723 commits

Author	SHA1	Message	Date
Offensive Security	9680c9c2cb	DB: 2016-07-27 ... 6 new exploits Invision Power Board <= 3.0.4_ <= 3.0.4_ <= 2.3.6 - LFI and SQL Injection Invision Power Board <= 3.0.4 / <= 3.0.4 / <= 2.3.6 - LFI and SQL Injection Linux/x86 - connect back (140.115.53.35:9999)_ download a file (cb) and execute shellcode (149 bytes) Linux/x86 - Connect back (140.115.53.35:9999)_ download a file (cb) and execute shellcode (149 bytes) Linux/x86 - quick (yet conditional_ eax != 0 and edx == 0) exit shellcode (4 bytes) Linux/x86 - Quick (yet conditional_ eax != 0 and edx == 0) exit shellcode (4 bytes) Win32 - connectback_ receive_ save and execute shellcode Win32 - Connectback_ receive_ save and execute shellcode DVD X Player 5.5 Professional (.plf) Universal Buffer Overflow DVD X Player 5.5 Professional - (.plf) Universal Buffer Overflow DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP+ASLR Bypass) DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass) ISC BIND <= 8.2.2_IRIX <= 6.5.17_Solaris 7.0 - (NXT Overflow and Denial of Service) Vulnerabilities ISC BIND <= 8.2.2 / IRIX <= 6.5.17 / Solaris 7.0 - (NXT Overflow and Denial of Service) Vulnerabilities LedgerSMB1.0/1.1_SQL-Ledger 2.6.x Login Parameter Local File Include And Authentication Bypass Vulnerabilities LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - Login Parameter Local File Include And Authentication Bypass Vulnerabilities Lighttpd <= 1.4.15 - Multiple Code Execution_ Denial of Service and Information Disclosure Vulnerabilities Lighttpd <= 1.4.15 - Multiple Code Execution + Denial of Service + Information Disclosure Vulnerabilities Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow Privilege Escalation Windows TrackPopupMenu Win32k NULL Pointer Dereference Windows - TrackPopupMenu Win32k NULL Pointer Dereference ManageEngine OpManager_ Social IT Plus and IT360 - Multiple Vulnerabilities ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities Wikipad 1.6.0 - Cross-Site Scripting_ HTML Injection and Information Disclosure Vulnerabilities Wikipad 1.6.0 - Cross-Site Scripting + HTML Injection + Information Disclosure Vulnerabilities concrete5 5.5.2.1 Information Disclosure_ SQL Injection and Cross Site Scripting Vulnerabilities concrete5 5.5.2.1 - Information Disclosure + SQL Injection + Cross Site Scripting Vulnerabilities RuubikCMS 1.1.x Cross Site Scripting_ Information Disclosure and Directory Traversal Vulnerabilities RuubikCMS 1.1.x - Cross Site Scripting + Information Disclosure + Directory Traversal Vulnerabilities Windows Kernel Win32k.sys Privilege Escalation Exploit (MS14-058) Windows Kernel - Win32k.sys Privilege Escalation Exploit (MS14-058) Tiki-Wiki CMS Calendar 14.2_ 12.5 LTS_ 9.11 LTS_ and 6.15 - Remote Code Execution Tiki-Wiki CMS Calendar 14.2 / 12.5 LTS / 9.11 LTS / 6.15 - Remote Code Execution PHP 7.0.8_ 5.6.23 and 5.5.37 - bzread() Out-of-Bounds Write PHP 7.0.8 / 5.6.23 / 5.5.37 - bzread() Out-of-Bounds Write Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post Auth Remote Root Exploit (Metasploit) PHP File Vault 0.9 - Directory Traversal Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access	2016-07-27 05:06:35 +00:00
Offensive Security	d06dff59f9	DB: 2016-07-26 ... 16 new exploits Ubuntu Breezy 5.10 - Installer Password Disclosure Ubuntu 5.10 - Installer Password Disclosure BSD/x86 - setuid/portbind (TCP 31337) shellcode (94 bytes) BSD/x86 - setuid/portbind 31337/TCP shellcode (94 bytes) Linux/x86 - shellcode that forks a HTTP Server on port tcp/8800 (166 bytes) Linux/x86 - listens for shellcode on tcp/5555 and jumps to it (83 bytes) Linux/x86 - Forks a HTTP Server on port 8800/TCP shellcode (166 bytes) Linux/x86 - Listens for shellcode on 5555/TCP and jumps to it (83 bytes) Linux/x86 - Shellcode Polymorphic chmod(_/etc/shadow__666) (54 bytes) Linux/x86 - Polymorphic chmod(_/etc/shadow__666) Shellcode (54 bytes) Linux/x86 - Add root user _r00t_ with no password to /etc/passwd shellcode (69 bytes) Linux/x86 - Add root user 'r00t' with no password to /etc/passwd shellcode (69 bytes) Linux/x86 - SET_PORT() portbind 31337 tcp shellcode (100 bytes) Linux/x86 - SET_PORT() portbind 31337/TCP shellcode (100 bytes) Linux/x86 - Add User _xtz_ without Password to /etc/passwd shellcode (59 bytes) Linux/x86 - Add User 'xtz' without Password to /etc/passwd shellcode (59 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp + fork() shellcode (98 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP + fork() shellcode (98 bytes) Linux/x86 - connect-back shellcode 127.0.0.1:31337/tcp (74 bytes) Linux/x86 - Connect-back shellcode 127.0.0.1:31337/TCP (74 bytes) Linux/x86 - Add user _t00r_ encrypt shellcode (116 bytes) Linux/x86 - Add user 't00r' encrypt shellcode (116 bytes) Linux/x86 - Add user _t00r_ shellcode (82 bytes) Linux/x86 - Add user 't00r' shellcode (82 bytes) Linux/x86 - Add user _z_ shellcode (70 bytes) Linux/x86 - Add User 'z' shellcode (70 bytes) Solaris/x86 - portbind/tcp shellcode (Generator) Solaris/x86 - portbind/TCP shellcode (Generator) Linux/x86 - append _/etc/passwd_ & exit() shellcode (107 bytes) Linux/x86 - append '/etc/passwd' & exit() shellcode (107 bytes) Linux/x86 - sends _Phuck3d!_ to all terminals shellcode (60 bytes) Linux/x86 - sends 'Phuck3d!' to all terminals shellcode (60 bytes) Linux/x86 - change mode 0777 of _/etc/shadow_ with sys_chmod syscall shellcode (39 bytes) Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall shellcode (39 bytes) Linux/x86 - change mode 0777 of _/etc/passwd_ with sys_chmod syscall shellcode (39 bytes) Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall shellcode (39 bytes) Linux/ARM - Add root user _shell-storm_ with password _toor_ shellcode (151 bytes) Linux/ARM - Add root user 'shell-storm' with password 'toor' shellcode (151 bytes) OS-X/Intel - reverse_tcp shell x86_64 shellcode (131 bytes) OS-X/Intel (x86_64) - reverse_tcp shell shellcode (131 bytes) Linux/SuperH (sh4) - Add root user _shell-storm_ with password _toor_ shellcode (143 bytes) Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' shellcode (143 bytes) Linux/MIPS - Add user(UID 0) _rOOt_ with password _pwn3d_ shellcode (164 bytes) Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' shellcode (164 bytes) Linux/x86-64 - Bind TCP 4444 Port Shellcode (81 bytes / 96 bytes with password) Linux/x86-64 - Bind 4444/TCP Port Shellcode (81 bytes / 96 bytes with password) Linux/x86 - TCP Bind Shell 33333 Port Shellcode (96 bytes) Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes) OS-X/x86-64 - tcp 4444 port bind Nullfree shellcode (144 bytes) OS-X/x86-64 - 4444/TPC port bind Nullfree shellcode (144 bytes) Linux/x86-64 - Bind TCP 4444 Port Shellcode (103 bytes) Linux/x86-64 - TCP 4444 port Bindshell with Password Prompt shellcode (162 bytes) Linux/x86-64 - Bind 4444/TCP Port Shellcode (103 bytes) Linux/x86-64 - Bindshell 4444/TCP with Password Prompt shellcode (162 bytes) Linux/x86-64 - Bind TCP Port 1472 shellcode (IPv6) (199 bytes) Linux/x86-64 - Bind 1472/TCP shellcode (IPv6) (199 bytes) Linux/x86 - TCP Bind Shell Port 4444 shellcode (656 bytes) Linux/x86 - Bind Shell Port 4444/TCP shellcode (656 bytes) Linux/x86 - TCP Bind Shell Port 4444 shellcode (98 bytes) Linux/x86 - Bind Shell Port 4444/TCP shellcode (98 bytes) Rapid7 AppSpider 6.12 - Local Privilege Escalation Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit) Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit) MediaCoder 0.8.43.5852 - .m3u SEH Exploit Drupal CODER Module 2.5 - Remote Command Execution (Metasploit) CodoForum 3.2.1 - SQL Injection CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass) GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution PHP 7.0.8_ 5.6.23 and 5.5.37 - bzread() Out-of-Bounds Write Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities Micro Focus Filr 2 2.0.0.421_ Filr 1.2 1.2.0.846 - Multiple Vulnerabilities	2016-07-26 05:04:05 +00:00
Offensive Security	789febc361	DB: 2016-07-22 ... 4 new exploits Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit (3) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Bound Checking Root Exploit (3) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Validator (Proof of Concept) (1) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit (1) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Root Exploit (2) Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Elevation (1) Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Escalation (1) Linux Kernel 2.4 - 'uselib()' Privilege Elevation Exploit (2) Linux Kernel 2.4 - 'uselib()' Privilege Escalation Exploit (2) Linux Kernel 2.4 / 2.6 x86_64) - System Call Emulation Exploit Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Local Root Exploit TFTP Server 1.4 - ST Buffer Overflow Exploit (0Day) TFTP Server 1.4 - ST Buffer Overflow Exploit Linux Kernel < 2.6.22 - ftruncate()/open() Local Exploit Linux Kernel < 2.6.22 - ftruncate()/open() Local Root Exploit MuPDF pdf_shade4.c Multiple Stack-Based Buffer Overflows MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows (Linux Kernel <= 2.6.34-rc3) ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation ReiserFS xattr (Linux Kernel <= 2.6.34-rc3) (Redhat / Ubuntu 9.10) - Privilege Escalation Microsoft ASN.1 Library Bitstring Heap Overflow Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) Linux Kernel 2.0 / 2.1 / 2.2 - autofs Linux Kernel 2.2 - ldd core Force Reboot Linux Kernel 2.2 - 'ldd core' Force Reboot OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1) OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2) OpenSSH 3.x - Challenge-Response Buffer Overflow Vulnerabilities (1) OpenSSH 3.x - Challenge-Response Buffer Overflow Vulnerabilities (2) Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Linux Kernel Samba 2.2.8 (Debian / Mandrake) - Share Local Privilege Escalation Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition Local Privilege Escalation (x64) Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Local Privilege Escalation Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow (Proof of Concept) Apport/Abrt - Local Root Exploit Apport/Abrt (Ubuntu / Fedora) - Local Root Exploit Ubuntu usb-creator 0.2.x - Local Privilege Escalation usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Local Privilege Escalation Apport/Ubuntu - Local Root Race Condition Apport (Ubuntu 14.04/14.10/15.04) - Local Root Race Condition Linux Kernel 4.4.0-2 (Ubuntu 16.04) - netfilter target_offset OOB Local Root Exploit Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - netfilter target_offset OOB Local Root Exploit TFTP Server 1.4 - WRQ Buffer Overflow Exploit (Egghunter) Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal (84_ 122_ 172 bytes) TeamPass Passwords Management System 2.1.26 - Arbitrary File Download	2016-07-22 05:05:29 +00:00
Offensive Security	ec03ab428f	DB: 2016-07-21 ... 10 new exploits Microsoft Internet Explorer <= XP SP2 - HTML Help Control Local Zone Bypass Microsoft Internet Explorer XP SP2 - HTML Help Control Local Zone Bypass Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit Simplog <= 0.9.3 - (tid) Remote SQL Injection Exploit Simplog 0.9.3 - (tid) SQL Injection Skulltag <= 0.96f - (Version String) Remote Format String PoC OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit Skulltag 0.96f - (Version String) Remote Format String PoC OpenTTD 0.4.7 - Multiple Vulnerabilities Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC) Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities Apple Mac OS X Safari <= 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC Apple Mac OS X Safari 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC Aardvark Topsites PHP <= 4.2.2 - (path) Remote File Inclusion phpMyAgenda <= 3.0 Final (rootagenda) Remote Include Aardvark Topsites PHP <= 4.2.2 - (lostpw.php) Remote Include Exploit Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion phpMyAgenda 3.0 Final - (rootagenda) Remote Include Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion X7 Chat <= 2.0 - (help_file) Remote Commands Execution Exploit X7 Chat 2.0 - (help_file) Remote Command Execution Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit Auction 1.3m - (phpbb_root_path) Remote File Inclusion acFTP FTP Server <= 1.4 - (USER) Remote Buffer Overflow PoC Quake 3 Engine 1.32b R_RemapShader() Remote Client BoF Exploit acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow PoC Quake 3 Engine 1.32b - R_RemapShader() Remote Client BoF Exploit AWStats <= 6.5 - (migrate) Remote Shell Command Injection Exploit AWStats 6.5 - (migrate) Remote Shell Command Injection acFTP FTP Server <= 1.4 - (USER) Remote Denial of Service Exploit acFTP FTP Server 1.4 - (USER) Remote Denial of Service PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Jetbox CMS <= 2.1 - (relative_script_path) Remote File Inclusion Exploit ACal <= 2.2.6 - (day.php) Remote File Inclusion EQdkp <= 1.3.0 - (dbal.php) Remote File Inclusion PHP-Fusion 6.00.306 - Multiple Vulnerabilities Jetbox CMS 2.1 - (relative_script_path) Remote File Inclusion ACal 2.2.6 - (day.php) Remote File Inclusion EQdkp 1.3.0 - (dbal.php) Remote File Inclusion Microsoft Internet Explorer <= 6.0.2900 SP2 - (CSS Attribute) Denial of Service Microsoft Internet Explorer 6.0.2900 SP2 - (CSS Attribute) Denial of Service Unclassified NewsBoard <= 1.6.1 patch 1 - Arbitrary Local Inclusion Exploit Unclassified NewsBoard 1.6.1 patch 1 - Local File Inclusion Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (1) Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (2) Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (3) Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (1) Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (2) Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (3) Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (4) Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (4) Linux Kernel <= 2.6.17.4 - (proc) Local Root Exploit Linux Kernel <= 2.6.17.4 - 'proc' Local Root Exploit Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit Linux Kernel 2.4 / 2.6 x86_64) - System Call Emulation Exploit \o - Local File Inclusion (1st) Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1) PulseAudio setuid (Ubuntu 9.04 & Slackware 12.2.0) - Local Privilege Escalation PulseAudio setuid (Ubuntu 9.04 / Slackware 12.2.0) - Local Privilege Escalation Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept Linux Kernel <= 2.2.18 (RH 7.0/6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1) Linux Kernel <= 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1) Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes) Django CMS 3.3.0 - (Editor Snippet) Persistent XSS Drupal RESTWS Module 7.x - Remote PHP Code Execution (Metasploit) Linux/x86 - execve /bin/sh Shellcode (19 bytes) Wowza Streaming Engine 4.5.0 - Local Privilege Escalation Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation Wowza Streaming Engine 4.5.0 - Add Advanced Admin CSRF Wowza Streaming Engine 4.5.0 - Multiple XSS OpenSSHD <= 7.2p2 - Username Enumeration WordPress Video Player Plugin 1.5.16 - SQL Injection	2016-07-21 05:06:28 +00:00
Offensive Security	965b4bba8f	DB: 2016-07-20 ... 4 new exploits Microsoft Internet Explorer Object Tag Exploit (MS03-020) Microsoft Internet Explorer - Object Tag Exploit (MS03-020) ICQ Pro 2003a Password Bypass Exploit (ca1-icq.asm) ICQ Pro 2003a - Password Bypass Exploit (ca1-icq.asm) Cisco IOS IPv4 Packets Denial of Service Exploit Cisco IOS - IPv4 Packets Denial of Service Exploit Cisco IOS (using hping) Remote Denial of Service Exploit Cisco IOS - (using hping) Remote Denial of Service Exploit Microsoft Windows SQL Server Denial of Service Remote Exploit (MS03-031) Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031) Microsoft Windows RPC DCOM Remote Exploit (18 Targets) Microsoft Windows RPC - DCOM Remote Exploit (18 Targets) man-db 2.4.1 open_cat_stream() Local uid=man Exploit man-db 2.4.1 - open_cat_stream() Local uid=man Exploit Cisco IOS 12.x/11.x HTTP Remote Integer Overflow Exploit Cisco IOS 12.x/11.x - HTTP Remote Integer Overflow Exploit DameWare Mini Remote Control Server SYSTEM Exploit DameWare Mini Remote Control Server - SYSTEM Exploit Microsoft Internet Explorer Object Data Remote Exploit (M03-032) Microsoft Internet Explorer - Object Data Remote Exploit (M03-032) eMule/xMule/LMule OP_SERVERMESSAGE Format String Exploit eMule/xMule/LMule - OP_SERVERMESSAGE Format String Exploit Microsoft WordPerfect Document Converter Exploit (MS03-036) Microsoft WordPerfect Document Converter - Exploit (MS03-036) Roger Wilco 1.x Client Data Buffer Overflow Exploit Roger Wilco 1.x - Client Data Buffer Overflow Exploit Solaris Sadmind Default Configuration Remote Root Exploit Solaris Sadmind - Default Configuration Remote Root Exploit Microsoft Windows Messenger Service Denial of Service Exploit (MS03-043) Microsoft Windows Messenger Service - Denial of Service Exploit (MS03-043) Microsoft Exchange 2000 XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Frontpage Server Extensions fp30reg.dll Exploit (MS03-051) Microsoft Frontpage Server Extensions - fp30reg.dll Exploit (MS03-051) Microsoft Windows Workstation Service WKSSVC Remote Exploit (MS03-049) Microsoft Windows Workstation Service - WKSSVC Remote Exploit (MS03-049) Microsoft Windows XP Workstation Service Remote Exploit (MS03-049) Microsoft Windows XP Workstation Service - Remote Exploit (MS03-049) Microsoft Windows Messenger Service Remote Exploit FR (MS03-043) Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043) GateKeeper Pro 4.7 Web proxy Remote Buffer Overflow Exploit GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow Exploit Eudora 6.0.3 Attachment Spoofing Exploit (windows) Foxmail 5.0 PunyLib.dll Remote Stack Overflow Exploit Eudora 6.0.3 - Attachment Spoofing Exploit (Windows) Foxmail 5.0 - PunyLib.dll Remote Stack Overflow Exploit eSignal 7.6 STREAMQUOTE Remote Buffer Overflow Exploit eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow Exploit OpenBSD 2.6 - / 2.7ftpd Remote Exploit OpenBSD 2.6 / 2.7ftpd - Remote Exploit Redhat 6.1 - / 6.2 TTY Flood Users Exploit Redhat 6.1 / 6.2 - TTY Flood Users Exploit Solaris 2.6 - / 7 / 8 Lock Users Out of mailx Exploit Solaris 2.6 / 7 / 8 - Lock Users Out of mailx Exploit Solaris 2.5 - / 2.5.1 getgrnam() Local Overflow Exploit Solaris 2.5 / 2.5.1 - getgrnam() Local Overflow Exploit Solaris 7 - / 8-beta arp Local Overflow Exploit Solaris 7 / 8-beta - arp Local Overflow Exploit Solaris 2.6 - / 2.7 /usr/bin/write Local Overflow Exploit Solaris 2.6 / 2.7 - /usr/bin/write Local Overflow Exploit Cisco Multiple Products Automated Exploit Tool Cisco Multiple Products - Automated Exploit Tool Microsoft Internet Explorer (11 bytes) Denial of Service Exploit Microsoft Internet Explorer - Denial of Service Exploit (11 bytes) PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit PHP <= 4.3.7/5.0.0RC3 - memory_limit Remote Exploit VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid) (updated) VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid) GoodTech Telnet Server < 5.0.7 - Remote BoF Exploit (updated) GoodTech Telnet Server < 5.0.7 - Remote BoF Exploit (2) WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2nd updated) WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1st) WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2) WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1) Maxwebportal <= 1.36 password.asp Change Password Exploit (3 - perl) Maxwebportal <= 1.36 password.asp Change Password Exploit (2 - php) Maxwebportal <= 1.36 password.asp Change Password Exploit (1 - html) Maxwebportal <= 1.36 password.asp Change Password Exploit (3) (perl) Maxwebportal <= 1.36 password.asp Change Password Exploit (2) (php) Maxwebportal <= 1.36 password.asp Change Password Exploit (1) (html) ProRat Server <= 1.9 - (Fix-2) Buffer Overflow Crash Exploit ProRat Server <= 1.9 (Fix-2) - Buffer Overflow Crash Exploit Microsoft Windows DTC Remote Exploit (PoC) (MS05-051) (updated) Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2) phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (updated) phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (2) Microsoft Windows - ACLs Local Privilege Escalation Exploit (Updated) Microsoft Windows - ACLs Local Privilege Escalation Exploit (2) HPE <= 1.0 - (HPEinc) Remote File Include Vulnerabilities (updated) HPE <= 1.0 - (HPEinc) Remote File Include Vulnerabilities (2) phpBB Journals System Mod 1.0.2 [RC2] - Remote File Include Exploit phpBB Journals System Mod 1.0.2 RC2 - Remote File Include Exploit Mozilla Firefox <= 1.5.0.7/ 2.0 - (createRange) Remote DoS Exploit Mozilla Firefox <= 1.5.0.7/2.0 - (createRange) Remote DoS Exploit BrowseDialog Class (ccrpbds6.dll) Multiple Methods DoS Exploit BrowseDialog Class - (ccrpbds6.dll) Multiple Methods DoS Exploit Asterisk <= 1.2.15 - / 1.4.0 pre-auth Remote Denial of Service Exploit Asterisk <= 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Exploit PHP < 4.4.5 - / 5.2.1 php_binary Session Deserialization Information Leak PHP < 4.4.5 - / 5.2.1 WDDX Session Deserialization Information Leak PHP < 4.4.5 - / 5.2.1 - php_binary Session Deserialization Information Leak PHP < 4.4.5 - / 5.2.1 - WDDX Session Deserialization Information Leak PHP <= 4.4.6 - / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit PHP <= 4.4.6 / 5.2.1 - array_user_key_compare() ZVAL dtor Local Exploit PHP <= 4.4.6 - / 5.2.1 ext/gd Already Freed Resources Usage Exploit PHP <= 4.4.6 / 5.2.1 - ext/gd Already Freed Resources Usage Exploit Asterisk <= 1.2.16 - / 1.4.1 SIP INVITE Remote Denial of Service Exploit Asterisk <= 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service Exploit PHP < 4.4.5 - / 5.2.1 _SESSION unset() Local Exploit PHP < 4.4.5 - / 5.2.1 _SESSION Deserialization Overwrite Exploit PHP < 4.4.5 - / 5.2.1 - _SESSION unset() Local Exploit PHP < 4.4.5 - / 5.2.1 - _SESSION Deserialization Overwrite Exploit PHP 4.4.5 - / 4.4.6 session_decode() Double Free Exploit PoC PHP 4.4.5 / 4.4.6 - session_decode() Double Free Exploit PoC XOOPS Module MyAds Bug Fix <= 2.04jp (index.php) SQL Injection Exploit XOOPS Module MyAds Bug Fix <= 2.04jp - (index.php) SQL Injection Exploit Kaqoo Auction (install_root) Multiple Remote File Include Vulnerabilities Kaqoo Auction - (install_root) Multiple Remote File Include Vulnerabilities Asterisk < 1.2.22 - / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service Asterisk < 1.2.22 / 1.4.8 / 2.2.1 - chan_skinny Remote Denial of Service Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities Weblogicnet - (files_dir) Multiple Remote File Inclusion Vulnerabilities PHP <= 4.4.7 - / 5.2.3 MySQL/MySQLi Safe Mode Bypass PHP <= 4.4.7 / 5.2.3 - MySQL/MySQLi Safe Mode Bypass EB Design Pty Ltd (EBCRYPT.DLL 2.0) Multiple Remote Vulnerabilites EB Design Pty Ltd - (EBCRYPT.DLL 2.0) Multiple Remote Vulnerabilites Lama Software (14.12.2007) Multiple Remote File Inclusion Vulnerabilities Lama Software 14.12.2007 - Multiple Remote File Inclusion Vulnerabilities sCssBoard (pwnpack) Multiple Versions Remote Exploit sCssBoard - (pwnpack) Multiple Versions Remote Exploit Data Dynamics ActiveBar (Actbar3.ocx 3.2) Multiple Insecure Methods Data Dynamics ActiveBar (Actbar3.ocx 3.2) - Multiple Insecure Methods Shader TV (Beta) Multiple Remote SQL Injection Vulnerabilities Shader TV (Beta) - Multiple Remote SQL Injection Vulnerabilities Keller Web Admin CMS 0.94 Pro Local File Inclusion Keller Web Admin CMS 0.94 Pro - Local File Inclusion Keller Web Admin CMS 0.94 Pro Local File Inclusion (1st) \o - Local File Inclusion (1st) HRS Multi (picture_pic_bv.asp key) Blind SQL Injection Exploit HRS Multi - (picture_pic_bv.asp key) Blind SQL Injection Exploit Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities Kasra CMS - (index.php) Multiple SQL Injection Vulnerabilities Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - < UDEV 1.4.1 Local Privilege Escalation Exploit (1) Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Local Privilege Escalation Exploit (1) Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit Linux Kernel <= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit Mac OS X - Java applet Remote Deserialization Remote PoC (Updated) Mac OS X - Java applet Remote Deserialization Remote PoC (2) ZaoCMS (user_updated.php) Remote Change Password Exploit ZaoCMS - (user_updated.php) Remote Change Password Exploit eZoneScripts Hotornot2 Script (Admin Bypass) Multiple Remote Vulnerabilities eZoneScripts Hotornot2 Script - (Admin Bypass) Multiple Remote Vulnerabilities phpdirectorysource (XSS/SQL) Multiple Vulnerabilities phpdirectorysource - (XSS/SQL) Multiple Vulnerabilities Million-Dollar Pixel Ads Platinum (SQL/XSS) Multiple Vulnerabilities Million-Dollar Pixel Ads Platinum - (SQL/XSS) Multiple Vulnerabilities garagesalesjunkie (SQL/XSS) Multiple Vulnerabilities garagesalesjunkie - (SQL/XSS) Multiple Vulnerabilities Miniweb 2.0 Module Publisher (bSQL-XSS) Multiple Vulnerabilities Miniweb 2.0 Module Publisher - (bSQL/XSS) Multiple Vulnerabilities PHP Script Forum Hoster (Topic Delete/XSS) Multiple Vulnerabilities PHP Script Forum Hoster - (Topic Delete/XSS) Multiple Vulnerabilities Linux Kernel 2.x - sock_sendpage() Local Root Exploit (Android) Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (Android) GDivX Zenith Player AviFixer Class (fix.dll 1.0.0.1) Buffer Overflow PoC GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow PoC Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC) Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - 'sock_sendpage()' Local Root (PPC) phpMySite (XSS/SQLi) Multiple Vulnerabilities phpMySite - (XSS/SQLi) Multiple Vulnerabilities (Tod Miller's) Sudo/SudoEdit 1.6.x / 1.7.x (<= 1.6.9p21 / <= 1.7.2p4) - Local Root Exploit (Tod Miller's) Sudo/SudoEdit <= 1.6.9p21 / <= 1.7.2p4 - Local Root Exploit Preisschlacht Multi Liveshop System SQL Injection (seite&aid) index.php Preisschlacht Multi Liveshop System - SQL Injection (seite&aid) index.php quality point 1.0 newsfeed (SQL/XSS) Multiple Vulnerabilities quality point 1.0 newsfeed - (SQL/XSS) Multiple Vulnerabilities Open Web Analytics 1.2.3 multi file include Open Web Analytics 1.2.3 - multi file include Scratcher (SQL/XSS) Multiple Remote Scratcher - (SQL/XSS) Multiple Remote phpscripte24 Live Shopping Multi Portal System SQL Injection Exploit phpscripte24 Live Shopping Multi Portal System - SQL Injection Exploit e-webtech (fixed_page.asp) SQL Injection e-webtech - (fixed_page.asp) SQL Injection parlic Design (SQL/XSS/HTML) Multiple Vulnerabilities parlic Design - (SQL/XSS/HTML) Multiple Vulnerabilities MileHigh Creative (SQL/XSS/HTML Injection) Multiple Vulnerabilities MileHigh Creative - (SQL/XSS/HTML Injection) Multiple Vulnerabilities CMScout (XSS/HTML Injection) Multiple Vulnerabilities CMScout - (XSS/HTML Injection) Multiple Vulnerabilities k-search (SQL/XSS) Multiple Vulnerabilities k-search - (SQL/XSS) Multiple Vulnerabilities GuestBook Script PHP (XSS/HTML Injection) Multiple Vulnerabilities GuestBook Script PHP - (XSS/HTML Injection) Multiple Vulnerabilities Max's Guestbook (HTML Injection/XSS) Multiple Vulnerabilities Max's Guestbook - (HTML Injection/XSS) Multiple Vulnerabilities Joomla Component (com_jefaqpro) Multiple Blind SQL Injection Vulnerabilities Joomla Component (com_jefaqpro) - Multiple Blind SQL Injection Vulnerabilities Joomla Component (com_restaurantguide) Multiple Vulnerabilities Joomla Component - (com_restaurantguide) Multiple Vulnerabilities TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities TradeMC E-Ticaret - (SQL/XSS) Multiple Vulnerabilities Projekt Shop (details.php) Multiple SQL Injection Vulnerabilities Projekt Shop - (details.php) Multiple SQL Injection Vulnerabilities CakePHP <= 1.3.5 - / 1.2.8 unserialize() CakePHP <= 1.3.5 / 1.2.8 - unserialize() Rae Media Real Estate Multi Agent SQL Injection Rae Media Real Estate Multi Agent - SQL Injection Solaris ypupdated Command Execution Solaris - ypupdated Command Execution CakePHP <= 1.3.5 - / 1.2.8 Cache Corruption Exploit CakePHP <= 1.3.5 / 1.2.8 - Cache Corruption Exploit Joomla HM-Community (com_hmcommunity) Multiple Vulnerabilities Joomla HM-Community - (com_hmcommunity) Multiple Vulnerabilities Siemens SIMATIC WinCC Flexible (Runtime) Multiple Vulnerabilities Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities CyberLink Multiple Products File Project Handling Stack Buffer Overflow PoC CyberLink Multiple Products - File Project Handling Stack Buffer Overflow PoC Ruby on Rails ActionPack Inline ERB Code Execution Ruby on Rails ActionPack Inline ERB - Code Execution HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 RPC.YPUpdated Command Execution (1) HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 RPC.YPUpdated Command Execution (2) HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 - RPC.YPUpdated Command Execution (1) HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 - RPC.YPUpdated Command Execution (2) ASTPP VoIP Billing (4cf207a) Multiple Vulnerabilities ASTPP VoIP Billing (4cf207a) - Multiple Vulnerabilities Drummond Miles A1Stats 1.0 a1disp2.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 a1disp3.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 a1disp4.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read Drummond Miles A1Stats 1.0 - a1disp4.cgi Traversal Arbitrary File Read Symantec Norton Personal Firewall 2002/ Kaspersky Labs Anti-Hacker 1.0/BlackIce Server Protection 3.5/BlackICE Defender 2.9 - Auto Block DoS Weakness Symantec Norton Personal Firewall 2002/Kaspersky Labs Anti-Hacker 1.0/BlackIce Server Protection 3.5/BlackICE Defender 2.9 - Auto Block DoS Weakness Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities Microsoft URLScan 2.5/ RSA Security SecurID 5.0 Configuration Enumeration Weakness Microsoft URLScan 2.5/RSA Security SecurID 5.0 - Configuration Enumeration Weakness WinSyslog Interactive Syslog Server 4.21/ long Message Remote Denial of Service WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service VocalTec VGW120/ VGW480 Telephony Gateway Remote H.225 - Denial of Service VocalTec VGW120/VGW480 Telephony Gateway Remote H.225 - Denial of Service Web Wiz Multiple Products SQL Injection Web Wiz Multiple Products - SQL Injection RealNetworks Multiple Products Multiple Buffer Overflow Vulnerabilities RealNetworks Multiple Products - Multiple Buffer Overflow Vulnerabilities Geodesic Solutions Multiple Products index.php b Parameter SQL Injection Geodesic Solutions Multiple Products - index.php b Parameter SQL Injection HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Linux Kernel <= 2.6.17.7 - NFS and EXT3 Combination Remote Denial of Service Apache HTTP Server (<= 1.3.35 / <= 2.0.58 / <= 2.2.2) - Arbitrary HTTP Request Headers Security Weakness Apache HTTP Server <= 1.3.35 / <= 2.0.58 / <= 2.2.2 - Arbitrary HTTP Request Headers Security Weakness Symantec Multiple Products SymEvent Driver Local Denial of Service Symantec Multiple Products - SymEvent Driver Local Denial of Service FreeBSD 5.x I386_Set_LDT() Multiple Local Denial of Service Vulnerabilities FreeBSD 5.x I386_Set_LDT() - Multiple Local Denial of Service Vulnerabilities Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit Apache + PHP < 5.3.12 & < 5.4.2 - cgi-bin Remote Code Execution Exploit Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner) Apache + PHP < 5.3.12 & < 5.4.2 - Remote Code Execution (Multithreaded Scanner) PHP Multi User Randomizer 2006.09.13 Configure_Plugin.TPL.php Cross-Site Scripting PHP Multi User Randomizer 2006.09.13 - Configure_Plugin.TPL.php Cross-Site Scripting Symantec Multiple Products SPBBCDrv Driver Local Denial of Service Symantec Multiple Products - SPBBCDrv Driver Local Denial of Service Exponent CMS 0.96.5/ 0.96.6 magpie_debug.php url Parameter XSS Exponent CMS 0.96.5/ 0.96.6 magpie_slashbox.php rss_url Parameter XSS Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing Exponent CMS 0.96.5/0.96.6 - magpie_debug.php url Parameter XSS Exponent CMS 0.96.5/0.96.6 - magpie_slashbox.php rss_url Parameter XSS Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing Simple OS CMS 0.1c_beta 'login.php' SQL Injection Simple OS CMS 0.1c_beta - 'login.php' SQL Injection WebcamXP 3.72.440/4.05.280 beta /pocketpc camnum Variable Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 beta /show_gallery_pic id Variable Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 beta - /pocketpc camnum Variable Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure Adobe Flash Player 8/ 9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution IBM Maximo 4.1/ 5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities Symantec Multiple Products Client Proxy ActiveX (CLIproxy.dll) Remote Overflow Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow Blog Ink (Blink) Multiple SQL Injection Vulnerabilities Blog Ink (Blink) - Multiple SQL Injection Vulnerabilities PHP Scripts Now Multiple Products bios.php rank Parameter XSS PHP Scripts Now Multiple Products bios.php rank Parameter SQL Injection PHP Scripts Now Multiple Products - bios.php rank Parameter XSS PHP Scripts Now Multiple Products - bios.php rank Parameter SQL Injection cformsII 11.5/ 13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities cformsII 11.5/13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities Native Instruments Multiple Products DLL Loading Arbitrary Code Execution Native Instruments Multiple Products - DLL Loading Arbitrary Code Execution PHP 5.x (< 5.6.2) - Bypass disable_functions Exploit (Shellshock) PHP < 5.6.2 - Bypass disable_functions Exploit (Shellshock) PHP 5.x (< 5.3.6) 'Zip' Extension - 'zip_fread()' Function Denial of Service PHP 5.x (< 5.3.6) OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak DoS PHP 5.x (< 5.3.6) OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak DoS PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Function Denial of Service PHP < 5.3.6 OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak DoS PHP < 5.3.6 OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak DoS ManageEngine Multiple Products Authenticated File Upload ManageEngine Multiple Products - Authenticated File Upload BlueSoft Multiple Products Multiple SQL Injection Vulnerabilities BlueSoft Multiple Products - Multiple SQL Injection Vulnerabilities Ay Computer Multiple Products Multiple SQL Injection Vulnerabilities Ay Computer Multiple Products - Multiple SQL Injection Vulnerabilities net4visions Multiple Products 'dir' parameters Multiple Cross Site Scripting Vulnerabilities net4visions Multiple Products - 'dir' parameters Multiple Cross Site Scripting Vulnerabilities Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Privilege Escalation (Access /etc/shadow) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Privilege Escalation (Access /etc/shadow) Webify Multiple Products Multiple HTML Injection and Local File Include Vulnerabilities Webify Multiple Products - Multiple HTML Injection and Local File Include Vulnerabilities AirLive Multiple Products OS Command Injection AirLive Multiple Products - OS Command Injection Sciretech Multiple Products Multiple SQL Injection Vulnerabilities Sciretech Multiple Products - Multiple SQL Injection Vulnerabilities AlienVault Open Source SIEM (OSSIM) Multiple Cross Site Scripting Vulnerabilities AlienVault Open Source SIEM (OSSIM) - Multiple Cross Site Scripting Vulnerabilities Windows x86 - URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode (394 bytes) Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes) Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution Riverbed SteelCentral NetProfiler/NetExpress - Remote Code Execution Linux/x86-64 - Syscall Persistent Bind Shell + (Multi-terminal) + Password + Daemon (83_ 148_ 177 bytes) Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Exploit NewsP Free News Script 1.4.7 - User Credentials Disclosure newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure	2016-07-20 05:02:55 +00:00
Offensive Security	acd30ed451	DB: 2016-07-19	2016-07-19 06:38:52 +00:00
Offensive Security	0d018828aa	DB: 2016-07-15	2016-07-15 06:29:45 +00:00
Offensive Security	fc4bc08825	DB: 2016-07-12 ... 15 new exploits Apache HTTPd - Arbitrary Long HTTP Headers DoS Apache HTTPd - Arbitrary Long HTTP Headers DoS (Perl) Apache HTTPd - Arbitrary Long HTTP Headers DoS Apache HTTPd - Arbitrary Long HTTP Headers DoS (C) Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Exploit (C) (1) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) (c code) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2) Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (1) Webhints <= 1.03 - Remote Command Execution Exploit (c code) (2) Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (3) Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (1) Webhints <= 1.03 - Remote Command Execution Exploit (C) (2) Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (3) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl Code) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C Code) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C) SimpleBBS <= 1.1 - Remote Commands Execution Exploit (c code) SimpleBBS <= 1.1 - Remote Commands Execution Exploit (C) Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code) Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C) aFAQ 1.0 (faqDsp.asp catcode) Remote SQL Injection Vulnerability aFAQ 1.0 - (faqDsp.asp catcode) Remote SQL Injection Vulnerability Apple CFNetwork HTTP Response Denial of Service Exploit (rb code) Apple CFNetwork - HTTP Response Denial of Service Exploit (RB) PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion Vulnerability WebPortal CMS <= 0.7.4 (code) Remote Code Execution Vulnerability WebPortal CMS <= 0.7.4 - (code) Remote Code Execution Vulnerability emergecolab 1.0 (sitecode) Local File Inclusion Vulnerability emergecolab 1.0 - (sitecode) Local File Inclusion Vulnerability Simple Machines Forums (BBCode) Cookie Stealing Vulnerability Simple Machines Forums - (BBCode) Cookie Stealing Vulnerability Movie PHP Script 2.0 (init.php anticode) Code Execution Vulnerability Movie PHP Script 2.0 - (init.php anticode) Code Execution Vulnerability Kjtechforce mailman b1 (code) SQL Injection Delete Row Vulnerability Kjtechforce mailman b1 - (code) SQL Injection Delete Row Vulnerability WordPress Activity Log Plugin 2.3.1 - Persistent XSS IPS Community Suite 4.1.12.3 - PHP Code Injection Adobe Flash - ATF Processing Overflow Adobe Flash - JXR Processing Double Free Adobe Flash - LMZA Property Decoding Heap Corruption Adobe Flash - ATF Image Packing Overflow Tiki Wiki 15.1 - Unauthenticated File Upload Vulnerability (msf) Ho' Detector (Promiscuous mode detector shellcode) (56 bytes) Ho' Detector - Promiscuous mode detector shellcode (56 bytes) MS16-016 mrxdav.sys WebDav Local Privilege Escalation Ruby on Rails ActionPack Inline ERB Code Execution Lan Messenger sending PM Buffer Overflow (UNICODE) - Overwrite SEH Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH Tiki Wiki CMS 15.0 - Arbitrary File Download Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS Device42 WAN Emulator 2.3 Traceroute Command Injection Device42 WAN Emulator 2.3 Ping Command Injection Device42 WAN Emulator 2.3 - Traceroute Command Injection Device42 WAN Emulator 2.3 - Ping Command Injection Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash Dell KACE K1000 File Upload Dell KACE K1000 - File Upload Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection Valve Steam 3.42.16.13 - Local Privilege Escalation Beauty Parlour & SPA Saloon Management System - Blind SQL Injection Clinic Management System - Blind SQL Injection Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes	2016-07-12 05:05:04 +00:00
Offensive Security	76bc268c80	DB: 2016-07-11	2016-07-11 05:06:57 +00:00
Offensive Security	29f0764fac	DB: 2016-07-09 ... 9 new exploits Joomla <= 1.0.9 (Weblinks) Remote Blind SQL Injection Exploit Joomla <= 1.0.9 - (Weblinks) Remote Blind SQL Injection Exploit Microsoft Excel Malformed FEATHEADER Record Exploit (MS09-067) Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067) Seo Panel 2.2.0 Cookie-Rendered Persistent XSS Vulnerability Seo Panel 2.2.0 - Cookie-Rendered Persistent XSS Vulnerability VLC AMV Dangling Pointer Vulnerability VLC - AMV Dangling Pointer Vulnerability Movable Type 4.2x_ 4.3x Web Upgrade Remote Code Execution Movable Type 4.2x_ 4.3x - Web Upgrade Remote Code Execution Roxio CinePlayer 3.2 SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability Roxio CinePlayer 3.2 - SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability HP Client Automation Command Injection HP Client - Automation Command Injection Persistent Systems Client Automation Command Injection RCE Persistent Systems Client Automation - Command Injection RCE ElasticSearch Unauthenticated Remote Code Execution ElasticSearch - Unauthenticated Remote Code Execution ElasticSearch Search Groovy Sandbox Bypass ElasticSearch - Search Groovy Sandbox Bypass Fedora abrt Race Condition Exploit Fedora - abrt Race Condition Exploit ProFTPD 1.3.5 Mod_Copy Command Execution ProFTPD 1.3.5 - Mod_Copy Command Execution Windows ClientCopyImage Win32k Exploit Microsoft Windows - ClientCopyImage Win32k Exploit Wolf CMS Arbitrary File Upload To Command Execution Wolf CMS - Arbitrary File Upload To Command Execution Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1) Kaseya VSA uploader.aspx Arbitrary File Upload Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload Samsung Galaxy S6 - Samsung Gallery Bitmap Decoding Crash Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008) Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008) Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008) Microsoft Windows 7 SP1 x86 - WebDAV Privilege Escalation (MS16-016) Microsoft Windows 7 SP1 x86 - WebDAV Privilege Escalation (MS16-016) (1) NETGEAR ProSafe Network Management System 300 Arbitrary File Upload NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032) Microsoft Windows 8.1/10 - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032) OS X / iOS Suid Binary Logic Error Kernel Code Execution OS X / iOS - Suid Binary Logic Error Kernel Code Execution Novell ServiceDesk Authenticated File Upload Novell ServiceDesk - Authenticated File Upload Mach Race OS X Local Privilege Escalation Exploit Mach Race OS X - Local Privilege Escalation Exploit Oracle ATS Arbitrary File Upload Oracle Application Testing Suite (ATS) - Arbitrary File Upload Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit) HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit) WordPress Lazy Content Slider Plugin 3.4 - (Add Catetory) CSRF Hide.Me VPN Client 1.2.4 - Privilege Escalation InstantHMI 6.1 - Privilege Escalation Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash PoC Microsoft WinDbg logviewer.exe - Crash PoC Linux x86 TCP Reverse Shellcode - 75 bytes php Real Estate Script 3 - Arbitrary File Disclosure CyberPower Systems PowerPanel 3.1.2 - XXE Out-Of-Band Data Retrieval Streamo Online Radio And TV Streaming CMS - SQL Injection	2016-07-09 05:06:22 +00:00
Offensive Security	c7daadde64	DB: 2016-07-08 ... 8 new exploits WordPress Q and A (Focus Plus) FAQ Plugin 1.3.9.7 - Multiple Vulnerabilities WordPress Huge-IT Image Gallery Plugin 1.8.9 - Multiple Vulnerabilities Codoforum 3.4 - Stored Cross-Site Scripting MediaCoder 0.8.43.5830 - .m3u Buffer Overflow SEH Exploit VUPlayer 2.49 - .m3u Buffer Overflow Exploit (Win 7 DEP Bypass) Core FTP LE 2.2 - Path Field Local Buffer Overflow OPAC KpwinSQL - Multiple Vulnerabilities GE Proficy HMI/SCADA CIMPLICITY 8.2 - Local Privilege Escalation	2016-07-08 05:06:14 +00:00
Offensive Security	52cf6a3185	DB: 2016-07-07 ... 9 new exploits CIMA DocuClass ECM - Multiple Vulnerabilities 24online SMS_2500i 8.3.6 build 9.0 - SQL Injection Linux 64bit Ncat Shellcode (SSL_ MultiChannel_ Persistant_ Fork_ IPv4/6_ Password) - 176 bytes Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities PaKnPost Pro 1.14 - Multiple Vulnerabilities GNU Wget < 1.18 - Arbitrary File Upload/Remote Code Execution OpenFire 3.10.2 - 4.0.1 - Multiple Vulnerabilities Samsung Android JACK - Privilege Escalation Nagios XI Chained Remote Code Execution	2016-07-07 05:06:28 +00:00
Offensive Security	b530dd470e	DB: 2016-07-05 ... 8 new exploits BigDump - (Cross Site Scripting/SQL Injection/Arbitrary File Upload) Multiple Vulnerabilities BigDump 0.29b and 0.32b - Multiple Vulnerabilities Linux - netfilter IPT_SO_SET_REPLACE Memory Corruption Linux Kernel 3.10_ 3.18 + 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption Debian Exim - Spool Local Root Privilege Escalation Ubuntu 16.04 local root exploit - netfilter target_offset OOB Linux Kernel 4.4.0-2 (Ubuntu 16.04) - netfilter target_offset OOB Local Root Exploit XpoLog Center 6 - Remote Command Execution CSRF Ktools Photostore 4.7.5 - Multiple Vulnerabilities Linux 64bit NetCat Bind Shell Shellcode - 64 bytes WordPress Real3D FlipBook Plugin - Multiple Vulnerabilities Linux x86 TCP Bind Shell Port 4444 - 98 bytes WebCalendar 1.2.7 - Multiple Vulnerabilities eCardMAX 10.5 - Multiple Vulnerabilities	2016-07-05 05:06:28 +00:00
Offensive Security	58c236d738	DB: 2016-07-02 ... 1 new exploits Sudo 1.3.1 - 1.6.8p - Pathname Validation Local Root Exploit (OpenBSD) Sudo 1.3.1 - 1.6.8p (OpenBSD) - Pathname Validation Local Root Exploit Seattle Lab Software Emurl 2.0 Email Account Access Vulnerability Seattle Lab Software Emurl 2.0 - Email Account Access Vulnerability Phoenix Exploit Kit - Remote Code Execution	2016-07-02 05:02:45 +00:00
Offensive Security	0fddce018e	DB: 2016-07-01 ... 2 new exploits phpBookingCalendar <= 1.0c - (details_view.php) Remote SQL Injection TFT Gallery <= 0.10 - Password Disclosure Remote Exploit phpBookingCalendar 1.0c - (details_view.php) SQL Injection TFT Gallery 0.10 - Password Disclosure Remote Exploit Seattle Lab Mail 5.5 - POP3 Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - POP3 Buffer Overflow Ktools Photostore 4.7.5 - Blind SQL Injection Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass	2016-07-01 05:05:35 +00:00
Offensive Security	f74a7dfb7e	DB: 2016-06-30 ... 13 new exploits Symantec Antivirus - Multiple Remote Memory Corruption Unpacking RAR Symantec Antivirus - Remote Stack Buffer Overflow in dec2lha Library Symantec Antivirus - Heap Overflow Modifying MIME Messages Symantec Antivirus - Integer Overflow in TNEF Decoder Symantec Antivirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink Symantec Antivirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow Windows 7 SP1 x86 - Privilege Escalation (MS16-014) Lenovo ThinkPad - System Management Mode Arbitrary Code Execution Exploit Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities WordPress Ultimate Membership Pro Plugin 3.3 - SQL Injection Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution Ubiquiti Administration Portal - CSRF to Remote Command Execution Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion	2016-06-30 05:05:39 +00:00
Offensive Security	e9145685e4	DB: 2016-06-28 ... 14 new exploits Linux Netcat Reverse Shell - 32bit - 77 bytes XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability Linux x86_64 execve Shellcode - 15 bytes WordPress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload OPAC KpwinSQL - SQL Injection Magnet Networks Tesley CPVA 642 Router – Weak WPA-PSK Passphrase Algorithm Option CloudGate CG0192-11897 - Multiple Vulnerabilities Kagao 3.0 - Multiple Vulnerabilities Panda Security Multiple Products - Privilege Escalation MyLittleForum 2.3.5 - PHP Command Injection iBilling 3.7.0 - Stored and Reflected XSS PInfo 0.6.9-5.1 - Local Buffer Overflow BigTree CMS 4.2.11 - SQL Injection HNB 1.9.18-10 - Local Buffer Overflow Linux x86 /bin/sh Shellcode + ASLR Bruteforce SugarCRM 6.5.18 - PHP Code Injection Riverbed SteelCentral NetProfiler & NetExpress 10.8.7 - Multiple Vulnerabilities	2016-06-28 05:03:46 +00:00
Offensive Security	3739831fb2	DB: 2016-06-24 ... 16 new exploits Banner Exchange Script 1.0 - (targetid) Blind SQL Injection Vulnerability PHP 5.3.3 - ibase_gen_id() off-by-one Overflow Vulnerability ARM Bindshell port 0x1337 ARM Bind Connect UDP Port 68 ARM Loader Port 0x1337 ARM ifconfig eth0 and Assign Address ARM Bindshell port 0x1337 ARM Bind Connect UDP Port 68 ARM Loader Port 0x1337 ARM ifconfig eth0 and Assign Address G Data TotalCare 2011 - NtOpenKey Race Condition Vulnerability ImpressPages CMS 3.8 - Stored XSS Vulnerability Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability Linux Netcat Reverse Shell - 32bit - 77 bytes PrestaShop 1.4.4.1 modules/mondialrelay/kit_mondialrelay/RechercheDetailPointRelais_ajax.php Multiple Parameter XSS PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS Getsimple CMS 3.3.10 - Arbitrary File Upload op5 v7.1.9 Configuration Command Execution op5 7.1.9 - Configuration Command Execution Alibaba Clone B2B Script - Arbitrary File Disclosure XuezhuLi FileSharing - Directory Traversal XuezhuLi FileSharing - (Add User) CSRF FinderView - Multiple Vulnerabilities	2016-06-24 05:06:19 +00:00
Offensive Security	0fe9b46f79	DB: 2016-06-22 ... 14 new exploits Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit (2) Linux Kernel <= 2.4.22 - 'do_brk()' Local Root Exploit (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit (3) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit (1) Linux Kernel <= 2.4.29-rc2 - uselib() Privilege Elevation Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Elevation (1) Linux Kernel 2.4 - uselib() Privilege Elevation Exploit Linux Kernel 2.4 - uselib() Privilege Elevation Exploit (2) Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit (3) Linux Kernel 2.6.17 <= 2.6.24.1 - vmsplice Local Root Exploit Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Local Root Exploit (2) Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit (1) Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit (1) Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2) Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1) Linux Kernel 2.x - sock_sendpage() Local Root Exploit (2) Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Local Root Exploit (1) Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (2) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (3) Linux Kernel <= 2.6.30 - atalk_getname() 8-bytes Stack Disclosure Exploit Linux Kernel <= 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit (1) Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit (2) Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit (2) Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Root Exploit (3) Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2) Linux Kernel 2.4 / 2.6 (Fedora 11) - 'sock_sendpage()' Local Root Exploit (4) Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (3) Linux Kernel 2.4 / 2.6 - 'sock_sendpage()' Local Root Exploit (5) Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation (3) Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability (4) Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation Linux Kernel <= 2.6.37 - Local Kernel Denial of Service Linux Kernel <= 2.6.37 - Local Kernel Denial of Service (1) Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS (2) Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Exploit Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1) Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Local Root (1) Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability Linux Kernel 2.0/2.1 (Digital UNIX <= 4.0 D / FreeBSD <= 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX <= 3.2.5 / NetBSD 1.2 / Solaris <= 2.5.1) - Smurf Denial of Service Vulnerability Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability Linux Kernel <= 2.3 (BSD/OS <= 4.0 / FreeBSD <= 3.2 / NetBSD <= 1.4) - Shared Memory Denial of Service Vulnerability Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service Linux Kernel 2.2.12/2.2.14/2.3.99 (RedHat 6.x) - Socket Denial of Service Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1) Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2) Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root 'sendmail' Vulnerability (1) Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2) Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Local Root (1) Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1) Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Local Root Vulnerability (1) Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Local Root Exploit (1) Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit (2) Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept (1) Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with 'CONFIG_X86_X32' Exploit (2) Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit (3) Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit (3) Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit Linux Kernel 2.6.x - 'fasync_helper()' Local Privilege Escalation Vulnerability Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.0/1/2 x64) - perf_swevent_init Local Root Exploit (3) Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation Vulnerability Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2) Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Local Root (2) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Root Shell Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Local Root Exploit (1) Linux Kernel <= 4.3.3 - overlayfs Local Privilege Escalation Linux Kernel <= 4.3.3 - 'overlayfs' Local Privilege Escalation (2) DarkComet Server Remote File Download Exploit (msf) Banshee 2.6.2 - .mp3 Crash PoC IonizeCMS 1.0.8 - (Add Admin) CSRF Yona CMS - (Add Admin) CSRF Joomla Publisher Pro (com_publisher) Component - SQL Injection Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Windows Kernel - ATMFD.DLL NamedEscape 0x250C Pool Corruption (MS16-074) Linux - ecryptfs and /proc/$pid/environ Privilege Escalation Windows - Custom Font Disable Policy Bypass Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063) SAP NetWeaver AS JAVA 7.1 - 7.5 - ctcprotocol Servlet XXE SAP NetWeaver AS JAVA 7.1 - 7.5 - Directory Traversal Radiant CMS 1.1.3 - Mutiple Persistent XSS Vulnerabilities YetiForce CRM < 3.1 - Persistent XSS	2016-06-22 05:06:31 +00:00
Offensive Security	da158cde92	DB: 2016-06-21 ... 11 new exploits Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability WordPress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation Linux x86_64 execve Shellcode - 15 bytes sNews CMS 1.7.1 - Multiple Vulnerabilities Joomla BT Media (com_bt_media) Component - SQL Injection Premium SEO Pack 1.9.1.3 - wp_options Overwrite Windows XP - 10 - Download & Execute Shellcode Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow (msf) Airia - (Add Content) CSRF Airia - Webshell Upload Exploit Symphony CMS 2.6.7 - Session Fixation ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Service Path Privilege Escalation	2016-06-21 05:03:48 +00:00
Offensive Security	eb4f2190bb	DB: 2016-06-20	2016-06-20 05:06:31 +00:00
Offensive Security	929e1cb538	DB: 2016-06-18 ... 5 new exploits WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload Vicidial 2.11 - Scripts Stored XSS phpATM 1.32 - Remote Command Execution (Shell Upload) on Windows Servers phpATM 1.32 - Multiple Vulnerabilities op5 v7.1.9 Configuration Command Execution	2016-06-18 05:02:53 +00:00
Offensive Security	2815f48e25	DB: 2016-06-17 ... 12 new exploits Linux x86_64 - Reverse Shell Shellcode Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal Solarwinds Virtualization Manager - Privilege Escalation Blat 3.2.14 - Stack Overflow Linux/x86 - Bindshell with Configurable Port - 87 bytes Linux x86_64 Shellcode Null-Free Reverse TCP Shell Linux x86 TCP Bind Shell Port 4444 (656 bytes) Tiki-Wiki CMS Calendar 14.2_ 12.5 LTS_ 9.11 LTS_ and 6.15 - Remote Code Execution Linux/Windows/BSD x86_64 execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode ATCOM PBX IP01_ IP08 _ IP4G_ IP2G4A - Authentication Bypass Roxy Fileman 1.4.4 - Arbitrary File Upload SlimCMS 0.1 - CSRF (Change Admin Password)	2016-06-17 05:05:00 +00:00
Offensive Security	33dd246d8a	DB: 2016-06-16 ... 14 new exploits Ultrabenosaurus ChatBoard - Stored XSS Ultrabenosaurus ChatBoard - CSRF (Send Message) w2wiki - Multiple XSS Vulnerabilities Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities Dokeos 2.2.1 - Blind SQL Injection Joomla En Masse (com_enmasse) Component 5.1 - 6.4 - SQL Injection AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation BookingWizz Booking System < 5.5 - Multiple Vulnerabilities jbFileManager - Directory Traversal PHPLive 4.4.8 - 4.5.4 - Password Recovery SQL Injection Bomgar Remote Support Unauthenticated Code Execution (msf) Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1) Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2) Google Chrome - GPU Process MailboxManagerImpl Double-Read	2016-06-16 05:02:53 +00:00
Offensive Security	6c005f3b2b	DB: 2016-06-15 ... 3 new exploits Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass Apache Continuum Arbitrary Command Execution WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite Oracle Orakill.exe 11.2.0 - Buffer Overflow	2016-06-15 05:06:23 +00:00
Offensive Security	264d15855e	DB: 2016-06-14 ... 14 new exploits FRticket Ticket System - Stored XSS Viart Shopping Cart 5.0 - CSRF Shell Upload Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass Dream Gallery 2.0 - Admin Panel Authentication Bypass Grid Gallery 1.0 - Admin Panel Authentication Bypass Joomla PayPlans (com_payplans) Extension 3.3.6 - SQL Injection Zabbix 2.2 - 3.0.3 - RCE with API JSON-RPC iSQL 1.0 - Shell Command Injection iSQL 1.0 - isql_main.c Buffer Overflow PoC Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption Foxit PDF Reader 1.0.1.0925 - CPDF_DIBSource::TranslateScanline24bpp Out-of-Bounds Read Foxit PDF Reader 1.0.1.0925 - CFX_WideString::operator= Invalid Read Foxit PDF Reader 1.0.1.0925 -kdu_core::kdu_codestream::get_subsampling Memory Corruption Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption	2016-06-14 05:03:54 +00:00
Offensive Security	076ef173f9	DB: 2016-06-11 ... 23 new exploits Poison Ivy 2.1.x C2 Buffer Overflow (msf) Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit Mobiketa 1.0 - CSRF Add Admin Exploit miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query phpMyFAQ 2.9.0 - Stored XSS Windows x86 system(_systeminfo_) Shellcode Armadito Antimalware - Backdoor/Bypass Riot Games League of Legends - Insecure File Permissions Privilege Escalation IPFire proxy.cgi RCE IPFire Bash Environment Variable Injection (Shellshock) Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Android - /system/bin/sdcard Stack Buffer Overflow OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2 OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver	2016-06-11 05:06:22 +00:00
Offensive Security	74f927013e	DB: 2016-06-09 ... 1 new exploits Drale DBTableViewer 100123 - Blind SQL Injection	2016-06-09 05:02:54 +00:00
Offensive Security	62962d90b0	DB: 2016-06-07 ... 16 new exploits Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2) Linux Kernel < 2.6.34 (Ubuntu 11.10 x86/x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2) Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit) Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit) Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root WordPress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities Dream Gallery 1.0 - CSRF Add Admin Exploit Apache Continuum 1.4.2 - Multiple Vulnerabilities Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - ShellShock Exploit Valve Steam 3.42.16.13 - Local Privilege Escalation ArticleSetup 1.00 - CSRF Change Admin Password Electroweb Online Examination System 1.0 - SQL Injection WordPress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload WordPress Creative Multi-Purpose Theme 9.1.3 - Stored XSS WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection WordPress Newspaper Theme 6.7.1 - Privilege Escalation WordPress Uncode Theme 1.3.1 - Arbitrary File Upload WordPress Double Opt-In for Download Plugin 2.0.9 - SQL Injection Notilus Travel Solution Software 2012 R3 - SQL Injection rConfig 3.1.1 - Local File Inclusion Nagios XI 5.2.7 - Multiple Vulnerabilities	2016-06-07 05:07:41 +00:00
Offensive Security	2dba371921	DB: 2016-06-03 ... 4 new exploits Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit Linux Kernel < 2.6.36-rc4-git2 - x86_64 ia32syscall Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit Linux Kernel < 2.6.36-rc4-git2 (x86_64) - ia32syscall Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - compat Local Root Exploit Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2) Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2) Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1) Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1) Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86-64) - sock_diag_handlers[] Local Root Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit Linux Kernel <= 3.7.6 (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation Linux Kernel <= 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation Systrace 1.x (64-Bit) - Aware Linux Kernel Privilege Escalation Vulnerability Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation Vulnerability Linux Kernel 2.6.x - (64 bit) Personality Handling Local Denial of Service Vulnerability Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service Vulnerability Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - ptrace/sysret Local Privilege Escalation Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2) Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2) Joomla SecurityCheck Extension 2.8.9 - Multiple Vulnerabilities Liferay CE < 6.2 CE GA6 - Stored XSS Relay Ajax Directory Manager relayb01-071706_ 1.5.1_ 1.5.3 - Unauthenticated File Upload Websockify (C Implementation) 0.8.0 - Buffer Overflow	2016-06-03 05:02:50 +00:00
Offensive Security	3a855523ef	DB: 2016-06-02 ... 2 new exploits GeekLog 2.x ImageImageMagick.php Remote File Inclusion Vulnerability GeekLog 2.x - ImageImageMagick.php Remote File Inclusion Vulnerability ImageMagick 6.x PNM Image Decoding Remote Buffer Overflow Vulnerability ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow Vulnerability ImageMagick 6.x SGI Image File Remote Heap Buffer Overflow Vulnerability ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow Vulnerability ImageMagick < 6.9.3-9 - Multiple Vulnerabilities ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Multiple Vulnerabilities (ImageTragick) ImageMagick Delegate Arbitrary Command Execution ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities Wireshark - erf_meta_read_tag SIGSEGV	2016-06-02 05:03:04 +00:00
Offensive Security	8164665ff7	DB: 2016-06-01 ... 6 new exploits FlatPress 1.0.3 - CSRF Arbitrary File Upload AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities ProcessMaker 3.0.1.7 - Multiple vulnerabilities CCextractor 0.80 - Crash PoC Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (msf) TCPDump 4.5.1 - Crash PoC	2016-06-01 05:01:50 +00:00
Offensive Security	22d168d0bc	DB: 2016-05-31 ... 3 new exploits MySQL 5.5.45 - procedure analyse Function Denial of Service Open Source Real Estate Script 3.6.0 - SQL Injection Linux x86_64 XOR Encode execve Shellcode	2016-05-31 05:03:26 +00:00
Offensive Security	ab85a62fd6	DB: 2016-05-28 ... 1 new exploits PHP Realestate Script Script 4.9.0 - SQL Injection	2016-05-28 05:05:01 +00:00
Offensive Security	2e7bce9702	DB: 2016-05-27 ... 9 new exploits Real Estate Portal 4.1 - Multiple Vulnerabilities EduSec 4.2.5 - SQL Injection Micro Focus Rumba+ 9.4 - Multiple Stack Buffer Overflow Vulnerabilities HP Data Protector A.09.00 - Arbitrary Command Execution Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap-Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads	2016-05-27 05:03:14 +00:00
Offensive Security	399580a6c2	DB: 2016-05-24 ... 5 new exploits Operation Technology ETAP 14.1.0 - Local Privilege Escalation Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities Linux x86_64 Information Stealer Shellcode Job Script by Scubez - Remote Code Execution XenAPI 1.4.1 for XenForo - Multiple SQL Injections	2016-05-24 05:03:46 +00:00
Offensive Security	931bae6679	DB: 2016-05-21	2016-05-21 05:05:57 +00:00
Offensive Security	a447a01cb8	DB: 2016-05-20	2016-05-20 06:50:49 +00:00
Offensive Security	feb7c15c11	DB: 2016-05-19 ... 1 new exploits Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Perl) Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Ruby) Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (Python) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Python) PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1) PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2) PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3) PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention Vulnerability (1) PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention Vulnerability (2) PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention Vulnerability (3) phpliteadmin 1.1 - Multiple Vulnerabilities phpLiteAdmin 1.1 - Multiple Vulnerabilities PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit PHP <= 5.5.33 / <= 7.0.4 - SNMP Format String Exploit Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File	2016-05-19 05:05:38 +00:00
Offensive Security	8fea20e59f	DB: 2016-05-17 ... 12 new exploits Microsoft Windows WebDAV - (ntdll.dll) Remote Exploit Microsoft Windows WebDAV - Remote PoC Exploit Microsoft Windows IIS WebDAV - 'ntdll.dll' Remote Exploit Microsoft Windows IIS 5.0 WebDAV - Remote PoC Exploit Microsoft Windows WebDav II - Remote Root Exploit (2) Microsoft Windows WebDAV - Remote Root Exploit (2) Microsoft Windows WebDav III - Remote Root Exploit (xwdav) Microsoft Windows WebDAV IIS 5.0 - Remote Root Exploit (3) (xwdav) Dream FTP 1.2 - Remote Format String Exploit BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Exploit Apache Tomcat (webdav) - Remote File Disclosure Exploit Apache Tomcat (WebDAV) - Remote File Disclosure Exploit Apache Tomcat (webdav) - Remote File Disclosure Exploit (ssl support) Apache Tomcat (WebDAV) - Remote File Disclosure Exploit (SSL) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch) Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Patch) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP) Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP) Windows 7 IIS7.5 FTPSVC UNAUTH'D Remote DoS PoC Windows 7 IIS 7.5 - FTPSVC UNAUTH'D Remote DoS PoC Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow Liferay 6.0.x Webdav File Reading Vulnerability Liferay 6.0.x WebDAV - File Reading Vulnerability Microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities Microsoft IIS 6.0 and 7.5 (+ PHP) - Multiple Vulnerabilities Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (1) Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (2) Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (3) Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (4) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (1) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (2) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (3) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (4) BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability (2) Sun Solaris 8/9 - Unspecified Passwd Local Root Compromise Vulnerability Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability (1) Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness Apache HTTP Server (<= 1.3.35 / <= 2.0.58 / <= 2.2.2) - Arbitrary HTTP Request Headers Security Weakness Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness Apache HTTP Server <= 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness MediaWiki 1.22.1 PdfHandler - Remote Code Execution Exploit Apache Struts 2.x XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability EasyCafe Server <= 2.2.14 Remote File Read EasyCafe Server <= 2.2.14 - Remote File Read x86_64 Linux bind TCP port shellcode TCP Bindshell with Password Prompt - 162 bytes x86_64 Linux bind TCP port shellcode TCP Bindshell with Password Prompt - 162 bytes Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (C#) CakePHP Framework 3.2.4 - IP Spoofing Multiples Nexon Games - Unquoted Path Privilege Escalation eXtplorer 2.1.9 - Archive Path Traversal Web interface for DNSmasq / Mikrotik - SQL Injection Microsoft Excel 2010 - Crash PoC Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation Web2py 2.14.5 - Multiple Vulnerabilities	2016-05-17 05:03:19 +00:00
Offensive Security	6c6fd8d397	DB: 2016-05-15	2016-05-15 05:03:54 +00:00
Offensive Security	5e229672a0	DB: 2016-05-14 ... 3 new exploits Ethereal / tcpdump (rsvp_print) Infinite Loop Denial of Service Exploit Ethereal 0.10.10 / tcpdump 3.9.1 (rsvp_print) Infinite Loop Denial of Service Exploit Mozilla Firefox - Install Method Remote Arbitrary Code Execution Exploit Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit Active Price Comparison 4 - (ProductID) Blind SQL Injection Vulnerability Absolute Form Processor XE-V 1.5 - (auth Bypass) SQL Injection Vulnerability ipsec-tools racoon frag-isakmp Denial of Service PoC IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability PaoBacheca Guestbook 2.1 - (login_ok) Auth Bypass Vulnerability PaoLiber 1.1 - (login_ok) Authentication Bypass Vulnerability IPsec-Tools < 0.7.2 - Multiple Remote Denial of Service Vulnerabilities ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability I-net Multi User Email Script SQLi Vulnerability linux/x86 - break chroot execve /bin/sh 80 bytes linux/x86 - break chroot execve /bin/sh (80 bytes) Sysax Multi Server 5.64 - Create Folder Buffer Overflow TikiWiki Project 1.8 tiki-read_article.php articleId Parameter XSS TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter XSS TikiWiki Project 1.8 tiki-print_article.php articleId Parameter XSS TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter XSS TikiWiki Project 1.8 tiki-list_faqs.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 tiki-list_trackers.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - tiki-list_faqs.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - tiki-list_trackers.php sort_mode Parameter SQL Injection UBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS UBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter XSS UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter XSS CityPost PHP Image Editor M1 URI Parameter Cross-Site Scripting Vulnerability CityPost PHP Image Editor M2 URI Parameter Cross-Site Scripting Vulnerability CityPost PHP Image Editor M3 URI Parameter Cross-Site Scripting Vulnerability CityPost PHP Image Editor Imgsrc URI Parameter Cross-Site Scripting Vulnerability CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting Vulnerability osCommerce 2.2 admin/countries.php page Parameter XSS osCommerce 2.2 admin/currencies.php page Parameter XSS osCommerce 2.2 - admin/countries.php page Parameter XSS osCommerce 2.2 - admin/currencies.php page Parameter XSS Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (1) Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (2) Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (1) Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (2) Joomla Gallery WD - SQL Injection Vulnerability Photoshop CC2014 and Bridge CC 2014 PNG Parsing Memory Corruption Vulnerabilities Photoshop CC2014 and Bridge CC 2014 PDF Parsing Memory Corruption Vulnerabilities Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption Vulnerabilities NRSS Reader 0.3.9 - Local Stack-Based Overflow runAV mod_security - Arbitrary Command Execution Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read	2016-05-14 05:03:47 +00:00
Offensive Security	3ef2faa870	DB: 2016-05-13	2016-05-13 11:12:47 +00:00
Offensive Security	dc5e5785d4	DB: 2016-05-13 ... 3 new exploits Linux Kernel 2.6.13 <= 2.6.17.4 - prctl() Local Root Exploit (logrotate) Linux Kernel 2.6.13 <= 2.6.17.4 - logrotate prctl() Local Root Exploit Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit Linux Kernel 2.x - sock_sendpage() Local Root Exploit (Android Edition) Linux Kernel 2.x - sock_sendpage() Local Root Exploit (Android) Linux Kernel Solaris < 5.10 138888-01 - Local Root Exploit Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Root Exploit DEC Alpha Linux <= 3.0 - Local Root Exploit Linux Kernel <= 2.6.28 / <= 3.0 (DEC Alpha Linux) - Local Root Exploit Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1) Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2) Linux Kernel <= 2.2.18 (RH 7.0/6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1) Linux Kernel <= 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2) Archlinux x86-64 3.3.x - 3.7.x x86-64 - sock_diag_handlers[] Local Root Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86-64) - sock_diag_handlers[] Local Root Ovidentia FX Remote File Include Vulnerability Ovidentia FX - Remote File Include Vulnerability Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2) Linux Kernel 2.6.x (RHEL4 <= 2.6.9 / <= 2.6.11) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2) Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation Linux Kernel <= 3.7.6 (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation ovidentia 5.6.x/5.8 approb.php babInstallPath Parameter Remote File Inclusion ovidentia 5.6.x/5.8 vacadmb.php babInstallPath Parameter Remote File Inclusion ovidentia 5.6.x/5.8 vacadma.php babInstallPath Parameter Remote File Inclusion ovidentia 5.6.x/5.8 vacadm.php babInstallPath Parameter Remote File Inclusion ovidentia 5.6.x/5.8 statart.php babInstallPath Parameter Remote File Inclusion ovidentia 5.6.x/5.8 - search.php babInstallPath Parameter Remote File Inclusion ovidentia 5.6.x/5.8 posts.php babInstallPath Parameter Remote File Inclusion ovidentia 5.6.x/5.8 options.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - approb.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - vacadmb.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - vacadma.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - vacadm.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - statart.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - search.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - posts.php babInstallPath Parameter Remote File Inclusion Ovidentia 5.6.x/5.8 - options.php babInstallPath Parameter Remote File Inclusion Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition Local Privilege Escalation (x64) Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation Linux Kernel <= 4.3.3 - overlayfs Local Privilege Escalation Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - snd-usb-audio Crash PoC Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - iowarrior driver Crash PoC Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - snd-usb-audio Crash PoC Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - iowarrior driver Crash PoC Microsoft Windows Media Center .MCL File Processing Remote Code Execution (MS16-059) TrendMicro - Multiple HTTP Problems with CoreServiceShell.exe Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (C#)	2016-05-13 05:01:58 +00:00
Offensive Security	52e862d62a	DB: 2016-05-11 ... 9 new exploits Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit mIRC 6.1 - _IRC_ Protocol Remote Buffer Overflow Exploit mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow Exploit Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit Linux Kernel 2.4.22 - _do_brk()_ Local Root Exploit (PoC) Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept) Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working) Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit Xsok 1.02 - _-xsokdir_ Local Buffer Overflow Game Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (2) Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit Serv-U FTPD 3.x/4.x _SITE CHMOD_ Command Remote Exploit Serv-U FTPD 3.x/4.x- 'SITE CHMOD' Command Remote Exploit Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Local Proof-of-Concept (2) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Missing _do_munmap_ Exploit Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit eMule <= 0.42d IRC Remote Buffer Overflow Exploit eMule <= 0.42d - IRC Remote Buffer Overflow Exploit GnomeHack Local Buffer Overflow Exploit (gid=games) GnomeHack - Local Buffer Overflow Exploit (gid=games) Kwintv Local Buffer Overflow Exploit (gid=video(33)) Kwintv - Local Buffer Overflow Exploit (gid=video(33)) Redhat 6.1 man Local Exploit (egid 15) Redhat 6.1 man - Local Exploit (egid 15) Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit Linux Kernel 2.4.x - 2.6.x - Assembler Inline Function Local DoS Exploit rlpr <= 2.04 msg() Remote Format String Exploit MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit rlpr <= 2.04 - msg() Remote Format String Exploit MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit Ollydbg <= 1.10 Format String Bug Ollydbg <= 1.10 - Format String Bug Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit AOL Instant Messenger AIM _Away_ Message Local Exploit AOL Instant Messenger AIM - 'Away' Message Local Exploit Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit AOL Instant Messenger AIM _Away_ Message Remote Exploit AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2) Silent Storm Portal Multiple Vulnerabilities Silent Storm Portal - Multiple Vulnerabilities YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit Monit <= 4.2 Basic Authentication Remote Root Exploit Monit <= 4.2 - Basic Authentication Remote Root Exploit YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit Chatman <= 1.5.1 RC1 Broadcast Crash Exploit Flash Messaging <= 5.2.0g Remote Denial of Service Exploit Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit Halo <= 1.05 Broadcast Client Crash Exploit CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit Halo <= 1.05 - Broadcast Client Crash Exploit Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit Kreed <= 1.05 Format String and Denial of Service Exploit Kreed <= 1.05 - Format String and Denial of Service Exploit Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC Cscope <= 15.5 Symlink Vulnerability Exploit WinRAR <= 3.4.1 - Corrupt ZIP File Vulnerability PoC Cscope <= 15.5 - Symlink Vulnerability Exploit Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit Netcat 1.1 - _-e_ Switch Remote Buffer Overflow Exploit PHP <= 4.3.7 openlog() Buffer Overflow Exploit Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit PHP <= 4.3.7 - openlog() Buffer Overflow Exploit phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm) phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm) Gore <= 1.50 Socket Unreacheable Denial of Service Exploit Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit Exim <= 4.41 dns_build_reverse Local Exploit PoC Exim <= 4.41 - dns_build_reverse Local Exploit PoC Peer2Mail <= 1.4 Encrypted Password Dumper Exploit Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit Armagetron Advanced <= 0.2.7.0 Server Crash Exploit Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit MercuryBoard <= 1.1.1 Working SQL Injection MercuryBoard <= 1.1.1 - SQL Injection GNU a2ps _Anything to PostScript_ Local Exploit (not suid) GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID) vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1) vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution (part 2) Serv-U 4.x _site chmod_ Remote Buffer Overflow Exploit vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit 3Com 3CDaemon FTP Unauthorized _USER_ Remote BoF Exploit 3Com 3CDaemon FTP - Unauthorized 'USER' Remote BoF Exploit vBulletin <= 3.0.6 php Code Injection vBulletin <= 3.0.6 - PHP Code Injection Soldier of Fortune 2 <= 1.03 - _cl_guid_ - Server Crash Soldier of Fortune 2 <= 1.03 - 'cl_guid' - Server Crash Knet <= 1.04c Buffer Overflow Denial of Service Exploit Knet <= 1.04c - Buffer Overflow Denial of Service Exploit Scrapland <= 1.0 Server Termination Denial of Service Exploit Scrapland <= 1.0 - Server Termination Denial of Service Exploit Apache <= 2.0.52 HTTP GET request Denial of Service Exploit Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update) Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2) Microsoft Internet Explorer _mshtml.dll_ CSS Parsing Buffer Overflow Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2) Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows) Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux) PHP-Nuke 6.x - 7.6 Top module Remote SQL Injection Exploit (working) PHP-Nuke 6.x - 7.6 Top module - Remote SQL Injection Exploit HP-UX FTPD <= 1.1.214.4 - _REST_ Remote Brute Force Exploit HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial) Invision Power Board <= 2.0.3 - Login.PHP SQL Injection Exploit Invision Power Board <= 2.0.3 - Login.PHP SQL Injection (tutorial) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit Microsoft Internet Explorer - javascript _window()_ Crash Microsoft Internet Explorer - javascript 'window()' Crash Kaspersky AntiVirus - _klif.sys_ Privilege Escalation Vulnerability Kaspersky AntiVirus - 'klif.sys' Privilege Escalation Vulnerability Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working) Invision Power Board <= 1.3.1 - Login.PHP SQL Injection WordPress <= 1.5.1.1 - _add new admin_ SQL Injection Exploit WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit Mozilla Firefox <= 1.0.4 - _Set As Wallpaper_ Code Execution Exploit Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC) Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC) XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities Linux Kernel <= 2.6.11 - 'k-rad3.c' (CPL 0) Local Root Exploit Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities nodez <= 4.6.1.1 mercury Multiple Vulnerabilities nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities gCards <= 1.45 - Multiple Vulnerabilities All-In-One Exploit gCards <= 1.45 - Multiple Vulnerabilities Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit OpenTTD <= 0.4.7 - (multiple vulnerabilities) Denial of Service Exploit OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC) PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Exploit PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities Exploit outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities raydium <= svn 309 - Multiple Vulnerabilities Exploit raydium <= svn 309 - Multiple Vulnerabilities PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities Light Blog Remote Multiple Vulnerabilities Exploit Light Blog Remote - Multiple Vulnerabilities Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities contentnow 1.30 (upload/XSS) Multiple Vulnerabilities contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities Messagerie Locale (centre.php) Remote File Inclusion Vulnerability Site News (centre.php) Remote File Inclusion Vulnerability Messagerie Locale (centre.php) - Remote File Inclusion Vulnerability Site News (centre.php) - Remote File Inclusion Vulnerability kubix <= 0.7 - Multiple Vulnerabilities Exploit kubix <= 0.7 - Multiple Vulnerabilities BBS E-Market Professional (Path Disclosure/Include) Multiple Vulnerabilities BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit open newsletter <= 2.5 - Multiple Vulnerabilities Exploit (update) open newsletter <= 2.5 - Multiple Vulnerabilities (2) eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities php-update <= 2.7 - Multiple Vulnerabilities Exploit php-update <= 2.7 - Multiple Vulnerabilities ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities vp-asp shopping cart 6.09 (SQL/XSS) Multiple Vulnerabilities vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities Aztek Forum 4.0 - Multiple Vulnerabilities Exploit Aztek Forum 4.0 - Multiple Vulnerabilities otscms <= 2.1.5 (SQL/XSS) Multiple Vulnerabilities otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities qdblog 0.4 (SQL Injection/LFI) Multiple Vulnerabilities qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability Censura 1.15.04 - (censura.php vendorid) SQL Injection Vulnerability runawaysoft haber portal 1.0 (tr) Multiple Vulnerabilities runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities netclassifieds (SQL/XSS/full path) Multiple Vulnerabilities netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities bugmall shopping cart 2.5 (SQL/XSS) Multiple Vulnerabilities bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection Vulnerability Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day) Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0day) Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit else if CMS 0.6 - Multiple Vulnerabilities / Exploit else if CMS 0.6 - Multiple Vulnerabilities Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit Php-Stats 0.1.9.2 - Multiple Vulnerabilities Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection Vulnerability Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept portalapp 4.0 (SQL/XSS/auth bypasses) Multiple Vulnerabilities portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities evilboard 0.1a (SQL/XSS) Multiple Vulnerabilities evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit blogcms 4.2.1b (SQL/XSS) Multiple Vulnerabilities blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities bloofox 0.3 (SQL/fd) Multiple Vulnerabilities bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability Liquid-Silver CMS 0.1 - (update) Local File Inclusion Vulnerability simple forum 3.2 (fd/XSS) Multiple Vulnerabilities simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability Mambo Component Sermon 0.2 - (gid) SQL Injection Vulnerability Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities pigyard art gallery Multiple Vulnerabilities pigyard art gallery - Multiple Vulnerabilities XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection Vulnerability XOOPS Module My_eGallery 3.04 - (gid) SQL Injection Vulnerability easycalendar <= 4.0tr Multiple Vulnerabilities easygallery <= 5.0tr Multiple Vulnerabilities easycalendar <= 4.0tr - Multiple Vulnerabilities easygallery <= 5.0tr - Multiple Vulnerabilities Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities Exploit Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit minibb 2.2 (css/SQL/fpd) Multiple Vulnerabilities minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities siteman 2.x (exec/LFI/XSS) Multiple Vulnerabilities siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities megabbs forum 2.2 (SQL/XSS) Multiple Vulnerabilities megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit cplinks 1.03 (bypass/SQL/xxs) Multiple Vulnerabilities cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities deluxebb <= 1.2 - Multiple Vulnerabilities Exploit deluxebb <= 1.2 - Multiple Vulnerabilities Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection Vulnerability idautomation bar code ActiveX Multiple Vulnerabilities idautomation bar code ActiveX - Multiple Vulnerabilities ecms 0.4.2 (SQL/pb) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities mebiblio 0.4.7 (SQL/upload/XSS) Multiple Vulnerabilities mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities smeweb 1.4b (SQL/XSS) Multiple Vulnerabilities smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities 427bb 2.3.1 (SQL/XSS) Multiple Vulnerabilities 427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulnerabilities Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities real estate Web site 1.0 (SQL/XSS) Multiple Vulnerabilities telephone directory 2008 (SQL/XSS) Multiple Vulnerabilities real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities gravity board x 2.0 beta (SQL/XSS) Multiple Vulnerabilities gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities butterfly organizer 2.0.0 (SQL/XSS) Multiple Vulnerabilities butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities ownrs blog beta3 (SQL/XSS) Multiple Vulnerabilities ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities sitexs CMS 0.1.1 (upload/XSS) Multiple Vulnerabilities sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities shibby shop <= 2.2 (SQL/update) Multiple Vulnerabilities shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities polypager <= 1.0rc2 (SQL/XSS) Multiple Vulnerabilities polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities otmanager CMS 24a (LFI/XSS) Multiple Vulnerabilities w1l3d4 philboard 1.2 (blind sql/XSS) Multiple Vulnerabilities otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities Thelia 1.3.5 - Multiple Vulnerabilities Exploit Thelia 1.3.5 - Multiple Vulnerabilities contentnow 1.4.1 (upload/XSS) Multiple Vulnerabilities contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2) trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python) jsite 1.0 oe (SQL/LFI) Multiple Vulnerabilities jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit e-vision CMS <= 2.02 (SQL/upload/ig) Multiple Vulnerabilities k-links directory (SQL/XSS) Multiple Vulnerabilities e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities k-links directory - (SQL/XSS) Multiple Vulnerabilities Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities k-rate (SQL/XSS) Multiple Vulnerabilities k-rate - (SQL/XSS) Multiple Vulnerabilities Invision Power Board <= 2.3.5 - Multiple Vulnerabilities Exploit (revised) Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2) brim 2.0.0 (SQL/XSS) Multiple Vulnerabilities brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities aspwebalbum 3.2 (upload/SQL/XSS) Multiple Vulnerabilities aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities qwicsite pro (SQL/XSS) Multiple Vulnerabilities qwicsite pro - (SQL/XSS) Multiple Vulnerabilities Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities Availscript Article Script (articles.php) Multiple Vulnerabilities Availscript Article Script - (articles.php) Multiple Vulnerabilities Availscript Photo Album (pics.php) Multiple Vulnerabilities Availscript Photo Album - (pics.php) Multiple Vulnerabilities phpvid 1.1 0- (XSS/SQL) Multiple Vulnerabilities phpvid 1.1 0 - (XSS/SQL) Multiple Vulnerabilities php infoboard 7 - plus Multiple Vulnerabilities php infoboard 7 plus - Multiple Vulnerabilities camera life 2.6.2b4 (SQL/XSS) Multiple Vulnerabilities camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities mystats (hits.php) Multiple Vulnerabilities Exploit mystats - (hits.php) Multiple Vulnerabilities Vivvo CMS <= 3.4 - Multiple Vulnerabilities Destroyer Exploit Vivvo CMS <= 3.4 - Multiple Vulnerabilities websvn <= 2.0 - (XSS/fh/ce) Multiple Vulnerabilities websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities phpdaily (SQL/XSS/lfd) Multiple Vulnerabilities phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities questcms - (XSS/directory traversal/SQL) Multiple Vulnerabilities questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities apartment search script (rfu/XSS) Multiple Vulnerabilities apartment search script - (RFU/XSS) Multiple Vulnerabilities MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities pre multi-vendor shopping malls Multiple Vulnerabilities pre multi-vendor shopping malls - Multiple Vulnerabilities Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities AJSquare Free Polling Script (DB) Multiple Vulnerabilities AJSquare Free Polling Script - (DB) Multiple Vulnerabilities turnkeyforms Web Hosting Directory Multiple Vulnerabilities turnkeyforms Web Hosting Directory - Multiple Vulnerabilities GS Real Estate Portal US/International Module Multiple Vulnerabilities GS Real Estate Portal US/International Module - Multiple Vulnerabilities bandwebsite 1.5 (SQL/XSS) Multiple Vulnerabilities bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities chipmunk topsites (auth bypass/XSS) Multiple Vulnerabilities clean CMS 1.5 (blind SQL Injection/XSS) Multiple Vulnerabilities chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities comersus asp shopping cart (dd/XSS) Multiple Vulnerabilities comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities minimal ablog 0.4 (SQL/fu/bypass) Multiple Vulnerabilities minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities wbstreet 1.0 (SQL/dd) Multiple Vulnerabilities wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities template creature (SQL/dd) Multiple Vulnerabilities template creature - (SQL/DD) Multiple Vulnerabilities merlix educate servert (bypass/dd) Multiple Vulnerabilities merlix educate servert - (bypass/DD) Multiple Vulnerabilities nightfall personal diary 1.0 - (XSS/dd) Multiple Vulnerabilities Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulnerabilities nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities asp autodealer (SQL/dd) Multiple Vulnerabilities asp autodealer - (SQL/DD) Multiple Vulnerabilities aspmanage banners (rfu/dd) Multiple Vulnerabilities aspmanage banners - (RFU/DD) Multiple Vulnerabilities asp talk (SQL/css) Multiple Vulnerabilities asp talk - (SQL/css) Multiple Vulnerabilities siu guarani Multiple Vulnerabilities siu guarani - Multiple Vulnerabilities webcaf <= 1.4 - (LFI/rce) Multiple Vulnerabilities webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities postecards (SQL/dd) Multiple Vulnerabilities postecards - (SQL/DD) Multiple Vulnerabilities living Local 1.1 - (XSS-rfu) Multiple Vulnerabilities living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities cf shopkart 5.2.2 (SQL/dd) Multiple Vulnerabilities cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities the net guys aspired2blog (SQL/dd) Multiple Vulnerabilities the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities joomla live chat (SQL/proxy) Multiple Vulnerabilities joomla live chat - (SQL/proxy) Multiple Vulnerabilities isweb CMS 3.0 (SQL/XSS) Multiple Vulnerabilities isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities clickandemail (SQL/XSS) Multiple Vulnerabilities click&rank (SQL/XSS) Multiple Vulnerabilities clickandemail - (SQL/XSS) Multiple Vulnerabilities click&rank - (SQL/XSS) Multiple Vulnerabilities Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities Liberum Help Desk 0.97.3 - (SQL/DD) Remote Vulnerabilities Zelta E Store - (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities 2532/gigs 1.2.2 - stable Multiple Vulnerabilities 2532/gigs 1.2.2 stable - Multiple Vulnerabilities constructr CMS <= 3.02.5 stable Multiple Vulnerabilities constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit doop CMS <= 1.4.0b (CSRF/upload shell) Multiple Vulnerabilities doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities Nokia S60 SMS/Mms (Curse of Silence) Denial of Service Vulnerability Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service Vulnerability Seo4SMF for SMF forums Multiple Vulnerabilities Seo4SMF for SMF forums - Multiple Vulnerabilities mkportal <= 1.2.1 () Multiple Vulnerabilities mkportal <= 1.2.1 - Multiple Vulnerabilities rankem (dd/XSS/cm) Multiple Vulnerabilities blogit! (SQL/dd/XSS) Multiple Vulnerabilities rankem - (DD/XSS/cm) Multiple Vulnerabilities blogit! - (SQL/DD/XSS) Multiple Vulnerabilities E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities navicopa webserver 3.0.1 (bof/sd) Multiple Vulnerabilities navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities team 1.x - (dd/XSS) Multiple Vulnerabilities Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities team 1.x - (DD/XSS) Multiple Vulnerabilities gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities w3bcms <= 3.5.0 - Multiple Vulnerabilities Exploit w3bcms <= 3.5.0 - Multiple Vulnerabilities powermovielist 0.14b (SQL/XSS) Multiple Vulnerabilities powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities ritsblog 0.4.2 (ab/XSS) Multiple Vulnerabilities Zabbix 1.6.2 Frontend Multiple Vulnerabilities blindblog 1.3.1 (SQL/ab/LFI) Multiple Vulnerabilities ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities Zabbix 1.6.2 - Frontend - Multiple Vulnerabilities blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth) Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities Femitter FTP Server 1.x - Multiple Vulnerabilities (post auth) Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities fungamez rc1 (ab/LFI) Multiple Vulnerabilities fungamez rc1 - (ab/LFI) Multiple Vulnerabilities mixedcms 1.0b (LFI/su/ab/fd) Multiple Vulnerabilities mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities fowlcms 1.1 (ab/LFI/su) Multiple Vulnerabilities fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities Linux Kernel 2.6.x - SCTP FWD Memory Corruption Remote Exploit Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit leap CMS 0.1.4 (SQL/XSS/su) Multiple Vulnerabilities leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities tematres 1.0.3 (auth bypass/SQL/XSS) Multiple Vulnerabilities tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit 2daybiz business community script Multiple Vulnerabilities Easy Scripts Answer and Question Script Multiple Vulnerabilities 2daybiz business community script - Multiple Vulnerabilities Easy Scripts Answer and Question Script - Multiple Vulnerabilities my-colex 1.4.2 (ab/XSS/SQL) Multiple Vulnerabilities my-gesuad 0.9.14 (ab/SQL/XSS) Multiple Vulnerabilities my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities vidshare pro (SQL/XSS) Multiple Vulnerabilities vidshare pro - (SQL/XSS) Multiple Vulnerabilities Mac OS X - Java applet Remote Deserialization Remote PoC (updated) Mac OS X - Java applet Remote Deserialization Remote PoC (Updated) asp inline corporate calendar (SQL/XSS) Multiple Vulnerabilities asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities minitwitter 0.3-beta (SQL/XSS) Multiple Vulnerabilities minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities elitecms 1.01 (SQL/XSS) Multiple Vulnerabilities elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities flashlight free edition (LFI/SQL) Multiple Vulnerabilities flashlight free edition - (LFI/SQL) Multiple Vulnerabilities propertymax pro free (SQL/XSS) Multiple Vulnerabilities propertymax pro free - (SQL/XSS) Multiple Vulnerabilities podcast generator <= 1.2 - globals[] Multiple Vulnerabilities podcast generator <= 1.2 - globals[] - Multiple Vulnerabilities kloxo 5.75 (24 issues) Multiple Vulnerabilities kloxo 5.75 - (24 issues) Multiple Vulnerabilities virtue news (SQL/XSS) Multiple Vulnerabilities virtue news - (SQL/XSS) Multiple Vulnerabilities mrcgiguy the ticket system 2.0 php Multiple Vulnerabilities mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities mrcgiguy freeticket (ch/SQL) Multiple Vulnerabilities mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities impleo music collection 2.0 (SQL/XSS) Multiple Vulnerabilities impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities kasseler CMS (fd/XSS) Multiple Vulnerabilities kasseler CMS - (fd/XSS) Multiple Vulnerabilities tribiq CMS 5.0.12c (XSS/LFI) Multiple Vulnerabilities tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64) Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities citrix xencenterweb - (XSS/SQL/rce) Multiple Vulnerabilities citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities FreeBSD 6/8 (ata device) Local Denial of Service Exploit FreeBSD 6/8 - (ata device) Local Denial of Service Exploit good/bad vote (XSS/LFI) Multiple Vulnerabilities good/bad vote - (XSS/LFI) Multiple Vulnerabilities Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux / RHEL5 - Test Kernel Local Root Exploit (0day) Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0day) mcshoutbox 1.1 (SQL/XSS/shell) Multiple Vulnerabilities mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities DD-WRT (httpd service) Remote Command Execution Vulnerability DD-WRT - (httpd service) Remote Command Execution Vulnerability tenrok 1.1.0 (udd/rce) Multiple Vulnerabilities tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit (1) Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1) Linux Kernel 2.4 / 2.6 - sock_sendpage() ring0 Root Exploit (1) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1) Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept Linux Kernel 2.6 < 2.6.19 - (32-bit) ip_append_data() ring0 Root Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (PPC Edition) Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC) Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit (x86/x64) Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (2) Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2) Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities Linux Kernel - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty Linux Kernel - 'pipe.c' Local Privilege Escalation Vulnerability Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability Linux Kernel - 'unix_stream_connect()' Local Denial of Service Vulnerability Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service Vulnerability Unreal Tournament 2004 - _Secure_ Overflow Unreal Tournament 2004 - 'Secure' Overflow VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit PHP < 5.3.1 - _multipart/form-data_ Denial of Service Exploit (Python) PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python) sugar crm 5.5.0.rc2 and 5.2.0j Multiple Vulnerabilities sugar crm 5.5.0.rc2 and 5.2.0j - Multiple Vulnerabilities Huawei MT882 Modem/Router Multiple Vulnerabilities Huawei MT882 Modem/Router - Multiple Vulnerabilities DigitalHive Multiple Vulnerabilities DigitalHive - Multiple Vulnerabilities zabbix server Multiple Vulnerabilities zabbix server - Multiple Vulnerabilities Ez Faq Maker Multiple Vulnerabilities Ez Faq Maker - Multiple Vulnerabilities Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities Horde 3.3.5 - _PHP_SELF_ XSS Vulnerability Horde 3.3.5 - 'PHP_SELF' XSS Vulnerability Lizard Cart Upload Shell Vulnerability Lizard Cart - Upload Shell Vulnerability Mega Upload Upload Shell Vulnerability Mega Upload 1.45 - Upload Shell Vulnerability MyCart shopping cart Upload Shell Vulnerability oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability MyCart shopping cart - Upload Shell Vulnerability osCommerce <= 2.2rc2a - Bypass/Create and Download Backup Vulnerability gallery_show.asp GID suffer from Blind SQL Injection Vulnerability gallery_show.asp - GID Blind SQL Injection Vulnerability Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities VirtualDJ Trial 6.0.6 - _New Year Edition_ - (.m3u) Exploit (0day) VirtualDJ Trial 6.0.6 - 'New Year Edition' - (.m3u) Exploit (0day) PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/XSS) PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities Docebo 3.6.0.2 (stable) Local File Inclusion Docebo 3.6.0.2 (stable) - Local File Inclusion CLONEBID B2B Marketplace Multiple Vulnerabilities ITechSctipts Alibaba Clone Multiple Vulnerabilities CLONEBID B2B Marketplace - Multiple Vulnerabilities ITechSctipts Alibaba Clone - Multiple Vulnerabilities ManageEngine OpUtils 5 - _Login.DO_ SQL Injection Vulnerability ManageEngine OpUtils 5 - 'Login.DO' SQL Injection Vulnerability CMS by MyWorks Multiple Vulnerabilities CMS by MyWorks - Multiple Vulnerabilities DZ Auktionshaus _V4.rgo_ (id) news.php - SQL Injection Vulnerability DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection Vulnerability PhpCityPortal Multiple Vulnerabilities PhpCityPortal - Multiple Vulnerabilities Joomla Component com_ckforms Multiple Vulnerabilities Joomla Component com_ckforms - Multiple Vulnerabilities Joomla Component com_vxdate Multiple Vulnerabilities Joomla Component com_vxdate - Multiple Vulnerabilities Adult Video Site Script Multiple Vulnerabilities Adult Video Site Script - Multiple Vulnerabilities iOS Safari - Bad _VML_ Remote DoS iOS Safari - Bad 'VML' Remote DoS Linux Kernel <= 2.6.34-rc3 ReiserFS xattr - Privilege Escalation Linux Kernel <= 2.6.34-rc3 ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation vBulletin _Cyb - Advanced Forum Statistics_ DoS vBulletin 'Cyb - Advanced Forum Statistics' DoS dl_stats Multiple Vulnerabilities dl_stats - Multiple Vulnerabilities avtech software (avc781viewer.dll) ActiveX Multiple Vulnerabilities avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities lanewsfactory Multiple Vulnerabilities lanewsfactory - Multiple Vulnerabilities MacOS X 10.6 HFS File System Attack (Denial of Service) MacOS X 10.6 - HFS File System Attack (Denial of Service) WFTPD Server 3.30 - Multiple Vulnerabilities (0day) WFTPD Server 3.30 - (0day) Multiple Vulnerabilities CompactCMS 1.4.0 (tiny_mce) Remote File Upload CompactCMS 1.4.0 (tiny_mce) - Remote File Upload Tainos Multiple Vulnerabilities Tainos - Multiple Vulnerabilities Joomla Component com_event Multiple Vulnerabilities Joomla Component com_event - Multiple Vulnerabilities B-Hind CMS (tiny_mce) Remote File Upload B-Hind CMS (tiny_mce) - Remote File Upload ComponentOne VSFlexGrid 7 & 8 - _Archive()_ method Remote Buffer Overflow Exploit ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - _PORT_ Command Remote DoS (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote DoS Blaze Apps Multiple Vulnerabilities Blaze Apps - Multiple Vulnerabilities Joomla Component My Car Multiple Vulnerabilities Joomla Component My Car - Multiple Vulnerabilities Marketing Web Design Multiple Vulnerabilities Marketing Web Design - Multiple Vulnerabilities Aim Web Design Multiple Vulnerabilities Aim Web Design - Multiple Vulnerabilities Zeeways Script Multiple Vulnerabilities Zeeways Script - Multiple Vulnerabilities QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure) QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities Joomla Component ChronoConnectivity Joomla Component ChronoForms (com_chronocontact) Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Vulnerability Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection Vulnerability Simple Posting System Multiple Vulnerabilities Simple Posting System - Multiple Vulnerabilities Joomla Component com_djartgallery Multiple Vulnerabilities Joomla Component com_djartgallery - Multiple Vulnerabilities Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection E-PHP B2B Marketplace Multiple Vulnerabilities E-PHP B2B Marketplace - Multiple Vulnerabilities DaLogin Multiple Vulnerabilities DaLogin - Multiple Vulnerabilities Novell iManager Multiple Vulnerabilities Novell iManager - Multiple Vulnerabilities 2DayBiz Video Community portal - _user-profile.php_ SQL Injection Vulnerability 2DayBiz Real Estate Portal - _viewpropertydetails.php_ SQL injection 2DayBiz Video Community portal - 'user-profile.php' SQL Injection Vulnerability 2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection NO-IP.com Dynamic DNS Update Client 2.2.1 - _Request_ Insecure Encoding Algorithm NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm TCW PHP Album Multiple Vulnerabilities Esoftpro Online Guestbook Pro Multiple Vulnerabilities TCW PHP Album - Multiple Vulnerabilities Esoftpro Online Guestbook Pro - Multiple Vulnerabilities Esoftpro Online Contact Manager Multiple Vulnerabilities Esoftpro Online Contact Manager - Multiple Vulnerabilities Joomla Component Sef (com_sef) - LFI Vulnerability Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability artforms 2.1b7.2 rc2 joomla component Multiple Vulnerabilities artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities Qt 4.6.3 - _QSslSocketBackendPrivate::transmit()_ Denial of Service Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service Macs CMS 1.1.4 - Multiple Vulnerabilities (XSS/CSRF) Macs CMS 1.1.4 - (XSS/CSRF) Multiple Vulnerabilities GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF) Ubuntu 9.10 (Karmic Koala) & 10.04 LTS (Lucid Lynx) PAM 1.1.0 MOTD - Local Root Exploit GetSimple CMS 2.01 - (XSS/CSRF) Multiple Vulnerabilities PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability Joomla Component QContacts (com_qcontacts) - SQL Injection Vulnerability Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow Microsoft Windows - Win32k.sys Driver _CreateDIBPalette()_ Buffer Overflow Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow Easy FTP - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands Zendesk Multiple Vulnerabilities Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands Zendesk - Multiple Vulnerabilities Mediacoder 0.7.5.4710 - _Universal_ SEH Buffer Overflow Exploit Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit Simple Forum PHP Multiple Vulnerabilities Simple Forum PHP - Multiple Vulnerabilities Linux Kernel < 2.6.36-rc1 CAN BCM - Privilege Escalation Exploit Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit Apple QuickTime __Marshaled_pUnk_ Backdoor Param Client-Side Arbitrary Code Execution Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution Adobe Acrobat Reader and Flash Player - _newclass_ invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Shop a la Cart Multiple Vulnerabilities Shop a la Cart - Multiple Vulnerabilities ifnuke - Multiple Vulnerabilities (0day) ifnuke - (0day) Multiple Vulnerabilities dynpage <= 1.0 - Multiple Vulnerabilities (0day) dynpage <= 1.0 - (0day) Multiple Vulnerabilities sirang web-based d-control Multiple Vulnerabilities sirang web-based d-control - Multiple Vulnerabilities Microsoft Office Visio - .DXF File Stack based Overflow Microsoft Office Visio 2002 - .DXF File Stack based Overflow Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution Vulnerability Zeeways Adserver Multiple Vulnerabilities Zeeways Adserver - Multiple Vulnerabilities Microsoft Office Word 2007 - sprmCMajority Buffer Overflow Microsoft Office Word 2007 SP2 - sprmCMajority Buffer Overflow Adobe Acrobat and Reader - _pushstring_ Memory Corruption Adobe Acrobat and Reader - 'pushstring' Memory Corruption Linux Kernel 2.6.27 < 2.6.36 - x86_64 compat Local Root Exploit Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection _reviews.php_ xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php' Java CMM readMabCurveData - Stack Overflow Java 6.19 CMM readMabCurveData - Stack Overflow Microsoft drm technology (msnetobj.dll) ActiveX Multiple Vulnerabilities RarCrack 0.2 - _filename_ init() .bss PoC Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities RarCrack 0.2 - 'filename' init() .bss PoC je guestbook 1.0 joomla component Multiple Vulnerabilities je guestbook 1.0 joomla component - Multiple Vulnerabilities Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities Linux Kernel < 2.6.36-rc6 - pktcdvd Kernel Memory Disclosure Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities js calendar 1.5.1 joomla component Multiple Vulnerabilities js calendar 1.5.1 joomla component - Multiple Vulnerabilities Oracle Java 6 - OBJECT tag _launchjnlp_/_docbase_ Param Buffer Overflow Exploit Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit Linux Kernel - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability Sybase Advantage Data Architect - _*.SQL_ Format Heap Oveflow Sybase Advantage Data Architect - '*.SQL' Format Heap Oveflow Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt) Minishare 1.4.0 - 1.5.5 - Buffer Overflow Vulnerability (users.txt) Linux Kernel - Stack Infoleaks Vulnerability Linux Kernel <= 2.4.0 - Stack Infoleaks Vulnerability Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities CLANSPHERE 2010.0 Final Multiple Vulnerabilities CLANSPHERE 2010.0 Final - Multiple Vulnerabilities Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service Vulnerability Linux Kernel - Unix Sockets Local Denial of Service Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service Site2Nite Big Truck Broker _txtSiteId_ SQL Injection Vulnerability Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection Vulnerability Linux Kernel <= 2.6.37 - Local Privilege Escalation (Full Nelson) Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation Habari Blog Multiple Vulnerabilities Habari Blog - Multiple Vulnerabilities Linux Kernel 2.6.34 - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit (1) F3Site 2011 alfa 1 - Multiple Vulnerabilities (XSS & CSRF) phpMySport 1.4 - Multiple Vulnerabilities (SQLi & Auth Bypass & Path Disclosure) F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities Linux Kernel < 2.6.34 - CAP_SYS_ADMIN x86 & x64 - Local Privilege Escalation Exploit (2) Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2) Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities T-Content Managment System Multiple Vulnerabilities T-Content Managment System - Multiple Vulnerabilities Samba _username map script_ Command Execution Samba 'username map script' Command Execution Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow Microsoft Internet Explorer - _Aurora_ Memory Corruption Microsoft Internet Explorer - 'Aurora' Memory Corruption Adobe Flash Player _newfunction_ Invalid Pointer Use Adobe Flash Player - 'newfunction' Invalid Pointer Use Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow Adobe Flash Player _Button_ Remote Code Execution Adobe Flash Player - 'Button' Remote Code Execution Adobe Flash Player _newfunction_ Invalid Pointer Use Adobe Flash Player - 'newfunction' Invalid Pointer Use Unreal Tournament 2004 - _secure_ Overflow (Win32) Unreal Tournament 2004 - 'secure' Overflow (Windows) Unreal Tournament 2004 - _secure_ Overflow (Linux) Unreal Tournament 2004 - 'secure' Overflow (Linux) Tugux CMS 1.0_final Multiple Vulnerabilities Tugux CMS 1.0_final - Multiple Vulnerabilities Honey Soft Web Solution Multiple Vulnerabilities Honey Soft Web Solution - Multiple Vulnerabilities Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability Joomla JCE Component (com_jce) - Blind SQL Injection Vulnerability Parnian Opendata CMS SQL Injection Vulnerability Parnian Opendata CMS - SQL Injection Vulnerability Time and Expense Management System Multiple Vulnerabilities Time and Expense Management System - Multiple Vulnerabilities ZyWALL USG - Appliance Multiple Vulnerabilities ZyWALL USG - Appliance - Multiple Vulnerabilities Cisco Unified Operations Manager Multiple Vulnerabilities Microsoft Windows Vista/Server 2008 - _nsiproxy.sys_ Local Kernel DoS Exploit Cisco Unified Operations Manager - Multiple Vulnerabilities Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit HP Data Protector Client EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055) HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055) Mozilla Firefox - _nsTreeRange_ Dangling Pointer Exploit Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit Ollance Member Login Script Multiple Vulnerabilities Ollance Member Login Script - Multiple Vulnerabilities Adobe Reader X Atom Type Confusion Vulnerability Exploit Adobe Reader X 10.0.0 - 10.0.1 - Atom Type Confusion Vulnerability Exploit Mozilla Firefox _nsTreeRange_ Dangling Pointer Vulnerability Mozilla Firefox - 'nsTreeRange' Dangling Pointer Vulnerability Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities Safari - SVG DOM Processing PoC CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities Safari 5.0.6_ 5.1 - SVG DOM Processing PoC Link Station Pro Multiple Vulnerabilities Link Station Pro - Multiple Vulnerabilities Cart Software Multiple Vulnerabilities Cart Software - Multiple Vulnerabilities Omnistar Mailer Multiple Vulnerabilities Omnistar Mailer - Multiple Vulnerabilities Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit MYRE Real Estate Software Multiple Vulnerabilities MYRE Real Estate Software - Multiple Vulnerabilities Cisco TelePresence Multiple Vulnerabilities - SOS-11-010 Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities FreeBSD UIPC socket heap Overflow proof-of-concept FreeBSD - UIPC socket heap Overflow Proof of Concept GotoCode Online Bookstore Multiple Vulnerabilities GotoCode Online Bookstore - Multiple Vulnerabilities DivX Plus Web Player _file://_ Buffer Overflow Vulnerability PoC DivX Plus Web Player - 'file://' Buffer Overflow Vulnerability PoC EFront <= 3.6.9 Community Edition Multiple Vulnerabilities EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities GotoCode Online Classifieds Multiple Vulnerabilities GotoCode Online Classifieds - Multiple Vulnerabilities 6kbbs Multiple Vulnerabilities 6kbbs - Multiple Vulnerabilities POSH Multiple Vulnerabilities POSH - Multiple Vulnerabilities NoNumber Framework Joomla! Plugin Multiple Vulnerabilities NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities Uiga Personal Portal Multiple Vulnerabilities Uiga Personal Portal - Multiple Vulnerabilities Barter Sites 1.3 Joomla Component Multiple Vulnerabilities Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities zFTP Server _cwd/stat_ Remote Denial-of-Service zFTP Server - 'cwd/stat' Remote Denial-of-Service JEEMA Sms 3.2 Joomla Component Multiple Vulnerabilities Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities osCSS2 - __ID_ parameter Local file inclusion osCSS2 - '_ID' parameter Local file inclusion Infoproject Business Hero Multiple Vulnerabilities Infoproject Business Hero - Multiple Vulnerabilities SugarCRM CE <= 6.3.1 - _unserialize()_ PHP Code Execution SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution ARYADAD Multiple Vulnerabilities Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (1) ARYADAD - Multiple Vulnerabilities Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1) vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit swDesk Multiple Vulnerabilities swDesk - Multiple Vulnerabilities Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI/XSS) Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials) DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities Adobe Flash Player .mp4 - 'cprt' Overflow_ Adobe Flash Player .mp4 - 'cprt' Overflow Wolfcms <= 0.75 - Multiple Vulnerabilities (CSRF - XSS) Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow_ Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow' MailMax <= 4.6 - POP3 - _USER_ Remote Buffer Overflow Exploit (No Login Needed) MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed) Samsung D6000 TV Multiple Vulnerabilities Samsung D6000 TV - Multiple Vulnerabilities Websense Triton Multiple Vulnerabilities Websense Triton - Multiple Vulnerabilities QNX phrelay/phindows/phditto Multiple Vulnerabilities QNX phrelay/phindows/phditto - Multiple Vulnerabilities Lynx Message Server Multiple Vulnerabilities Lynx Message Server - Multiple Vulnerabilities SAP Netweaver Dispatcher Multiple Vulnerabilities SAP Netweaver Dispatcher - Multiple Vulnerabilities elearning server 4g Multiple Vulnerabilities elearning server 4g - Multiple Vulnerabilities Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS) Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities Active Collab _chat module_ <= 2.3.8 - Remote PHP Code Injection Exploit Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability SunOS <= 4.1.3 - kmem setgid /etc/crash Vulnerability Linux kernel 2.0/2.1 - SIGIO Vulnerability Linux Kernel 2.0 / 2.1 - SIGIO Vulnerability Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability Microsoft Windows - _April Fools 2001_ Vulnerability Microsoft Windows - 'April Fools 2001' Vulnerability Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking _Save Password_ Vulnerability Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - _Pass the Hash_ with Modified SMB Client Vulnerability Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password' Vulnerability Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client Vulnerability Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability Linux kernel 2.0/2.1/2.2 - autofs Vulnerability Linux Kernel 2.0 / 2.1 / 2.2 - autofs Vulnerability QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities Linux kernel 2.0 - TCP Port DoS Vulnerability Linux kernel 2.2 - ldd core Vulnerability Linux Kernel 2.0 - TCP Port DoS Vulnerability Linux Kernel 2.2 - ldd core Force Reboot Vulnerability Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability Linux Kernel 2.0.33 - IP Fragment Overlap Vulnerability Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities Linux kernel 2.0.37 - Segment Limit Vulnerability Linux Kernel 2.0.37 - Segment Limit Local Root Vulnerability BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability Quinn _the Eskimo_ and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability Fujitsu Chocoa 1.0 beta7R _Topic_ Buffer Overflow Vulnerability Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow Vulnerability Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability Microsoft Internet Explorer 5.0 - ActiveX _Object for constructing type libraries for scriptlets_ Vulnerability Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets' Vulnerability Microsoft Internet Explorer 4.0/5.0 - ActiveX _Eyedog_ Vulnerability Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog' Vulnerability Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability Linux Kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability MediaHouse Software Statistics Server 4.28/5.1 - _Server ID_ Buffer Overflow Vulnerability MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow Vulnerability Tiki Wiki CMS Groupware <= 8.3 - _unserialize()_ PHP Code Execution Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Vulnerability Linux Kernel - fs/eventpoll.c Local Denial of Service Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service Netscape Enterprise Server _Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities Netscape Enterprise Server_ Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities Netsweeper WebAdmin Portal Multiple Vulnerabilities Netsweeper WebAdmin Portal - Multiple Vulnerabilities Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x _ALG_ Client Vulnerability Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client Vulnerability gpm 1.18.1/1.19_Debian 2.x_RedHat 6.x_S.u.S.E 5.3/6.x gpm Setgid Vulnerability gpm 1.18.1/1.19_ Debian 2.x_ RedHat 6.x_ S.u.S.E 5.3/6.x gpm Setgid Vulnerability Linux kernel 2.2.12/2.2.14/2.3.99_RedHat 6.x - Socket Denial of Service Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service Linux Kernel - Sendpage Local Privilege Escalation Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit) kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (1) kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (2) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2) Cart32 3.0 - _expdate_ Administrative Information Disclosure Vulnerability Cart32 3.0 - 'expdate' Administrative Information Disclosure Vulnerability DALnet Bahamut IRCd 4.6.5 - _SUMMON_ Buffer Overflow Vulnerability DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow Vulnerability BitchX IRC Client 75p1/75p3/1.0 c16 - _/INVITE_ Format String Vulnerability BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String Vulnerability CVSWeb Developer CVSWeb 1.80 insecure perl _open_ Vulnerability CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open' Vulnerability Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (1) Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (2) Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (1) Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (2) Solaris 2.6/7.0 - _eject_ Exploit for locale subsystem format string Solaris 2.6/7.0 - 'eject' Exploit for locale subsystem format string UoW Pine 4.0.4/4.10/4.21 - _From:_ Field Buffer Overflow Vulnerability UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow Vulnerability Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities Tickets CAD 2.20G Multiple Vulnerabilities Tickets CAD 2.20G - Multiple Vulnerabilities Cisco IOS 12 - Software _?/_ HTTP Request DoS Vulnerability Cisco IOS 12 - Software '?/' HTTP Request DoS Vulnerability Markus Triska CGIForum 1.0 - _thesection_ Directory Traversal Vulnerability Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal Vulnerability Tunnelblick - Local Root Exploit Tunnelblick - Local Root Exploit (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (2) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (3) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (4) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4) ReiserFS 3.5.28 Kernel - DoS (Possible Code Execution Vulnerability) (Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution) Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment Vulnerability Linux sysctl() Kernel 2.2.x - Memory Reading Vulnerability Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept Vulnerability IOServer _Root Directory_ Trailing Backslash Multiple Vulnerabilities IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (1) Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (2) Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1) Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2) Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion Rit Research Labs _The Bat!_ 1.x - Missing Linefeeds DoS Vulnerability Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS Vulnerability Ad Manager Pro Multiple Vulnerabilities Ad Manager Pro - Multiple Vulnerabilities Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root Vulnerability HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS ID Software Quake 3 - _smurf attack_ Denial of Service Vulnerability ID Software Quake 3 - 'smurf attack' Denial of Service Vulnerability Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service Vulnerability Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root Vulnerability Pinterest Clone Script Multiple Vulnerabilities Pinterest Clone Script - Multiple Vulnerabilities User-Mode Linux Kernel 2.4.17-8 - Memory Access Vulnerability User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root Vulnerability Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit Ezylog Photovoltaic Management Server Multiple Vulnerabilities Ezylog Photovoltaic Management Server - Multiple Vulnerabilities Auxilium PetRatePro Multiple Vulnerabilities Netsweeper WebAdmin Portal Multiple Vulnerabilities Auxilium PetRatePro - Multiple Vulnerabilities Netsweeper WebAdmin Portal - Multiple Vulnerabilities Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC Vulnerability Fortigate UTM WAF Appliance Multiple Vulnerabilities Fortigate UTM WAF Appliance - Multiple Vulnerabilities Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 cleanSearchString() Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 Get Request Denial of Service Vulnerability Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 - Get Request Denial of Service Vulnerability Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability Working Resources 1.7.3 BadBlue - Null Byte File Disclosure Vulnerability Working Resources 1.7.x BadBlue Administrative Interface Arbitrary File Access Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access Qualcomm Eudora 5 MIME Multipart Boundary Buffer Overflow Vulnerability Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow Vulnerability AFD 1.2.x Working Directory Local Buffer Overflow Vulnerabilities AFD 1.2.x - Working Directory Local Buffer Overflow Vulnerabilities Trillian 0.74 IRC PART Message Denial of Service Vulnerability Trillian 0.74 - IRC PART Message Denial of Service Vulnerability Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (1) Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (2) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (1) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (2) Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness CheckPoint/Sofaware Firewall Multiple Vulnerabilities CheckPoint/Sofaware Firewall - Multiple Vulnerabilities Working Resources 1.7.x/2.15 BadBlue Ext.DLL Command Execution Vulnerability Working Resources 1.7.x/2.15 BadBlue - Ext.DLL Command Execution Vulnerability Working Resources BadBlue 1.7.x/2.x Unauthorized HTS Access Vulnerability Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access Vulnerability Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service Vulnerability MYRE Realty Manager Multiple Vulnerabilities MYRE Realty Manager - Multiple Vulnerabilities Myrephp Business Directory Multiple Vulnerabilities MYREphp Vacation Rental Software Multiple Vulnerabilities Myrephp Business Directory - Multiple Vulnerabilities MYREphp Vacation Rental Software - Multiple Vulnerabilities BabyGekko 1.2.2e Multiple Vulnerabilities BabyGekko 1.2.2e - Multiple Vulnerabilities Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability Linux Kernel 2.4 - execve() System Call Race Condition Vulnerability Linux Kernel 2.4 - execve() System Call Race Condition PoC Vulnerability Aardvark Topsites 4.1 PHP Multiple Vulnerabilities Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities phpwcms <= 1.5.4.6 - _preg_replace_ - Multiple Vulnerabilities phpwcms <= 1.5.4.6 - 'preg_replace' - Multiple Vulnerabilities KAME Racoon _Initial Contact_ SA Deletion Vulnerability lionmax software www file share pro 2.4x Multiple Vulnerabilities (1) lionmax software www file share pro 2.4x Multiple Vulnerabilities (2) KAME Racoon 'Initial Contact' SA Deletion Vulnerability lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1) lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2) DUware Software Multiple Vulnerabilities DUware Software - Multiple Vulnerabilities Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Vulnerability ASP Portal Multiple Vulnerabilities ASP Portal - Multiple Vulnerabilities Working Resources BadBlue Server 2.40 phptest.php Path Disclosure Vulnerability Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure Vulnerability SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities Remote Root Exploit Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service Vulnerability Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service Vulnerability phpBugTracker 0.9 user.php bugid Parameter XSS phpBugTracker 0.9 - user.php bugid Parameter XSS Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability e107 website system 0.6 - _email article to a friend_ Feature XSS e107 website system 0.6 - 'email article to a friend' Feature XSS Rlpr 2.0 msg() Function Multiple Vulnerabilities Rlpr 2.0 msg() Function - Multiple Vulnerabilities Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay Vulnerability Netgear SPH200D Multiple Vulnerabilities Netgear SPH200D - Multiple Vulnerabilities Fortinet FortiMail 400 IBE Multiple Vulnerabilities Fortinet FortiMail 400 IBE - Multiple Vulnerabilities Cisco Unity Express Multiple Vulnerabilities Cisco Unity Express - Multiple Vulnerabilities Linux Kernel - /dev/ptmx Key Stroke Timing Local Disclosure Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure SAP Netweaver Message Server Multiple Vulnerabilities SAP Netweaver Message Server - Multiple Vulnerabilities Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Vulnerability Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC Vulnerability Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag - Multiple Vulnerabilities Ubuntu 12.10 - (64-Bit) sock_diag_handlers - Local Root Exploit Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit event calendar Multiple Vulnerabilities event calendar - Multiple Vulnerabilities opera Web browser 7.54 java implementation Multiple Vulnerabilities (1) opera Web browser 7.54 java implementation Multiple Vulnerabilities (2) opera Web browser 7.54 java implementation Multiple Vulnerabilities (3) opera Web browser 7.54 java implementation Multiple Vulnerabilities (4) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4) ca3de Multiple Vulnerabilities ca3de - Multiple Vulnerabilities Vivotek IP Cameras Multiple Vulnerabilities Vivotek IP Cameras - Multiple Vulnerabilities Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (1) Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (2) Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (1) Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (2) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (1) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (2) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1) Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2) Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Icecast 2.x - XSL Parser Multiple Vulnerabilities Icecast 2.x - XSL Parser - Multiple Vulnerabilities Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (1) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (2) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (3) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (4) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4) Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 StrSubCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - IntCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - CurCatalogID Parameter Remote SQL Injection Vulnerability neteyes nexusway border gateway Multiple Vulnerabilities neteyes nexusway border gateway - Multiple Vulnerabilities McAfee IntruShield Security Management System Multiple Vulnerabilities McAfee IntruShield Security Management System - Multiple Vulnerabilities Gaim AIM/ICQ Protocols Multiple Vulnerabilities Gaim AIM/ICQ Protocols - Multiple Vulnerabilities bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities Linux Kernel <= 2.6 - Console Keymap Local Command Injection Vulnerability Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection QuickPayPro 3.1 tracking.details.php trackingid Parameter SQL Injection QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection oracle application server discussion forum portlet Multiple Vulnerabilities oracle application server discussion forum portlet - Multiple Vulnerabilities Linux Kernel - 'MSR' Driver Local Privilege Escalation Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation Linux Kernel 2.4.x/2.5.x/2.6.x - Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Apache James 2.2 SMTP Denial of Service Vulnerability Apache James 2.2 - SMTP Denial of Service Vulnerability Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Vulnerability Microsoft windows xp/2000/2003 help Multiple Vulnerabilities Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities ArticleSetup Multiple Vulnerabilities ArticleSetup - Multiple Vulnerabilities PhotoStore details.php gid Parameter XSS PhotoStore view_photog.php photogid Parameter XSS PhotoStore details.php - gid Parameter XSS PhotoStore view_photog.php - photogid Parameter XSS MailEnable 2.x SMTP NTLM Authentication Multiple Vulnerabilities MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities Simplog 0.9.3 BlogID Parameter Multiple SQL Injection Vulnerabilities Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities Oracle January 2007 Security Update Multiple Vulnerabilities Oracle January 2007 Security Update - Multiple Vulnerabilities Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS Vulnerability E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection OpenBase 10.0.x - Multiple Vulnerabilities (Buffer Overflow & Remote Command Execution) OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities ZyXEL P-330W Multiple Vulnerabilities ZyXEL P-330W - Multiple Vulnerabilities WinComLPD Total 3.0.2.623 - Multiple Vulnerabilities (Buffer Overflow and Authentication Bypass) WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities Linux Kernel 3.4 < 3.13.2 - Arbitrary write with CONFIG_X86_X32 Linux Kernel 3.4 < 3.13.2 - Local Root (CONFIG_X86_X32=y) Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y) IBM solidDB 6.0.10 - Multiple Vulnerabilities (Format String and Denial of Service) IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities Linux Kernel < 3.4.5 - Local Root Exploit (ARM - Android 4.2.2 / 4.4) Linux Kernel < 3.4.5 (ARM - Android 4.2.2 / 4.4) - Local Root Exploit Catia V5-6R2013 - _CATV5_AllApplications_ - Stack Buffer Overflow Catia V5-6R2013 - 'CATV5_AllApplications' - Stack Buffer Overflow Catia V5-6R2013 - _CATV5_Backbone_Bus_ - Stack Buffer Overflow Catia V5-6R2013 - 'CATV5_Backbone_Bus' - Stack Buffer Overflow Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (1) Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (2) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (1) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (2) EasyE-Cards 3.10 - Multiple Vulnerabilities (SQL Injection and Cross-Site Scripting) EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities Jamroom <= 3.3.8 - Multiple Vulnerabilities (Cookie Authentication Bypass and Unspecified Security Issues) Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection) LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness PG Roommate Finder Solution quick_search.php part Parameter XSS PG Roommate Finder Solution viewprofile.php part Parameter XSS PG Roommate Finder Solution - quick_search.php part Parameter XSS PG Roommate Finder Solution - viewprofile.php part Parameter XSS Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow Vulnerability e107 0.7.x - Multiple Vulnerabilities ('CAPTCHA' Security Bypass and Cross-Site Scripting) e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (1) Linux Kernel 2.6.x - pipe.c Local Privilege Escalation Vulnerability (2) Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation Vulnerability (1) Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (2) Linux Kernel 3.3 < 3.8 - SOCK_DIAG Local Root Exploit Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit Linux Kernel - 'find_keyring_by_name()' Local Memory Corruption Vulnerability Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption Vulnerability Linux Kernel - ptrace/sysret - Local Privilege Escalation Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities ServletExec - Multiple Vulnerabilities (Directory Traversal and Authentication-Bypass) ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities Creative Contact Form - Arbitrary File Upload Creative Contact Form 0.9.7 - Arbitrary File Upload Aireplay-ng 1.2 beta3 - _tcp_test_ Length Parameter Stack Overflow Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060) Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060) Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities Xerox Multifunction Printers (MFP) _Patch_ DLM Vulnerability Xerox Multifunction Printers (MFP) 'Patch' DLM Vulnerability Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2) Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2) Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control - Multiple Vulnerabilities Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406 Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 - ActiveX Control Multiple Vulnerabilities RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities OS X networkd _effective_audit_token_ XPC Type Confusion Sandbox Escape OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Vulnerability Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept AJ Classifieds 'listingid' Parameter SQL Injection Vulnerability AJ Classifieds 'listingid' Parameter - SQL Injection Vulnerability BlueSoft Social Networking CMS SQL Injection Vulnerability BlueSoft Social Networking CMS - SQL Injection Vulnerability Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC Linux Kernel Associative Array Garbage Collection - Crash PoC Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC Linux Kernel - Network Namespace Remote Denial of Service Vulnerability Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service Vulnerability Kayako SupportSuite 3.x Multiple Vulnerabilities Kayako SupportSuite 3.x - Multiple Vulnerabilities Linux Kernel splice() System Call - Local DoS Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS Mac OS X - _Rootpipe_ Privilege Escalation Mac OS X - 'Rootpipe' Privilege Escalation Apport - Local Linux Root Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit SixApart MovableType Storable Perl Code Execution SixApart MovableType - Storable Perl Code Execution WordPress TagGator 'tagid' Parameter SQL Injection Vulnerability WordPress TagGator 'tagid' Parameter - SQL Injection Vulnerability JSPMyAdmin 1.1 Multiple Vulnerabilities JSPMyAdmin 1.1 - Multiple Vulnerabilities WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities ESC 8832 Data Controller Multiple Vulnerabilities ESC 8832 Data Controller - Multiple Vulnerabilities ZTE AC 3633R USB Modem Multiple Vulnerabilities ZTE AC 3633R USB Modem - Multiple Vulnerabilities OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shell) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell) Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shadow File) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File) OSSEC WUI 0.8 - Denial of Service Adobe Flash Use-After-Free in Drawing Methods _this_ Adobe Flash - Use-After-Free in Drawing Methods 'this' Kaspersky Antivirus _Yoda's Protector_ Unpacking Memory Corruption Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability Kallithea 0.2.9 - (came_from) HTTP Response Splitting Vulnerability Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities WordPress WP Private Messages Plugin 'msgid' Parameter SQL Injection Vulnerability WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection Vulnerability Microsoft Windows Media Center Library Parsing RCE Vulnerability aka _self-executing_ MCL File Microsoft Windows Media Center Library - Parsing RCE Vulnerability aka 'self-executing' MCL File MyBB 'misc.php' Remote Denial of Service Vulnerability MyBB 1.6.12 - 'misc.php' Remote Denial of Service Vulnerability WHMCS 'cart.php' Denial of Service Vulnerability phpBB <= 3.0.8 Remote Denial of Service Vulnerability WHMCS 5.12 - 'cart.php' Denial of Service Vulnerability phpBB <= 3.0.8 - Remote Denial of Service Vulnerability Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit Linux Kernel overlayfs - Local Privilege Escalation Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Linux Kernel - prima WLAN Driver Heap Overflow Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability WordPress Wordfence Security Plugin Multiple Vulnerabilities WordPress Wordfence Security Plugin - Multiple Vulnerabilities STIMS Buffer - Buffer Overflow SEH - DoS STIMS Cutter - Buffer Overflow DoS STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS) STIMS Cutter 1.1.3.20 - Buffer Overflow DoS Linux Kernel - digi_acceleport Nullpointer Dereference Linux Kernel - Wacom Multiple Nullpointer Dereferences Linux Kernel - visor (treo_attach) Nullpointer Dereference Linux Kernel - visor clie_5_attach Nullpointer Dereference Linux Kernel - cypress_m8 Nullpointer Dereference Linux Kernel - mct_u232 Nullpointer Dereference Linux Kernel - cdc_acm Nullpointer Dereference Linux Kernel - aiptek Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference RHEL 7.1 Kernel - snd-usb-audio Crash PoC RHEL 7.1 Kernel - iowarrior driver Crash PoC RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC LShell <= 0.9.15 - Remote Code Execution LShell <= 0.9.15 - Remote Code Execution Exim _perl_startup_ Privilege Escalation Exim - 'perl_startup' Privilege Escalation NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit i.FTP 2.21 - Host Address / URL Field SEH Exploit All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes MediaInfo 0.7.61 - Crash PoC Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC Core FTP Server 32-bit Build 587 - Heap Overflow Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities Adobe Reader DC 15.010.20060 - Memory Corruption Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities	2016-05-11 05:03:54 +00:00
Offensive Security	01664c67b8	DB: 2016-05-10 ... 11 new exploits JITed egg-hunter stage-0 shellcode Adjusted universal for xp/vista/win7 JITed egg-hunter stage-0 shellcode Adjusted universal for XP/Vista/Windows 7 BlazeDVD 5.1- (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass on Win7 BlazeDVD 5.1 - (.plf) Stack Buffer Overflow PoC Exploit (Windows 7 ALSR/DEP Bypass) Winamp 5.572 - Local BoF Exploit (Win7 ASLR and DEP Bypass) Winamp 5.572 - Local BoF Exploit (Windows 7 ASLR and DEP Bypass) RM Downloader 3.1.3 - Local SEH Exploit (Win7 ASLR and DEP Bypass) RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR and DEP Bypass) UFO: Alien Invasion 2.2.1 - BoF Exploit (Win7 ASLR and DEP Bypass) UFO: Alien Invasion 2.2.1 - BoF Exploit (Windows 7 ASLR and DEP Bypass) The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Win7 + ASLR Bypass) The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows 7 + ASLR Bypass) Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7) Mozilla Firefox 3.6.16 - mChannel Object Use After Free Exploit (Windows 7) QQPLAYER PICT PnSize Buffer Overflow WIN7 DEP_ASLR BYPASS QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS GNU Bash - Environment Variable Command Injection (ShellShock) Bash - Environment Variables Code Injection Exploit (ShellShock) GNU Bash - Environment Variable Command Injection (Shellshock) Bash - Environment Variables Code Injection Exploit (Shellshock) OpenVPN 2.2.29 - ShellShock Exploit OpenVPN 2.2.29 - Shellshock Exploit Bash - CGI RCE Shellshock Exploit (Metasploit) Bash CGI - RCE Shellshock Exploit (Metasploit) PHP 5.x (< 5.6.2) - Shellshock Exploit (Bypass disable_functions) PHP 5.x (< 5.6.2) - Bypass disable_functions (Shellshock Exploit) OSSEC 2.8 - Privilege Escalation OSSEC 2.8 - hosts.deny Privilege Escalation ShellShock dhclient Bash Environment Variable Command Injection PoC dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock) OSSEC 2.7 <= 2.8.1 - Local Root Escalation OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) #2 Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2) BigTree CMS Cross Site Request Forgery Vulnerability Advantech Switch Bash Environment Variable Code Injection (Shellshock) Advantech Switch - Bash Environment Variable Code Injection (Shellshock) KiTTY Portable <= 0.65.0.2p Local kitty.ini Overflow (Wow64 Egghunter Win7) KiTTY Portable <= 0.65.0.2p Local kitty.ini Overflow (Win8.1/Win10) KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7) KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Windows 8.1/Windows 10) Windows Null-Free Shellcode - Primitive Keylogger to File - 431 (0x01AF) bytes Ajaxel CMS 8.0 - Multiple Vulnerabilities i.FTP 2.21 - Host Address / URL Field SEH Exploit Dell SonicWall Scrutinizer <= 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution ZeewaysCMS - Multiple Vulnerabilities ASUS Memory Mapping Driver (ASMMAP/ASMMAP64): Physical Memory Read/Write Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation Microsoft Windows 7 - WebDAV Privilege Escalation Exploit (MS16-016) (2) RPCScan 2.03 - Hostname/IP Field SEH Overwrite PoC ImageMagick Delegate Arbitrary Command Execution Ruby on Rails Development Web Console (v2) Code Execution	2016-05-10 05:02:47 +00:00
Offensive Security	5a82bad23d	DB: 2016-05-05 ... 14 new exploits Alibaba Clone B2B Script - Admin Authentication Bypass CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning Acunetix WP Security Plugin 3.0.3 - XSS NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow IPFire < 2.19 Core Update 101 - Remote Command Execution PHP Imagick 3.3.0 - disable_functions Bypass ImageMagick < 6.9.3-9 - Multiple Vulnerabilities OpenSSL Padding Oracle in AES-NI CBC MAC Check Zabbix Agent 3.0.1 - mysql.size Shell Command Injection McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow) Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps	2016-05-05 05:04:38 +00:00
Offensive Security	28f57d0dba	DB: 2016-05-03 ... 5 new exploits WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download .Net Framework Execute Native x86 Shellcode Acunetix WVS 10 - Remote Command Execution (System) Apache Struts Dynamic Method Invocation Remote Code Execution QSEE - PRDiag* Commands Privilege Escalation Exploit	2016-05-03 05:04:01 +00:00
Offensive Security	7472667089	DB: 2016-04-30 ... 9 new exploits Linux x86 Reverse TCP Shellcode (ipv6) Observium 0.16.7533 - Cross Site Request Forgery Observium 0.16.7533 - Authenticated Arbitrary Command Execution Merit Lilin IP Cameras - Multiple Vulnerabilities Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow Wireshark - alloc_address_wmem Assertion Failure Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read GLPi 0.90.2 - SQL Injection	2016-04-30 05:01:53 +00:00
Offensive Security	fe5081847e	DB: 2016-04-27 ... 4 new exploits Yasr Screen Reader 0.6.9 - Local Buffer Overflow Advantech WebAccess Dashboard Viewer Arbitrary File Upload libgd 2.1.1 - Signedness Heap Overflow ImpressCMS 1.3.9 - SQL Injection	2016-04-27 05:02:48 +00:00