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit IRIX - Multiple Buffer Overflows (LsD) SGI IRIX - Multiple Buffer Overflows (LsD) IRIX - /bin/login Local Buffer Overflow SGI IRIX - /bin/login Local Buffer Overflow Solaris 2.4 - passwd & yppasswd & nispasswd Overflows Solaris 2.4 passwd / yppasswd / nispasswd - Overflows BlackJumboDog - Remote Buffer Overflow BlackJumboDog FTP Server - Remote Buffer Overflow Ollydbg 1.10 - Format String OllyDbg 1.10 - Format String SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit) SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit) CDRecord - '$RSH' exec() SUID Shell Creation CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow HP-UX 11.0/11.11 swxxx - Privilege Escalation HP-UX 11.0/11.11 - swxxx Privilege Escalation Zinf 2.2.1 - Local Buffer Overflow Zinf Audio Player 2.2.1 - Local Buffer Overflow ShixxNote 6.net - Remote Buffer Overflow ShixxNOTE 6.net - Remote Buffer Overflow MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow MailCarrier 2.51 - Remote Buffer Overflow SLMail 5.5 - POP3 PASS Buffer Overflow TABS MailCarrier 2.51 - Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow eZshopper - 'loadpage.cgi' Directory Traversal Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2) Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002) Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support) Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow Knet 1.04c - Buffer Overflow Denial of Service KNet Web Server 1.04c - Buffer Overflow Denial of Service Einstein 1.01 - Local Password Disclosure (asm) Einstein 1.01 - Local Password Disclosure (ASM) RealPlayer 10 - '.smil' Local Buffer Overflow RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2) phpBB 2.0.12 - Session Handling Authentication Bypass UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection xmlrpc.php Library 1.3.0 - Remote Command Execution (2) xmlrpc.php Library 1.3.0 - Remote Command Execution (3) XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2) XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3) wMailServer 1.0 - Remote Denial of Service SoftiaCom wMailServer 1.0 - Remote Denial of Service ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) BusinessMail 4.60.00 - Remote Buffer Overflow BusinessMail Server 4.60.00 - Remote Buffer Overflow WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit) Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit) Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid) Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid) Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow CA iGateway - (debug mode) Remote Buffer Overflow CA iTechnology iGateway - (debug mode) Remote Buffer Overflow Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC) Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit) KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit) Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp) KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp) Zorum Forum 3.5 - (rollid) SQL Injection Zorum Forum 3.5 - 'rollid' SQL Injection SaphpLesson 2.0 - (forumid) SQL Injection saPHP Lesson 2.0 - (forumid) SQL Injection zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service Zix Forum 1.12 - (layid) SQL Injection Zix Forum 1.12 - 'layid' SQL Injection QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion Indexu 5.0.1 - (admin_template_path) Remote File Inclusion SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion Solaris 10 - sysinfo() Local Kernel Memory Disclosure Solaris 10 sysinfo() - Local Kernel Memory Disclosure SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion WFTPD 3.23 - (SIZE) Remote Buffer Overflow Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC) Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC) Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl) Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl) PHPMyWebmin 1.0 - (window.php) Remote File Inclusion phpMyWebmin 1.0 - (window.php) Remote File Inclusion VideoDB 2.2.1 - (pdf.php) Remote File Inclusion VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion Microsoft Office 2003 - PPT Local Buffer Overflow (PoC) Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC) Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - Constructor Privilege Escalation Solaris 10 (libnspr) - Constructor Privilege Escalation Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service 3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC) 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC) 3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC) BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC) AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit Irokez CMS 0.7.1 - Multiple Remote File Inclusion Irokez Blog 0.7.1 - Multiple Remote File Inclusion PHP-update 2.7 - Multiple Vulnerabilities PHP-Update 2.7 - Multiple Vulnerabilities Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) TFTPDWIN 0.4.2 - Remote Buffer Overflow ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow 3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit) FdScript 1.3.2 - 'download.php' Remote File Disclosure FD Script 1.3.2 - 'download.php' Remote File Disclosure Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit) Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit) SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass ZebraFeeds 1.0 - (zf_path) Remote File Inclusion ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow MailEnable Professional 2.35 - Remote Buffer Overflow MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit) Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2) Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2) 3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl) madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow 3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl) Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow TFTPDWIN Server 0.4.2 - (UDP) Denial of Service ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service NetVios Portal - 'page.asp' SQL Injection NetVIOS Portal - 'page.asp' SQL Injection Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow Microsoft Windows GDI - Privilege Escalation (MS07-017) (1) Microsoft Windows - GDI Privilege Escalation (MS07-017) (1) qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Microsoft Windows GDI - Privilege Escalation (MS07-017) (2) Microsoft Windows - GDI Privilege Escalation (MS07-017) (2) Zomplog 3.8 - (force_download.php) Remote File Disclosure Zomplog 3.8 - 'force_download.php' Remote File Disclosure Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC) Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003) Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1) UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2) Microsoft Windows GDI+ - ICO File Remote Denial of Service Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service Safari 3 for Windows Beta - Remote Command Execution (PoC) Apple Safari 3 for Windows Beta - Remote Command Execution (PoC) YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection Oracle 9i/10g Evil Views - Change Passwords Exploit Oracle 9i/10g - Evil Views Change Passwords Exploit Savant 3.1 - GET Request Remote Overflow (Universal) Savant Web Server 3.1 - GET Request Remote Overflow (Universal) Easy Chat Server 2.2 - Remote Denial of Service EFS Easy Chat Server 2.2 - Remote Denial of Service Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite Thomson SIP phone ST 2030 - Remote Denial of Service Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service MSN messenger 7.x (8.0?) - Video Remote Heap Overflow Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow MDPro 1.0.76 - SQL Injection MD-Pro 1.0.76 - SQL Injection ZZ FlashChat 3.1 - (help.php) Local File Inclusion ZZ FlashChat 3.1 - 'help.php' Local File Inclusion PHP-AGTC membership system 1.1a - Remote Add Admin PHP-AGTC Membership System 1.1a - Remote Add Admin Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion badblue 2.72b - Multiple Vulnerabilities BadBlue 2.72b - Multiple Vulnerabilities SquirrelMail G/PGP Plugin - deletekey() Command Injection SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection hp software update client 3.0.8.4 - Multiple Vulnerabilities HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC) QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC) Gradman 0.1.3 - (agregar_info.php) Local File Inclusion Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities Mini File Host 1.2 - (upload.php language) Local File Inclusion Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service Mini File Host 1.2 - 'language' Parameter Local File Inclusion Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service Gradman 0.1.3 - (info.php tabla) Local File Inclusion Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Gradman 0.1.3 - 'info.php' Local File Inclusion Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion Frimousse 0.0.2 - explorerdir.php Local Directory Traversal 360 Web Manager 3.0 - (IDFM) SQL Injection bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal 360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection bloofox 0.3 - SQL Injection / File Disclosure Mooseguy Blog System 1.0 - (blog.php month) SQL Injection Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection IDM-OS 1.0 - (download.php Filename) File Disclosure IDM-OS 1.0 - 'Filename' Parameter File Disclosure MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit aflog 1.01 - Cross-Site Scripting / SQL Injection Easysitenetwork Recipe - 'categoryId' SQL Injection Coppermine Photo Gallery 1.4.14 - SQL Injection Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection Coppermine Photo Gallery 1.4.10 - SQL Injection web wiz rich text editor 4.0 - Multiple Vulnerabilities Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure Joomla! Component Marketplace 1.1.1 - SQL Injection Joomla! Component com_Marketplace 1.1.1 - SQL Injection ASPapp - 'links.asp CatId' SQL Injection ASPapp Knowledge Base - 'links.asp CatId' SQL Injection ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit Quick TFTP Pro 2.1 - Remote SEH Overflow Quick TFTP Server Pro 2.1 - Remote SEH Overflow Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016) Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016) HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC) Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC) Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow hp openview nnm 7.53 - Multiple Vulnerabilities HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities PHPKB 1.5 Knowledge Base - 'ID' SQL Injection PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021) Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021) HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ZeusCart 2.0 - (category_list.php) SQL Injection ZeusCart 2.0 - 'category_list.php' SQL Injection Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin Zomplog 3.8.2 - (force_download.php) File Disclosure Zomplog 3.8.2 - 'force_download.php' File Disclosure PHP AGTC-Membership System 1.1a - Arbitrary Add Admin PHP-AGTC Membership System 1.1a - Arbitrary Add Admin PHP Booking Calendar 10 d - SQL Injection phpBookingCalendar 10 d - SQL Injection SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC) Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC) Yuhhu 2008 SuperStar - (board) SQL Injection Yuhhu 2008 SuperStar - 'board' SQL Injection gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow trixbox - (langChoice) Local File Inclusion (connect-back) (2) Trixbox - (langChoice) Local File Inclusion (connect-back) (2) Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities z-breaknews 2.0 - (single.php) SQL Injection z-breaknews 2.0 - 'single.php' SQL Injection Ultra Office - ActiveX Control Remote Buffer Overflow Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC) Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC) phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Zanfi CMS lite / Jaw Portal free - (page) SQL Injection phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021) Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021) opennms < 1.5.96 - Multiple Vulnerabilities OpenNMS < 1.5.96 - Multiple Vulnerabilities yerba sacphp 6.3 - Multiple Vulnerabilities Yerba SACphp 6.3 - Multiple Vulnerabilities Microsoft Windows GDI+ - PoC (MS08-052) (2) Microsoft Windows - GDI+ PoC (MS08-052) (2) zeeproperty - (adid) SQL Injection zeeproperty - 'adid' SQL Injection TUGzip 3.00 archiver - '.zip' Local Buffer Overflow TugZip 3.00 Archiver - '.zip' Local Buffer Overflow AJ ARTICLE - 'featured_article.php mode' SQL Injection AJ Article - 'featured_article.php mode' SQL Injection Article Publisher PRO 1.5 - Insecure Cookie Handling Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling YourFreeWorld Classifieds - (category) SQL Injection YourFreeWorld Classifieds - 'category' SQL Injection PG Roomate Finder Solution - (Authentication Bypass) SQL Injection Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC) Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC) asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC) Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC) ProFTPd with mod_mysql - Authentication Bypass ProFTPd - 'mod_mysql' Authentication Bypass ppim 1.0 - Multiple Vulnerabilities pPIM 1.0 - Multiple Vulnerabilities Orbit 2.8.4 - Long Hostname Remote Buffer Overflow Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH) Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH) Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC) Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC) bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities Racer 0.5.3b5 - Remote Stack Buffer Overflow Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution Online Guestbook Pro - (display) Blind SQL Injection Esoftpro Online Guestbook Pro - (display) Blind SQL Injection tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ZaoCMS - (user_id) SQL Injection ZaoCMS - 'user_id' SQL Injection Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC) Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC) ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection WebBoard 2.90 Beta - Remote File Disclosure 212Cafe WebBoard 2.90 Beta - Remote File Disclosure ZeusCart 2.3 - (maincatid) SQL Injection ZeusCart 2.3 - 'maincatid' SQL Injection DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC) Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC) OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC) Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC) DD-WRT - (httpd service) Remote Command Execution DD-WRT HTTPd Daemon/Service - Remote Command Execution GLinks 2.1 - (cat) Blind SQL Injection Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH) Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH) Payment Processor Script - 'shop.htm cid' SQL Injection Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) BandCMS 0.10 - news.php Multiple SQL Injection Rock Band CMS 0.10 - news.php Multiple SQL Injection Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Eureka Mail Client 2.2q - PoC Buffer Overflow Eureka Email Client 2.2q - PoC Buffer Overflow Solaris 8.0 - LPD Command Execution (Metasploit) Solaris 8.0 LPD - Command Execution (Metasploit) Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit) Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit) Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit) Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit) ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit) NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit) Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit) PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit) BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow Dopewars 1.5.12 Server - Denial of Service Dopewars Server 1.5.12 - Denial of Service Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit) Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit) HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit) Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit) Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution HP Power Manager Administration - Universal Buffer Overflow Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service HP Openview NNM 7.53 - Invalid DB Error Code HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery Eureka Mail Client - Remote Buffer Overflow Eureka Email Client - Remote Buffer Overflow IDEAL Administration 2009 9.7 - Local Buffer Overflow PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow phpshop 0.8.1 - Multiple Vulnerabilities phpShop 0.8.1 - Multiple Vulnerabilities IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow DigitalHive - Multiple Vulnerabilities Digital Hive - Multiple Vulnerabilities zabbix server - Multiple Vulnerabilities Zabbix Server - Multiple Vulnerabilities freekot - (Authentication Bypass) SQL Injection Digiappz Freekot - (Authentication Bypass) SQL Injection TFTP Daemon 1.9 - Denial of Service Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service B2B Trading Marketplace - SQL Injection SoftBiz B2B trading Marketplace Script - SQL Injection Mini-stream - Windows XP SP2 and SP3 Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service iTunes 9.0.1 - '.pls' Handling Buffer Overflow Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC) Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service bild flirt system 2.0 - 'index.php' 'id' SQL Injection Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) iOS Safari - Bad 'VML' Remote Denial of Service iOS Safari - Remote Denial of Service Apple iOS Safari - Bad 'VML' Remote Denial of Service Apple iOS Safari - Remote Denial of Service HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow Adobe Reader - Escape From PDF Adobe Reader - Escape From '.PDF' TugZip 3.5 - '.ZIP' File Buffer Overflow TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow Joomla! Component jp_jobs - SQL Injection Joomla! Component com_jp_jobs - SQL Injection Joomla! Component QPersonel - SQL Injection Joomla! Component com_QPersonel - SQL Injection Bild Flirt 1.0 - SQL Injection Bild Flirt System 1.0 - SQL Injection Safari 4.0.5 - (531.22.7) Denial of Service Apple Safari 4.0.5 - (531.22.7) Denial of Service Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service Safari 4.0.3 / 4.0.4 - Stack Exhaustion Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion 724CMS Enterprise 4.59 - SQL Injection PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections 724CMS 4.59 Enterprise - SQL Injection PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections Joomla! Component JE Job - Local File Inclusion Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass) Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass) Joomla! Component com_jejob 1.0 - 'catid' SQL Injection Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service Office^2 iPhone - XLS Denial of Service GoodiWare GoodReader iPhone - XLS Denial of Service Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service Office^2 iPhone - '.XLS' Denial of Service GoodiWare GoodReader iPhone - '.XLS' Denial of Service Yamamah (news) - SQL Injection / Source Code Disclosure Yamamah - 'news' SQL Injection / Source Code Disclosure Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities YPNinc JokeScript - (ypncat_id) SQL Injection YPNinc JokeScript - 'ypncat_id' SQL Injection YPNinc PHP Realty Script - (docID) SQL Injection YPNinc PHP Realty Script - 'docID' SQL Injection HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) Safari Browser 4.0.2 - Clickjacking Apple Safari 4.0.2 - Clickjacking Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7' Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7) Apple iOS - pdf Jailbreak Exploit Apple iOS - '.pdf' Jailbreak Exploit HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit) AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit) DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow FatPlayer 0.6b - '.wav' Buffer Overflow (SEH) Fat Player 0.6b - '.wav' Buffer Overflow (SEH) CubeCart 2.0.1 - SQL Injection Brooky CubeCart 2.0.1 - SQL Injection DATAC RealWin SCADA 1.06 - Buffer Overflow DATAC RealWin SCADA Server 1.06 - Buffer Overflow pilot cart 7.3 - Multiple Vulnerabilities ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities Mp3-Nator 2.0 - Buffer Overflow (SEH) MP3-Nator 2.0 - Buffer Overflow (SEH) Safari 5.02 - Stack Overflow Denial of Service Apple Safari 5.02 - Stack Overflow Denial of Service Microsoft Windows Task Scheduler - Privilege Escalation Microsoft Windows - Task Scheduler Privilege Escalation Pandora Fms 3.1 - Authentication Bypass Pandora FMS 3.1 - Authentication Bypass bugtracker.net 3.4.4 - Multiple Vulnerabilities BugTracker.NET 3.4.4 - Multiple Vulnerabilities Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow WMITools ActiveX - Remote Command Execution Microsoft WMITools ActiveX - Remote Command Execution VideoSpirit Pro 1.68 - Local Buffer Overflow VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit) Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit) PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit) PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit) Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit) Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit) Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit) Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit) Solaris sadmind - Command Execution (Metasploit) Solaris Sadmind - Command Execution (Metasploit) Sun Solaris - Telnet Remote Authentication Bypass (Metasploit) Sun Solaris Telnet - Remote Authentication Bypass (Metasploit) Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit) Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit) Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit) Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit) TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit) 3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit) Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit) ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit) Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit) Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit) Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit) CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit) Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2) Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2) FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit) Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit) Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit) Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit) Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit) Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit) MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit) Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit) Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit) Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit) MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit) Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) IMail IMAP4D - Delete Overflow (Metasploit) IPSwitch IMail IMAP4D - Delete Overflow (Metasploit) Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit) Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit) Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit) Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit) AOL Instant Messenger - goaway Overflow (Metasploit) AOL Instant Messenger AIM - goaway Overflow (Metasploit) Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit) Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit) Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit) RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit) RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit) Adobe Shockwave - rcsL Memory Corruption (Metasploit) Adobe Shockwave Player - rcsL Memory Corruption (Metasploit) Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit) Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit) WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) ACDSee - XPM File Section Buffer Overflow (Metasploit) ACDSee - '.XPM' File Section Buffer Overflow (Metasploit) HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit) HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit) Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit) Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit) QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit) Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit) Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit) Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) Serv-U FTPD - MDTM Overflow (Metasploit) RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit) 3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit) 3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit) FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) SentinelLM - UDP Buffer Overflow (Metasploit) Sentinel LM - UDP Buffer Overflow (Metasploit) Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit) Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit) Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit) Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit) Sambar 6 - Search Results Buffer Overflow (Metasploit) Sambar Server 6 - Search Results Buffer Overflow (Metasploit) IA WebMail 3.x - Buffer Overflow (Metasploit) IA WebMail Server 3.x - Buffer Overflow (Metasploit) Savant 3.1 Web Server - Overflow Exploit (Metasploit) Savant Web Server 3.1 - Overflow Exploit (Metasploit) HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit) Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit) Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit) IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit) PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit) PSOProxy 0.91 - Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit) Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit) Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit) NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit) NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit) MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit) Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit) YPOPS 0.6 - Buffer Overflow (Metasploit) YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit) Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit) Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit) IMail LDAP Service - Buffer Overflow (Metasploit) IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit) GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit) Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit) Poptop - Negative Read Overflow (Metasploit) UoW IMAP server - LSUB Buffer Overflow (Metasploit) PoPToP - Negative Read Overflow (Metasploit) UoW IMAPd Server - LSUB Buffer Overflow (Metasploit) DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit) DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit) Samba (Linux/x86) - trans2open Overflow (Metasploit) iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) AppleFileServer - LoginExt PathName Overflow (Metasploit) Samba (Linux x86) - trans2open Overflow (Metasploit) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit) Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit) Safari - Archive Metadata Command Execution (Metasploit) Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit) Apple Safari - Archive Metadata Command Execution (Metasploit) iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Mail.app - Image Attachment Command Execution (Metasploit) Apple Mail.app - Image Attachment Command Execution (Metasploit) Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit) Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit) Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit) Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit) Samba trans2open (BSD/x86) - Overflow Exploit (Metasploit) Samba (BSD x86) - trans2open Overflow Exploit (Metasploit) PHP XML-RPC - Arbitrary Code Execution (Metasploit) XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit) AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit) HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit) AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit) HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit) TWiki Search Function - Arbitrary Command Execution (Metasploit) TWiki - Search Function Arbitrary Command Execution (Metasploit) Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit) The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit) Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit) Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit) Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit) Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit) 7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities 7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit) HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit) VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit) eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit) Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit) manageengine support center plus 7.8 build 7801 - Directory Traversal ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal Safari 5.0.6/5.1 - SVG DOM Processing (PoC) Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC) Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass) Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass) TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit) TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit) Sports PHool 1.0 - Remote File Inclusion SportsPHool 1.0 - Remote File Inclusion Mini-stream 3.0.1.1 - Buffer Overflow (3) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3) Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Zabbix 1.8.4 - (popup.php) SQL Injection Zabbix 1.8.4 - 'popup.php' SQL Injection CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit) CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit) Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit) RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit) Family Connections - less.php Remote Command Execution (Metasploit) Family Connections CMS - 'less.php' Remote Command Execution (Metasploit) FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting openemr 4 - Multiple Vulnerabilities Safari - GdiDrawStream BSoD OpenEMR 4 - Multiple Vulnerabilities Apple Safari - GdiDrawStream BSoD clip bucket 2.6 - Multiple Vulnerabilities Clipbucket 2.6 - Multiple Vulnerabilities Tube Ace(Adult PHP Tube Script) - SQL Injection Tube Ace (Adult PHP Tube Script) - SQL Injection Dolibarr CMS 3.2.0 < Alpha - File Inclusion Dolibarr 3.2.0 < Alpha - File Inclusion PBLang - Local File Inclusion PBLang Bulletin Board System - Local File Inclusion NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit) Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit) Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit) Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit) TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit) Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit) TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit) TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit) samsung net-i ware 1.37 - Multiple Vulnerabilities Samsung NET-i ware 1.37 - Multiple Vulnerabilities iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC) Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC) GIMP - script-fu Server Buffer Overflow (Metasploit) GIMP script-fu - Server Buffer Overflow (Metasploit) SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit) SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit) Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit) Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit) Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit) Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit) Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption UoW imapd 10.234/12.264 - Buffer Overflow UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit) UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit) UoW IMAPd Server 10.234/12.264 - Buffer Overflow UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit) UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit) RedHat 6.2 - Piranha Virtual Server Package Default Account and Password RedHat 6.2 Piranha Virtual Server Package - Default Account and Password Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit) Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit) hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection RedHat 6 - glibc/locale Subsystem Format String Solaris 2.6/7.0 - /locale Subsystem Format String RedHat 6 GLIBC/locale - Subsystem Format String Solaris 2.6/7.0 /locale - Subsystem Format String Solaris 2.6/7.0 - 'eject' locale Subsystem Format String Solaris 2.6/7.0 'eject' locale - Subsystem Format String Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5) Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5) RedHat restore 0.4 b15 - Insecure Environment Variables RedHat 0.4 b15 restore - Insecure Environment Variables Viscosity OpenVPN Client (OSX) - Privilege Escalation Viscosity - Privilege Escalation Solaris 2.x/7.0/8 catman - Race Condition (1) Solaris 2.x/7.0/8 catman - Race Condition (2) Solaris 2.x/7.0/8 Catman - Race Condition (1) Solaris 2.x/7.0/8 Catman - Race Condition (2) sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities T-dah Webmail - Multiple Persistent Cross-Site Scripting T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Ntpd - Remote Buffer Overflow NTPd - Remote Buffer Overflow Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow Solaris 2.x/7.0/8 lpd - Remote Command Execution HP-UX 11.0 SWVerify - Buffer Overflow Solaris 2.x/7.0/8 LPD - Remote Command Execution HP-UX 11.0 - SWVerify Buffer Overflow phusion WebServer 1.0 - Directory Traversal (1) phusion WebServer 1.0 - Directory Traversal (2) Phusion WebServer 1.0 - Directory Traversal (1) Phusion WebServer 1.0 - Directory Traversal (2) Progress 9.1 - sqlcpp Local Buffer Overflow Progress Database 9.1 - sqlcpp Local Buffer Overflow PsyBNC 2.3 - Oversized Passwords Denial of Service psyBNC 2.3 - Oversized Passwords Denial of Service Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1) Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2) WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1) WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2) Midicart - PHP Arbitrary File Upload Midicart PHP - Arbitrary File Upload otrs 3.1 - Persistent Cross-Site Scripting OTRS 3.1 - Persistent Cross-Site Scripting EType EServ 2.9x POP3 - Remote Denial of Service EType EServ 2.9x - POP3 Remote Denial of Service Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution Invision Power Board 3.3.4 - Unserialize Regex Bypass Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit) Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit) NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit) Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit) Kerio MailServer 5.6.3 - add_acl Module Overflow Kerio MailServer 5.6.3 add_acl Module - Overflow phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting IBM System Director - Remote System Level Exploit IBM System Director Agent - Remote System Level Exploit Tectia SSH - USERAUTH Change Request Password Reset (Metasploit) (SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit) Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit) Oracle MySQL (Windows) - MOF Execution (Metasploit) CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1) CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2) GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1) GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2) IWConfig - Local ARGV Command Line Buffer Overflow (1) IWConfig - Local ARGV Command Line Buffer Overflow (2) IWConfig - Local ARGV Command Line Buffer Overflow (3) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3) Novell File Reporter Agent - XML Parsing Remote Code Execution Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1) RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2) RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1) RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4) Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Nagios - history.cgi Remote Command Execution Nagios3 - history.cgi Remote Command Execution phpshop 2.0 - SQL Injection phpShop 2.0 - SQL Injection Freesshd - Authentication Bypass (Metasploit) FreeSSHD - Authentication Bypass (Metasploit) RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access SLMail 5.5 - POP3 PASS Remote Buffer Overflow SLMail 5.5 - Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service Microsoft Windows Light HTTPD 0.1 - Buffer Overflow Light HTTPD 0.1 (Windows) - Buffer Overflow MSN Messenger 6.2.0137 - '.png' Buffer Overflow Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow Smail-3 - Multiple Remote and Local Vulnerabilities Smail 3 - Multiple Remote and Local Vulnerabilities Cisco Linksys E4200 Firmware - Multiple Vulnerabilities Cisco Linksys E4200 - Multiple Vulnerabilities Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting SlimServe httpd 1.0/1.1 - Directory Traversal WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal Quick TFTP Server 2.2 - Denial of Service Quick TFTP Server Pro 2.2 - Denial of Service aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection XMB 1.9.3 - u2u.php Cross-Site Scripting XMB Forum 1.9.3 - u2u.php Cross-Site Scripting PHPAlbum 0.2.3/4.1 - Local File Inclusion PHP Photo Album 0.2.3/4.1 - Local File Inclusion Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret) BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret) NetBSD mail.local - Privilege Escalation (Metasploit) NetBSD mail.local(8) - Privilege Escalation (Metasploit) PCMAN FTP 2.07 - PASS Command Buffer Overflow PCMan FTP Server 2.07 - PASS Command Buffer Overflow PCMAN FTP 2.07 - STOR Command Buffer Overflow PCMan FTP Server 2.07 - STOR Command Buffer Overflow EImagePro - - subList.asp CatID Parameter SQL Injection EImagePro - subList.asp CatID Parameter SQL Injection OZJournals 1.2 - Vname Parameter Cross-Site Scripting OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection OZJournals 1.5 - Multiple Input Validation Vulnerabilities Baby FTP server 1.24 - Denial of Service PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit) PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit) Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit) Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit) Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow Festalon 0.5 - '.HES' Remote Heap Buffer Overflow EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow A-CART 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002) Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002) Fish - Multiple Remote Buffer Overflow Vulnerabilities FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service Uebimiau 2.7.x - 'index.php' Cross-Site Scripting Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting Seagate BlackArmor - Root Exploit Seagate BlackArmor NAS - Root Exploit Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering PCMAN FTP 2.07 - ABOR Command Buffer Overflow PCMAN FTP 2.07 - CWD Command Buffer Overflow PCMan FTP Server 2.07 - ABOR Command Buffer Overflow PCMan FTP Server 2.07 - CWD Command Buffer Overflow HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access amfphp 1.2 - browser/details class Parameter Cross-Site Scripting amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting PCMAN FTP 2.07 - Buffer Overflow PCMan FTP Server 2.07 - Buffer Overflow Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities Novell Groupwise Messenger 2.0 - Client Buffer Overflow Novell Groupwise Messenger 2.0 Client - Buffer Overflow Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting OpenNms 1.5.x - HTTP Response Splitting OpenNMS 1.5.x - HTTP Response Splitting Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass Pilot Group PG Roommate - SQL Injection Pilot Group PG Roommate Finder Solution - SQL Injection OpenSSL TLS Heartbeat Extension - Memory Disclosure OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions) OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions) Heartbleed OpenSSL - Information Leak Exploit (1) OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1) IBM Director 5.20 - CIM Server Privilege Escalation IBM System Director Agent 5.20 - CIM Server Privilege Escalation Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support) Kolibri 2.0 - GET Request Stack Buffer Overflow Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow Easy Chat Server 3.1 - Stack Buffer Overflow EFS Easy Chat Server 3.1 - Stack Buffer Overflow Sphider 1.3.6 - Multiple Vulnerabilities Sphider Search Engine 1.3.6 - Multiple Vulnerabilities Kolibri WebServer 2.0 - GET Request SEH Exploit Kolibri Web Server 2.0 - GET Request SEH Exploit MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit) Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit) VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit) VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit) Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit) Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit) Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection Impact Software AdPeeps - Cross-Site Scripting / HTML Injection PPScript - 'shop.htm' SQL Injection Payment Processor Script (PPScript) - 'shop.htm' SQL Injection ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060) Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060) Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit) Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit) Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit) Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit) Exim ESMTP 4.80 glibc gethostbyname - Denial of Service Exim ESMTP 4.80 - glibc gethostbyname Denial of Service Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting Publish-It - PUI Buffer Overflow (SEH) Publish-It - '.PUI' Buffer Overflow (SEH) WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin) WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin) Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities abrt (Fedora 21) - Race Condition Abrt (Fedora 21) - Race Condition Webgate WESP SDK 1.2 - ChangePassword Stack Overflow WebGate WESP SDK 1.2 - ChangePassword Stack Overflow Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Oracle - Outside-In DOCX File Parsing Memory Corruption Oracle - Outside-In '.DOCX' File Parsing Memory Corruption iTunes 10.6.1.7 - '.pls' Title Buffer Overflow Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070) Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070) Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit) Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit) MiniUPnP - Multiple Denial of Service Vulnerabilities MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities Kaseya Virtual System Administrator - Multiple Vulnerabilities (2) Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2) Safari - User-Assisted Applescript Exec Attack (Metasploit) Apple Safari - User-Assisted Applescript Exec Attack (Metasploit) Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read pdfium CPDF_Function::Call - Stack Based Buffer Overflow pdfium - CPDF_Function::Call Stack Based Buffer Overflow Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit) Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass MiCasa VeraLite - Remote Code Execution MiCasaVerde VeraLite - Remote Code Execution SmallFTPd 1.0.3 - 'mkd' Command Denial of Service SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service GNU GTypist 2.9.5-2 - Local Buffer Overflow uSQLite 1.0.0 - Denial Of Service HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation CherryTree 0.36.9 - Memory Corruption (PoC)	2016-10-28 05:01:21 +00:00
Offensive Security	1e70058c1e	DB: 2016-10-27 3 new exploits ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection ProFTPd 1.2.9RC1 - 'mod_sql' SQL Injection OpenBSD - (ibcs2_exec) Kernel Local Exploit OpenBSD - 'ibcs2_exec' Kernel Local Exploit Microsoft FrontPage Server Extensions - fp30reg.dll Exploit (MS03-051) Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051) IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit OpenBSD 2.x < 3.3 - exec_ibcs2_coff_prep_zmagic() Kernel Exploit IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit OpenBSD 2.x < 3.3 - 'exec_ibcs2_coff_prep_zmagic()' kernel stack overflow Foxmail 5.0 - PunyLib.dll Remote Stack Overflow Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow (MS04-011) Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011) Microsoft Windows 2000/XP - Lsasrv.dll Remote Universal Exploit (MS04-011) Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1) Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (1) Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2) Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (2) Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038) Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote Exploit (MS05-038) Microsoft Internet Explorer 6 - (mshtml.dll datasrc) Denial of Service Microsoft Internet Explorer 6 - 'mshtml.dll datasrc' Denial of Service Microsoft Internet Explorer 6 - (mshtml.dll div) Denial of Service Microsoft Internet Explorer 6 - 'mshtml.dll div' Denial of Service Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution Admbook 1.2.2 - 'x-forwarded-for' Remote Command Execution Microsoft Internet Explorer 6 - (script action handlers) (mshtml.dll) Denial of Service Microsoft Internet Explorer 6 - (script action handlers) 'mshtml.dll' Denial of Service Microsoft Internet Explorer 6 - (mshtml.dll checkbox) Crash Microsoft Internet Explorer 6 - 'mshtml.dll checkbox' Crash Total Commander 6.x - (unacev2.dll) Buffer Overflow (PoC) Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC) Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service (PoC) Mozilla Firefox 1.5.0.2 - 'js320.dll/xpcom_core.dll' Denial of Service (PoC) Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion Aardvark Topsites PHP 4.2.2 - 'lostpw.php' Remote File Inclusion ACal 2.2.6 - (day.php) Remote File Inclusion ACal 2.2.6 - 'day.php' Remote File Inclusion Ad Manager Pro 2.6 - (ipath) Remote File Inclusion Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion A-Blog 2.0 - (menu.php) Remote File Inclusion A-Blog 2.0 - 'menu.php' Remote File Inclusion 2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit 2BGal 3.0 - 'admin/configuration.inc.php' Local Inclusion Exploit a-ConMan 3.2b - (common.inc.php) Remote File Inclusion a-ConMan 3.2b - 'common.inc.php' Remote File Inclusion RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service Macromedia Shockwave 10 (SwDir.dll) Internet Explorer 7 - Denial of Service Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double-Free Microsoft Windows - NtRaiseHardError 'Csrss.exe/winsrv.dll' Double-Free BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service BrowseDialog Class 'ccrpbds6.dll' Internet Explorer 7 - Denial of Service DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE Denial of Service DivX Player 6.4.1 - DivXBrowserPlugin 'npdivx32.dll' IE Denial of Service ACGVclick 0.2.0 - (path) Remote File Inclusion ACGVclick 0.2.0 - 'path' Remote File Inclusion ACGVannu 1.3 - (index2.php) Remote User Pass Change ACGVannu 1.3 - 'index2.php' Remote User Pass Change CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service DivX Web Player 1.3.0 - 'npdivx32.dll' Remote Denial of Service Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow Denial of Service Macromedia 10.1.4.20 - 'SwDir.dll' Internet Explorer Stack Overflow Denial of Service Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption NetSprint Toolbar - ActiveX toolbar.dll Denial of Service (PoC) NetSprint Toolbar - ActiveX 'toolbar.dll' Denial of Service (PoC) ActSoft DVD-Tools - (dvdtools.ocx 3.8.5.0) Stack Overflow ActSoft DVD-Tools - 'dvdtools.ocx 3.8.5.0' Stack Overflow SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service SmartCode VNC Manager 3.6 - 'scvncctrl.dll' Denial of Service Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) Overwrite (SEH) Barcodewiz ActiveX Control 2.0 - (Barcodewiz.dll) Remote Buffer Overflow (PoC) Barcodewiz ActiveX Control 2.52 - 'Barcodewiz.dll' Overwrite (SEH) Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC) Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service Remote Display Dev kit 1.2.1.0 - 'RControl.dll' Denial of Service Hewlett Packard 1.0.0.309 - hpqvwocx.dll ActiveX Magview Overflow (PoC) Hewlett Packard 1.0.0.309 - 'hpqvwocx.dll' ActiveX Magview Overflow (PoC) Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution Exploit LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow LeadTools Raster ISIS Object 'LTRIS14e.DLL 14.5.0.44' - Remote Buffer Overflow Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Exploit Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow SafeNet High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - 'Ywcvwr.dll' Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - 'Ywcupl.dll' Download / Execute Exploit BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit 6ALBlog - (newsid) SQL Injection 6ALBlog - 'newsid' SQL Injection Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write Avax Vector 'Avaxswf.dll' 1.0.0.1 - ActiveX Arbitrary Data Write HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write Exploit AMX Corp. VNC ActiveX Control - (AmxVnc.dll 1.0.13.0) Buffer Overflow AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Buffer Overflow HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - SaveToFile() Exploit WinPcap 4.0 - NPF.SYS Privilege Elevation (PoC) WinPcap 4.0 - 'NPF.SYS' Privilege Elevation (PoC) Program Checker - (sasatl.dll 1.5.0.531) JavaScript Heap Spraying Exploit Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit Program Checker - (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit Symantec AntiVirus - symtdi.sys Privilege Escalation SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write Exploit Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit Symantec AntiVirus - 'symtdi.sys' Privilege Escalation Data Dynamics ActiveReport ActiveX - (actrpt2.dll 2.5) Insecure Method Data Dynamics ActiveReport ActiveX - 'actrpt2.dll 2.5' Insecure Method Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow Zenturi NixonMyPrograms Class 'sasatl.dll 1.5.0.531' - Remote Buffer Overflow PHP - PHP_gd2.dll imagepsloadfont Local Buffer Overflow (PoC) PHP - 'PHP_gd2.dll' imagepsloadfont Local Buffer Overflow (PoC) VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write Exploit VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution VMware Inc 6.0.0 - 'vielib.dll 2.2.5.42958' Remode Code Execution CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Insecure Method CHILKAT ASP String - 'CkString.dll 1.1' SaveToFile() Insecure Method 2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow 2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow NVR SP2 2.0 (nvUnifiedControl.dll 1.1.45.0) - SetText() Remote Exploit NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Insecure Method NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - DeleteXMLFile() Insecure Method NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - SetText() Remote Exploit NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - SaveXMLFile() Insecure Method NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - DeleteXMLFile() Insecure Method Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) Buffer Overflow Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit Norman Virus Control - 'nvcoaft51.sys' ioctl BF672028 Exploit PPStream - (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow PPStream - 'PowerPlayer.dll 2.0.1.3829' ActiveX Remote Overflow Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX Buffer Overflow Yahoo! Messenger - 'YVerInfo.dll 2007.8.27.1' ActiveX Buffer Overflow GlobalLink 2.7.0.8 - glItemCom.dll SetInfo() Heap Overflow Trend Micro ServerProtect - eng50.dll Remote Stack Overflow GlobalLink 2.7.0.8 - 'glItemCom.dll' SetInfo() Heap Overflow Trend Micro ServerProtect - 'eng50.dll' Remote Stack Overflow GlobalLink 2.7.0.8 - glitemflat.dll SetClientInfo() Heap Overflow GlobalLink 2.7.0.8 - 'glitemflat.dll' SetClientInfo() Heap Overflow BaoFeng2 - mps.dll ActiveX Multiple Remote Buffer Overflow PoCs BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Insecure Method Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow Ultra Crypto Component - 'CryptoX.dll 2.0' SaveToFile() Insecure Method Ultra Crypto Component - 'CryptoX.dll 2.0' Remote Buffer Overflow Microsoft Visual Studio 6.0 - (VBTOVSI.dll 1.0.0.0) File Overwrite Microsoft Visual Studio 6.0 - 'VBTOVSI.dll 1.0.0.0' File Overwrite HP ActiveX - (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow (PoC) HP ActiveX - 'hpqutil.dll' ListFiles Remote Heap Overflow (PoC) EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Buffer Overflow EB Design Pty Ltd - (EBCRYPT.dll 2.0) Multiple Remote Vulnerabilities EB Design Pty Ltd - 'EBCRYPT.dll 2.0' Multiple Remote Vulnerabilities ActiveKB KnowledgeBase 2.x - (catId) SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection actSite 1.991 Beta - (base.php) Remote File Inclusion actSite 1.991 Beta - 'base.php' Remote File Inclusion GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow GOM Player 2.1.6.3499 - 'GomWeb3.dll 1.0.0.12' Remote Overflow Media Player Classic 6.4.9 MP4 - File Stack Overflow Microsoft Windows Media Player 6.4 MP4 - File Stack Overflow (PoC) Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow Media Player Classic 6.4.9 - '.MP4' File Stack Overflow Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow (PoC) Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote Buffer Overflow (PoC) Online Media Technologies 'AVSMJPEGFILE.DLL 1.1' - Remote Buffer Overflow (PoC) AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit AuraCMS 2.2 - Remote Add Administrator IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow Macrovision Installshield - isusweb.dll Overwrite (SEH) IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Buffer Overflow Macrovision Installshield - 'isusweb.dll' Overwrite (SEH) IBM Domino Web Access Upload Module - 'dwa7w.dll' Buffer Overflow 0DayDB 2.3 - 'delete id' Remote Authentication Bypass photokron 1.7 - (update script) Remote Database Disclosure 0DayDB 2.3 - 'id' Parameter Remote Authentication Bypass photokron 1.7 - Remote Database Disclosure NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow Binn SBuilder - (nid) Blind SQL Injection NUVICO DVR NVDV4 / PdvrAtl Module 'PdvrAtl.DLL 1.0.1.25' - Buffer Overflow Binn SBuilder - 'nid' Parameter Blind SQL Injection Xforum 1.4 - (topic) SQL Injection Xforum 1.4 - 'topic' Parameter SQL Injection RichStrong CMS - 'showproduct.asp cat' SQL Injection RichStrong CMS - 'cat' Parameter SQL Injection LulieBlog 1.0.1 - (delete id) Remote Authentication Bypass Macrovision FlexNet - isusweb.dll DownloadAndExecute Method Exploit FaScript FaMp3 1.0 - (show.php) SQL Injection FaScript FaName 1.0 - (page.php) SQL Injection FaScript FaPersian Petition - 'show.php' SQL Injection FaScript FaPersianHack 1.0 - (show.php) SQL Injection RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) Buffer Overflow Blog:CMS 4.2.1b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Aria 0.99-6 - 'effect.php' Local File Inclusion MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure LulieBlog 1.0.1 - Remote Authentication Bypass Macrovision FlexNet - 'isusweb.dll' DownloadAndExecute Method Exploit FaScript FaMp3 1.0 - SQL Injection FaScript FaName 1.0 - SQL Injection FaScript FaPersian Petition - SQL Injection FaScript FaPersianHack 1.0 - SQL Injection RTS Sentry Digital Surveillance - 'CamPanel.dll 2.1.0.2' Buffer Overflow Blog:CMS 4.2.1b - SQL Injection / Cross-Site Scripting Aria 0.99-6 - 'page' Parameter Local File Inclusion MailBee WebMail Pro 4.1 - Remote File Disclosure PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection PHP-RESIDENCE 0.7.2 - 'Search' Parameter SQL Injection Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow AuraCMS 1.62 - (stat.php) Remote Code Execution Digital Data Communications - 'RtspVaPgCtrl' Class Remote Buffer Overflow AuraCMS 1.62 - 'stat.php' Remote Code Execution OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service OpenBSD 4.2 - 'rtlabel_id2name()' Local Null Pointer Dereference Dos Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow Toshiba Surveillance - 'MeIpCamX.dll 1.0.0.4' Remote Buffer Overflow LulieBlog 1.02 - (voircom.php id) SQL Injection LulieBlog 1.02 - SQL Injection Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Exploit Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method Exploit MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit MailBee Objects 5.5 - 'MailBee.dll' Remote Insecure Method Exploit SafeNet IPSecDrv.sys 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method Exploit Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit Chilkat FTP ActiveX 2.0 - 'ChilkatCert.dll' Insecure Method Exploit Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' ActiveX Buffer Overflow Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow Yahoo! JukeBox MediaGrid - ActiveX 'mediagrid.dll' AddBitmap() Buffer Overflow AuraCMS 2.2 - (gallery_data.php) SQL Injection AuraCMS 2.2 - 'albums' Pramater SQL Injection DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel Ring0 link list zero (PoC) DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC) DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM Exploit DESlock+ <= 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Buffer Overflow KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow (PoC) KingSoft - 'UpdateOcx2.dll' SetUninstallName() Heap Overflow (PoC) AuraCMS 2.2.1 - (online.php) Blind SQL Injection AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection AuraCMS 2.x - (user.php) Security Code Bypass / Add Administrator Exploit AuraCMS 2.x - 'user.php' Security Code Bypass / Add Administrator Real Player - rmoc3260.dll ActiveX Control Remote Code Execution Real Player - 'rmoc3260.dll' ActiveX Control Remote Code Execution Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service (PoC) Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC) 5th Avenue Shopping Cart - (category_id) SQL Injection 5th Avenue Shopping Cart - 'category_id' SQL Injection HP Software Update - (Hpufunction.dll 4.0.0.1) Insecure Method (PoC) HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method (PoC) Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow Miniweb 2.0 - (historymonth) SQL Injection Miniweb 2.0 - 'historymonth' Parameter SQL Injection Admidio 1.4.8 - (getfile.php) Remote File Disclosure Admidio 1.4.8 - 'getfile.php' Remote File Disclosure muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow muvee autoProducer 6.1 - 'TextOut.dll' ActiveX Remote Buffer Overflow Deterministic Network Enhancer - dne2000.sys kernel Ring0 SYSTEM Exploit Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM Exploit Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow (PoC) Visual Basic Enterprise Edition SP6 - 'vb6skit.dll' Buffer Overflow (PoC) AcmlmBoard 1.A2 - (pow) SQL Injection AcmlmBoard 1.A2 - 'pow' SQL Injection CMailServer 5.4.6 - (CMailCOM.dll) Remote Overwrite (SEH) CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH) AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit AuraCMS 2.2.2 - 'pages_data.php' Arbitrary Edit/Add/Delete Exploit NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow ABG Blocking Script 1.0a - (abg_path) Remote File Inclusion ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion VMware Workstation - (hcmon.sys 6.0.0.45731) Local Denial of Service VMware Workstation - 'hcmon.sys 6.0.0.45731' Local Denial of Service ACG-PTP 1.0.6 - (adid) SQL Injection ACG-PTP 1.0.6 - 'adid' SQL Injection Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow (MS08-053) Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) x10media mp3 search engine 1.5.5 - Remote File Inclusion X10media Mp3 Search Engine 1.5.5 - Remote File Inclusion addalink 4 - (category_id) SQL Injection addalink 4 - 'category_id' SQL Injection 6rbScript 3.3 - (singerid) SQL Injection 6rbScript 3.3 - 'singerid' SQL Injection DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service AdMan 1.1.20070907 - (campaignId) SQL Injection AdMan 1.1.20070907 - 'campaignId' SQL Injection Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection MW6 Datamatrix - ActiveX (Datamatrix.dll) Insecure Method Exploit MW6 PDF417 - ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method Exploit MW6 PDF417 - ActiveX 'MW6PDF417.dll' Remote Insecure Method Exploit Article Publisher PRO 1.5 - (SQL Injection) Authentication Bypass Article Publisher PRO 1.5 - (Authentication Bypass) SQL Injection AJ ARTICLE - (SQL Injection) Remote Authentication Bypass AJ ARTICLE - (Authentication Bypass) SQL Injection Apoll 0.7b - (SQL Injection) Remote Authentication Bypass Apoll 0.7b - (Authentication Bypass) SQL Injection WEBBDOMAIN Petition 1.02/2.0/3.0 - (SQL Injection) Authentication Bypass WEBBDOMAIN Polls 1.01 - (SQL Injection) Authentication Bypass WEBBDOMAIN Petition 1.02/2.0/3.0 - (Authentication Bypass) SQL Injection WEBBDOMAIN Polls 1.01 - (Authentication Bypass) SQL Injection WEBBDOMAIN Webshop 1.02 - (SQL Injection) Authentication Bypass WEBBDOMAIN Webshop 1.02 - (Authentication Bypass) SQL Injection WEBBDOMAIN Post Card 1.02 - (SQL Injection) Authentication Bypass WEBBDOMAIN Post Card 1.02 - (Authentication Bypass) SQL Injection Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Anti-Keylogger Elite 3.3.0 - 'AKEProtect.sys' Privilege Escalation Active Price Comparison 4 - (ProductID) Blind SQL Injection Active Price Comparison 4 - 'ProductID' Blind SQL Injection Active Test 2.1 - (QuizID) Blind SQL Injection Active Test 2.1 - 'QuizID' Blind SQL Injection EasyMail ActiveX - (emmailstore.dll 6.5.0.3) Buffer Overflow EasyMail ActiveX - 'emmailstore.dll 6.5.0.3' Buffer Overflow ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation ESET Smart Security 3.0.672 - 'epfw.sys' Privilege Escalation PowerStrip 3.84 - (pstrip.sys) Privilege Escalation PowerStrip 3.84 - 'pstrip.sys' Privilege Escalation PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service PGP Desktop 9.0.6 - 'PGPwded.sys' Local Denial of Service Miniweb 2.0 - (Authentication Bypass) SQL Injection Miniweb 2.0 - SQL Injection (Authentication Bypass) MW6 Barcode ActiveX - (Barcode.dll) Remote Heap Overflow (PoC) MW6 Barcode ActiveX - 'Barcode.dll' Remote Heap Overflow (PoC) A Better Member-Based ASP Photo Gallery - (entry) SQL Injection A Better Member-Based ASP Photo Gallery - 'entry' SQL Injection mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation mks_vir 9b < 1.2.0.0b297 - 'mksmonen.sys' Privilege Escalation Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method Exploit CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Privilege Escalation AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure AdaptBB 1.0 - 'topic_id' SQL Injection / Credentials Disclosure X10Media Mp3 - Search Engine < 1.6.2 Admin Access X10media Mp3 Search Engine < 1.6.2 Admin Access Microsoft Media Player - (quartz.dll .mid) Denial of Service Microsoft Media Player - 'quartz.dll .mid' Denial of Service Microsoft Media Player - (quartz.dll .wav) Multiple Remote Denial of Service Vulnerabilities Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Privilege Escalation ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Privilege Escalation Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow Roxio CinePlayer 3.2 - 'SonicMediaPlayer.dll' Remote Buffer Overflow Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow (heap spray) Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray) AdaptBB 1.0 - (forumspath) Remote File Inclusion AdaptBB 1.0 - 'forumspath' Remote File Inclusion Online Armor < 3.5.0.12 - (OAmon.sys) Privilege Escalation Online Armor < 3.5.0.12 - 'OAmon.sys' Privilege Escalation McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution DESlock+ 4.0.2 - 'dlpcrypt.sys' Local Kernel Ring0 Code Execution Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow (SEH) Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (SEH) Miniweb 2.0 Module Publisher - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Miniweb 2.0 Module Survey Pro - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow (PoC) GDivX Zenith Player AviFixer Class - 'fix.dll 1.0.0.1' Buffer Overflow (PoC) Accommodation Hotel Booking Portal - (hotel_id) SQL Injection Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - (jar50.dll) Null Pointer Dereference Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - 'jar50.dll' Null Pointer Dereference Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption SAP GUI for Windows - sapirrfc.dll ActiveX Overflow SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow Authentium SafeCentral 2.6 - shdrv.sys Local kernel Ring0 SYSTEM Exploit Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM Exploit Microsoft Internet Explorer - iepeers.dll Use-After-Free Exploit (Metasploit) Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free Exploit (Metasploit) Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) Denial of Service (Crash) SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Multiple Vendor librpc.dll Signedness Error - Remote Code Execution Multiple Vendor 'librpc.dll' Signedness Error - Remote Code Execution Micropoint ProActive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Privilege Escalation iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow iMesh 7.1.0.x - 'IMWeb.dll 7.0.0.x' Remote Heap Overflow avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities avtech software 'avc781viewer.dll' ActiveX - Multiple Vulnerabilities HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC) HP Operations Manager 8.16 - 'srcvw4.dll' LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC) ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow ZipGenius 6.3.1.2552 - 'zgtips.dll' Stack Buffer Overflow Avast! 4.7 - aavmker4.sys Privilege Escalation Avast! 4.7 - 'aavmker4.sys' Privilege Escalation Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow Bigant Messenger 2.52 - 'AntCore.dll' RegisterCom() Remote Heap Overflow Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion Apple Safari 4.0.5 - 'JavaScriptCore.dll' Stack Exhaustion 724CMS Enterprise 4.59 - (section.php) Local File Inclusion 724CMS Enterprise 4.59 - (section.php) SQL Injection 724CMS Enterprise 4.59 - 'section.php' Local File Inclusion 724CMS Enterprise 4.59 - 'section.php' SQL Injection MiniWebsvr 0.0.10 - Directory Traversal/Listing Exploits MiniWebsvr 0.0.10 - Directory Traversal / Listing 4Images 1.7.7 - (image_utils.php) Remote Command Execution 4Images 1.7.7 - 'image_utils.php' Remote Command Execution CommuniCrypt Mail 1.16 - (ANSMTP.dll/AOSMTP.dll) ActiveX CommuniCrypt Mail 1.16 - 'ANSMTP.dll/AOSMTP.dll' ActiveX Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - OpenSession() Buffer Overflow Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes) AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion AdaptCMS 2.0.0 Beta - 'init.php' Remote File Inclusion Microsoft - MSHTML.dll CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak Microsoft - 'MSHTML.dll' CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / Denial of Service Adobe Reader 9.3.2 - 'CoolType.dll' Remote Memory Corruption / Denial of Service Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Privilege Escalation Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption Avast! Internet Security 5.0 - 'aswFW.sys' Kernel Driver IOCTL Memory Pool Corruption QQ Computer Manager - TSKsp.sys Local Denial of Service QQ Computer Manager - 'TSKsp.sys' Local Denial of Service SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service SmartCode ServerX VNC Server ActiveX 1.1.5.0 - 'scvncsrvx.dll' Denial of Service Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Microsoft Vista - (fveapi.dll) BitLocker Drive Encryption API Hijacking Exploit Microsoft Vista - 'fveapi.dll' BitLocker Drive Encryption API Hijacking Exploit Nvidia Driver - 'nview.dll' DLL Hijacking Nvidia Driver - 'nview.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking LeadTools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL) Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Exploit A-Blog 2.0 - (sources/search.php) SQL Injection A-Blog 2.0 - 'sources/search.php' SQL Injection Microsoft DRM Technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities Microsoft DRM Technology 'msnetobj.dll' ActiveX - Multiple Vulnerabilities Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow (PoC) Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Buffer Overflow (PoC) VMware Workstation 7.1.1 - VMkbd.sys Denial of Service VMware Workstation 7.1.1 - 'VMkbd.sys' Denial of Service AuraCMS - 'pfd.php' SQL Injection AuraCMS 1.62 - 'pfd.php' SQL Injection Rising - RSNTGDI.sys Local Denial of Service Rising - 'RSNTGDI.sys' Local Denial of Service CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow CA Internet Security Suite 2010 - 'KmxSbx.sys' Kernel Pool Overflow Crystal Reports Viewer 12.0.0.549 - ActiveX Exploit (PrintControl.dll) Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX Exploit Irfanview 4.27 - JP2000.dll plugin Denial of Service Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service Kingsoft AntiVirus 2011 SP5.2 'KisKrnl.sys' 2011.1.13.89 - Local Kernel Mode Denial of Service Oracle Document Capture - empop3.dll Insecure Methods Oracle Document Capture - 'empop3.dll' Insecure Methods DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM Exploit DESlock+ <= 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit Microsoft IIS - ISAPI w3who.dll Query String Overflow (Metasploit) Microsoft IIS - ISAPI nsiislog.dll ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage fp30reg.dll Chunked Overflow (Metasploit) Microsoft IIS - ISAPI 'w3who.dll' Query String Overflow (Metasploit) Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit) Microsoft Services - nwwks.dll (MS06-066) Microsoft Services - 'nwwks.dll' (MS06-066) Microsoft Services - nwapi32.dll (MS06-066) Microsoft Services - 'nwapi32.dll' (MS06-066) ISS - PAM.dll ICQ Parser Buffer Overflow (Metasploit) ISS - 'PAM.dll' ICQ Parser Buffer Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV ntdll.dll Path Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit) RealPlayer - ierpplug.dll ActiveX Control Playlist Name Buffer Overflow (Metasploit) RealPlayer - 'ierpplug.dll' ActiveX Control Playlist Name Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow (Metasploit) Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit) Yahoo! Messenger - 'YVerInfo.dll' ActiveX Control Buffer Overflow (Metasploit) WinDVD7 - IASystemInfo.dll ActiveX Control Buffer Overflow (Metasploit) WinDVD7 - 'IASystemInfo.dll' ActiveX Control Buffer Overflow (Metasploit) SonicWALL Aventail - epi.dll AuthCredential Format String (Metasploit) SonicWALL Aventail - 'epi.dll' AuthCredential Format String (Metasploit) BaoFeng Storm - mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit) BaoFeng Storm - 'mps.dll' ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit) Ask.com Toolbar - askBar.dll ActiveX Control Buffer Overflow (Metasploit) Ask.com Toolbar - 'askBar.dll' ActiveX Control Buffer Overflow (Metasploit) Tumbleweed FileTransfer - vcst_eu.dll ActiveX Control Buffer Overflow (Metasploit) Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) Juniper SSL-VPN IVE - JuniperSetupDLL.dll ActiveX Control Buffer Overflow (Metasploit) Juniper SSL-VPN IVE - 'JuniperSetupDLL.dll' ActiveX Control Buffer Overflow (Metasploit) RealPlayer - rmoc3260.dll ActiveX Control Heap Corruption (Metasploit) RealPlayer - 'rmoc3260.dll' ActiveX Control Heap Corruption (Metasploit) WebEx UCF - atucfobj.dll ActiveX NewObject Method Buffer Overflow (Metasploit) WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Buffer Overflow (Metasploit) DjVu - DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow (Metasploit) DjVu - 'DjVu_ActiveX_MSOffice.dll' ActiveX ComponentBuffer Overflow (Metasploit) Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit (Metasploit) Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX Exploit (Metasploit) AASync 2.2.1.0 - (Windows x86) Stack Buffer Overflow 'LIST' (Metasploit) AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit) BadBlue 2.5 - ext.dll Buffer Overflow (Metasploit) BadBlue 2.5 - 'ext.dll' Buffer Overflow (Metasploit) Amlibweb NetOpacs - webquery.dll Stack Buffer Overflow (Metasploit) Amlibweb NetOpacs - 'webquery.dll' Stack Buffer Overflow (Metasploit) Microsoft Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview Denial of Service (PoC) Microsoft Windows Explorer 6.0.2900.5512 - 'Shmedia.dll 6.0.2900.5512' AVI Preview Denial of Service (PoC) Microsoft Windows XP - afd.sys Local Kernel Denial of Service Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service Microsoft Visio - VISIODWG.dll DXF File Handling (Metasploit) Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit) Microsoft Windows 7 SP1 - mrxdav.sys WebDav Privilege Escalation (MS16-016) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll GDI+ - 'gdiplus.dll' CreateDashedPath Integer Overflow Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow (PoC) Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC) VideoLAN VLC Media Player 1.1.11 - (libav) libavcodec_plugin.dll Denial of Service VideoLAN VLC Media Player 1.1.11 - (libav) 'libavcodec_plugin.dll' Denial of Service HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow (Metasploit) HP OpenView Network Node Manager - 'ov.dll' _OVBuildPath Buffer Overflow (Metasploit) VideoLAN VLC Media Player 1.2.0 - (libtaglib_pluggin.dll) Denial of Service VideoLAN VLC Media Player 1.2.0 - 'libtaglib_pluggin.dll' Denial of Service Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH) Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH) ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow (Metasploit) ASUS Net4Switch - 'ipswcom.dll' ActiveX Stack Buffer Overflow (Metasploit) Quest Toad for Oracle Explain Plan Display ActiveX Control - (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite (PoC) Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite (PoC) Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC) Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC) RealPlayer .mp4 - file handling memory Corruption RealPlayer - '.mp4' file handling memory Corruption D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution D-Link DCS-5605 Network Surveillance - ActiveX Control 'DcsCliCtrl.dll' lstrcpyW Remote Buffer Overflow Quest InTrust 10.4.x - Annotation Objects ActiveX Control 'AnnotateX.dll' Uninitialized Pointer Remote Code Execution Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow (Metasploit) Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit) HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service MDAC 2.1.2.4202.3 / ms Win NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution (Metasploit) AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Microsoft Internet Explorer 4 / Outlook 2000/5.5 - MSHTML.dll Crash Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation Working Resources BadBlue 1.7 - ext.dll Cross-Site Scripting Working Resources BadBlue 1.7 - 'ext.dll' Cross-Site Scripting QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite (PoC) QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC) Microsoft Windows XP/95/98/2000/NT 4 - Riched20.dll Attribute Buffer Overflow Microsoft Windows XP/95/98/2000/NT 4 - 'Riched20.dll' Attribute Buffer Overflow Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (4) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (4) Working Resources 1.7.x/2.15 BadBlue - ext.dll Command Execution Working Resources 1.7.x/2.15 BadBlue - 'ext.dll' Command Execution Microsoft Shlwapi.dll 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service Microsoft Internet Explorer 5 - Remote URLMON.dll Buffer Overflow Microsoft Internet Explorer 5 - Remote 'URLMON.dll' Buffer Overflow Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - 'auth.dll' pa_modify_accounts() Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - 'ldapagnt.dll' ldapagnt_eval() Perl Code Evaluation Remote Code Execution Microsoft Windows 2000/NT 4 Media Services - nsiislog.dll Remote Buffer Overflow Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin IN_MIDI.dll Track Data Size Buffer Overflow NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow myServer 0.4.x - cgi-lib.dll Remote Buffer Overflow myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow Nvidia Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow (PoC) Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC) Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun Microsoft ListBox/ComboBox Control - 'User32.dll' Function Buffer Overrun Irfanview 4.33 - IMXCF.dll Plugin Code Execution Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow YaSoft Switch Off 2.3 - 'swnet.dll' Remote Buffer Overflow Symantec Client Firewall Products 5 - SYMNDIS.SYS Driver Remote Denial of Service Symantec Client Firewall Products 5 - 'SYMNDIS.SYS' Driver Remote Denial of Service Panda ActiveScan 5.0 - ascontrol.dll Remote Heap Overflow Panda ActiveScan 5.0 - ascontrol.dll Denial of Service Panda ActiveScan 5.0 - 'ascontrol.dll' Remote Heap Overflow Panda ActiveScan 5.0 - 'ascontrol.dll' Denial of Service Foxit Reader 5.4.4.1128 Firefox Plugin - npFoxitReaderPlugin.dll Stack Buffer Overflow Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow Yahoo! Messenger 5.6 - YInsthelper.dll Multiple Buffer Overflow Vulnerabilities Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities Novell Groupwise Client - gwcls1.dll ActiveX Remote Code Execution (Metasploit) Novell Groupwise Client - 'gwcls1.dll' ActiveX Remote Code Execution (Metasploit) F-Secure Policy Manager 5.11 - FSMSH.dll CGI Application Installation Full Path Disclosure F-Secure Policy Manager 5.11 - 'FSMSH.dll' CGI Application Installation Full Path Disclosure Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll Denial of Service Easy DVD Player 3.5.1 - (libav) 'libavcodec_plugin.dll' Denial of Service Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow WPS Office - Wpsio.dll Stack Buffer Overflow WPS Office - 'Wpsio.dll' Stack Buffer Overflow AN HTTPD - CMDIS.dll Remote Buffer Overflow AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server 300 - Crash (PoC) Sigma ISP Manager 6.6 - Sigmaweb.dll SQL Injection Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Based Overflow Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service Oracle WebCenter Content - CheckOutAndOpen.dll ActiveX Remote Code Execution (Metasploit) Oracle WebCenter Content - 'CheckOutAndOpen.dll' ActiveX Remote Code Execution (Metasploit) Microsoft Visual Studio .NET - msdds.dll Remote Code Execution Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution TP-Link PS110U Print Server TL - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration Novell Client 2 SP3 - nicm.sys Privilege Escalation (Metasploit) Novell Client 2 SP3 - 'nicm.sys' Privilege Escalation (Metasploit) StarUML - WinGraphviz.dll ActiveX Buffer Overflow StarUML - 'WinGraphviz.dll' ActiveX Buffer Overflow MiniWeb (Build 300) - Arbitrary File Upload (Metasploit) MiniWeb 300 - Arbitrary File Upload (Metasploit) Yahoo! Messenger 7.0/7.5 - jscript.dll Non-ASCII Character Denial of Service Yahoo! Messenger 7.0/7.5 - 'jscript.dll' Non-ASCII Character Denial of Service Microsoft PowerPoint 2003 - mso.dll PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Agnitum Outpost Firewall 3.5.631 - FiltNT.SYS Local Denial of Service Agnitum Outpost Firewall 3.5.631 - 'FiltNT.SYS' Local Denial of Service Microsoft Internet Explorer 6 - IMSKDIC.dll Denial of Service Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service Microsoft Internet Explorer 6 - MSOE.dll Denial of Service Microsoft Internet Explorer 6 - 'MSOE.dll' Denial of Service Microsoft Internet Explorer 6 - TSUserEX.dll ActiveX Control Memory Corruption Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxfw.sys' Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxstart.sys' Privilege Escalation Avira Internet Security - avipbb.sys Filter Bypass / Privilege Escalation Avira Internet Security - 'avipbb.sys' Filter Bypass / Privilege Escalation Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver 'fortknoxfw.sys' Memory Corruption Kerio Personal Firewall 4.3 - IPHLPAPI.dll Privilege Escalation Kerio Personal Firewall 4.3 - 'IPHLPAPI.dll' Privilege Escalation PrecisionID Barcode - PrecisionID_Barcode.dll ActiveX 1.9 Control Arbitrary File Overwrite PrecisionID Barcode - 'PrecisionID_Barcode.dll' ActiveX 1.9 Control Arbitrary File Overwrite CA Multiple Products Console Server and InoCore.dll - Remote Code Execution Vulnerabilities CA Multiple Products Console Server and 'InoCore.dll' - Remote Code Execution Vulnerabilities SSC DiskAccess NFS Client - DAPCNFSD.dll Stack Buffer Overflow SSC DiskAccess NFS Client - 'DAPCNFSD.dll' Stack Buffer Overflow Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities Comodo Firewall 2.3.6 - 'CMDMon.SYS' Multiple Denial of Service Vulnerabilities Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service Symantec SYMTDI.SYS Device Driver - Local Denial of Service Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service eSellerate SDK 3.6.5 - eSellerateControl365.dll ActiveX Control Buffer Overflow eSellerate SDK 3.6.5 - 'eSellerateControl365.dll' ActiveX Control Buffer Overflow NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting NextPage LivePublish 2.02 - 'LPEXT.dll' Cross-Site Scripting Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow Roxio CinePlayer 3.2 - SonicDVDDashVRNav.dll ActiveX Control Remote Buffer Overflow Roxio CinePlayer 3.2 - 'SonicDVDDashVRNav.dll' ActiveX Control Remote Buffer Overflow Dart ZipLite Compression 1.8.5.3 - DartZipLite.dll ActiveX Control Buffer Overflow Dart ZipLite Compression 1.8.5.3 - 'DartZipLite.dll' ActiveX Control Buffer Overflow F-Secure Policy Manager 7.00 - FSMSH.dll Remote Denial of Service Apple Safari 3.0.1 for Windows - Corefoundation.dll Denial of Service F-Secure Policy Manager 7.00 - 'FSMSH.dll' Remote Denial of Service Apple Safari 3.0.1 for Windows - 'Corefoundation.dll' Denial of Service VMware Tools 3.1 - HGFS.Sys Privilege Escalation VMware Tools 3.1 - 'HGFS.Sys' Privilege Escalation Microsoft Windows Kernel win32k.sys - Integer Overflow (MS13-101) Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101) Baidu Soba Search Bar 5.4 - BaiduBar.dll ActiveX Control Remote Code Execution Baidu Soba Search Bar 5.4 - 'BaiduBar.dll' ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - TBLinf32.dll ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - Vector Markup Language VGX.dll Remote Buffer Overflow Microsoft Internet Explorer 5.0.1 - Vector Markup Language 'VGX.dll' Remote Buffer Overflow Yahoo! Messenger 8.1 - KDU_V32M.DLL Remote Denial of Service Yahoo! Messenger 8.1 - 'KDU_V32M.DLL' Remote Denial of Service BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free BitDefender AntiVirus 2008 - 'bdelev.dll' ActiveX Control Double-Free AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Based Buffer Overflow Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow Microsoft Agent - 'agentdpv.dll' ActiveX Control Malformed URL Stack Buffer Overflow Macrovision SafeDisc - SecDRV.SYS Method_Neither Privilege Escalation SpeedFan - Speedfan.sys Privilege Escalation Macrovision SafeDisc - 'SecDRV.SYS' Method_Neither Privilege Escalation SpeedFan - 'Speedfan.sys' Privilege Escalation RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow RealPlayer 10.0/10.5/11 - 'ierpplug.dll' ActiveX Control Import Playlist Name Stack Buffer Overflow GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities RealMedia RealPlayer 10.5/11 - ierpplug.dll PlayerProperty ActiveX Control Buffer Overflow RealMedia RealPlayer 10.5/11 - 'ierpplug.dll' PlayerProperty ActiveX Control Buffer Overflow AuraCMS 2.2 - 'lihatberita' Module 'id' Parameter SQL Injection AuraCMS 2.2 - 'lihatberita' Module SQL Injection Panda Internet Security/AntiVirus+Firewall 2008 - CPoint.sys Memory Corruption Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter Cross-Site Scripting SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate 'wgate.dll' ~service Parameter Cross-Site Scripting Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow Symantec Multiple Products - Client Proxy ActiveX 'CLIproxy.dll' Remote Overflow Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation (Metasploit) VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit) AuraCMS 1.62 - 'pdf.php' SQL Injection VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit Microsoft Windows 8.1 (x86/x64) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation Microsoft Windows 8.1 (x86/x64) - 'ahcache.sys' NtApphelpCacheControl Privilege Escalation JetAudio 8.1.3 - (Corrupted mp4) Crash (PoC) JetAudio 8.1.3 - '.mp4' Crash (PoC) Microsoft Windows - HTTP.sys PoC (MS15-034) Microsoft Windows - 'HTTP.sys' PoC (MS15-034) MS Windows (HTTP.sys) - HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052) FinePlayer 2.20 (.mp4) - Crash (PoC) FinePlayer 2.20 - '.mp4' Crash (PoC) Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081) Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080) Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081) Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081) Microsoft Office 2007 - 'wwlib.dll' fcPlcfFldMom Uninitialized Heap Usage Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081) Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080) Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081) Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081) Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table Microsoft Windows - ATMFD.dll CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access Microsoft Windows - ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to - Malformed CFF Table Microsoft Windows - 'ATMFD.dll' CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads Microsoft Office 2007 - msxml5.dll Crash (PoC) Microsoft Office 2007 - 'msxml5.dll' Crash (PoC) Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097) Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097) Microsoft Windows - Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Office / COM Object - els.dll DLL Planting (MS15-134) Microsoft Office / COM Object - 'els.dll' DLL Planting (MS15-134) Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132) Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132) Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007) Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS16-007) Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007) Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007) QuickHeal 16.00 - webssx.sys Driver Denial of Service QuickHeal 16.00 - 'webssx.sys' Driver Denial of Service Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Elevation Exploit Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Stack Corruption (MS16-026) Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026) Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow Hyper-V - 'vmswitch.sys' VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow Microsoft Windows - Kernel win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Adobe Flash - MP4 File Stack Corruption Adobe Flash - .MP4 File Stack Corruption Microsoft Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) Microsoft Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) Microsoft Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074) Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074) VMware Virtual Machine Communication Interface (VMCI) vmci.sys - (PoC) VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys' (PoC) Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067) Microsoft Windows - 'NetAPI32.dll' Code Execution (Python) (MS08-067) SAP Adaptive Server Enterprise 16 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Boonex Dolphin 7.3.2 - Authentication Bypass SmallFTPd 1.0.3 - 'mkd' Command Denial of Service Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure	2016-10-27 05:01:19 +00:00
g0tmi1k	a2a80a0099	Merge pull request #57 from g0tmi1k/searchsploit Note about dependencies	2016-10-26 16:45:55 +01:00
g0tmi1k	70d0496f8a	Note about dependencies	2016-10-26 16:44:58 +01:00
g0tmi1k	5834a2391c	Merge pull request #56 from g0tmi1k/searchsploit Link to the SearchSploit Manual	2016-10-26 16:04:57 +01:00
g0tmi1k	c1fe53ce4b	Hardcode ${gitpath} path	2016-10-26 13:13:51 +01:00
g0tmi1k	e5938fe900	Add a link to the SearchSploit Manual	2016-10-26 13:09:02 +01:00
Offensive Security	da63ed13a1	Add --nmap flag (Reads in XML from Nmap scans)	2016-10-26 11:09:45 +00:00
g0tmi1k	f0efa2c25a	Add '--nmap' flag. Able to load from Nmap's XML output	2016-10-26 12:07:52 +01:00
g0tmi1k	9a1da54ee2	Add more comments in	2016-10-26 12:07:20 +01:00
g0tmi1k	bd3cac3bb6	Escape slashes if using '-t'	2016-10-26 12:06:57 +01:00
Offensive Security	f1ca42d762	DB: 2016-10-26 1 new exploits WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python) WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl) Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) (PoC) Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) Apple QuickTime 7.2/7.3 - RTSP Response Universal Exploit (Internet Explorer 7 / Firefox / Opera) Apple QuickTime 7.2/7.3 (Internet Explorer 7 / Firefox / Opera) - RTSP Response Universal Exploit PHP-CON 1.3 - (include.php) Remote File Inclusion PHP-CON 1.3 - 'include.php' Remote File Inclusion RealPlayer 11 - Malformed AU File Denial of Service RealPlayer 11 - '.au' Denial of Service VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization (PoC) VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization Nullsoft Winamp 5.32 - MP4 tags Stack Overflow Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion ViArt CMS/Shop/Helpdesk 3.3.2 - Remote File Inclusion Samba 3.0.27a - send_mailslot() Remote Buffer Overflow (PoC) Samba 3.0.27a - send_mailslot() Remote Buffer Overflow Horde Web-Mail 3.x - (go.php) Remote File Disclosure CuteNews 1.1.1 - (html.php) Remote Code Execution Horde Web-Mail 3.x - 'go.php' Remote File Disclosure CuteNews 1.1.1 - 'html.php' Remote Code Execution TUTOS 1.3 - (cmd.php) Remote Command Execution TUTOS 1.3 - 'cmd.php' Remote Command Execution PHP Webquest 2.6 - (id_actividad) SQL Injection Move Networks Quantum Streaming Player - Overwrite (SEH) Gateway Weblaunch - ActiveX Control Insecure Method Exploit PHP Webquest 2.6 - 'id_actividad' Parameter SQL Injection Move Networks Quantum Streaming Player - SEH Overflow Gateway Weblaunch - ActiveX Control Insecure Method Microsoft FoxServer - (vfp6r.dll 6.0.8862.0) ActiveX Command Execution Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method Microsoft FoxServer - 'vfp6r.dll 6.0.8862.0' ActiveX Command Execution Microsoft Rich Textbox Control 6.0-SP6 - 'SaveFile()' Insecure Method McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC) McAfee E-Business Server 8.5.2 - Remote Unauthenticated Code Execution / Denial of Service (PoC) Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow StreamAudio ChainCast ProxyManager - ccpm_0237.dll Buffer Overflow StreamAudio ChainCast ProxyManager - 'ccpm_0237.dll' Buffer Overflow XnView 1.92.1 - Slideshow (FontName) Buffer Overflow XnView 1.92.1 - (FontName) Slideshow Buffer Overflow Phaos R4000 Version (file) - Remote File Disclosure Phaos R4000 Version - 'file' Remote File Disclosure ASPPortal Free Version (Topic_Id) - SQL Injection ASPPortal Free Version - 'Topic_Id' SQL Injection Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection Alibaba Clone Tritanium Version - 'news_desc.html' SQL Injection XnView 1.97.4 - MBM File Remote Heap Buffer Overflow XnView 1.97.4 - '.MBM' File Remote Heap Buffer Overflow Fortigate OS Version 4.x < 5.0.7 - SSH Backdoor Fortigate OS 4.x < 5.0.7 - SSH Backdoor Network Scanner Version 4.0.0.0 - SEH Crash (PoC) Network Scanner 4.0.0.0 - SEH Crash (PoC) Ruby on Rails - Dynamic Render File Upload Remote Code Execution Ruby on Rails - Dynamic Render File Upload / Remote Code Execution Network Scanner 4.0.0 - SEH Local Buffer Overflow	2016-10-26 05:01:17 +00:00
Offensive Security	8330920f32	DB: 2016-10-25 4 new exploits ATutor 1.5.3.1 - (links) Blind SQL Injection ATutor 1.5.3.1 - 'links' Blind SQL Injection Mihalism Multi Host 2.0.7 - download.php Remote File Disclosure Mihalism Multi Host 2.0.7 - 'download.php' Remote File Disclosure IBM Domino Web Access Upload Module - inotes6.dll Buffer Overflow IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow WebPortal CMS 0.6.0 - (index.php m) SQL Injection WebPortal CMS 0.6.0 - 'index.php' SQL Injection samPHPweb - 'db.php commonpath' Remote File Inclusion samPHPweb 4.2.2 - 'db.php' Remote File Inclusion samPHPweb - 'songinfo.php' SQL Injection samPHPweb 4.2.2 - 'songinfo.php' SQL Injection ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion ATutor 1.6.1-pl1 - 'import.php' Remote File Inclusion The Matt Wright Guestbook.pl 2.3.1 - Server Side Include The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include html2ps - 'include file' Server Side Include Directive Directory Traversal html2ps - 'include file' Server-Side Include Directive Directory Traversal ClanSphere 2011.3 - (cs_lang cookie Parameter) Local File Inclusion ClanSphere 2011.3 - 'cs_lang' Cookie Parameter Local File Inclusion Imatix Xitami 2.5 - Server Side Includes Cross-Site Scripting Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting Flatnux CMS 2013-01.17 - (index.php theme Parameter) Local File Inclusion Flatnux CMS 2013-01.17 - 'index.php' Local File Inclusion Network Weathermap 0.97a - (editor.php) Persistent Cross-Site Scripting Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting ATutor 1.4.3 - browse.php show_course Parameter Cross-Site Scripting ATutor 1.4.3 - contact.php subject Parameter Cross-Site Scripting ATutor 1.4.3 - content.php cid Parameter Cross-Site Scripting ATutor 1.4.3 - send_message.php l Parameter Cross-Site Scripting ATutor 1.4.3 - search.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - inbox/index.php view Parameter Cross-Site Scripting ATutor 1.4.3 - tile.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - subscribe_forum.php us Parameter Cross-Site Scripting ATutor 1.4.3 - Directory.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'browse.php' show_course Parameter Cross-Site Scripting ATutor 1.4.3 - 'contact.php' subject Parameter Cross-Site Scripting ATutor 1.4.3 - 'content.php' cid Parameter Cross-Site Scripting ATutor 1.4.3 - 'send_message.php' l Parameter Cross-Site Scripting ATutor 1.4.3 - 'search.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'inbox/index.php' view Parameter Cross-Site Scripting ATutor 1.4.3 - 'tile.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'subscribe_forum.php' us Parameter Cross-Site Scripting ATutor 1.4.3 - 'Directory.php' Multiple Parameter Cross-Site Scripting Cuppa CMS - 'alertConfigField.php urlConfig Parameter' Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php' Remote / Local File Inclusion Novell Zenworks Mobile Device Managment - Local File Inclusion (Metasploit) Novell Zenworks Mobile Device Managment 2.6.1 / 2.7.0 - Local File Inclusion (Metasploit) Weathermap 0.97c - (editor.php mapname Parameter) Local File Inclusion Weathermap 0.97c - 'mapname' Parameter Local File Inclusion ATutor 1.5.1 - password_reminder.php SQL Injection ATutor 1.5.1 - 'password_reminder.php' SQL Injection ATutor 1.x - forum.inc.php Arbitrary Command Execution ATutor 1.x - body_header.inc.php section Parameter Local File Inclusion ATutor 1.x - print.php section Parameter Remote File Inclusion ATutor 1.x - 'forum.inc.php' Arbitrary Command Execution ATutor 1.x - 'body_header.inc.php' section Parameter Local File Inclusion ATutor 1.x - 'print.php' section Parameter Remote File Inclusion ATutor 1.5.x - create_course.php Multiple Parameter Cross-Site Scripting ATutor 1.5.x - documentation/admin/index.php Cross-Site Scripting ATutor 1.5.x - password_reminder.php forgot Parameter Cross-Site Scripting ATutor 1.5.x - users/browse.php cat Parameter Cross-Site Scripting ATutor 1.5.x - 'create_course.php' Multiple Parameter Cross-Site Scripting ATutor 1.5.x - 'documentation/admin/index.php' Cross-Site Scripting ATutor 1.5.x - 'password_reminder.php' forgot Parameter Cross-Site Scripting ATutor 1.5.x - 'users/browse.php' cat Parameter Cross-Site Scripting Zimbra - Privilegie Escalation (via Local File Inclusion) Zimbra 2009-2013 - Local File Inclusion Zimbra Collaboration Server - Local File Inclusion (Metasploit) Zimbra Collaboration Server 7.2.2 / 8.0.2 - Local File Inclusion (Metasploit) Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file Parameter) Local File Inclusion Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion Cart Engine 3.0.0 - (task.php) Local File Inclusion Cart Engine 3.0.0 - 'task.php' Local File Inclusion Kemana Directory 1.5.6 - (run Parameter) Local File Inclusion Kemana Directory 1.5.6 - 'task.php' Local File Inclusion Railo - Remote File Inclusion (Metasploit) Railo 4.2.1 - Remote File Inclusion (Metasploit) LittleSite 0.1 - 'file' Parameter Local File Inclusion LittleSite 0.1 - 'index.php' Local File Inclusion OSClass 3.4.1 - (index.php file Parameter) Local File Inclusion OSClass 3.4.1 - 'index.php' Local File Inclusion Magento Server MAGMI Plugin - Remote File Inclusion Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion Cacti Superlinks Plugin 1.4-2 - Remote Code Execution (via Local File Inclusion + SQL Injection) Cacti Superlinks Plugin 1.4-2 - SQL Injection / Local File Inclusion Lotus Mail Encryption Server (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) u5CMS 3.9.3 - (thumb.php) Local File Inclusion u5CMS 3.9.3 - 'thumb.php' Local File Inclusion openSIS - 'modname' Parameter Local File Inclusion ATutor - 'tool_file' Parameter Local File Inclusion openSIS 5.1 - 'ajax.php' Local File Inclusion ATutor 2.1 - 'tool_file' Parameter Local File Inclusion Fork CMS - 'file' Parameter Local File Inclusion Fork CMS - 'js.php' Local File Inclusion HP Insight Diagnostics - Local File Inclusion HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion phpVibe - Information Disclosure / Remote File Inclusion phpVibe 3.1 - Information Disclosure / Remote File Inclusion CakePHP - AssetDispatcher Class Local File Inclusion CakePHP 2.2.8 / 2.3.7 - AssetDispatcher Class Local File Inclusion TomatoCart - 'install/rpc.php' Local File Inclusion TomatoCart 1.1.8.2 - 'class' Parameter Local File Inclusion NeoBill - /install/index.php language Parameter Traversal Local File Inclusion NeoBill 0.9-alpha - 'language' Parameter Local File Inclusion iScripts AutoHoster - /websitebuilder/showtemplateimage.php tmpid Parameter Traversal Local File Inclusion iScripts AutoHoster - /admin/downloadfile.php fname Parameter Traversal Local File Inclusion iScripts AutoHoster - /support/admin/csvdownload.php id Parameter Traversal Local File Inclusion iScripts AutoHoster - 'tmpid' Parameter Local File Inclusion iScripts AutoHoster - 'fname' Parameter Local File Inclusion iScripts AutoHoster - 'id' Parameter Local File Inclusion AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion AFCommerce - 'adblock.php' Remote File Inclusion AFCommerce - 'adminpassword.php' Remote File Inclusion AFCommerce - 'controlheader.php' Remote File Inclusion xBoard - 'post' Parameter Local File Inclusion xBoard 5.0 / 5.5 / 6.0 - 'view.php' Local File Inclusion BloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion BloofoxCMS 0.5.0 - 'fileurl' Parameter Local File Inclusion Rips Scanner 0.5 - (code.php) Local File Inclusion Rips Scanner 0.5 - 'code.php' Local File Inclusion MeiuPic - 'ctl' Parameter Local File Inclusion MeiuPic 2.1.2 - 'ctl' Parameter Local File Inclusion qEngine - 'run' Parameter Local File Inclusion qEngine 4.1.6 / 6.0.0 - 'task.php' Local File Inclusion WordPress Plugin BookX - 'includes/bookx_export.php' Local File Inclusion WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion Alfresco - /proxy endpoint Parameter Server Side Request Forgery Alfresco - /cmisbrowser url Parameter Server Side Request Forgery Alfresco - /proxy endpoint Parameter Server-Side Request Forgery Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery CMSimple - Remote file Inclusion CMSimple 4.4.4 - Remote file Inclusion VoipSwitch - 'action' Parameter Local File Inclusion VoipSwitch - 'user.php' Local File Inclusion Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion Concrete5 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062) EC-CUBE 2.12.6 - Server-Side Request Forgery Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration Management	2016-10-25 05:01:17 +00:00
Offensive Security	e380b207ce	DB: 2016-10-24 1 new exploits dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock) dhclient 4.1 - Bash Environment Variable Command Injection (PoC) (Shellshock) Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs Viscomsoft Calendar Active-X 2.0 - Multiple Crashes (PoC) Microsoft Excel 2010 - Crash PoC (2) Microsoft Excel 2010 - Crash (PoC) (2) Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit) Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit) The Unarchiver 3.11.1 - '.tar.Z' Crash PoC The Unarchiver 3.11.1 - '.tar.Z' Crash (PoC) Microsoft Edge - Function.apply Infomation Leak (MS16-119) Microsoft Edge - 'Function.apply' Information Leak (MS16-119) Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit) Zenbership 107 - Multiple Vulnerabilities	2016-10-24 05:01:19 +00:00
Offensive Security	6cd9390ff2	DB: 2016-10-23	2016-10-23 05:01:19 +00:00
Offensive Security	506182d72d	DB: 2016-10-22 7 new exploits RealSecure / Blackice - iss_pam1.dll Remote Overflow RealSecure / Blackice - 'iss_pam1.dll' Remote Overflow Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Exploit Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Mozilla Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll) Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll) TeamViewer 5.0.8703 - (dwmapi.dll) DLL Hijacking Exploit Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Exploit Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Exploit Microsoft Address Book 6.00.2900.5512 - (wab32res.dll) DLL Hijacking Exploit Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking Exploit TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking Exploit Mozilla Firefox 3.6.8 - 'dwmapi.dll' DLL Hijacking Microsoft Windows Movie Maker 2.6.4038.0 - 'hhctrl.ocx' DLL Hijacking Opera 10.61 - 'dwmapi.dll' DLL Hijacking Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Microsoft Address Book 6.00.2900.5512 - 'wab32res.dll' DLL Hijacking Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking BS.Player 2.56 build 1043 - (mfc71loc.dll) DLL Hijacking Exploit Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll) Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Exploit BS.Player 2.56 build 1043 - 'mfc71loc.dll' DLL Hijacking Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Exploit VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Exploit Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll) InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Exploit Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Exploit Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Exploit Ettercap NG-0.7.3 - (wpcap.dll) DLL Hijacking Exploit Microsoft Group Convertor - 'imm.dll' DLL Hijacking Exploit Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Ettercap NG-0.7.3 - 'wpcap.dll' DLL Hijacking Microsoft Group Convertor - 'imm.dll' DLL Hijacking TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking Exploit MediaPlayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll) Skype 4.2.0.169 - (wab32.dll) DLL Hijacking Exploit TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Exploit Nvidia Driver - DLL Hijacking Exploit (nview.dll) Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Exploit Cisco Packet Tracer 5.2 - (wintab32.dll) DLL Hijacking Exploit Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Exploit Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Nvidia Driver - 'nview.dll' DLL Hijacking Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Cisco Packet Tracer 5.2 - 'wintab32.dll' DLL Hijacking Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Exploit Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Exploit Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Exploit Mozilla Thunderbird - DLL Hijacking Exploit (dwmapi.dll) Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit (dwmapi.dll) Adobe ExtendedScript Toolkit CS5 3.5.0.52 - DLL Hijacking Exploit (dwmapi.dll) CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Media Player Classic 6.4.9.1 - (iacenc.dll) DLL Hijacking Exploit Nullsoft Winamp 5.581 - DLL Hijacking Exploit (wnaspi32.dll) Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll) Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Exploit Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Mozilla Thunderbird - 'dwmapi.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Adobe ExtendedScript Toolkit CS5 3.5.0.52 - 'dwmapi.dll' DLL Hijacking CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Media Player Classic 6.4.9.1 - 'iacenc.dll' DLL Hijacking Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Exploit Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Edge - 'Array.map' Heap Overflow (MS16-119) Microsoft Edge - Array.join Info Leak (MS16-119) Microsoft Edge - 'Array.join' Infomation Leak (MS16-119) Adobe Flash - Transform.colorTranform Getter Info Leak Adobe Flash - Transform.colorTranform Getter Infomation Leak Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124) Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123) Microsoft Windows - DeviceApi CMApi PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124) Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Windows - 'win32k.sys' TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Microsoft Windows - 'win32k.sys' TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Microsoft Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Infomation Leak (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access) Just Dial Clone Script - SQL Injection FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID) Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)	2016-10-22 05:01:17 +00:00
Offensive Security	07fdc778ee	DB: 2016-10-21 24 new exploits NetAuctionHelp 4.1 - search.asp SQL Injection Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow Microsoft Edge - Array.join Info Leak (MS16-119) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) HikVision Security Systems - Activex Buffer Overflow Oracle Netbeans IDE 8.1 - Directory Traversal MiCasa VeraLite - Remote Code Execution Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection Classifieds Rental Script - SQL Injection SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Event Calendar PHP 1.5 - SQL Injection SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal SPIP 3.1.2 - Cross-Site Request Forgery Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Edge - Spread Operator Stack Overflow (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)	2016-10-21 05:01:17 +00:00
Offensive Security	77b46b2163	DB: 2016-10-20 13 new exploits PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit PHP FFI Extension 5.0.5 - Local Safe_mode Bypass PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC) Apple QuickTime < 7.2 - SMIL Remote Integer Overflow Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC) Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow Integramod nederland 1.4.2 - Remote File Inclusion Integramod Nederland 1.4.2 - Remote File Inclusion CNDSOFT 2.3 - Cross-Site Request Forgery / Arbitrary File Upload NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation The Unarchiver 3.11.1 - '.tar.Z' Crash PoC XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege Escalation Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path Privilege Escalation PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege Escalation	2016-10-20 05:01:17 +00:00
Offensive Security	557f116d02	DB: 2016-10-19 8 new exploits TikiWiki 1.9 Sirius - (jhot.php) Remote Command Execution TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution TikiWiki 1.9.5 Sirius - (sort_mode) Information Disclosure TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution TikiWiki 1.9.8 - 'tiki-graph_formula.php' Command Execution TikiWiki < 1.9.9 - tiki-listmovies.php Directory Traversal TikiWiki < 1.9.9 - 'tiki-listmovies.php' Directory Traversal TikiWiki Project 1.8 - tiki-switch_theme.php theme Parameter Cross-Site Scripting TikiWiki Project 1.8 - img/wiki_up Arbitrary File Upload TikiWiki Project 1.8 - tiki-map.phtml Traversal Arbitrary File / Directory Enumeration TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload TikiWiki Project 1.8 - 'tiki-map.phtml' Traversal Arbitrary File / Directory Enumeration TikiWiki Project 1.8 - categorize.php Direct Request Full Path Disclosure TikiWiki Project 1.8 - messu-mailbox.php Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - messu-read.php Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-browse_categories.php parentId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-index.php comments_threshold Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-list_file_gallery.php galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure TikiWiki Project 1.8 - 'messu-mailbox.php' Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'messu-read.php' Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-read_article.php' articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-browse_categories.php' parentId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-index.php' comments_threshold Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-print_article.php' articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-upload_file.php galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-view_faq.php faqId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-view_chart.php chartId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-usermenu.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - tiki-list_file_gallery.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - 'tiki-upload_file.php' galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-view_faq.php' faqId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-view_chart.php' chartId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-usermenu.php' sort_mode Parameter SQL Injection TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' sort_mode Parameter SQL Injection Symantec pcAnywhere 12.5.0 Windows (x86) - Remote Code Execution Symantec pcAnywhere 12.5.0 (Windows x86) - Remote Code Execution Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046) Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page) LanSpy 2.0.0.155 - Local Buffer Overflow ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure Cgiemail 1.6 - Source Code Disclosure Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)	2016-10-19 05:01:18 +00:00
Offensive Security	558ab1fc67	DB: 2016-10-18 24 new exploits Entrepreneur Job Portal Script - SQL Injection Entrepreneur Job Portal Script 2.06 - SQL Injection NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation HP Client - Automation Command Injection / Remote Code Execution HP Client 9.1/9.0/8.1/7.9 - Command Injection NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation NO-IP DUC 4.1.1 - Unquoted Service Path Privilege Escalation Wondershare PDFelement 5.2.9 - Unquoted Service Path Privilege Escalation Firefox 49.0.1 - Denial of Service Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation Student Information System (SIS) 0.1 - Authentication Bypass Web Based Alumni Tracking System 0.1 - SQL Injection Simple Dynamic Web 0.1 - SQL Injection Learning Management System 0.1 - Authentication Bypass Fashion Shopping Cart 0.1 - SQL Injection Health Record System 0.1 - Authentication Bypass Windows x64 - WinExec() Shellcode (93 bytes) Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation PHP Telephone Directory - Multiple Vulnerabilities Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting PHP Image Database - Multiple Vulnerabilities Simple Shopping Cart Application 0.1 - SQL Injection PHP NEWS 1.3.0 - Cross-Site Request Forgery (Add Admin) School Full CBT 0.1 - SQL Injection PHP Business Directory - Multiple Vulnerabilities Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes) Ruby on Rails - Dynamic Render File Upload Remote Code Execution Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)	2016-10-18 05:01:18 +00:00
Offensive Security	113ab3e40e	DB: 2016-10-15 4 new exploits Open-Xchange App Suite 7.8.2 - Cross Site Scripting Open-Xchange App Suite 7.8.2 - Cross-Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vifi Radio v1 - Cross-Site Request Forgery Vifi Radio 1.0 - Cross-Site Request Forgery b374k Web Shell - Cross-Site Request Forgery / Command Injection b374k Web Shell 3.2.3 / 2.8 - Cross-Site Request Forgery / Command Injection PHP Press Release - Stored Cross Site Scripting PHP Press Release - Persistent Cross-Site Scripting ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting ApPHP MicroBlog 1.0.2 - Persistent Cross-Site Scripting ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting OpenCimetiere v3.0.0-a5 - Blind SQL Injection ApPHP MicroCMS 3.9.5 - Persistent Cross-Site Scripting OpenCimetiere 3.0.0-a5 - Blind SQL Injection Colorful Blog - Stored Cross Site Scripting Colorful Blog - Persistent Cross-Site Scripting Simple Forum PHP 2.4 - SQL Injection Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options) NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting	2016-10-15 05:01:17 +00:00
Offensive Security	f49abcf00f	DB: 2016-10-14 13 new exploits Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) Linux Kernel 4.6.3 - 'Netfilter' Privilege Escalation (Metasploit) ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation Thatware 0.4.6 - SQL Injection InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation Simple Blog PHP 2.0 - Multiple Vulnerabilities Simple Blog PHP 2.0 - SQL Injection Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow) Linux Kernel (Ubuntu 14.04.3) - 'perf_event_open()' Can Race with execve() (Access /etc/shadow) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) PHP Press Release - (Add Admin) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery BirdBlog 1.4.0 - Cross-Site Request Forgery (Add New Post) phpEnter 4.2.7 - Cross-Site Request Forgery (Add New Post) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery ApPHP MicroCMS 3.9.5 - Cross-Site Request Forgery (Add Admin) ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation VOX Music Player 2.8.8 - '.pls' Denial of Service IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation Colorful Blog - Stored Cross Site Scripting Colorful Blog - Cross-Site Request Forgery (Change Admin Password) Hotspot Shield 6.0.3 - Unquoted Service Path Privilege Escalation RSS News AutoPilot Script 1.0.1 / 3.1.0 - Admin Panel Authentication Bypass JonhCMS 4.5.1 - SQL Injection	2016-10-14 05:01:16 +00:00
Offensive Security	01eb066d9d	DB: 2016-10-13 11 new exploits IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) PHP Press Release - (Add Admin) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery Subversion 1.6.6 / 1.6.12 - Code Execution Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption Categorizator 0.3.1 - SQL Injection NetBilletterie 2.8 - Multiple Vulnerabilities ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting OpenCimetiere v3.0.0-a5 - Blind SQL Injection Android - Binder Generic ASLR Leak ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery	2016-10-13 05:01:17 +00:00
Offensive Security	f8b17d14a1	DB: 2016-10-12 12 new exploits Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection Android - 'gpsOneXtra' Data Files Denial of Service Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)	2016-10-12 05:01:17 +00:00
Offensive Security	a3dbf3113e	DB: 2016-10-11 9 new exploits ShoreTel Connect ONSITE - Blind SQL Injection Leap Service - Unquoted Service Path Privilege Escalation Wacom Consumer Service - Unquoted Service Path Privilege Escalation Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation Zend Studio IDE 13.5.1 - Insecure File Permissions Privilege Escalation HP Client - Automation Command Injection / Remote Code Execution Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)	2016-10-11 05:01:15 +00:00
Offensive Security	8ea4614148	DB: 2016-10-10 4 new exploits miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) Fitbit Connect Service - Unquoted Service Path Privilege Escalation PHP Press Release - Cross-Site Request Forgery (Add Admin) PHP Press Release - Stored Cross Site Scripting	2016-10-10 05:01:16 +00:00
Offensive Security	cda049fa54	DB: 2016-10-08 4 new exploits MLM Unilevel Plan Script v1.0.2 - SQL Injection MLM Unilevel Plan Script 1.0.2 - SQL Injection Comodo Dragon Browser - Unquoted Service Path Privilege Escalation Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) Entrepreneur Job Portal Script - SQL Injection BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation Waves Audio Service - Unquoted Service Path Privilege Escalation	2016-10-08 05:01:18 +00:00
Offensive Security	cd9e638108	DB: 2016-10-07 12 new exploits phpBB 2.0.10 - Remote Command Execution (CGI) Advance MLM Script - SQL Injection Picosafe Web Gui - Multiple Vulnerabilities Witbe - Remote Code Execution PHP Classifieds Rental Script - Blind SQL Injection B2B Portal Script - Blind SQL Injection MLM Unilevel Plan Script v1.0.2 - SQL Injection Just Dial Clone Script - SQL Injection Comodo Dragon Browser - Unquoted Service Path Privilege Escalation Billion Router 7700NR4 - Remote Command Execution Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Exagate WEBPack Management System - Multiple Vulnerabilities	2016-10-07 05:01:18 +00:00
Offensive Security	5fbed83086	DB: 2016-10-06 10 new exploits Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials Bind 9 DNS Server - Denial of Service ISC BIND 9 - Denial of Service Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution VX Search Enterprise 9.0.26 - Buffer Overflow Sync Breeze Enterprise 8.9.24 - Buffer Overflow Dup Scout Enterprise 9.0.28 - Buffer Overflow Disk Sorter Enterprise 9.0.24 - Buffer Overflow Disk Savvy Enterprise 9.0.32 - Buffer Overflow Abyss Web Server X1 2.11.1 - Unquoted Service Path Privilege Escalation Fortitude HTTP 1.0.4.0 - Unquoted Service Path Privilege Escalation	2016-10-06 05:01:22 +00:00
Offensive Security	77681134f4	DB: 2016-10-05 3 new exploits CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion E-SMARTCART 1.0 - (Product_ID) SQL Injection E-Smart Cart 1.0 - 'Product_ID' SQL Injection E-SMART CART - 'productsofcat.asp' SQL Injection E-Smart Cart - 'productsofcat.asp' SQL Injection CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection E-Smartcart - SQL Injection E-Smart Cart - SQL Injection CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection CubeCart PHP 4.3.x - 'shipkey' SQL Injection CS Cart 1.3.3 - (install.php) Cross-Site Scripting CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting dansie shopping cart 3.0.4 - Multiple Vulnerabilities Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities Sendmail 8.11.6 - Address Prescan Memory Corruption Joomla! Component RSfiles (cid parameter) - SQL Injection Joomla! Component RSfiles - (cid parameter) SQL Injection Dovecot with Exim sender_address Parameter - Remote Command Execution Dovecot with Exim - sender_address Parameter Remote Command Execution Exim sender_address Parameter - Remote Code Execution Exim - sender_address Parameter Remote Code Execution PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection AJ Classifieds 'listingid' Parameter - SQL Injection AJ Classifieds - 'listingid' Parameter SQL Injection PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Bind 9 DNS Server - Denial of Service Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC) OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution Disk Pulse Enterprise 9.0.34 - Buffer Overflow	2016-10-05 05:01:18 +00:00
Offensive Security	d9bdc2e376	DB: 2016-10-04 7 new exploits maplab ms4w 2.2.1 - Remote File Inclusion MapLab MS4W 2.2.1 - Remote File Inclusion Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow Grandsteam GXV3611_HD - SQL Injection Glassfish Server - Unquoted Service Path Privilege Escalation Windows Firewall Control - Unquoted Service Path Privilege Escalation Android - Insufficient Binder Message Verification Pointer Leak DWebPro 8.4.2 - Multiple Vulnerabilities Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)	2016-10-04 05:01:17 +00:00
Offensive Security	2963ce32a0	DB: 2016-10-01 1 new exploits Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege	2016-10-01 05:01:16 +00:00
Offensive Security	fa1b17f699	DB: 2016-09-30 1 new exploits Microsoft Windows - RPC DCOM Remote Exploit (18 Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (48 Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (1) Microsoft Windows - 'RPC DCOM' Remote Exploit (2) Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal) Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate Get Request Remote Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow PMSoftware Simple Web Server - GET Request Remote Buffer Overflow CUPS Server 1.1 - (Get Request) Denial of Service CUPS Server 1.1 - GET Request Denial of Service BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC) TFTPD32 2.81 - GET Request Format String Denial of Service (PoC) Fenice Oms 1.10 - (long get request) Remote Buffer Overflow Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow Multi-Threaded TFTP 1.1 - (Long Get Request) Denial of Service Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service Essentia Web Server 2.15 - (GET Request) Remote Denial of Service Essentia Web Server 2.15 - GET Request Remote Denial of Service webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Buffer Overflow webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield) webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (dnsname) Microsoft Windows Message Queuing Service - RPC Buffer Overflow Netgear WGR614v9 - Wireless Router Get Request Denial of Service Netgear WGR614v9 Wireless Router - GET Request Denial of Service XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow (PoC) XBMC 8.10 (Windows) - (GET Request) Remote Buffer Overflow XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC) XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow (SEH) httpdx 0.5b - FTP Server (USER) Remote Buffer Overflow (SEH) Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC) Mereo 1.8.0 - (Get Request) Remote Denial of Service Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC) Mereo 1.8.0 - GET Request Remote Denial of Service httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow (SEH) httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH) httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit ARD-9808 DVR Card Security Camera - (GET Request) Remote Denial of Service ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service Kolibri+ WebServer 2 - (Get Request) Denial of Service Kolibri+ WebServer 2 - GET Request Denial of Service Kolibri+ WebServer 2 - (GET Request) Remote Overwrite (SEH) Kolibri+ WebServer 2 - GET Request Remote Overwrite (SEH) httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service httpdx 1.4 - Get Request Buffer Overflow httpdx 1.4 - GET Request Buffer Overflow Httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC) httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC) HTTPDX - tolog() Function Format String (1) httpdx - tolog() Function Format String (1) HTTPDX - tolog() Function Format String (2) httpdx - tolog() Function Format String (2) HTTPDX - h_handlepeer() Function Buffer Overflow (Metasploit) httpdx - h_handlepeer() Function Buffer Overflow (Metasploit) glibc LD_AUDIT Arbitrary DSO - Load Privilege Escalation glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) httpdx 1.5.4 - Remote HTTP Server Denial of Service httpdx 1.5.4 - HTTP Server Remote Denial of Service Working Resources BadBlue 1.7.3 - Get Request Denial of Service Working Resources BadBlue 1.7.3 - GET Request Denial of Service KeepNote 0.7.8 - Command Execution My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service Snowblind Web Server 1.0/1.1 - (GET Request) Buffer Overflow Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow Proxomitron Proxy Server - Long Get Request Remote Denial of Service Proxomitron Proxy Server - Long GET Request Remote Denial of Service	2016-09-30 05:01:16 +00:00
Offensive Security	d86bdf5f80	DB: 2016-09-29 2 new exploits Symantec Messaging Gateway 10.6.1 - Directory Traversal VLC Media Player 2.2.1 - Buffer Overflow	2016-09-29 05:01:16 +00:00
Offensive Security	f421077feb	DB: 2016-09-28 6 new exploits UUCP Exploit - file creation/overwriting (symlinks) UUCP Exploit - File Creation/Overwriting (symlinks) Exploit Serv-U 3.x < 5.x - Privilege Escalation Serv-U FTP Server 3.x < 5.x - Privilege Escalation TiTan FTP Server - Long Command Heap Overflow (PoC) Titan FTP Server - Long Command Heap Overflow (PoC) Serv-U < 5.2 - Remote Denial of Service Serv-U FTP Server < 5.2 - Remote Denial of Service chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC) Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow WS_FTP Server 5.03 - (RNFR) Buffer Overflow Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow TYPSoft FTP Server 1.11 - (RETR) Denial of Service TYPSoft FTP Server 1.11 - 'RETR' Denial of Service XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC) XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC) WinFtp Server 2.0.2 - (PASV) Remote Denial of Service WinFTP Server 2.0.2 - (PASV) Remote Denial of Service DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service MiniWeb Http Server 0.8.x - Remote Denial of Service MiniWeb HTTP Server 0.8.x - Remote Denial of Service JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion JAF CMS 4.0 RC2 - Multiple Remote File Inclusion XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service Belkin wireless G router + ADSL2 modem - Authentication Bypass Belkin Wireless G router + ADSL2 modem - Authentication Bypass Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement WinFTP 2.3.0 - (PASV mode) Remote Denial of Service WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service Titan FTP server 6.26 build 630 - Remote Denial of Service Titan FTP Server 6.26 build 630 - Remote Denial of Service Netgear WG102 - Leaks SNMP write Password with read access Netgear WG102 - Leaks SNMP Write Password With Read Access WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Netgear embedded Linux for the SSL312 router - Denial of Service Netgear SSL312 Router - Denial of Service Belkin BullDog Plus UPS-Service - Buffer Overflow Belkin BullDog Plus - UPS-Service Buffer Overflow Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit Firebird SQL - op_connect_request main listener shutdown Firebird SQL - op_connect_request main listener shutdown Exploit HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service TYPSoft 1.10 - APPE DELE Denial of Service TYPSoft FTP Server 1.10 - APPE DELE Denial of Service WingFTP Server 3.2.4 - Cross-Site Request Forgery Wing FTP Server 3.2.4 - Cross-Site Request Forgery Quick Player 1.2 -Unicode BoF - bindshell Quick Player 1.2 - Unicode Buffer Overflow (Bindshell) UplusFtp Server 1.7.0.12 - Remote Buffer Overflow UplusFTP Server 1.7.0.12 - Remote Buffer Overflow Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC TopDownloads MP3 Player 1.0 - '.m3u' crash TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) uhttp Server - Directory Traversal uhttp Server 0.1.0-alpha - Directory Traversal eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - RETR Command Denial of Service SmallFTPd 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service SolarWinds 10.4.0.10 - TFTP Denial of Service SolarWinds TFTP Server 10.4.0.10 - Denial of Service e107 - Code Exec e107 - Code Exection HomeFTP Server r1.10.3 (build 144) - Denial of Service Home FTP Server r1.10.3 (build 144) - Denial of Service TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE) TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service SolarWinds 10.4.0.13 - Denial of Service SolarWinds TFTP Server 10.4.0.13 - Denial of Service ISC-DHCPD - Denial of Service ISC DHCPD - Denial of Service Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow deepin tftp server 1.25 - Directory Traversal Deepin TFTP Server 1.25 - Directory Traversal Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit JCMS 2010 - file download JCMS 2010 - File Download Exploit SolarFTP 2.0 - Multiple Commands Denial of Service Solar FTP Server 2.0 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - RETR CMD Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service Xynph 1.0 - USER Denial of Service Xynph FTP Server 1.0 - USER Denial of Service XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service Solar FTP 2.1 - Denial of Service Solar FTP Server 2.1 - Denial of Service Red Hat Linux - stickiness of /tmp Red Hat Linux - stickiness of /tmp Exploit home ftp server 1.12 - Directory Traversal Home FTP Server 1.12 - Directory Traversal NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit) RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit) Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow SmallFTPd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 - Denial of Service PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) Solar FTP 2.1.1 - PASV Buffer Overflow (PoC) Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC) BisonFTP Server 3.5 - Remote Buffer Overflow BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit) Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit) BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery zFTP Server - 'cwd/stat' Remote Denial of Service zFTPServer - 'cwd/stat' Remote Denial of Service Serv-U FTP - Jail Break Serv-U FTP Server - Jail Break Typsoft FTP Server 1.10 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service PeerBlock 1.1 - BSOD PeerBlock 1.1 - BSOD Exploit distinct tftp server 3.01 - Directory Traversal Distinct TFTP Server 3.01 - Directory Traversal PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection Berkeley Sendmail 5.58 - DEBUG Berkeley Sendmail 5.58 - Debug exploit SunView (SunOS 4.1.1) - selection_svc Digital Ultrix 4.0/4.1 - /usr/bin/chroot SunOS 4.1.1 - /usr/release/bin/makeinstall SunOS 4.1.1 - /usr/release/bin/winstall SunView (SunOS 4.1.1) - selection_svc Exploit Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit SunOS 4.1.3 - kmem setgid /etc/crash SunOS 4.1.3 - kmem setgid /etc/crash Exploit IRIX 6.4 - pfdisplay.cgi IRIX 6.4 - 'pfdisplay.cgi' Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit FreePBX < 13.0.188 - Remote Command Execution (Metasploit) HP JetAdmin 1.0.9 Rev. D - symlink HP JetAdmin 1.0.9 Rev. D - symlink Exploit Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation TP-Link Archer CR-700 - Cross-Site Scripting BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit Cat Soft Serv-U 2.5 - Buffer Overflow BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit Linux Kernel 2.0 / 2.1 / 2.2 - autofs Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit Debian 2.1 - httpd S.u.S.E. 5.2 - gnuplot Debian 2.1 - httpd Exploit S.u.S.E. Linux 5.2 - gnuplot Exploit Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit SGI IRIX 6.2 - /usr/lib/netaddpr SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - day5notifier SGI IRIX 6.2 - day5notifier Exploit SGI IRIX 6.4 - datman/cdman SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.3 - cgi-bin webdist.cgi SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit SGI IRIX 6.4 - cgi-bin handler SGI IRIX 6.4 - cgi-bin handler Exploit SGI IRIX 6.4 - login SGI IRIX 6.4 - login Exploit IBM AIX 3.2.5 - IFS IBM AIX 3.2.5 - IFS Exploit IBM AIX 3.2.5 - login(1) IBM AIX 3.2.5 - login(1) Exploit Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2) Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit GNU glibc 2.1/2.1.1 -6 - pt_chown GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit ProFTPd 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Exploit Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit S.u.S.E. Linux 6.1/6.2 - cwdtools S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit SCO Unixware 7.1 - 'pkg' commands SCO Unixware 7.1 - 'pkg' command Exploit Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service Nortel Networks Optivity NETarchitect 2.0 - PATH Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit SGI IRIX 6.2 - midikeys/soundplayer SGI IRIX 6.2 - midikeys/soundplayer Exploit Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Microsoft Windows 95/98/NT 4.0 - autorun.inf Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit Corel Linux OS 1.0 - buildxconfig Corel Linux OS 1.0 - setxconf Corel Linux OS 1.0 - buildxconfig Exploit Corel Linux OS 1.0 - setxconf Exploit TP Link Gateway 3.12.4 - Multiple Vulnerabilities TP-Link Gateway 3.12.4 - Multiple Vulnerabilities SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2) Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit Cisco IOS 11.x/12.x - HTTP %% Cisco IOS 11.x/12.x - HTTP %% Exploit RedHat Linux 6.0/6.1/6.2 - pam_console RedHat Linux 6.0/6.1/6.2 - pam_console Exploit HP-UX 10.20/11.0 man - /tmp symlink HP-UX 10.20/11.0 man - /tmp Symlink Exploit IRIX 5.3/6.x - mail IRIX 5.3/6.x - mail Exploit TYPSoft 0.7 x - FTP Server Remote Denial of Service TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service Oracle Internet Directory 2.0.6 - oidldap Oracle Internet Directory 2.0.6 - oidldap Exploit CatSoft FTP Serv-U 2.5.x - Brute Force Cat Soft Serv-U FTP Server 2.5.x - Brute Force Small HTTP server 2.0 1 - Non-Existent File Denial of Service Small HTTP Server 2.0 1 - Non-Existent File Denial of Service NCSA httpd-campas 1.2 - sample script NCSA httpd-campas 1.2 - sample script Exploit Novell NetWare Web Server 2.x - convert.bas Novell NetWare Web Server 2.x - convert.bas Exploit Serv-U 2.4/2.5 - FTP Directory Traversal Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal Novell Netware Web Server 3.x - files.pl Novell Netware Web Server 3.x - files.pl Exploit guido frassetto sedum http server 2.0 - Directory Traversal Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal robin twombly a1 http server 1.0 - Directory Traversal Robin Twombly A1 HTTP Server 1.0 - Directory Traversal SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit michael lamont savant http server 2.1 - Directory Traversal Michael Lamont Savant HTTP Server 2.1 - Directory Traversal zeroo http server 1.5 - Directory Traversal (1) zeroo http server 1.5 - Directory Traversal (2) Zeroo HTTP Server 1.5 - Directory Traversal (1) Zeroo HTTP Server 1.5 - Directory Traversal (2) Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting XLight FTP Server 1.x - Long Directory Request Remote Denial of Service Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service XLight FTP Server 1.52 - Remote Send File Request Denial of Service Xlight FTP Server 1.52 - Remote Send File Request Denial of Service gweb http server 0.5/0.6 - Directory Traversal GWeb HTTP Server 0.5/0.6 - Directory Traversal MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server (build 300) - Crash (PoC) TP-Link Print Server TL PS110U - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration PCMan's FTP Server 2.0.7 - Buffer Overflow PCMan FTP Server 2.0.7 - Buffer Overflow PCMan's FTP Server 2.0 - Remote Buffer Overflow PCMan FTP Server 2.0 - Remote Buffer Overflow PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3-5 - ZendEngine ECalloc Integer Overflow PHP 3 < 5 - ZendEngine ECalloc Integer Overflow NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static Http Server 1.0 - Denial of Service TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static HTTP Server 1.0 - Denial of Service NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2) Ipswitch 8.0 - WS_FTP Client Format String Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String NETGEAR WGR614 - Administration Interface Remote Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NetMan 204 - Backdoor Account NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Serv-U 11.1.0.3 - Denial of Service / Security Bypass Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND9 - TKEY (PoC) Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND 9 - TKEY (PoC) ISC BIND9 - TKEY Remote Denial of Service (PoC) ISC BIND 9 - TKEY Remote Denial of Service (PoC) NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Android (Stagefright) - Remote Code Execution Android - 'Stagefright' Remote Code Execution Microsoft Windows Media Center - MCL (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) Android libstagefright - Integer Overflow Remote Code Execution Android - libstagefright Integer Overflow Remote Code Execution NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution pdfium IsFlagSet (v8 memory management) - SIGSEGV pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) TallSoft SNMP TFTP Server 1.0.0 - Denial of Service TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service Metaphor - Stagefright Exploit with ASLR Bypass Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)	2016-09-28 11:55:43 +00:00
Offensive Security	35000196e1	DB: 2016-09-27 11 new exploits Berlios gpsd 2.7.x - Remote Format String Berlios GPSD 2.7.x - Remote Format String bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1) boastMachine 3.1 - (mail.php id) SQL Injection BoastMachine 3.1 - 'mail.php' id SQL Injection BIGACE 2.4 - Multiple Remote File Inclusion BigACE 2.4 - Multiple Remote File Inclusion attachmax dolphin 2.1.0 - Multiple Vulnerabilities Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH) AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH) BIGACE CMS 2.5 - 'Username' SQL Injection BigACE CMS 2.5 - 'Username' SQL Injection BIGACE CMS 2.6 - (cmd) Local File Inclusion BigACE CMS 2.6 - (cmd) Local File Inclusion Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (1) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1) Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption bitrix site manager 4.0.5 - Remote File Inclusion Bitrix Site Manager 4.0.5 - Remote File Inclusion boastMachine 3.1 - Arbitrary File Upload BoastMachine 3.1 - Arbitrary File Upload blog system 1.5 - Multiple Vulnerabilities Blog System 1.5 - Multiple Vulnerabilities b2b gold script - 'id' SQL Injection B2B Gold Script - 'id' SQL Injection TinyBrowser - Arbitrary File Upload Wordpress Plugin TinyBrowser - Arbitrary File Upload Nginx http server 0.6.36 - Directory Traversal Nginx 0.6.36 - Directory Traversal atomic photo album 1.0.2 - Multiple Vulnerabilities Atomic Photo Album 1.0.2 - Multiple Vulnerabilities Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1) Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) bitweaver 2.8.1 - Persistent Cross-Site Scripting Bitweaver 2.8.1 - Persistent Cross-Site Scripting bitweaver 2.8.0 - Multiple Vulnerabilities Bitweaver 2.8.0 - Multiple Vulnerabilities Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2) DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (2) Bigace 2.7.5 - Arbitrary File Upload BigACE 2.7.5 - Arbitrary File Upload atutor 2.0.2 - Multiple Vulnerabilities ATutor 2.0.2 - Multiple Vulnerabilities boastMachine 3.1 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin) Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111) atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution Macro Expert 4.0 - Multiple Privilege Escalations axigen mail server 8.0.1 - Persistent Cross-Site Scripting Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation Joomla! Component Event Booking 2.10.1 - SQL Injection NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation bitweaver 2.8.1 - Multiple Vulnerabilities Bitweaver 2.8.1 - Multiple Vulnerabilities Contrexx CMS egov Module 1.0.0 - SQL Injection Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting atutor 1.2 - Multiple Vulnerabilities ATutor 1.2 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection Clockstone and other CMSMasters Theme - Arbitrary File Upload Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload Nginx HTTP Server 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) BuilderEngine 3.5.0 - Arbitrary File Upload PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution Bigace CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - admin.php Cross-Site Scripting BoastMachine 3.1 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (1) Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery boastMachine 2.8 - 'index.php' Local File Inclusion BoastMachine 2.8 - 'index.php' Local File Inclusion TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting boastMachine 3.1 - 'key' Parameter Cross-Site Scripting BoastMachine 3.1 - 'key' Parameter Cross-Site Scripting Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Creative Contact Form 0.9.7 - Arbitrary File Upload Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Paid Memberships Pro 1.7.14.2 - Directory Traversal Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal DukaPress 2.5.2 - Directory Traversal Wordpress Plugin DukaPress 2.5.2 - Directory Traversal Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Duplicator 0.5.8 - Privilege Escalation Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Shareaholic 7.6.0.3 - Cross-Site Scripting Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting Paypal Currency Converter Basic For WooCommerce - File Read Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (2) Multiple WordPress Themes WPScientist - Arbitrary File Upload Multiple WordPress WPScientist Themes - Arbitrary File Upload EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Avast AntiVirus - X.509 Error Rendering Command Execution Avast! AntiVirus - X.509 Error Rendering Command Execution Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Avast - OOB Write Decrypting PEncrypt Packed executables Avast - JetDb::IsExploited4x Performs Unbounded Search on Input Avast - Heap Overflow Unpacking MoleBox Archives Avast - Integer Overflow Verifying numFonts in TTC Header Avast! - OOB Write Decrypting PEncrypt Packed executables Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input Avast! - Heap Overflow Unpacking MoleBox Archives Avast! - Integer Overflow Verifying numFonts in TTC Header BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal Simple Ads Manager 2.9.4.116 - SQL Injection Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation Avast - Authenticode Parsing Memory Corruption Avast! - Authenticode Parsing Memory Corruption Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Job Script by Scubez - Remote Code Execution Wordpress Plugin Job Script by Scubez - Remote Code Execution Premium SEO Pack 1.9.1.3 - wp_options Overwrite Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite Ocomon 2.0 - SQL Injection	2016-09-27 05:01:25 +00:00
Offensive Security	a387f0befc	DB: 2016-09-26	2016-09-26 05:05:50 +00:00
Offensive Security	102574cb3e	DB: 2016-09-24 5 new exploits EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Adobe Acrobat Reader 7<9 - U3D Buffer Overflow Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit) Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit) Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Adobe Flash - Crash When Freeing Memory After AVC decoding Adobe Flash - Video Decompression Memory Corruption Linux - SELinux W+X Protection Bypass via AIO Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass Microsoft Excel 95<2004 - Malformed Graphic File Code Execution Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution Git-1.9.5 - ssh-agent.exe Buffer Overflow Git 1.9.5 - ssh-agent.exe Buffer Overflow Skybox Platform <=7.0.611 - Multiple Vulnerabilities Skybox Platform <= 7.0.611 - Multiple Vulnerabilities SOLIDserver <=5.0.4 - Local File Inclusion SOLIDserver <= 5.0.4 - Local File Inclusion WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)	2016-09-24 05:05:07 +00:00
Offensive Security	12047d93f1	DB: 2016-09-23 9 new exploits Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Slackware Linux 3.5 - Missing /etc/group Privilege Escalation Matrimonial Website Script 1.0.2 - SQL Injection Metasploit Web UI - Diagnostic Console Command Execution Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Exponent CMS 2.3.9 - Blind SQL Injection JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101) phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - 'PHPWS_SOURCE_DIR' Parameter Multiple Remote File Inclusion Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Microix Timesheet Module - SQL Injection Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities	2016-09-23 05:05:20 +00:00
Offensive Security	b8ebed3824	DB: 2016-09-22 6 new exploits Setuid perl - PerlIO_Debug() Root owned file creation Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation Kaltura 11.1.0-2 - Remote Code Execution (Metasploit) Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1) VideoCache 1.9.2 - vccleaner Root VideoCache 1.9.2 - 'vccleaner' Privilege Escalation UK One Media CMS - 'id' Error Based SQL Injection UK One Media CMS - 'id' Error-Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) Ultimate eShop - Error Based SQL Injection Ultimate eShop - Error-Based SQL Injection WordPress Plugin Multiple - timthumb.php Vulnerabilities Multiple WordPress Plugins - timthumb.php File Upload Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service Slackware Linux 3.5 - /etc/group missing results in Root access Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service Sudo 1.6.3 - Unclean Environment Variable Root Program Execution Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure Microsoft Office PowerPoint 2010 - Invalid Pointer Reference Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass Microweber 0.905 - Error Based SQL Injection Microweber 0.905 - Error-Based SQL Injection WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution	2016-09-22 05:06:28 +00:00
Offensive Security	fdd9fd65e2	DB: 2016-09-21 2 new exploits Dolphin 7.3.0 - Error-Based SQL Injection VegaDNS 0.13.2 - Remote Command Injection	2016-09-21 05:07:40 +00:00

... 2 3 4 5 6 ...

1184 commits