exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	0a2e79b884	DB: 2016-12-04 2 new exploits FreeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated FreeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow (PoC) FreeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow (PoC) FreeSSHd 1.2.4 - Denial of Service freeSSHd 1.2.4 - Denial of Service FreeSSHd - Denial of Service (PoC) freeSSHd - Denial of Service (PoC) onehttpd 0.7 - Denial of Service OneHTTPD 0.7 - Denial of Service FreeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service freeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service FreeSSHd 1.3.1 - Denial of Service freeSSHd 1.3.1 - Denial of Service Microsoft Internet Explorer 9 < 11 - MSHTML 'PROPERTYDESC::HandleStyleComponentProperty' Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 9/10/11 - MSHTML 'PROPERTYDESC::HandleStyleComponentProperty' Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 8 / 9 / 10 / 11 - MSHTML 'DOMImplementation' Type Confusion (MS16-009) Microsoft Internet Explorer 8/9/10/11 - MSHTML 'DOMImplementation' Type Confusion (MS16-009) Microsoft Windows 8.0 < 8.1 (x64) - 'TrackPopupMenu' Privilege Escalation (MS14-058) Microsoft Windows 8.0/8.1 (x64) - 'TrackPopupMenu' Privilege Escalation (MS14-058) FreeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow freeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow FreeSSHd 1.2.1 - Authenticated Remote SEH Overflow freeSSHd 1.2.1 - Authenticated Remote SEH Overflow FreeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH) freeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH) FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) FreeSSHd 2.1.3 - Remote Authentication Bypass freeSSHd 2.1.3 - Remote Authentication Bypass FreeSSHd 1.2.6 - Authentication Bypass (Metasploit) freeSSHd 1.2.6 - Authentication Bypass (Metasploit) Microsoft Internet Explorer 8<11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 8/9/10/11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution Joomla! Component com_mycontent 1.1.13 - Blind SQL Injection Joomla! Component MyContent 1.1.13 - Blind SQL Injection Xfinity Gateway - Remote Code Execution	2016-12-04 05:01:23 +00:00
Offensive Security	a5cd225af0	DB: 2016-12-01 7 new exploits Xitami Web Server 5.0a0 - Denial of Service Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (SUID) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition Privilege Escalation (/etc/passwd) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (/etc/passwd) WinPower 4.9.0.4 - Privilege Escalation Internet PhotoShow (page) - Remote File Inclusion Internet PhotoShow 1.3 - 'page' Parameter Remote File Inclusion EQdkp 1.3.0 - (dbal.php) Remote File Inclusion EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion CaLogic Calendars 1.2.2 - 'CLPath' Remote File Inclusion MercuryBoard 1.1.4 - (User-Agent) SQL Injection MercuryBoard 1.1.4 - 'User-Agent' SQL Injection EQdkp 1.3.1 - (Referer Spoof) Remote Database Backup EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup Web Slider 0.6 - (path) Remote File Inclusion Web Slider 0.6 - 'path' Parameter Remote File Inclusion Zomplog 3.8 - (mp3playlist.php speler) SQL Injection Zomplog 3.8 - 'mp3playlist.php' SQL Injection EQdkp 1.3.2 - (listmembers.php rank) SQL Injection EQdkp 1.3.2 - 'listmembers.php' SQL Injection CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection CKGold Shopping Cart 2.0 - 'category.php' Blind SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' Parameter SQL Injection Zomplog 3.8.1 - upload_files.php Arbitrary File Upload Zomplog 3.8.1 - Arbitrary File Upload CMS Made Simple 1.2.2 - (TinyMCE module) SQL Injection CMS Made Simple 1.2.2 Module TinyMCE - SQL Injection Mega File Hosting Script 1.2 - (fid) SQL Injection Mega File Hosting Script 1.2 - 'fid' Parameter SQL Injection CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload AJ HYIP ACME - 'topic_detail.php id' SQL Injection EQDKP 1.3.2f - (user_id) Authentication Bypass (PoC) e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection AJ HYIP ACME - 'topic_detail.php' SQL Injection EQdkp 1.3.2f - 'user_id' Authentication Bypass (PoC) e107 Plugin BLOG Engine 2.2 - 'rid' Parameter Blind SQL Injection CaLogic Calendars 1.2.2 - (langsel) SQL Injection CaLogic Calendars 1.2.2 - 'langsel' Parameter SQL Injection EMO Realty Manager - 'news.php ida' SQL Injection The Real Estate Script - 'dpage.php docID' SQL Injection Linkspile - 'link.php cat_id' SQL Injection Freelance Auction Script 1.0 - (browseproject.php) SQL Injection EMO Realty Manager - 'ida' Parameter SQL Injection The Real Estate Script - 'docID' Parameter SQL Injection Linkspile - 'cat_id' Parameter SQL Injection Freelance Auction Script 1.0 - 'browseproject.php' SQL Injection rgboard 3.0.12 - (Remote File Inclusioni / Cross-Site Scripting) Multiple Vulnerabilities Kostenloses Linkmanagementscript - (page_to_include) Remote File Inclusion rgboard 3.0.12 - Remote File Inclusioni / Cross-Site Scripting Kostenloses Linkmanagementscript - Remote File Inclusion newsmanager 2.0 - (Remote File Inclusion / File Disclosure / SQL Injection / pb) Multiple Vulnerabilities 68 Classifieds 4.0 - (category.php cat) SQL Injection newsmanager 2.0 - Remote File Inclusion / File Disclosure / SQL Injection 68 Classifieds 4.0 - 'category.php' SQL Injection StanWeb.CMS - (default.asp id) SQL Injection StanWeb.CMS - SQL Injection Archangel Weblog 0.90.02 - (post_id) SQL Injection Archangel Weblog 0.90.02 - 'post_id' Parameter SQL Injection WR-Meeting 1.0 - (msnum) Local File Disclosure WR-Meeting 1.0 - 'msnum' Parameter Local File Disclosure FicHive 1.0 - (category) Blind SQL Injection Smeego 1.0 - (Cookie lang) Local File Inclusion FicHive 1.0 - 'category' Parameter Blind SQL Injection Smeego 1.0 - 'Cookie lang' Local File Inclusion TAGWORX.CMS - Multiple SQL Injections TAGWORX.CMS 3.00.02 - Multiple SQL Injections lulieblog 1.2 - Multiple Vulnerabilities AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add Admin easycms 0.4.2 - Multiple Vulnerabilities Lulieblog 1.2 - Multiple Vulnerabilities AlkalinePHP 0.77.35 - 'adduser.php' Arbitrary Add Admin Easycms 0.4.2 - Multiple Vulnerabilities AlkalinePHP 0.80.00 Beta - (thread.php id) SQL Injection AlkalinePHP 0.80.00 Beta - 'thread.php' SQL Injection EntertainmentScript - 'play.php id' SQL Injection EntertainmentScript 1.4.0 - 'play.php' SQL Injection ecms 0.4.2 - (SQL Injection / Security Bypass) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 - (Code Execution / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities ComicShout 2.5 - (index.php comic_id) SQL Injection eCMS 0.4.2 - SQL Injection / Security Bypass Mantis Bug Tracker 1.1.1 - Code Execution / Cross-Site Scripting / Cross-Site Request Forgery ComicShout 2.5 - 'comic_id' Parameter SQL Injection PHP Jokesite 2.0 - 'cat_id' SQL Injection Netious CMS 0.4 - (index.php pageid) SQL Injection PHP Jokesite 2.0 - 'cat_id' Parameter SQL Injection Netious CMS 0.4 - 'pageid' Parameter SQL Injection 6rbScript - 'news.php newsid' SQL Injection webl?sninger 4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities 6rbScript - 'news.php' SQL Injection Weblosninger 4 - Cross-Site Scripting / SQL Injection e107 Plugin BLOG Engine 2.2 - 'uid' Blind SQL Injection Quate CMS 0.3.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting / dt) Multiple Vulnerabilities e107 Plugin BLOG Engine 2.2 - 'uid' Parameter Blind SQL Injection Quate CMS 0.3.4 - Multiple Vulnerabilities RoomPHPlanning 1.5 - (idresa) SQL Injection PHPRaider 1.0.7 - (PHPbb3.functions.php) Remote File Inclusion RoomPHPlanning 1.5 - 'idresa' Parameter SQL Injection PHPRaider 1.0.7 - 'PHPbb3.functions.php' Remote File Inclusion CMS MAXSITE 1.10 - (category) SQL Injection CMS MAXSITE 1.10 - 'category' Parameter SQL Injection CKGold Shopping Cart 2.5 - (category_id) SQL Injection CKGold Shopping Cart 2.5 - 'category_id' Parameter SQL Injection ComicShout 2.8 - (news.php news_id) SQL Injection ComicShout 2.8 - 'news_id' Parameter SQL Injection AJ HYIP ACME - 'news.php id' SQL Injection AJ HYIP ACME - 'news.php' SQL Injection Quate CMS 0.3.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Quate CMS 0.3.4 - Local File Inclusion / Cross-Site Scripting e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection e107 Plugin BLOG Engine 2.2 - 'uid' Parameter SQL Injection AJ HYIP ACME - 'comment.php artid' SQL Injection AJ HYIP ACME - 'readarticle.php artid' SQL Injection AJ HYIP ACME - 'comment.php' SQL Injection AJ HYIP ACME - 'readarticle.php' SQL Injection 6rbScript 3.3 - 'singerid' SQL Injection 6rbScript 3.3 - 'singerid' Parameter SQL Injection 6rbScript 3.3 - (section.php name) Local File Inclusion 6rbScript 3.3 - 'section.php' Local File Inclusion RoomPHPlanning 1.6 - (userform.php) Create Admin User Exploit RoomPHPlanning 1.6 - 'userform.php' Create Admin User Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion Mega File Hosting Script 1.2 - 'url' Parameter Remote File Inclusion Advanced Image Hosting (AIH) 2.3 - (gal) Blind SQL Injection Advanced Image Hosting (AIH) 2.3 - 'gal' Parameter Blind SQL Injection ActiveKB KnowledgeBase - 'loadpanel.php Panel' Local File Inclusion ActiveKB KnowledgeBase - 'Panel' Parameter Local File Inclusion Quate CMS 0.3.5 - (Remote File Inclusioni / Local File Inclusion) Multiple Vulnerabilities Quate CMS 0.3.5 - Remote File Inclusion / Local File Inclusion Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities Zomplog 3.9 - Cross-Site Scripting / Cross-Site Request Forgery YABSoft Advanced Image Hosting Script - SQL Injection Advanced Image Hosting Script - SQL Injection MercuryBoard 1.1 - index.php SQL Injection MercuryBoard 1.1 - 'index.php' SQL Injection CMS Made Simple 0.10 - Lang.php Remote File Inclusion CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion Zomplog 3.3/3.4 - detail.php HTML Injection Zomplog 3.3/3.4 - 'detail.php' HTML Injection CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting CMS Made Simple 1.0.2 - 'SearchInput' Parameter Cross-Site Scripting EQDKP 1.3.1 - Show Variable Cross-Site Scripting EQdkp 1.3.1 - Cross-Site Scripting CMS Made Simple 105 - Stylesheet.php SQL Injection CMS Made Simple 1.0.5 - 'Stylesheet.php' SQL Injection Internet PhotoShow - 'login_admin' Parameter Unauthorized Access 68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'login.php' Cross-Site Scripting 68 Classifieds 4.1 - category.php cat Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'category.php' Cross-Site Scripting 68 Classifieds 4.1 - searchresults.php page Parameter Cross-Site Scripting 68 Classifieds 4.1 - toplistings.php page Parameter Cross-Site Scripting 68 Classifieds 4.1 - viewlisting.php view Parameter Cross-Site Scripting 68 Classifieds 4.1 - viewmember.php member Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'searchresults.php' Cross-Site Scripting 68 Classifieds 4.1 - 'toplistings.php' Cross-Site Scripting 68 Classifieds 4.1 - 'viewlisting.php' Cross-Site Scripting 68 Classifieds 4.1 - 'viewmember.php' Cross-Site Scripting YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload CMS Made Simple Module Download Manager 1.4.1 - Arbitrary File Upload CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload CMS Made Simple Module Antz Toolkit 1.02 - Arbitrary File Upload Zomplog 3.9 - 'message' Parameter Multiple Cross-Site Scripting Vulnerabilities Zomplog 3.9 - 'message' Parameter Cross-Site Scripting YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion Joomla! Component Catalog 1.0.7 - SQL Injection Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection Xfinity Gateway - Cross-Site Request Forgery	2016-12-01 07:48:18 +00:00
Offensive Security	91b12c469e	DB: 2016-11-29 16 new exploits rdesktop 1.5.0 - iso_recv_msg() Integer Underflow (PoC) rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow (PoC) rdesktop 1.5.0 - 'iso_recv_msg()' Integer Underflow (PoC) rdesktop 1.5.0 - 'process_redirect_pdu()' BSS Overflow (PoC) NTP 4.2.8p3 - Denial of Service Microsoft Internet Explorer 8 MSHTML - 'SRunPointer::SpanQualifier/RunType' Out-Of-Bounds Read (MS15-009) Microsoft Internet Explorer 11 MSHTML - 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion Microsoft Internet Explorer 10 MSHTML - 'CEditAdorner::Detach' Use-After-Free (MS13-047) Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type Confusion (MS16-009) Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Linux Kernel 2.6.x < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1) Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1) Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2) Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation TFTP Server 1.4 - Buffer Overflow Remote Exploit (2) TFTP Server 1.4 - Remote Buffer Overflow (2) TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit) TFTP Server 1.4 - ST WRQ Buffer Overflow (Metasploit) Android - 'BadKernel' Remote Code Execution VX Search Enterprise 9.1.12 - Buffer Overflow Sync Breeze Enterprise 9.1.16 - Buffer Overflow Disk Sorter Enterprise 9.1.12 - Buffer Overflow Dup Scout Enterprise 9.1.14 - Buffer Overflow Disk Savvy Enterprise 9.1.14 - Buffer Overflow Disk Pulse Enterprise 9.1.16 - Buffer Overflow Linux/x86 - Egg-hunter Shellcode (25 bytes) Linux/x86 - Egg-hunter Shellcode (31 bytes) RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion CMS Faethon 1.3.2 - 'mainpath' Parameter Remote File Inclusion CMS Faethon 2.0 - (mainpath) Remote File Inclusion CMS Faethon 2.0 - 'mainpath' Parameter Remote File Inclusion SazCart 1.5 - (cart.php) Remote File Inclusion SazCart 1.5 - 'cart.php' Remote File Inclusion Cyberfolio 2.0 RC1 - (av) Remote File Inclusion Cyberfolio 2.0 RC1 - 'av' Parameter Remote File Inclusion FipsCMS 4.5 - (index.asp) SQL Injection FipsCMS 4.5 - 'index.asp' SQL Injection AJ Classifieds 1.0 - (postingdetails.php) SQL Injection AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection RunCMS 1.5.2 - (debug_show.php) SQL Injection RunCMS 1.5.2 - 'debug_show.php' SQL Injection OneCMS 2.4 - (userreviews.php abc) SQL Injection OneCMS 2.4 - 'abc' Parameter SQL Injection RunCMS 1.6 - disclaimer.php Remote File Overwrite RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite PHPEasyData 1.5.4 - 'cat_id' SQL Injection FipsCMS - 'print.asp lg' SQL Injection Galleristic 1.0 - (index.php cat) SQL Injection gameCMS Lite 1.0 - (index.php systemId) SQL Injection PHPEasyData 1.5.4 - 'cat_id' Parameter SQL Injection FipsCMS 2.1 - 'print.asp' SQL Injection Galleristic 1.0 - 'cat' Parameter SQL Injection GameCMS Lite 1.0 - 'systemId' Parameter SQL Injection CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities CMS Faethon 2.2 Ultimate - Remote File Inclusion / Cross-Site Scripting MusicBox 2.3.7 - (artistId) SQL Injection RunCMS 1.6.1 - (msg_image) SQL Injection MusicBox 2.3.7 - 'artistId' Parameter SQL Injection RunCMS 1.6.1 - 'msg_image' Parameter SQL Injection vShare YouTube Clone 2.6 - (tid) SQL Injection vShare YouTube Clone 2.6 - 'tid' Parameter SQL Injection Cyberfolio 7.12 - (rep) Remote File Inclusion miniBloggie 1.0 - (del.php) Arbitrary Delete Post Cyberfolio 7.12 - 'rep' Parameter Remote File Inclusion miniBloggie 1.0 - 'del.php' Arbitrary Delete Post SazCart 1.5.1 - (prodid) SQL Injection SazCart 1.5.1 - 'prodid' Parameter SQL Injection Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting Ktools Photostore 3.5.1 - (gallery.php gid) SQL Injection Ktools Photostore 3.5.1 - 'gid' Parameter SQL Injection Joomla! Component com_datsogallery 1.6 - Blind SQL Injection Joomla! Component Datsogallery 1.6 - Blind SQL Injection Vortex CMS - 'index.php pageid' Blind SQL Injection AJ Article 1.0 - (featured_article.php) SQL Injection AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection Vortex CMS - 'pageid' Parameter Blind SQL Injection AJ Article 1.0 - 'featured_article.php' SQL Injection AJ Auction 6.2.1 - 'classifide_ad.php' SQL Injection clanlite 2.x - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ClanLite 2.x - SQL Injection / Cross-Site Scripting OneCMS 2.5 - (install_mod.php) Local File Inclusion OneCMS 2.5 - 'install_mod.php' Local File Inclusion AJ Auction Web 2.0 - (cate_id) SQL Injection AJ Auction 1.0 - 'id' SQL Injection AJ Auction Web 2.0 - 'cate_id' Parameter SQL Injection AJ Auction 1.0 - 'id' Parameter SQL Injection FipsCMS Light 2.1 - (r) SQL Injection FipsCMS Light 2.1 - 'r' Parameter SQL Injection AJ Auction Pro Platinum Skin - 'detail.php item_id' SQL Injection AJ Auction Pro Platinum Skin - 'item_id' Parameter SQL Injection AJ Auction Pro Platinum - (seller_id) SQL Injection AJ Auction Pro Platinum - 'seller_id' Parameter SQL Injection miniBloggie 1.0 - (del.php) Blind SQL Injection miniBloggie 1.0 - 'del.php' Blind SQL Injection AJ Article - 'featured_article.php mode' SQL Injection AJ ARTICLE - (Authentication Bypass) SQL Injection AJ Article 1.0 - Authentication Bypass Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion Cyberfolio 7.12.2 - 'theme' Parameter Local File Inclusion AJ ARTICLE - Remote Authentication Bypass AJ Article 1.0 - Remote Authentication Bypass MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection MusicBox 2.3.8 - 'viewalbums.php' SQL Injection AJ Auction Pro OOPD 2.3 - 'id' SQL Injection AJ Auction Pro OOPD 2.3 - 'id' Parameter SQL Injection BigACE CMS 2.5 - 'Username' SQL Injection BigACE 2.5 - SQL Injection ZeusCart 2.3 - 'maincatid' SQL Injection ZeusCart 2.3 - 'maincatid' Parameter SQL Injection BigACE CMS 2.6 - (cmd) Local File Inclusion BigACE 2.6 - 'cmd' Parameter Local File Inclusion RunCMS 1.6.3 - (double ext) Remote Shell Injection RunCMS 1.6.3 - Remote Shell Injection AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection AJ Auction Pro OOPD 2.x - 'id' Parameter SQL Injection RunCMS 2m1 - store() SQL Injection RunCMS 2ma - post.php SQL Injection RunCMS 2m1 - 'store()' SQL Injection RunCMS 2ma - 'post.php' SQL Injection AJ Article - Persistent Cross-Site Scripting AJ Article 3.0 - Cross-Site Scripting admidio 2.3.5 - Multiple Vulnerabilities Admidio 2.3.5 - Multiple Vulnerabilities RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection MusicBox 2.3 - Type Parameter SQL Injection MusicBox 2.3 - 'type' Parameter SQL Injection RunCMS 1.x - Bigshow.php Cross-Site Scripting RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting RunCMS 1.2/1.3 - PMLite.php SQL Injection RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection RunCMS 1.x - Ratefile.php Cross-Site Scripting RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin) MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting MusicBox 2.3 - 'index.php' SQL Injection MusicBox 2.3 - 'index.php' Cross-Site Scripting MusicBox 2.3 - 'cart.php' Cross-Site Scripting MusicBox 2.3.4 - Page Parameter SQL Injection MusicBox 2.3.4 - 'page' Parameter SQL Injection MyWebland miniBloggie 1.0 - Fname Remote File Inclusion miniBloggie 1.0 - 'Fname' Remote File Inclusion BigACE 1.8.2 - item_main.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - 'item_main.php' Remote File Inclusion BigACE 1.8.2 - 'upload_form.php' Remote File Inclusion BigACE 1.8.2 - 'download.cmd.php' Remote File Inclusion BigACE 1.8.2 - 'admin.cmd.php' Remote File Inclusion ClanLite - Config-PHP.php Remote File Inclusion ClanLite - 'conf-php.php' Remote File Inclusion FipsCMS 2.1 - PID Parameter SQL Injection FipsCMS 2.1 - 'pid' Parameter SQL Injection RunCMS 1.6.1 - votepolls.php bbPath[path] Parameter Remote File Inclusion RunCMS 1.6.1 - config.php bbPath[root_theme] Parameter Remote File Inclusion RunCMS 1.6.1 - 'bbPath[path]' Parameter Remote File Inclusion RunCMS 1.6.1 - 'bbPath[root_theme]' Parameter Remote File Inclusion FipsCMS 2.1 - 'forum/neu.asp' SQL Injection FipsCMS 2.1 - 'neu.asp' SQL Injection OneCMS 2.6.1 - admin/admin.php cat Parameter Cross-Site Scripting OneCMS 2.6.1 - search.php search Parameter SQL Injection OneCMS 2.6.1 - admin/admin.php Short1 Parameter Cross-Site Scripting OneCMS 2.6.1 - 'cat' Parameter Cross-Site Scripting OneCMS 2.6.1 - 'search' Parameter SQL Injection OneCMS 2.6.1 - 'short1' Parameter Cross-Site Scripting RunCMS 'partners' Module - 'id' Parameter SQL Injection RunCMS Module Partners - 'id' Parameter SQL Injection Zeuscart v.4 - Multiple Vulnerabilities Zeuscart 4.0 - Multiple Vulnerabilities BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal BigACE 2.7.5 - 'LANGUAGE' Parameter Directory Traversal Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting Red Hat JBoss EAP - Deserialization of Untrusted Data	2016-11-29 05:01:20 +00:00
Offensive Security	1f59ca27c2	DB: 2016-11-03 15 new exploits Joomla! Component PBBooking 1.0.4_3 - Multiple Blind SQL Injection Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection Joomla! Component SimpleShop (com_SimpleShop) - SQL Injection Joomla! Component 'com_SimpleShop' - SQL Injection Joomla! Component Spielothek 1.6.9 - Multiple Blind SQL Injection Joomla! Component 'com_spielothek' 1.6.9 - Multiple Blind SQL Injection Joomla! Component CamelcityDB 2.2 - SQL Injection Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection Joomla! Component cgtestimonial 2.2 - Multiple Vulnerabilities Joomla! Component 'com_cgtestimonial' 2.2 - Multiple Vulnerabilities Joomla! Component com_neorecruit 1.4 - SQL Injection Joomla! Component 'com_neorecruit' 1.4 - SQL Injection Joomla! Component Teams - Multiple Blind SQL Injection Joomla! Component 'com_teams' - Multiple Blind SQL Injection Joomla! Component Yellowpages - SQL Injection Joomla! Component 'com_yellowpages' - SQL Injection Joomla! Component Amblog 1.0 - Multiple SQL Injections Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections Joomla! Component com_equipment - SQL Injection Joomla! Component Jgrid 1.0 - Local File Inclusion Joomla! Component OnGallery - SQL Injection Joomla! Component 'com_equipment' - SQL Injection Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion Joomla! Component 'com_ongallery' - SQL Injection Joomla! Component com_Fabrik - SQL Injection Joomla! Component com_extcalendar - Blind SQL Injection Joomla! Component 'com_Fabrik' - SQL Injection Joomla! Component 'com_extcalendar' - Blind SQL Injection Joomla! Component com_zina - SQL Injection Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections Joomla! Component 'com_zina' - SQL Injection Joomla! Component 'com_biblioteca' 1.0 Beta - Multiple SQL Injections Joomla! Component com_zoomportfolio - SQL Injection Joomla! Component 'com_zoomportfolio' - SQL Injection Joomla! Component com_remository - Arbitrary File Upload Joomla! Component 'com_remository' - Arbitrary File Upload Joomla! Component com_picsell - Local File Disclosure Joomla! Component com_jefaqpro - Multiple Blind SQL Injection Joomla! Component 'com_picsell' - Local File Disclosure Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection Joomla! Component iJoomla! magazine 3.0.1 - Remote File Inclusion Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion Joomla! Component Clantools 1.5 - Blind SQL Injection Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection Joomla! Component 'com_clantools' 1.5 - Blind SQL Injection Joomla! Component 'com_clantools' 1.2.3 - Multiple Blind SQL Injection Joomla! Component Gantry Framework 3.0.10 - Blind SQL Injection Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection Joomla! Component Aardvertiser 2.1 Free - Blind SQL Injection Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection Joomla! Component RSform! 1.0.5 - Multiple Vulnerabilities Joomla! Component 'com_forme' 1.0.5 - Multiple Vulnerabilities Joomla! Component com_jphone - Local File Inclusion Joomla! Component 'com_jphone' - Local File Inclusion Joomla! Component Mosets Tree 2.1.5 - Arbitrary File Upload Joomla! Component 'com_mtree' 2.1.5 - Arbitrary File Upload Joomla! Component com_jgen - SQL Injection Joomla! Component 'com_jgen' - SQL Injection Joomla! Component com_restaurantguide - Multiple Vulnerabilities Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities Joomla! Component com_elite_experts - SQL Injection Joomla! Component 'com_elite_experts' - SQL Injection Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection Joomla! Component com_ezautos - SQL Injection Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection Joomla! Component 'com_ezautos' - SQL Injection Joomla! Component je Guestbook 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities Joomla! Component JE Job - SQL Injection Joomla! Component JE Directory - SQL Injection Joomla! Component 'com_jejob' - SQL Injection Joomla! Component 'com_jedirectory' - SQL Injection Joomla! Component Community Builder Enhenced (CBE) - Local File Inclusion / Remote Code Execution Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution Joomla! Component js Calendar 1.5.1 Joomla! - Multiple Vulnerabilities Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities Joomla! Component JE Ajax Event Calendar (com_jeajaxeventcalendar) - SQL Injection Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload Joomla! Component Flip Wall (com_flipwall) - SQL Injection Joomla! Component Sponsor Wall (com_sponsorwall) - SQL Injection Joomla! Component 'com_flipwall' - SQL Injection Joomla! Component 'com_sponsorwall' - SQL Injection sweetrice CMS 0.6.7 - Multiple Vulnerabilities SweetRice 0.6.7 - Multiple Vulnerabilities Joomla! Component ccInvoices (com_ccinvoices) - SQL Injection Joomla! Component 'com_ccinvoices' - SQL Injection Joomla! Component com_connect - Local File Inclusion Joomla! Component DCNews com_dcnews - Local File Inclusion Joomla! Component 'com_connect' - Local File Inclusion Joomla! Component 'com_dcnews' - Local File Inclusion Joomla! Component com_ckforms - Local File Inclusion Joomla! Component com_clan - SQL Injection Joomla! Component 'com_ckforms' - Local File Inclusion Joomla! Component 'com_clan' - SQL Injection Joomla! Component com_clanlist - SQL Injection Joomla! Component 'com_clanlist' - SQL Injection Joomla! Component ProDesk 1.5 - Local File Inclusion Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection Joomla! Component com_markt - SQL Injection Joomla! Component com_img - Local File Inclusion Joomla! Component 'btg_oglas' - HTML / Cross-Site Scripting Injection Joomla! Component 'com_markt' - SQL Injection Joomla! Component 'com_img' - Local File Inclusion Joomla! Component com_jsupport - Cross-Site Scripting Joomla! Component com_jsupport - SQL Injection Joomla! Component 'com_jsupport' - Cross-Site Scripting Joomla! Component 'com_jsupport' - SQL Injection Joomla! Component ccBoard 1.2-RC - Multiple Vulnerabilities Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities Joomla! Component com_alfurqan15x - SQL Injection Joomla! Component 'com_alfurqan15x' - SQL Injection Joomla! Component Maian Media (com_maianmedia) - SQL Injection Joomla! Component 'com_maianmedia' - SQL Injection Joomla! Component Template Mosets Tree 2.1.6 - Overwrite Cross-Site Request Forgery Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery Joomla! Component com_jimtawl - Local File Inclusion Joomla! Component 'com_jimtawl' - Local File Inclusion Joomla! Component JE Auto 1.0 - SQL Injection Joomla! Component 'com_jeauto' 1.0 - SQL Injection Joomla! Component Billy Portfolio 1.1.2 - Blind SQL Injection Joomla! Component 'com_billyportfolio' 1.1.2 - Blind SQL Injection Joomla! Component JRadio (com_jradio) - Local File Inclusion Joomla! Component 'com_jradio' - Local File Inclusion Joomla! Component JE Auto (com_jeauto) - Local File Inclusion Joomla! Component 'com_jeauto' - Local File Inclusion Joomla! Component Jotloader 2.2.1 - Local File Inclusion Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion Joomla! Component com_xgallery 1.0 - Local File Inclusion Joomla! Component 'com_xgallery' 1.0 - Local File Inclusion Joomla! Component com_ponygallery - Remote File Inclusion Joomla! Component com_adsmanager - Remote File Inclusion Joomla! Component 'com_ponygallery' - Remote File Inclusion Joomla! Component 'com_adsmanager' - Remote File Inclusion Joomla! Component com_xmovie 1.0 - Local File Inclusion Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion Joomla! Component com_idoblog - SQL Injection Joomla! Component 'com_idoblog' - SQL Injection Joomla! Plugin Captcha 4.5.1 - Local File Disclosure Joomla! Plugin 'Captcha' 4.5.1 - Local File Disclosure Joomla! Component People 1.0.0 - SQL Injection Joomla! Component 'com_people' 1.0.0 - SQL Injection Joomla! Component People 1.0.0 - Local File Inclusion Joomla! Component 'com_people' 1.0.0 - Local File Inclusion Joomla! Component allCineVid 1.0.0 - Blind SQL Injection Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection Joomla! Component B2 Portfolio 1.0.0 - Multiple SQL Injections Joomla! Component 'com_b2portfolio' 1.0.0 - Multiple SQL Injections Joomla! Component XCloner (com_xcloner-backupandrestore) - Remote Command Execution Joomla! Component 'com_xcloner-backupandrestore' - Remote Command Execution Joomla! Component com_booklibrary - SQL Injection Joomla! Component 'com_booklibrary' - SQL Injection Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection Joomla! Component JCE (com_jce) - Blind SQL Injection Joomla! Component 'com_jce' - Blind SQL Injection Joomla! Component com_versioning - SQL Injection Joomla! Component com_hello - SQL Injection Joomla! Component 'com_versioning' - SQL Injection Joomla! Component 'com_hello' - SQL Injection Joomla! Component com_question - SQL Injection Joomla! Component 'com_question' - SQL Injection Joomla! Component 1.0 jDownloads - Arbitrary File Upload Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload Joomla! Component com_jmsfileseller - Local File Inclusion Joomla! Component 'com_jmsfileseller' - Local File Inclusion Joomla! Component com_joomnik - SQL Injection Joomla! Component 'com_joomnik' - SQL Injection Joomla! Plugin Scriptegrator 1.5 - File Inclusion Joomla! Component 'Scriptegrator' 1.5 - File Inclusion Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion Joomla! Component com_team - SQL Injection Joomla! Component 'com_acooldebate' 1.0.3 - Local File Inclusion Joomla! Component 'com_team' - SQL Injection Joomla! Component Calc Builder - 'id' Blind SQL Injection Joomla! Component 'com_calcbuilder' - 'id' Parameter Blind SQL Injection Joomla! Component JoomlaXi - Persistent Cross-Site Scripting Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting Joomla! Component mdigg - SQL Injection Joomla! Component 'mdigg' - SQL Injection Joomla! Component Xmap 1.2.11 - Blind SQL Injection Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection Joomla! Component SOBI2 2.9.3.2 - Blind SQL Injections Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections Joomla! Component Appointment Booking Pro - Local File Inclusion Joomla! Component 'com_rsappt_pro2' - Local File Inclusion Joomla! Component JE K2 Story Submit - Local File Inclusion Joomla! Component 'com_jesubmit' - Local File Inclusion Joomla! Component mod_spo - SQL Injection Joomla! Component 'mod_spo' - SQL Injection Joomla! Component com_virtuemart 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit) Joomla! Component 'com_virtuemart' 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit) Joomla! Component com_obSuggest - Local File Inclusion Joomla! Component 'com_obSuggest' - Local File Inclusion Joomla! Component com_jdirectory - SQL Injection Joomla! Component 'com_jdirectory' - SQL Injection Joomla! Component TNR Enhanced Joomla! Search - SQL Injection Joomla! Component 'com_esearch' - SQL Injection Joomla! Component JoomTouch - Local File Inclusion Joomla! Component 'com_joomtouch' - Local File Inclusion Joomla! Extension JCE 2.0.10 - Multiple Vulnerabilities Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities Joomla! Component simple file lister module 1.0 - Directory Traversal Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal Joomla! Component YJ Contact us - Local File Inclusion Joomla! Component 'com_yjcontactus' - Local File Inclusion Joomla! Component Time Returns (com_timereturns) 2.0 - SQL Injection Joomla! Component 'com_timereturns' 2.0 - SQL Injection Joomla! Component Techfolio 1.0 - SQL Injection Joomla! Component 'com_techfolio' 1.0 - SQL Injection Joomla! Component JEEMA Sms 3.2 - Multiple Vulnerabilities Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jeemasms' 3.2 - Multiple Vulnerabilities Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities Joomla! Component HM-Community com_hmcommunity - Multiple Vulnerabilities Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities Joomla! Component Alameda (com_alameda) 1.0 - SQL Injection Joomla! Component 'com_alameda' 1.0 - SQL Injection Joomla! Component Jobprofile (com_jobprofile) - SQL Injection Joomla! Component 'com_jobprofile' - SQL Injection Joomla! Component QContacts 1.0.6 - SQL Injection Joomla! Component 'com_qcontacts' 1.0.6 - SQL Injection Joomla! Component com_dshop - SQL Injection Joomla! Component 'com_dshop' - SQL Injection Joomla! Component Discussions (com_discussions) - SQL Injection Joomla! Component 'com_discussions' - SQL Injection Joomla! Component The Estate Agent (com_estateagent) - SQL Injection Joomla! Component com_bearleague - SQL Injection Joomla! Component 'com_estateagent' - SQL Injection Joomla! Component 'com_bearleague' - SQL Injection Joomla! Component com_ponygallery - SQL Injection Joomla! Component 'com_ponygallery' - SQL Injection Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal Joomla! Component com_weblinks - 'Itemid' Parameter SQL Injection Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection Joomla! Component com_dirfrm - Multiple SQL Injections Joomla! Component 'com_dirfrm' - Multiple SQL Injections Joomla! Component Spain - 'nv' Parameter SQL Injection Joomla! Component 'com_spain' - 'nv' Parameter SQL Injection Joomla! Component com_tax - 'eid' Parameter SQL Injection Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection Joomla! / Mambo Component com_trade - 'PID' Parameter Cross-Site Scripting Joomla! / Mambo Component 'com_trade' - 'PID' Parameter Cross-Site Scripting Joomla! Component com_jstore - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion Joomla! Component Catalogue - SQL Injection / Local File Inclusion Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion Joomla! Component AutoArticles 3000 - 'id' Parameter SQL Injection Joomla! Component 'com_a3000' - 'id' Parameter SQL Injection Joomla! Component Store Directory - 'id' Parameter SQL Injection Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection Joomla! Component Annuaire - 'id' Parameter SQL Injection Joomla! Component 'com_annuaire' - 'id' Parameter SQL Injection Joomla! Component Jeformcr - 'id' Parameter SQL Injection Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component Redirect 'com_redirect' 1.5.19 - Local File Inclusion Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion Joomla! Component Classified - SQL Injection Joomla! Component 'com_classified' - SQL Injection Joomla! Component com_frontenduseraccess - Local File Inclusion Joomla! Component 'com_frontenduseraccess' - Local File Inclusion Joomla! Component VirtueMart eCommerce 1.1.6 - SQL Injection Joomla! Component 'com_virtuemart' 1.1.6 - SQL Injection Joomla! Component com_clan_members - 'id' Parameter SQL Injection Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection Joomla! Component com_phocadownload - Local File Inclusion Joomla! Component 'com_phocadownload' - Local File Inclusion Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection Joomla! Component com_maplocator - 'cid' Parameter SQL Injection Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection Joomla! Component com_shop - SQL Injection Joomla! Component 'com_shop' - SQL Injection Joomla! Component Virtual Money 'com_virtualmoney' 1.5 - SQL Injection Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion Joomla! Component com_voj - SQL Injection Joomla! Component 'com_voj' - SQL Injection Joomla! Component Foto - 'id_categoria' Parameter SQL Injection Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection Joomla! Component com_hospital - SQL Injection Joomla! Component Controller - 'Itemid' Parameter SQL Injection Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection Joomla! Component 'com_hospital' - SQL Injection Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection Joomla! Component com_resman - Cross-Site Scripting Joomla! Component com_newssearch - SQL Injection Joomla! Component 'com_newssearch' - SQL Injection Joomla! Component Slideshow Gallery - 'id' Parameter SQL Injection Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection Joomla! Component com_community - 'userid' Parameter SQL Injection Joomla! Component 'com_community' - 'userid' Parameter SQL Injection Joomla! Component com_biitatemplateshop - 'groups' Parameter SQL Injection Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection Joomla! Component com_expedition - 'id' Parameter SQL Injection Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection Joomla! Component com_tree - 'key' Parameter SQL Injection Joomla! Component com_br - 'state_id' Parameter SQL Injection Joomla! Component com_shop - 'id' Parameter SQL Injection Joomla! Component 'com_tree' - 'key' Parameter SQL Injection Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection Joomla! Component 'com_shop' - 'id' Parameter SQL Injection Joomla! Component Sgicatalog 1.0 - 'id' Parameter SQL Injection Joomla! Component 'com_sgicatalog' 1.0 - 'id' Parameter SQL Injection Joomla! Extension com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_alfcontact' 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component Content - 'year' Parameter SQL Injection Joomla! Component 'com_content' - 'year' Parameter SQL Injection Joomla! Component com_tsonymf - 'idofitem' Parameter SQL Injection Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection Joomla! Component com_caproductprices - 'id' Parameter SQL Injection Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection Joomla! Component HD Video Share 1.3 - 'id' Parameter SQL Injection Joomla! Component 'com_contushdvideoshare' 1.3 - 'id' Parameter SQL Injection Joomla! Component com_br - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion Joomla! Component Full 'com_full' - 'id' Parameter SQL Injection Joomla! Component com_sanpham - Multiple SQL Injections Joomla! Component com_xball - 'team_id' Parameter SQL Injection Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion Joomla! Component com_car - Multiple SQL Injections Joomla! Component com_some - 'Controller' Parameter Local File Inclusion Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_full' - 'id' Parameter SQL Injection Joomla! Component 'com_sanpham' - Multiple SQL Injections Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_car' - Multiple SQL Injections Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion Joomla! Component com_jesubmit - 'index.php' Arbitrary File Upload Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload Joomla! Component com_motor - 'cid' Parameter SQL Injection Joomla! Component com_products - Multiple SQL Injections Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection Joomla! Component 'com_products' - Multiple SQL Injections Joomla! Component com_visa - Local File Inclusion / SQL Injection Joomla! Component com_firmy - 'Id' Parameter SQL Injection Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection Joomla! Component com_crhotels - 'catid' Parameter SQL Injection Joomla! Component com_propertylab - 'id' Parameter SQL Injection Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection Joomla! Component com_bbs - Multiple SQL Injections Joomla! Component 'com_bbs' - Multiple SQL Injections Joomla! Component com_cmotour - 'id' Parameter SQL Injection Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection Joomla! Component Currency Converter - 'from' Parameter Cross-Site Scripting Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting Joomla! Component X-Shop - 'idd' Parameter SQL Injection Joomla! Component Xcomp 'com_xcomp' - Local File Inclusion Joomla! Component 'com_x-shop' - 'idd' Parameter SQL Injection Joomla! Component 'com_xcomp' - Local File Inclusion Joomla! Component com_xvs - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_xvs' - 'Controller' Parameter Local File Inclusion Joomla! Component Machine - Multiple SQL Injections Joomla! Component 'com_machine' - Multiple SQL Injections Joomla! Component CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection Joomla! Component Video Gallery - Local File Inclusion / SQL Injection Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection Joomla! Component 'com_videogallery' - Local File Inclusion / SQL Injection Joomla! Component Alphacontent - 'limitstart' Parameter SQL Injection Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload Joomla! Component Simple SWFupload - 'uploadhandler.php' Arbitrary File Upload Joomla! Component Art Uploader - 'upload.php' Arbitrary File Upload Joomla! Component DentroVideo - 'upload.php' Arbitrary File Upload Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit) PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow Alienvault OSSIM/USM 5.3.1 - PHP Object Injection Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting Alienvault OSSIM/USM 5.3.1 - SQL Injection Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056) Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass SunellSecurity NVR / Camera - Denial Of Service Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit) MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' Privilege Escalation Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution (Metasploit) LifeSize Room 5.0.9 - Multiple Vulnerabilities Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free SweetRice 1.5.1 - Cross-Site Request Forgery	2016-11-03 05:01:18 +00:00
Offensive Security	3b565e4e9d	DB: 2016-10-29 7 new exploits SetCMS 3.6.5 - (setcms.org) Remote Command Execution SetCMS 3.6.5 - Remote Command Execution PHP-Nuke < 8.0 - 'sid' SQL Injection PHP-Nuke 8.0 Final - 'sid' SQL Injection PHP-Nuke < 8.0 - 'sid' Parameter SQL Injection PHP-Nuke 8.0 Final - 'sid' Parameter SQL Injection Foojan Wms 1.0 - (index.php story) SQL Injection Foojan Wms 1.0 - 'story' Parameter SQL Injection Web Wiz Forums 9.07 - (sub) Directory Traversal Web Wiz Forums 9.07 - 'sub' Parameter Directory Traversal Web Wiz NewsPad 1.02 - (sub) Directory Traversal Siteman 1.1.9 - (cat) Remote File Disclosure Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution SLAED CMS 2.5 Lite - (newlang) Local File Inclusion Liquid-Silver CMS 0.1 - (update) Local File Inclusion Web Wiz NewsPad 1.02 - 'sub' Parameter Directory Traversal Siteman 1.1.9 - 'cat' Parameter Remote File Disclosure Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution SLAED CMS 2.5 Lite - 'newlang' Parameter Local File Inclusion Liquid-Silver CMS 0.1 - 'update' Parameter Local File Inclusion Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod (PoC) Seagull 0.6.3 - 'files' Parameter Remote File Disclosure ImageShack Toolbar 4.5.7 - 'FileUploader' Class InsecureMethod (PoC) flinx 1.3 - (category.php id) SQL Injection flinx 1.3 - 'id' Parameter SQL Injection Persits XUpload 3.0 - AddFile() Remote Buffer Overflow Persits XUpload 3.0 - 'AddFile()' Remote Buffer Overflow simple forum 3.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Simple Forum 3.2 - File Disclosure / Cross-Site Scripting WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection Oracle 10g R1 - pitrig_drop PLSQL Injection (get users hash) Oracle 10g R1 - PITRIG_TRUNCATE PLSQL Injection (get users hash) WordPress Plugin WP-Cal 0.3 - 'editevent.php' SQL Injection WordPress Plugin fGallery 2.4.1 - 'fimrss.php' SQL Injection Oracle 10g R1 - 'pitrig_drop' PLSQL Injection (get users hash) Oracle 10g R1 - 'PITRIG_TRUNCATE' PLSQL Injection (get users hash) phpMyClub 0.0.1 - (page_courante) Local File Inclusion bubbling library 1.32 - dispatcher.php Remote File Disclosure Bigware Shop 2.0 - pollid SQL Injection Smart Publisher 1.0.1 - (disp.php) Remote Code Execution SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit phpMyClub 0.0.1 - 'page_courante' Parameter Local File Inclusion bubbling library 1.32 - 'uri' Parameter Remote File Disclosure Bigware Shop 2.0 - 'pollid' Parameter SQL Injection Smart Publisher 1.0.1 - 'filedata' Parameter Remote Code Execution SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit phpCMS 1.2.2 - (parser.php) Remote File Disclosure Mambo Component NewsLetter - (listid) SQL Injection Mambo Component Fq - (listid) SQL Injection Mambo Component MaMML - (listid) SQL Injection phpCMS 1.2.2 - 'file' Parameter Remote File Disclosure Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection Mambo 'com_fq' - 'listid' Parameter SQL Injection Mambo 'com_mamml' - 'listid' Parameter SQL Injection phpCMS 1.1.7 - counter.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - parser.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.parser_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - PHPCMS include/class.session_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.edit_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.http_indexer_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.cache_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.search_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.lib_indexer_universal_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.layout_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - 'counter.php' Remote File Inclusion phpCMS 1.1.7 - 'parser.php' Remote File Inclusion phpCMS 1.1.7 - 'class.parser_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.session_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.edit_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.http_indexer_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.cache_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.search_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.lib_indexer_universal_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.layout_PHPcms.php' Remote File Inclusion phpCMS 2008 - 'ask/search_ajax.php' SQL Injection phpCMS 2008 - 'search_ajax.php' SQL Injection InfraPower PPS-02-S Q213V1 - Local File Disclosure InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference InfraPower PPS-02-S Q213V1 - Authentication Bypass InfraPower PPS-02-S Q213V1 - Multiple XSS InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution	2016-10-29 05:01:21 +00:00
Offensive Security	8330920f32	DB: 2016-10-25 4 new exploits ATutor 1.5.3.1 - (links) Blind SQL Injection ATutor 1.5.3.1 - 'links' Blind SQL Injection Mihalism Multi Host 2.0.7 - download.php Remote File Disclosure Mihalism Multi Host 2.0.7 - 'download.php' Remote File Disclosure IBM Domino Web Access Upload Module - inotes6.dll Buffer Overflow IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow WebPortal CMS 0.6.0 - (index.php m) SQL Injection WebPortal CMS 0.6.0 - 'index.php' SQL Injection samPHPweb - 'db.php commonpath' Remote File Inclusion samPHPweb 4.2.2 - 'db.php' Remote File Inclusion samPHPweb - 'songinfo.php' SQL Injection samPHPweb 4.2.2 - 'songinfo.php' SQL Injection ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion ATutor 1.6.1-pl1 - 'import.php' Remote File Inclusion The Matt Wright Guestbook.pl 2.3.1 - Server Side Include The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include html2ps - 'include file' Server Side Include Directive Directory Traversal html2ps - 'include file' Server-Side Include Directive Directory Traversal ClanSphere 2011.3 - (cs_lang cookie Parameter) Local File Inclusion ClanSphere 2011.3 - 'cs_lang' Cookie Parameter Local File Inclusion Imatix Xitami 2.5 - Server Side Includes Cross-Site Scripting Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting Flatnux CMS 2013-01.17 - (index.php theme Parameter) Local File Inclusion Flatnux CMS 2013-01.17 - 'index.php' Local File Inclusion Network Weathermap 0.97a - (editor.php) Persistent Cross-Site Scripting Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting ATutor 1.4.3 - browse.php show_course Parameter Cross-Site Scripting ATutor 1.4.3 - contact.php subject Parameter Cross-Site Scripting ATutor 1.4.3 - content.php cid Parameter Cross-Site Scripting ATutor 1.4.3 - send_message.php l Parameter Cross-Site Scripting ATutor 1.4.3 - search.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - inbox/index.php view Parameter Cross-Site Scripting ATutor 1.4.3 - tile.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - subscribe_forum.php us Parameter Cross-Site Scripting ATutor 1.4.3 - Directory.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'browse.php' show_course Parameter Cross-Site Scripting ATutor 1.4.3 - 'contact.php' subject Parameter Cross-Site Scripting ATutor 1.4.3 - 'content.php' cid Parameter Cross-Site Scripting ATutor 1.4.3 - 'send_message.php' l Parameter Cross-Site Scripting ATutor 1.4.3 - 'search.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'inbox/index.php' view Parameter Cross-Site Scripting ATutor 1.4.3 - 'tile.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'subscribe_forum.php' us Parameter Cross-Site Scripting ATutor 1.4.3 - 'Directory.php' Multiple Parameter Cross-Site Scripting Cuppa CMS - 'alertConfigField.php urlConfig Parameter' Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php' Remote / Local File Inclusion Novell Zenworks Mobile Device Managment - Local File Inclusion (Metasploit) Novell Zenworks Mobile Device Managment 2.6.1 / 2.7.0 - Local File Inclusion (Metasploit) Weathermap 0.97c - (editor.php mapname Parameter) Local File Inclusion Weathermap 0.97c - 'mapname' Parameter Local File Inclusion ATutor 1.5.1 - password_reminder.php SQL Injection ATutor 1.5.1 - 'password_reminder.php' SQL Injection ATutor 1.x - forum.inc.php Arbitrary Command Execution ATutor 1.x - body_header.inc.php section Parameter Local File Inclusion ATutor 1.x - print.php section Parameter Remote File Inclusion ATutor 1.x - 'forum.inc.php' Arbitrary Command Execution ATutor 1.x - 'body_header.inc.php' section Parameter Local File Inclusion ATutor 1.x - 'print.php' section Parameter Remote File Inclusion ATutor 1.5.x - create_course.php Multiple Parameter Cross-Site Scripting ATutor 1.5.x - documentation/admin/index.php Cross-Site Scripting ATutor 1.5.x - password_reminder.php forgot Parameter Cross-Site Scripting ATutor 1.5.x - users/browse.php cat Parameter Cross-Site Scripting ATutor 1.5.x - 'create_course.php' Multiple Parameter Cross-Site Scripting ATutor 1.5.x - 'documentation/admin/index.php' Cross-Site Scripting ATutor 1.5.x - 'password_reminder.php' forgot Parameter Cross-Site Scripting ATutor 1.5.x - 'users/browse.php' cat Parameter Cross-Site Scripting Zimbra - Privilegie Escalation (via Local File Inclusion) Zimbra 2009-2013 - Local File Inclusion Zimbra Collaboration Server - Local File Inclusion (Metasploit) Zimbra Collaboration Server 7.2.2 / 8.0.2 - Local File Inclusion (Metasploit) Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file Parameter) Local File Inclusion Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion Cart Engine 3.0.0 - (task.php) Local File Inclusion Cart Engine 3.0.0 - 'task.php' Local File Inclusion Kemana Directory 1.5.6 - (run Parameter) Local File Inclusion Kemana Directory 1.5.6 - 'task.php' Local File Inclusion Railo - Remote File Inclusion (Metasploit) Railo 4.2.1 - Remote File Inclusion (Metasploit) LittleSite 0.1 - 'file' Parameter Local File Inclusion LittleSite 0.1 - 'index.php' Local File Inclusion OSClass 3.4.1 - (index.php file Parameter) Local File Inclusion OSClass 3.4.1 - 'index.php' Local File Inclusion Magento Server MAGMI Plugin - Remote File Inclusion Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion Cacti Superlinks Plugin 1.4-2 - Remote Code Execution (via Local File Inclusion + SQL Injection) Cacti Superlinks Plugin 1.4-2 - SQL Injection / Local File Inclusion Lotus Mail Encryption Server (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) u5CMS 3.9.3 - (thumb.php) Local File Inclusion u5CMS 3.9.3 - 'thumb.php' Local File Inclusion openSIS - 'modname' Parameter Local File Inclusion ATutor - 'tool_file' Parameter Local File Inclusion openSIS 5.1 - 'ajax.php' Local File Inclusion ATutor 2.1 - 'tool_file' Parameter Local File Inclusion Fork CMS - 'file' Parameter Local File Inclusion Fork CMS - 'js.php' Local File Inclusion HP Insight Diagnostics - Local File Inclusion HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion phpVibe - Information Disclosure / Remote File Inclusion phpVibe 3.1 - Information Disclosure / Remote File Inclusion CakePHP - AssetDispatcher Class Local File Inclusion CakePHP 2.2.8 / 2.3.7 - AssetDispatcher Class Local File Inclusion TomatoCart - 'install/rpc.php' Local File Inclusion TomatoCart 1.1.8.2 - 'class' Parameter Local File Inclusion NeoBill - /install/index.php language Parameter Traversal Local File Inclusion NeoBill 0.9-alpha - 'language' Parameter Local File Inclusion iScripts AutoHoster - /websitebuilder/showtemplateimage.php tmpid Parameter Traversal Local File Inclusion iScripts AutoHoster - /admin/downloadfile.php fname Parameter Traversal Local File Inclusion iScripts AutoHoster - /support/admin/csvdownload.php id Parameter Traversal Local File Inclusion iScripts AutoHoster - 'tmpid' Parameter Local File Inclusion iScripts AutoHoster - 'fname' Parameter Local File Inclusion iScripts AutoHoster - 'id' Parameter Local File Inclusion AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion AFCommerce - 'adblock.php' Remote File Inclusion AFCommerce - 'adminpassword.php' Remote File Inclusion AFCommerce - 'controlheader.php' Remote File Inclusion xBoard - 'post' Parameter Local File Inclusion xBoard 5.0 / 5.5 / 6.0 - 'view.php' Local File Inclusion BloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion BloofoxCMS 0.5.0 - 'fileurl' Parameter Local File Inclusion Rips Scanner 0.5 - (code.php) Local File Inclusion Rips Scanner 0.5 - 'code.php' Local File Inclusion MeiuPic - 'ctl' Parameter Local File Inclusion MeiuPic 2.1.2 - 'ctl' Parameter Local File Inclusion qEngine - 'run' Parameter Local File Inclusion qEngine 4.1.6 / 6.0.0 - 'task.php' Local File Inclusion WordPress Plugin BookX - 'includes/bookx_export.php' Local File Inclusion WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion Alfresco - /proxy endpoint Parameter Server Side Request Forgery Alfresco - /cmisbrowser url Parameter Server Side Request Forgery Alfresco - /proxy endpoint Parameter Server-Side Request Forgery Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery CMSimple - Remote file Inclusion CMSimple 4.4.4 - Remote file Inclusion VoipSwitch - 'action' Parameter Local File Inclusion VoipSwitch - 'user.php' Local File Inclusion Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion Concrete5 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062) EC-CUBE 2.12.6 - Server-Side Request Forgery Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration Management	2016-10-25 05:01:17 +00:00
Offensive Security	f421077feb	DB: 2016-09-28 6 new exploits UUCP Exploit - file creation/overwriting (symlinks) UUCP Exploit - File Creation/Overwriting (symlinks) Exploit Serv-U 3.x < 5.x - Privilege Escalation Serv-U FTP Server 3.x < 5.x - Privilege Escalation TiTan FTP Server - Long Command Heap Overflow (PoC) Titan FTP Server - Long Command Heap Overflow (PoC) Serv-U < 5.2 - Remote Denial of Service Serv-U FTP Server < 5.2 - Remote Denial of Service chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC) Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow WS_FTP Server 5.03 - (RNFR) Buffer Overflow Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow TYPSoft FTP Server 1.11 - (RETR) Denial of Service TYPSoft FTP Server 1.11 - 'RETR' Denial of Service XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC) XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC) WinFtp Server 2.0.2 - (PASV) Remote Denial of Service WinFTP Server 2.0.2 - (PASV) Remote Denial of Service DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service MiniWeb Http Server 0.8.x - Remote Denial of Service MiniWeb HTTP Server 0.8.x - Remote Denial of Service JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion JAF CMS 4.0 RC2 - Multiple Remote File Inclusion XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service Belkin wireless G router + ADSL2 modem - Authentication Bypass Belkin Wireless G router + ADSL2 modem - Authentication Bypass Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement WinFTP 2.3.0 - (PASV mode) Remote Denial of Service WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service Titan FTP server 6.26 build 630 - Remote Denial of Service Titan FTP Server 6.26 build 630 - Remote Denial of Service Netgear WG102 - Leaks SNMP write Password with read access Netgear WG102 - Leaks SNMP Write Password With Read Access WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Netgear embedded Linux for the SSL312 router - Denial of Service Netgear SSL312 Router - Denial of Service Belkin BullDog Plus UPS-Service - Buffer Overflow Belkin BullDog Plus - UPS-Service Buffer Overflow Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit Firebird SQL - op_connect_request main listener shutdown Firebird SQL - op_connect_request main listener shutdown Exploit HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service TYPSoft 1.10 - APPE DELE Denial of Service TYPSoft FTP Server 1.10 - APPE DELE Denial of Service WingFTP Server 3.2.4 - Cross-Site Request Forgery Wing FTP Server 3.2.4 - Cross-Site Request Forgery Quick Player 1.2 -Unicode BoF - bindshell Quick Player 1.2 - Unicode Buffer Overflow (Bindshell) UplusFtp Server 1.7.0.12 - Remote Buffer Overflow UplusFTP Server 1.7.0.12 - Remote Buffer Overflow Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC TopDownloads MP3 Player 1.0 - '.m3u' crash TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) uhttp Server - Directory Traversal uhttp Server 0.1.0-alpha - Directory Traversal eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - RETR Command Denial of Service SmallFTPd 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service SolarWinds 10.4.0.10 - TFTP Denial of Service SolarWinds TFTP Server 10.4.0.10 - Denial of Service e107 - Code Exec e107 - Code Exection HomeFTP Server r1.10.3 (build 144) - Denial of Service Home FTP Server r1.10.3 (build 144) - Denial of Service TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE) TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service SolarWinds 10.4.0.13 - Denial of Service SolarWinds TFTP Server 10.4.0.13 - Denial of Service ISC-DHCPD - Denial of Service ISC DHCPD - Denial of Service Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow deepin tftp server 1.25 - Directory Traversal Deepin TFTP Server 1.25 - Directory Traversal Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit JCMS 2010 - file download JCMS 2010 - File Download Exploit SolarFTP 2.0 - Multiple Commands Denial of Service Solar FTP Server 2.0 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - RETR CMD Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service Xynph 1.0 - USER Denial of Service Xynph FTP Server 1.0 - USER Denial of Service XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service Solar FTP 2.1 - Denial of Service Solar FTP Server 2.1 - Denial of Service Red Hat Linux - stickiness of /tmp Red Hat Linux - stickiness of /tmp Exploit home ftp server 1.12 - Directory Traversal Home FTP Server 1.12 - Directory Traversal NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit) RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit) Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow SmallFTPd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 - Denial of Service PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) Solar FTP 2.1.1 - PASV Buffer Overflow (PoC) Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC) BisonFTP Server 3.5 - Remote Buffer Overflow BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit) Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit) BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery zFTP Server - 'cwd/stat' Remote Denial of Service zFTPServer - 'cwd/stat' Remote Denial of Service Serv-U FTP - Jail Break Serv-U FTP Server - Jail Break Typsoft FTP Server 1.10 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service PeerBlock 1.1 - BSOD PeerBlock 1.1 - BSOD Exploit distinct tftp server 3.01 - Directory Traversal Distinct TFTP Server 3.01 - Directory Traversal PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection Berkeley Sendmail 5.58 - DEBUG Berkeley Sendmail 5.58 - Debug exploit SunView (SunOS 4.1.1) - selection_svc Digital Ultrix 4.0/4.1 - /usr/bin/chroot SunOS 4.1.1 - /usr/release/bin/makeinstall SunOS 4.1.1 - /usr/release/bin/winstall SunView (SunOS 4.1.1) - selection_svc Exploit Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit SunOS 4.1.3 - kmem setgid /etc/crash SunOS 4.1.3 - kmem setgid /etc/crash Exploit IRIX 6.4 - pfdisplay.cgi IRIX 6.4 - 'pfdisplay.cgi' Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit FreePBX < 13.0.188 - Remote Command Execution (Metasploit) HP JetAdmin 1.0.9 Rev. D - symlink HP JetAdmin 1.0.9 Rev. D - symlink Exploit Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation TP-Link Archer CR-700 - Cross-Site Scripting BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit Cat Soft Serv-U 2.5 - Buffer Overflow BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit Linux Kernel 2.0 / 2.1 / 2.2 - autofs Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit Debian 2.1 - httpd S.u.S.E. 5.2 - gnuplot Debian 2.1 - httpd Exploit S.u.S.E. Linux 5.2 - gnuplot Exploit Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit SGI IRIX 6.2 - /usr/lib/netaddpr SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - day5notifier SGI IRIX 6.2 - day5notifier Exploit SGI IRIX 6.4 - datman/cdman SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.3 - cgi-bin webdist.cgi SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit SGI IRIX 6.4 - cgi-bin handler SGI IRIX 6.4 - cgi-bin handler Exploit SGI IRIX 6.4 - login SGI IRIX 6.4 - login Exploit IBM AIX 3.2.5 - IFS IBM AIX 3.2.5 - IFS Exploit IBM AIX 3.2.5 - login(1) IBM AIX 3.2.5 - login(1) Exploit Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2) Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit GNU glibc 2.1/2.1.1 -6 - pt_chown GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit ProFTPd 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Exploit Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit S.u.S.E. Linux 6.1/6.2 - cwdtools S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit SCO Unixware 7.1 - 'pkg' commands SCO Unixware 7.1 - 'pkg' command Exploit Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service Nortel Networks Optivity NETarchitect 2.0 - PATH Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit SGI IRIX 6.2 - midikeys/soundplayer SGI IRIX 6.2 - midikeys/soundplayer Exploit Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Microsoft Windows 95/98/NT 4.0 - autorun.inf Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit Corel Linux OS 1.0 - buildxconfig Corel Linux OS 1.0 - setxconf Corel Linux OS 1.0 - buildxconfig Exploit Corel Linux OS 1.0 - setxconf Exploit TP Link Gateway 3.12.4 - Multiple Vulnerabilities TP-Link Gateway 3.12.4 - Multiple Vulnerabilities SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2) Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit Cisco IOS 11.x/12.x - HTTP %% Cisco IOS 11.x/12.x - HTTP %% Exploit RedHat Linux 6.0/6.1/6.2 - pam_console RedHat Linux 6.0/6.1/6.2 - pam_console Exploit HP-UX 10.20/11.0 man - /tmp symlink HP-UX 10.20/11.0 man - /tmp Symlink Exploit IRIX 5.3/6.x - mail IRIX 5.3/6.x - mail Exploit TYPSoft 0.7 x - FTP Server Remote Denial of Service TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service Oracle Internet Directory 2.0.6 - oidldap Oracle Internet Directory 2.0.6 - oidldap Exploit CatSoft FTP Serv-U 2.5.x - Brute Force Cat Soft Serv-U FTP Server 2.5.x - Brute Force Small HTTP server 2.0 1 - Non-Existent File Denial of Service Small HTTP Server 2.0 1 - Non-Existent File Denial of Service NCSA httpd-campas 1.2 - sample script NCSA httpd-campas 1.2 - sample script Exploit Novell NetWare Web Server 2.x - convert.bas Novell NetWare Web Server 2.x - convert.bas Exploit Serv-U 2.4/2.5 - FTP Directory Traversal Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal Novell Netware Web Server 3.x - files.pl Novell Netware Web Server 3.x - files.pl Exploit guido frassetto sedum http server 2.0 - Directory Traversal Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal robin twombly a1 http server 1.0 - Directory Traversal Robin Twombly A1 HTTP Server 1.0 - Directory Traversal SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit michael lamont savant http server 2.1 - Directory Traversal Michael Lamont Savant HTTP Server 2.1 - Directory Traversal zeroo http server 1.5 - Directory Traversal (1) zeroo http server 1.5 - Directory Traversal (2) Zeroo HTTP Server 1.5 - Directory Traversal (1) Zeroo HTTP Server 1.5 - Directory Traversal (2) Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting XLight FTP Server 1.x - Long Directory Request Remote Denial of Service Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service XLight FTP Server 1.52 - Remote Send File Request Denial of Service Xlight FTP Server 1.52 - Remote Send File Request Denial of Service gweb http server 0.5/0.6 - Directory Traversal GWeb HTTP Server 0.5/0.6 - Directory Traversal MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server (build 300) - Crash (PoC) TP-Link Print Server TL PS110U - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration PCMan's FTP Server 2.0.7 - Buffer Overflow PCMan FTP Server 2.0.7 - Buffer Overflow PCMan's FTP Server 2.0 - Remote Buffer Overflow PCMan FTP Server 2.0 - Remote Buffer Overflow PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3-5 - ZendEngine ECalloc Integer Overflow PHP 3 < 5 - ZendEngine ECalloc Integer Overflow NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static Http Server 1.0 - Denial of Service TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static HTTP Server 1.0 - Denial of Service NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2) Ipswitch 8.0 - WS_FTP Client Format String Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String NETGEAR WGR614 - Administration Interface Remote Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NetMan 204 - Backdoor Account NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Serv-U 11.1.0.3 - Denial of Service / Security Bypass Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND9 - TKEY (PoC) Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND 9 - TKEY (PoC) ISC BIND9 - TKEY Remote Denial of Service (PoC) ISC BIND 9 - TKEY Remote Denial of Service (PoC) NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Android (Stagefright) - Remote Code Execution Android - 'Stagefright' Remote Code Execution Microsoft Windows Media Center - MCL (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) Android libstagefright - Integer Overflow Remote Code Execution Android - libstagefright Integer Overflow Remote Code Execution NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution pdfium IsFlagSet (v8 memory management) - SIGSEGV pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) TallSoft SNMP TFTP Server 1.0.0 - Denial of Service TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service Metaphor - Stagefright Exploit with ASLR Bypass Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)	2016-09-28 11:55:43 +00:00
Offensive Security	28e25eeea1	DB: 2016-09-13 1 new exploits Too many to list!	2016-09-13 05:08:52 +00:00
Offensive Security	7607be84a3	DB: 2016-09-10 3 new exploits freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated) freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow freeSSHd 1.2.1 - Authenticated Remote SEH Overflow Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service Serv-U 7.3 - (Authenticated) Remote FTP File Replacement Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow PoC LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow PoC Hannon Hill Cascade Server - (Authenticated) Command Execution Hannon Hill Cascade Server - Authenticated Command Execution Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - Authenticated Multiple Vulnerabilities Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities Femitter FTP Server 1.x - Authenticated Multiple Vulnerabilities Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service NetAccess IP3 - (Authenticated) (ping option) Command Injection NetAccess IP3 - Authenticated (ping option) Command Injection Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting Apache Axis2 Administration console - Authenticated Cross-Site Scripting Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow ActFax Server FTP - (Authenticated) Remote Buffer Overflow ActFax Server FTP - Authenticated Remote Buffer Overflow Oracle Database - Protocol Authentication Bypass Oracle Database - Protocol Authentication Bypass IRIS Citations Management Tool - (Authenticated) Remote Command Execution IRIS Citations Management Tool - Authenticated Remote Command Execution Airmail 3.0.2 - Cross-Site Scripting LamaHub 0.0.6.2 - Buffer Overflow Vodafone Mobile Wifi - Reset Admin Password Zabbix 2.0 - 3.0.3 - SQL Injection Zabbix 2.0 < 3.0.3 - SQL Injection Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF) Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF) Alfresco - /proxy endpoint Parameter Server Side Request Forgery Alfresco - /cmisbrowser url Parameter Server Side Request Forgery vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF) vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery	2016-09-10 05:08:39 +00:00
Offensive Security	d36011b4f9	DB: 2016-09-07 3 new exploits Too many to list!	2016-09-07 05:09:19 +00:00
Offensive Security	51bcf38036	DB: 2016-09-05 1 new exploits Too many to list!	2016-09-05 05:09:09 +00:00
Offensive Security	5e2fc10125	DB: 2016-09-03	2016-09-03 13:13:25 +00:00
Offensive Security	31a21bb68d	DB: 2016-09-03 14 new exploits Too many to list!	2016-09-03 05:08:42 +00:00
Offensive Security	0be2139745	DB: 2016-08-23 7 new exploits Too many to list!	2016-08-23 05:06:48 +00:00
Offensive Security	32bd251480	DB: 2016-08-20 17 new exploits Too many to list!	2016-08-20 05:06:28 +00:00
Offensive Security	428f25fc1c	DB: 2016-08-07 8 new exploits NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities ntop 2.3 <= 2.5 - Multiple Vulnerabilities Subrion CMS 4.0.5 - SQL Injection zFTP Client 20061220 - (Connection Name) Local Buffer Overflow PHP Power Browse 1.2 - Directory Traversal Davolink DV-2051 - Multiple Vulnerabilities WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting NASdeluxe NDL-2400r 2.01.09 - OS Command Injection	2016-08-07 02:36:02 +00:00
Offensive Security	d06dff59f9	DB: 2016-07-26 16 new exploits Ubuntu Breezy 5.10 - Installer Password Disclosure Ubuntu 5.10 - Installer Password Disclosure BSD/x86 - setuid/portbind (TCP 31337) shellcode (94 bytes) BSD/x86 - setuid/portbind 31337/TCP shellcode (94 bytes) Linux/x86 - shellcode that forks a HTTP Server on port tcp/8800 (166 bytes) Linux/x86 - listens for shellcode on tcp/5555 and jumps to it (83 bytes) Linux/x86 - Forks a HTTP Server on port 8800/TCP shellcode (166 bytes) Linux/x86 - Listens for shellcode on 5555/TCP and jumps to it (83 bytes) Linux/x86 - Shellcode Polymorphic chmod(_/etc/shadow__666) (54 bytes) Linux/x86 - Polymorphic chmod(_/etc/shadow__666) Shellcode (54 bytes) Linux/x86 - Add root user _r00t_ with no password to /etc/passwd shellcode (69 bytes) Linux/x86 - Add root user 'r00t' with no password to /etc/passwd shellcode (69 bytes) Linux/x86 - SET_PORT() portbind 31337 tcp shellcode (100 bytes) Linux/x86 - SET_PORT() portbind 31337/TCP shellcode (100 bytes) Linux/x86 - Add User _xtz_ without Password to /etc/passwd shellcode (59 bytes) Linux/x86 - Add User 'xtz' without Password to /etc/passwd shellcode (59 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp + fork() shellcode (98 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP + fork() shellcode (98 bytes) Linux/x86 - connect-back shellcode 127.0.0.1:31337/tcp (74 bytes) Linux/x86 - Connect-back shellcode 127.0.0.1:31337/TCP (74 bytes) Linux/x86 - Add user _t00r_ encrypt shellcode (116 bytes) Linux/x86 - Add user 't00r' encrypt shellcode (116 bytes) Linux/x86 - Add user _t00r_ shellcode (82 bytes) Linux/x86 - Add user 't00r' shellcode (82 bytes) Linux/x86 - Add user _z_ shellcode (70 bytes) Linux/x86 - Add User 'z' shellcode (70 bytes) Solaris/x86 - portbind/tcp shellcode (Generator) Solaris/x86 - portbind/TCP shellcode (Generator) Linux/x86 - append _/etc/passwd_ & exit() shellcode (107 bytes) Linux/x86 - append '/etc/passwd' & exit() shellcode (107 bytes) Linux/x86 - sends _Phuck3d!_ to all terminals shellcode (60 bytes) Linux/x86 - sends 'Phuck3d!' to all terminals shellcode (60 bytes) Linux/x86 - change mode 0777 of _/etc/shadow_ with sys_chmod syscall shellcode (39 bytes) Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall shellcode (39 bytes) Linux/x86 - change mode 0777 of _/etc/passwd_ with sys_chmod syscall shellcode (39 bytes) Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall shellcode (39 bytes) Linux/ARM - Add root user _shell-storm_ with password _toor_ shellcode (151 bytes) Linux/ARM - Add root user 'shell-storm' with password 'toor' shellcode (151 bytes) OS-X/Intel - reverse_tcp shell x86_64 shellcode (131 bytes) OS-X/Intel (x86_64) - reverse_tcp shell shellcode (131 bytes) Linux/SuperH (sh4) - Add root user _shell-storm_ with password _toor_ shellcode (143 bytes) Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' shellcode (143 bytes) Linux/MIPS - Add user(UID 0) _rOOt_ with password _pwn3d_ shellcode (164 bytes) Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' shellcode (164 bytes) Linux/x86-64 - Bind TCP 4444 Port Shellcode (81 bytes / 96 bytes with password) Linux/x86-64 - Bind 4444/TCP Port Shellcode (81 bytes / 96 bytes with password) Linux/x86 - TCP Bind Shell 33333 Port Shellcode (96 bytes) Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes) OS-X/x86-64 - tcp 4444 port bind Nullfree shellcode (144 bytes) OS-X/x86-64 - 4444/TPC port bind Nullfree shellcode (144 bytes) Linux/x86-64 - Bind TCP 4444 Port Shellcode (103 bytes) Linux/x86-64 - TCP 4444 port Bindshell with Password Prompt shellcode (162 bytes) Linux/x86-64 - Bind 4444/TCP Port Shellcode (103 bytes) Linux/x86-64 - Bindshell 4444/TCP with Password Prompt shellcode (162 bytes) Linux/x86-64 - Bind TCP Port 1472 shellcode (IPv6) (199 bytes) Linux/x86-64 - Bind 1472/TCP shellcode (IPv6) (199 bytes) Linux/x86 - TCP Bind Shell Port 4444 shellcode (656 bytes) Linux/x86 - Bind Shell Port 4444/TCP shellcode (656 bytes) Linux/x86 - TCP Bind Shell Port 4444 shellcode (98 bytes) Linux/x86 - Bind Shell Port 4444/TCP shellcode (98 bytes) Rapid7 AppSpider 6.12 - Local Privilege Escalation Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit) Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit) MediaCoder 0.8.43.5852 - .m3u SEH Exploit Drupal CODER Module 2.5 - Remote Command Execution (Metasploit) CodoForum 3.2.1 - SQL Injection CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass) GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution PHP 7.0.8_ 5.6.23 and 5.5.37 - bzread() Out-of-Bounds Write Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities Micro Focus Filr 2 2.0.0.421_ Filr 1.2 1.2.0.846 - Multiple Vulnerabilities	2016-07-26 05:04:05 +00:00
Offensive Security	e9145685e4	DB: 2016-06-28 14 new exploits Linux Netcat Reverse Shell - 32bit - 77 bytes XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability Linux x86_64 execve Shellcode - 15 bytes WordPress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload OPAC KpwinSQL - SQL Injection Magnet Networks Tesley CPVA 642 Router – Weak WPA-PSK Passphrase Algorithm Option CloudGate CG0192-11897 - Multiple Vulnerabilities Kagao 3.0 - Multiple Vulnerabilities Panda Security Multiple Products - Privilege Escalation MyLittleForum 2.3.5 - PHP Command Injection iBilling 3.7.0 - Stored and Reflected XSS PInfo 0.6.9-5.1 - Local Buffer Overflow BigTree CMS 4.2.11 - SQL Injection HNB 1.9.18-10 - Local Buffer Overflow Linux x86 /bin/sh Shellcode + ASLR Bruteforce SugarCRM 6.5.18 - PHP Code Injection Riverbed SteelCentral NetProfiler & NetExpress 10.8.7 - Multiple Vulnerabilities	2016-06-28 05:03:46 +00:00
Offensive Security	3739831fb2	DB: 2016-06-24 16 new exploits Banner Exchange Script 1.0 - (targetid) Blind SQL Injection Vulnerability PHP 5.3.3 - ibase_gen_id() off-by-one Overflow Vulnerability ARM Bindshell port 0x1337 ARM Bind Connect UDP Port 68 ARM Loader Port 0x1337 ARM ifconfig eth0 and Assign Address ARM Bindshell port 0x1337 ARM Bind Connect UDP Port 68 ARM Loader Port 0x1337 ARM ifconfig eth0 and Assign Address G Data TotalCare 2011 - NtOpenKey Race Condition Vulnerability ImpressPages CMS 3.8 - Stored XSS Vulnerability Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability Linux Netcat Reverse Shell - 32bit - 77 bytes PrestaShop 1.4.4.1 modules/mondialrelay/kit_mondialrelay/RechercheDetailPointRelais_ajax.php Multiple Parameter XSS PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS Getsimple CMS 3.3.10 - Arbitrary File Upload op5 v7.1.9 Configuration Command Execution op5 7.1.9 - Configuration Command Execution Alibaba Clone B2B Script - Arbitrary File Disclosure XuezhuLi FileSharing - Directory Traversal XuezhuLi FileSharing - (Add User) CSRF FinderView - Multiple Vulnerabilities	2016-06-24 05:06:19 +00:00
Offensive Security	2815f48e25	DB: 2016-06-17 12 new exploits Linux x86_64 - Reverse Shell Shellcode Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal Solarwinds Virtualization Manager - Privilege Escalation Blat 3.2.14 - Stack Overflow Linux/x86 - Bindshell with Configurable Port - 87 bytes Linux x86_64 Shellcode Null-Free Reverse TCP Shell Linux x86 TCP Bind Shell Port 4444 (656 bytes) Tiki-Wiki CMS Calendar 14.2_ 12.5 LTS_ 9.11 LTS_ and 6.15 - Remote Code Execution Linux/Windows/BSD x86_64 execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode ATCOM PBX IP01_ IP08 _ IP4G_ IP2G4A - Authentication Bypass Roxy Fileman 1.4.4 - Arbitrary File Upload SlimCMS 0.1 - CSRF (Change Admin Password)	2016-06-17 05:05:00 +00:00
Offensive Security	33dd246d8a	DB: 2016-06-16 14 new exploits Ultrabenosaurus ChatBoard - Stored XSS Ultrabenosaurus ChatBoard - CSRF (Send Message) w2wiki - Multiple XSS Vulnerabilities Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities Dokeos 2.2.1 - Blind SQL Injection Joomla En Masse (com_enmasse) Component 5.1 - 6.4 - SQL Injection AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation BookingWizz Booking System < 5.5 - Multiple Vulnerabilities jbFileManager - Directory Traversal PHPLive 4.4.8 - 4.5.4 - Password Recovery SQL Injection Bomgar Remote Support Unauthenticated Code Execution (msf) Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1) Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2) Google Chrome - GPU Process MailboxManagerImpl Double-Read	2016-06-16 05:02:53 +00:00
Offensive Security	3ef2faa870	DB: 2016-05-13	2016-05-13 11:12:47 +00:00
Offensive Security	52e862d62a	DB: 2016-05-11 9 new exploits Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit mIRC 6.1 - _IRC_ Protocol Remote Buffer Overflow Exploit mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow Exploit Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit Linux Kernel 2.4.22 - _do_brk()_ Local Root Exploit (PoC) Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept) Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working) Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit Xsok 1.02 - _-xsokdir_ Local Buffer Overflow Game Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (2) Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit Serv-U FTPD 3.x/4.x _SITE CHMOD_ Command Remote Exploit Serv-U FTPD 3.x/4.x- 'SITE CHMOD' Command Remote Exploit Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Local Proof-of-Concept (2) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Missing _do_munmap_ Exploit Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit eMule <= 0.42d IRC Remote Buffer Overflow Exploit eMule <= 0.42d - IRC Remote Buffer Overflow Exploit GnomeHack Local Buffer Overflow Exploit (gid=games) GnomeHack - Local Buffer Overflow Exploit (gid=games) Kwintv Local Buffer Overflow Exploit (gid=video(33)) Kwintv - Local Buffer Overflow Exploit (gid=video(33)) Redhat 6.1 man Local Exploit (egid 15) Redhat 6.1 man - Local Exploit (egid 15) Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit Linux Kernel 2.4.x - 2.6.x - Assembler Inline Function Local DoS Exploit rlpr <= 2.04 msg() Remote Format String Exploit MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit rlpr <= 2.04 - msg() Remote Format String Exploit MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit Ollydbg <= 1.10 Format String Bug Ollydbg <= 1.10 - Format String Bug Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit AOL Instant Messenger AIM _Away_ Message Local Exploit AOL Instant Messenger AIM - 'Away' Message Local Exploit Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit AOL Instant Messenger AIM _Away_ Message Remote Exploit AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2) Silent Storm Portal Multiple Vulnerabilities Silent Storm Portal - Multiple Vulnerabilities YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit Monit <= 4.2 Basic Authentication Remote Root Exploit Monit <= 4.2 - Basic Authentication Remote Root Exploit YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit Chatman <= 1.5.1 RC1 Broadcast Crash Exploit Flash Messaging <= 5.2.0g Remote Denial of Service Exploit Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit Halo <= 1.05 Broadcast Client Crash Exploit CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit Halo <= 1.05 - Broadcast Client Crash Exploit Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit Kreed <= 1.05 Format String and Denial of Service Exploit Kreed <= 1.05 - Format String and Denial of Service Exploit Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC Cscope <= 15.5 Symlink Vulnerability Exploit WinRAR <= 3.4.1 - Corrupt ZIP File Vulnerability PoC Cscope <= 15.5 - Symlink Vulnerability Exploit Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit Netcat 1.1 - _-e_ Switch Remote Buffer Overflow Exploit PHP <= 4.3.7 openlog() Buffer Overflow Exploit Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit PHP <= 4.3.7 - openlog() Buffer Overflow Exploit phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm) phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm) Gore <= 1.50 Socket Unreacheable Denial of Service Exploit Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit Exim <= 4.41 dns_build_reverse Local Exploit PoC Exim <= 4.41 - dns_build_reverse Local Exploit PoC Peer2Mail <= 1.4 Encrypted Password Dumper Exploit Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit Armagetron Advanced <= 0.2.7.0 Server Crash Exploit Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit MercuryBoard <= 1.1.1 Working SQL Injection MercuryBoard <= 1.1.1 - SQL Injection GNU a2ps _Anything to PostScript_ Local Exploit (not suid) GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID) vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1) vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution (part 2) Serv-U 4.x _site chmod_ Remote Buffer Overflow Exploit vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit 3Com 3CDaemon FTP Unauthorized _USER_ Remote BoF Exploit 3Com 3CDaemon FTP - Unauthorized 'USER' Remote BoF Exploit vBulletin <= 3.0.6 php Code Injection vBulletin <= 3.0.6 - PHP Code Injection Soldier of Fortune 2 <= 1.03 - _cl_guid_ - Server Crash Soldier of Fortune 2 <= 1.03 - 'cl_guid' - Server Crash Knet <= 1.04c Buffer Overflow Denial of Service Exploit Knet <= 1.04c - Buffer Overflow Denial of Service Exploit Scrapland <= 1.0 Server Termination Denial of Service Exploit Scrapland <= 1.0 - Server Termination Denial of Service Exploit Apache <= 2.0.52 HTTP GET request Denial of Service Exploit Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update) Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2) Microsoft Internet Explorer _mshtml.dll_ CSS Parsing Buffer Overflow Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2) Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows) Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux) PHP-Nuke 6.x - 7.6 Top module Remote SQL Injection Exploit (working) PHP-Nuke 6.x - 7.6 Top module - Remote SQL Injection Exploit HP-UX FTPD <= 1.1.214.4 - _REST_ Remote Brute Force Exploit HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial) Invision Power Board <= 2.0.3 - Login.PHP SQL Injection Exploit Invision Power Board <= 2.0.3 - Login.PHP SQL Injection (tutorial) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit Microsoft Internet Explorer - javascript _window()_ Crash Microsoft Internet Explorer - javascript 'window()' Crash Kaspersky AntiVirus - _klif.sys_ Privilege Escalation Vulnerability Kaspersky AntiVirus - 'klif.sys' Privilege Escalation Vulnerability Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working) Invision Power Board <= 1.3.1 - Login.PHP SQL Injection WordPress <= 1.5.1.1 - _add new admin_ SQL Injection Exploit WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit Mozilla Firefox <= 1.0.4 - _Set As Wallpaper_ Code Execution Exploit Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC) Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC) XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities Linux Kernel <= 2.6.11 - 'k-rad3.c' (CPL 0) Local Root Exploit Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities nodez <= 4.6.1.1 mercury Multiple Vulnerabilities nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities gCards <= 1.45 - Multiple Vulnerabilities All-In-One Exploit gCards <= 1.45 - Multiple Vulnerabilities Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit OpenTTD <= 0.4.7 - (multiple vulnerabilities) Denial of Service Exploit OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC) PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Exploit PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities Exploit outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities raydium <= svn 309 - Multiple Vulnerabilities Exploit raydium <= svn 309 - Multiple Vulnerabilities PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities Light Blog Remote Multiple Vulnerabilities Exploit Light Blog Remote - Multiple Vulnerabilities Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities contentnow 1.30 (upload/XSS) Multiple Vulnerabilities contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities Messagerie Locale (centre.php) Remote File Inclusion Vulnerability Site News (centre.php) Remote File Inclusion Vulnerability Messagerie Locale (centre.php) - Remote File Inclusion Vulnerability Site News (centre.php) - Remote File Inclusion Vulnerability kubix <= 0.7 - Multiple Vulnerabilities Exploit kubix <= 0.7 - Multiple Vulnerabilities BBS E-Market Professional (Path Disclosure/Include) Multiple Vulnerabilities BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit open newsletter <= 2.5 - Multiple Vulnerabilities Exploit (update) open newsletter <= 2.5 - Multiple Vulnerabilities (2) eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities php-update <= 2.7 - Multiple Vulnerabilities Exploit php-update <= 2.7 - Multiple Vulnerabilities ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities vp-asp shopping cart 6.09 (SQL/XSS) Multiple Vulnerabilities vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities Aztek Forum 4.0 - Multiple Vulnerabilities Exploit Aztek Forum 4.0 - Multiple Vulnerabilities otscms <= 2.1.5 (SQL/XSS) Multiple Vulnerabilities otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities qdblog 0.4 (SQL Injection/LFI) Multiple Vulnerabilities qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability Censura 1.15.04 - (censura.php vendorid) SQL Injection Vulnerability runawaysoft haber portal 1.0 (tr) Multiple Vulnerabilities runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities netclassifieds (SQL/XSS/full path) Multiple Vulnerabilities netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities bugmall shopping cart 2.5 (SQL/XSS) Multiple Vulnerabilities bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection Vulnerability Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day) Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0day) Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit else if CMS 0.6 - Multiple Vulnerabilities / Exploit else if CMS 0.6 - Multiple Vulnerabilities Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit Php-Stats 0.1.9.2 - Multiple Vulnerabilities Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection Vulnerability Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept portalapp 4.0 (SQL/XSS/auth bypasses) Multiple Vulnerabilities portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities evilboard 0.1a (SQL/XSS) Multiple Vulnerabilities evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit blogcms 4.2.1b (SQL/XSS) Multiple Vulnerabilities blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities bloofox 0.3 (SQL/fd) Multiple Vulnerabilities bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability Liquid-Silver CMS 0.1 - (update) Local File Inclusion Vulnerability simple forum 3.2 (fd/XSS) Multiple Vulnerabilities simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability Mambo Component Sermon 0.2 - (gid) SQL Injection Vulnerability Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities pigyard art gallery Multiple Vulnerabilities pigyard art gallery - Multiple Vulnerabilities XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection Vulnerability XOOPS Module My_eGallery 3.04 - (gid) SQL Injection Vulnerability easycalendar <= 4.0tr Multiple Vulnerabilities easygallery <= 5.0tr Multiple Vulnerabilities easycalendar <= 4.0tr - Multiple Vulnerabilities easygallery <= 5.0tr - Multiple Vulnerabilities Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities Exploit Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit minibb 2.2 (css/SQL/fpd) Multiple Vulnerabilities minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities siteman 2.x (exec/LFI/XSS) Multiple Vulnerabilities siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities megabbs forum 2.2 (SQL/XSS) Multiple Vulnerabilities megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit cplinks 1.03 (bypass/SQL/xxs) Multiple Vulnerabilities cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities deluxebb <= 1.2 - Multiple Vulnerabilities Exploit deluxebb <= 1.2 - Multiple Vulnerabilities Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection Vulnerability idautomation bar code ActiveX Multiple Vulnerabilities idautomation bar code ActiveX - Multiple Vulnerabilities ecms 0.4.2 (SQL/pb) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities mebiblio 0.4.7 (SQL/upload/XSS) Multiple Vulnerabilities mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities smeweb 1.4b (SQL/XSS) Multiple Vulnerabilities smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities 427bb 2.3.1 (SQL/XSS) Multiple Vulnerabilities 427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulnerabilities Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities real estate Web site 1.0 (SQL/XSS) Multiple Vulnerabilities telephone directory 2008 (SQL/XSS) Multiple Vulnerabilities real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities gravity board x 2.0 beta (SQL/XSS) Multiple Vulnerabilities gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities butterfly organizer 2.0.0 (SQL/XSS) Multiple Vulnerabilities butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities ownrs blog beta3 (SQL/XSS) Multiple Vulnerabilities ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities sitexs CMS 0.1.1 (upload/XSS) Multiple Vulnerabilities sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities shibby shop <= 2.2 (SQL/update) Multiple Vulnerabilities shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities polypager <= 1.0rc2 (SQL/XSS) Multiple Vulnerabilities polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities otmanager CMS 24a (LFI/XSS) Multiple Vulnerabilities w1l3d4 philboard 1.2 (blind sql/XSS) Multiple Vulnerabilities otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities Thelia 1.3.5 - Multiple Vulnerabilities Exploit Thelia 1.3.5 - Multiple Vulnerabilities contentnow 1.4.1 (upload/XSS) Multiple Vulnerabilities contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2) trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python) jsite 1.0 oe (SQL/LFI) Multiple Vulnerabilities jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit e-vision CMS <= 2.02 (SQL/upload/ig) Multiple Vulnerabilities k-links directory (SQL/XSS) Multiple Vulnerabilities e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities k-links directory - (SQL/XSS) Multiple Vulnerabilities Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities k-rate (SQL/XSS) Multiple Vulnerabilities k-rate - (SQL/XSS) Multiple Vulnerabilities Invision Power Board <= 2.3.5 - Multiple Vulnerabilities Exploit (revised) Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2) brim 2.0.0 (SQL/XSS) Multiple Vulnerabilities brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities aspwebalbum 3.2 (upload/SQL/XSS) Multiple Vulnerabilities aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities qwicsite pro (SQL/XSS) Multiple Vulnerabilities qwicsite pro - (SQL/XSS) Multiple Vulnerabilities Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities Availscript Article Script (articles.php) Multiple Vulnerabilities Availscript Article Script - (articles.php) Multiple Vulnerabilities Availscript Photo Album (pics.php) Multiple Vulnerabilities Availscript Photo Album - (pics.php) Multiple Vulnerabilities phpvid 1.1 0- (XSS/SQL) Multiple Vulnerabilities phpvid 1.1 0 - (XSS/SQL) Multiple Vulnerabilities php infoboard 7 - plus Multiple Vulnerabilities php infoboard 7 plus - Multiple Vulnerabilities camera life 2.6.2b4 (SQL/XSS) Multiple Vulnerabilities camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities mystats (hits.php) Multiple Vulnerabilities Exploit mystats - (hits.php) Multiple Vulnerabilities Vivvo CMS <= 3.4 - Multiple Vulnerabilities Destroyer Exploit Vivvo CMS <= 3.4 - Multiple Vulnerabilities websvn <= 2.0 - (XSS/fh/ce) Multiple Vulnerabilities websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities phpdaily (SQL/XSS/lfd) Multiple Vulnerabilities phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities questcms - (XSS/directory traversal/SQL) Multiple Vulnerabilities questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities apartment search script (rfu/XSS) Multiple Vulnerabilities apartment search script - (RFU/XSS) Multiple Vulnerabilities MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities pre multi-vendor shopping malls Multiple Vulnerabilities pre multi-vendor shopping malls - Multiple Vulnerabilities Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities AJSquare Free Polling Script (DB) Multiple Vulnerabilities AJSquare Free Polling Script - (DB) Multiple Vulnerabilities turnkeyforms Web Hosting Directory Multiple Vulnerabilities turnkeyforms Web Hosting Directory - Multiple Vulnerabilities GS Real Estate Portal US/International Module Multiple Vulnerabilities GS Real Estate Portal US/International Module - Multiple Vulnerabilities bandwebsite 1.5 (SQL/XSS) Multiple Vulnerabilities bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities chipmunk topsites (auth bypass/XSS) Multiple Vulnerabilities clean CMS 1.5 (blind SQL Injection/XSS) Multiple Vulnerabilities chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities comersus asp shopping cart (dd/XSS) Multiple Vulnerabilities comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities minimal ablog 0.4 (SQL/fu/bypass) Multiple Vulnerabilities minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities wbstreet 1.0 (SQL/dd) Multiple Vulnerabilities wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities template creature (SQL/dd) Multiple Vulnerabilities template creature - (SQL/DD) Multiple Vulnerabilities merlix educate servert (bypass/dd) Multiple Vulnerabilities merlix educate servert - (bypass/DD) Multiple Vulnerabilities nightfall personal diary 1.0 - (XSS/dd) Multiple Vulnerabilities Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulnerabilities nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities asp autodealer (SQL/dd) Multiple Vulnerabilities asp autodealer - (SQL/DD) Multiple Vulnerabilities aspmanage banners (rfu/dd) Multiple Vulnerabilities aspmanage banners - (RFU/DD) Multiple Vulnerabilities asp talk (SQL/css) Multiple Vulnerabilities asp talk - (SQL/css) Multiple Vulnerabilities siu guarani Multiple Vulnerabilities siu guarani - Multiple Vulnerabilities webcaf <= 1.4 - (LFI/rce) Multiple Vulnerabilities webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities postecards (SQL/dd) Multiple Vulnerabilities postecards - (SQL/DD) Multiple Vulnerabilities living Local 1.1 - (XSS-rfu) Multiple Vulnerabilities living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities cf shopkart 5.2.2 (SQL/dd) Multiple Vulnerabilities cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities the net guys aspired2blog (SQL/dd) Multiple Vulnerabilities the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities joomla live chat (SQL/proxy) Multiple Vulnerabilities joomla live chat - (SQL/proxy) Multiple Vulnerabilities isweb CMS 3.0 (SQL/XSS) Multiple Vulnerabilities isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities clickandemail (SQL/XSS) Multiple Vulnerabilities click&rank (SQL/XSS) Multiple Vulnerabilities clickandemail - (SQL/XSS) Multiple Vulnerabilities click&rank - (SQL/XSS) Multiple Vulnerabilities Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities Liberum Help Desk 0.97.3 - (SQL/DD) Remote Vulnerabilities Zelta E Store - (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities 2532/gigs 1.2.2 - stable Multiple Vulnerabilities 2532/gigs 1.2.2 stable - Multiple Vulnerabilities constructr CMS <= 3.02.5 stable Multiple Vulnerabilities constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit doop CMS <= 1.4.0b (CSRF/upload shell) Multiple Vulnerabilities doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities Nokia S60 SMS/Mms (Curse of Silence) Denial of Service Vulnerability Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service Vulnerability Seo4SMF for SMF forums Multiple Vulnerabilities Seo4SMF for SMF forums - Multiple Vulnerabilities mkportal <= 1.2.1 () Multiple Vulnerabilities mkportal <= 1.2.1 - Multiple Vulnerabilities rankem (dd/XSS/cm) Multiple Vulnerabilities blogit! (SQL/dd/XSS) Multiple Vulnerabilities rankem - (DD/XSS/cm) Multiple Vulnerabilities blogit! - (SQL/DD/XSS) Multiple Vulnerabilities E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities navicopa webserver 3.0.1 (bof/sd) Multiple Vulnerabilities navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities team 1.x - (dd/XSS) Multiple Vulnerabilities Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities team 1.x - (DD/XSS) Multiple Vulnerabilities gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities w3bcms <= 3.5.0 - Multiple Vulnerabilities Exploit w3bcms <= 3.5.0 - Multiple Vulnerabilities powermovielist 0.14b (SQL/XSS) Multiple Vulnerabilities powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities ritsblog 0.4.2 (ab/XSS) Multiple Vulnerabilities Zabbix 1.6.2 Frontend Multiple Vulnerabilities blindblog 1.3.1 (SQL/ab/LFI) Multiple Vulnerabilities ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities Zabbix 1.6.2 - Frontend - Multiple Vulnerabilities blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth) Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities Femitter FTP Server 1.x - Multiple Vulnerabilities (post auth) Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities fungamez rc1 (ab/LFI) Multiple Vulnerabilities fungamez rc1 - (ab/LFI) Multiple Vulnerabilities mixedcms 1.0b (LFI/su/ab/fd) Multiple Vulnerabilities mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities fowlcms 1.1 (ab/LFI/su) Multiple Vulnerabilities fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities Linux Kernel 2.6.x - SCTP FWD Memory Corruption Remote Exploit Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit leap CMS 0.1.4 (SQL/XSS/su) Multiple Vulnerabilities leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities tematres 1.0.3 (auth bypass/SQL/XSS) Multiple Vulnerabilities tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit 2daybiz business community script Multiple Vulnerabilities Easy Scripts Answer and Question Script Multiple Vulnerabilities 2daybiz business community script - Multiple Vulnerabilities Easy Scripts Answer and Question Script - Multiple Vulnerabilities my-colex 1.4.2 (ab/XSS/SQL) Multiple Vulnerabilities my-gesuad 0.9.14 (ab/SQL/XSS) Multiple Vulnerabilities my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities vidshare pro (SQL/XSS) Multiple Vulnerabilities vidshare pro - (SQL/XSS) Multiple Vulnerabilities Mac OS X - Java applet Remote Deserialization Remote PoC (updated) Mac OS X - Java applet Remote Deserialization Remote PoC (Updated) asp inline corporate calendar (SQL/XSS) Multiple Vulnerabilities asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities minitwitter 0.3-beta (SQL/XSS) Multiple Vulnerabilities minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities elitecms 1.01 (SQL/XSS) Multiple Vulnerabilities elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities flashlight free edition (LFI/SQL) Multiple Vulnerabilities flashlight free edition - (LFI/SQL) Multiple Vulnerabilities propertymax pro free (SQL/XSS) Multiple Vulnerabilities propertymax pro free - (SQL/XSS) Multiple Vulnerabilities podcast generator <= 1.2 - globals[] Multiple Vulnerabilities podcast generator <= 1.2 - globals[] - Multiple Vulnerabilities kloxo 5.75 (24 issues) Multiple Vulnerabilities kloxo 5.75 - (24 issues) Multiple Vulnerabilities virtue news (SQL/XSS) Multiple Vulnerabilities virtue news - (SQL/XSS) Multiple Vulnerabilities mrcgiguy the ticket system 2.0 php Multiple Vulnerabilities mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities mrcgiguy freeticket (ch/SQL) Multiple Vulnerabilities mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities impleo music collection 2.0 (SQL/XSS) Multiple Vulnerabilities impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities kasseler CMS (fd/XSS) Multiple Vulnerabilities kasseler CMS - (fd/XSS) Multiple Vulnerabilities tribiq CMS 5.0.12c (XSS/LFI) Multiple Vulnerabilities tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64) Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities citrix xencenterweb - (XSS/SQL/rce) Multiple Vulnerabilities citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities FreeBSD 6/8 (ata device) Local Denial of Service Exploit FreeBSD 6/8 - (ata device) Local Denial of Service Exploit good/bad vote (XSS/LFI) Multiple Vulnerabilities good/bad vote - (XSS/LFI) Multiple Vulnerabilities Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux / RHEL5 - Test Kernel Local Root Exploit (0day) Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0day) mcshoutbox 1.1 (SQL/XSS/shell) Multiple Vulnerabilities mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities DD-WRT (httpd service) Remote Command Execution Vulnerability DD-WRT - (httpd service) Remote Command Execution Vulnerability tenrok 1.1.0 (udd/rce) Multiple Vulnerabilities tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit (1) Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1) Linux Kernel 2.4 / 2.6 - sock_sendpage() ring0 Root Exploit (1) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1) Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept Linux Kernel 2.6 < 2.6.19 - (32-bit) ip_append_data() ring0 Root Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (PPC Edition) Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC) Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit (x86/x64) Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (2) Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2) Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities Linux Kernel - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty Linux Kernel - 'pipe.c' Local Privilege Escalation Vulnerability Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability Linux Kernel - 'unix_stream_connect()' Local Denial of Service Vulnerability Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service Vulnerability Unreal Tournament 2004 - _Secure_ Overflow Unreal Tournament 2004 - 'Secure' Overflow VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit PHP < 5.3.1 - _multipart/form-data_ Denial of Service Exploit (Python) PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python) sugar crm 5.5.0.rc2 and 5.2.0j Multiple Vulnerabilities sugar crm 5.5.0.rc2 and 5.2.0j - Multiple Vulnerabilities Huawei MT882 Modem/Router Multiple Vulnerabilities Huawei MT882 Modem/Router - Multiple Vulnerabilities DigitalHive Multiple Vulnerabilities DigitalHive - Multiple Vulnerabilities zabbix server Multiple Vulnerabilities zabbix server - Multiple Vulnerabilities Ez Faq Maker Multiple Vulnerabilities Ez Faq Maker - Multiple Vulnerabilities Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities Horde 3.3.5 - _PHP_SELF_ XSS Vulnerability Horde 3.3.5 - 'PHP_SELF' XSS Vulnerability Lizard Cart Upload Shell Vulnerability Lizard Cart - Upload Shell Vulnerability Mega Upload Upload Shell Vulnerability Mega Upload 1.45 - Upload Shell Vulnerability MyCart shopping cart Upload Shell Vulnerability oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability MyCart shopping cart - Upload Shell Vulnerability osCommerce <= 2.2rc2a - Bypass/Create and Download Backup Vulnerability gallery_show.asp GID suffer from Blind SQL Injection Vulnerability gallery_show.asp - GID Blind SQL Injection Vulnerability Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities VirtualDJ Trial 6.0.6 - _New Year Edition_ - (.m3u) Exploit (0day) VirtualDJ Trial 6.0.6 - 'New Year Edition' - (.m3u) Exploit (0day) PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/XSS) PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities Docebo 3.6.0.2 (stable) Local File Inclusion Docebo 3.6.0.2 (stable) - Local File Inclusion CLONEBID B2B Marketplace Multiple Vulnerabilities ITechSctipts Alibaba Clone Multiple Vulnerabilities CLONEBID B2B Marketplace - Multiple Vulnerabilities ITechSctipts Alibaba Clone - Multiple Vulnerabilities ManageEngine OpUtils 5 - _Login.DO_ SQL Injection Vulnerability ManageEngine OpUtils 5 - 'Login.DO' SQL Injection Vulnerability CMS by MyWorks Multiple Vulnerabilities CMS by MyWorks - Multiple Vulnerabilities DZ Auktionshaus _V4.rgo_ (id) news.php - SQL Injection Vulnerability DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection Vulnerability PhpCityPortal Multiple Vulnerabilities PhpCityPortal - Multiple Vulnerabilities Joomla Component com_ckforms Multiple Vulnerabilities Joomla Component com_ckforms - Multiple Vulnerabilities Joomla Component com_vxdate Multiple Vulnerabilities Joomla Component com_vxdate - Multiple Vulnerabilities Adult Video Site Script Multiple Vulnerabilities Adult Video Site Script - Multiple Vulnerabilities iOS Safari - Bad _VML_ Remote DoS iOS Safari - Bad 'VML' Remote DoS Linux Kernel <= 2.6.34-rc3 ReiserFS xattr - Privilege Escalation Linux Kernel <= 2.6.34-rc3 ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation vBulletin _Cyb - Advanced Forum Statistics_ DoS vBulletin 'Cyb - Advanced Forum Statistics' DoS dl_stats Multiple Vulnerabilities dl_stats - Multiple Vulnerabilities avtech software (avc781viewer.dll) ActiveX Multiple Vulnerabilities avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities lanewsfactory Multiple Vulnerabilities lanewsfactory - Multiple Vulnerabilities MacOS X 10.6 HFS File System Attack (Denial of Service) MacOS X 10.6 - HFS File System Attack (Denial of Service) WFTPD Server 3.30 - Multiple Vulnerabilities (0day) WFTPD Server 3.30 - (0day) Multiple Vulnerabilities CompactCMS 1.4.0 (tiny_mce) Remote File Upload CompactCMS 1.4.0 (tiny_mce) - Remote File Upload Tainos Multiple Vulnerabilities Tainos - Multiple Vulnerabilities Joomla Component com_event Multiple Vulnerabilities Joomla Component com_event - Multiple Vulnerabilities B-Hind CMS (tiny_mce) Remote File Upload B-Hind CMS (tiny_mce) - Remote File Upload ComponentOne VSFlexGrid 7 & 8 - _Archive()_ method Remote Buffer Overflow Exploit ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - _PORT_ Command Remote DoS (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote DoS Blaze Apps Multiple Vulnerabilities Blaze Apps - Multiple Vulnerabilities Joomla Component My Car Multiple Vulnerabilities Joomla Component My Car - Multiple Vulnerabilities Marketing Web Design Multiple Vulnerabilities Marketing Web Design - Multiple Vulnerabilities Aim Web Design Multiple Vulnerabilities Aim Web Design - Multiple Vulnerabilities Zeeways Script Multiple Vulnerabilities Zeeways Script - Multiple Vulnerabilities QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure) QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities Joomla Component ChronoConnectivity Joomla Component ChronoForms (com_chronocontact) Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Vulnerability Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection Vulnerability Simple Posting System Multiple Vulnerabilities Simple Posting System - Multiple Vulnerabilities Joomla Component com_djartgallery Multiple Vulnerabilities Joomla Component com_djartgallery - Multiple Vulnerabilities Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection E-PHP B2B Marketplace Multiple Vulnerabilities E-PHP B2B Marketplace - Multiple Vulnerabilities DaLogin Multiple Vulnerabilities DaLogin - Multiple Vulnerabilities Novell iManager Multiple Vulnerabilities Novell iManager - Multiple Vulnerabilities 2DayBiz Video Community portal - _user-profile.php_ SQL Injection Vulnerability 2DayBiz Real Estate Portal - _viewpropertydetails.php_ SQL injection 2DayBiz Video Community portal - 'user-profile.php' SQL Injection Vulnerability 2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection NO-IP.com Dynamic DNS Update Client 2.2.1 - _Request_ Insecure Encoding Algorithm NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm TCW PHP Album Multiple Vulnerabilities Esoftpro Online Guestbook Pro Multiple Vulnerabilities TCW PHP Album - Multiple Vulnerabilities Esoftpro Online Guestbook Pro - Multiple Vulnerabilities Esoftpro Online Contact Manager Multiple Vulnerabilities Esoftpro Online Contact Manager - Multiple Vulnerabilities Joomla Component Sef (com_sef) - LFI Vulnerability Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability artforms 2.1b7.2 rc2 joomla component Multiple Vulnerabilities artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities Qt 4.6.3 - _QSslSocketBackendPrivate::transmit()_ Denial of Service Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service Macs CMS 1.1.4 - Multiple Vulnerabilities (XSS/CSRF) Macs CMS 1.1.4 - (XSS/CSRF) Multiple Vulnerabilities GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF) Ubuntu 9.10 (Karmic Koala) & 10.04 LTS (Lucid Lynx) PAM 1.1.0 MOTD - Local Root Exploit GetSimple CMS 2.01 - (XSS/CSRF) Multiple Vulnerabilities PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability Joomla Component QContacts (com_qcontacts) - SQL Injection Vulnerability Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow Microsoft Windows - Win32k.sys Driver _CreateDIBPalette()_ Buffer Overflow Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow Easy FTP - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands Zendesk Multiple Vulnerabilities Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands Zendesk - Multiple Vulnerabilities Mediacoder 0.7.5.4710 - _Universal_ SEH Buffer Overflow Exploit Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit Simple Forum PHP Multiple Vulnerabilities Simple Forum PHP - Multiple Vulnerabilities Linux Kernel < 2.6.36-rc1 CAN BCM - Privilege Escalation Exploit Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit Apple QuickTime __Marshaled_pUnk_ Backdoor Param Client-Side Arbitrary Code Execution Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution Adobe Acrobat Reader and Flash Player - _newclass_ invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Shop a la Cart Multiple Vulnerabilities Shop a la Cart - Multiple Vulnerabilities ifnuke - Multiple Vulnerabilities (0day) ifnuke - (0day) Multiple Vulnerabilities dynpage <= 1.0 - Multiple Vulnerabilities (0day) dynpage <= 1.0 - (0day) Multiple Vulnerabilities sirang web-based d-control Multiple Vulnerabilities sirang web-based d-control - Multiple Vulnerabilities Microsoft Office Visio - .DXF File Stack based Overflow Microsoft Office Visio 2002 - .DXF File Stack based Overflow Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution Vulnerability Zeeways Adserver Multiple Vulnerabilities Zeeways Adserver - Multiple Vulnerabilities Microsoft Office Word 2007 - sprmCMajority Buffer Overflow Microsoft Office Word 2007 SP2 - sprmCMajority Buffer Overflow Adobe Acrobat and Reader - _pushstring_ Memory Corruption Adobe Acrobat and Reader - 'pushstring' Memory Corruption Linux Kernel 2.6.27 < 2.6.36 - x86_64 compat Local Root Exploit Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection _reviews.php_ xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php' Java CMM readMabCurveData - Stack Overflow Java 6.19 CMM readMabCurveData - Stack Overflow Microsoft drm technology (msnetobj.dll) ActiveX Multiple Vulnerabilities RarCrack 0.2 - _filename_ init() .bss PoC Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities RarCrack 0.2 - 'filename' init() .bss PoC je guestbook 1.0 joomla component Multiple Vulnerabilities je guestbook 1.0 joomla component - Multiple Vulnerabilities Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities Linux Kernel < 2.6.36-rc6 - pktcdvd Kernel Memory Disclosure Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities js calendar 1.5.1 joomla component Multiple Vulnerabilities js calendar 1.5.1 joomla component - Multiple Vulnerabilities Oracle Java 6 - OBJECT tag _launchjnlp_/_docbase_ Param Buffer Overflow Exploit Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit Linux Kernel - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability Sybase Advantage Data Architect - _.SQL_ Format Heap Oveflow Sybase Advantage Data Architect - '.SQL' Format Heap Oveflow Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt) Minishare 1.4.0 - 1.5.5 - Buffer Overflow Vulnerability (users.txt) Linux Kernel - Stack Infoleaks Vulnerability Linux Kernel <= 2.4.0 - Stack Infoleaks Vulnerability Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities CLANSPHERE 2010.0 Final Multiple Vulnerabilities CLANSPHERE 2010.0 Final - Multiple Vulnerabilities Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service Vulnerability Linux Kernel - Unix Sockets Local Denial of Service Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service Site2Nite Big Truck Broker _txtSiteId_ SQL Injection Vulnerability Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection Vulnerability Linux Kernel <= 2.6.37 - Local Privilege Escalation (Full Nelson) Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation Habari Blog Multiple Vulnerabilities Habari Blog - Multiple Vulnerabilities Linux Kernel 2.6.34 - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit (1) F3Site 2011 alfa 1 - Multiple Vulnerabilities (XSS & CSRF) phpMySport 1.4 - Multiple Vulnerabilities (SQLi & Auth Bypass & Path Disclosure) F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities Linux Kernel < 2.6.34 - CAP_SYS_ADMIN x86 & x64 - Local Privilege Escalation Exploit (2) Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2) Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities T-Content Managment System Multiple Vulnerabilities T-Content Managment System - Multiple Vulnerabilities Samba _username map script_ Command Execution Samba 'username map script' Command Execution Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow Microsoft Internet Explorer - _Aurora_ Memory Corruption Microsoft Internet Explorer - 'Aurora' Memory Corruption Adobe Flash Player _newfunction_ Invalid Pointer Use Adobe Flash Player - 'newfunction' Invalid Pointer Use Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow Adobe Flash Player _Button_ Remote Code Execution Adobe Flash Player - 'Button' Remote Code Execution Adobe Flash Player _newfunction_ Invalid Pointer Use Adobe Flash Player - 'newfunction' Invalid Pointer Use Unreal Tournament 2004 - _secure_ Overflow (Win32) Unreal Tournament 2004 - 'secure' Overflow (Windows) Unreal Tournament 2004 - _secure_ Overflow (Linux) Unreal Tournament 2004 - 'secure' Overflow (Linux) Tugux CMS 1.0_final Multiple Vulnerabilities Tugux CMS 1.0_final - Multiple Vulnerabilities Honey Soft Web Solution Multiple Vulnerabilities Honey Soft Web Solution - Multiple Vulnerabilities Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability Joomla JCE Component (com_jce) - Blind SQL Injection Vulnerability Parnian Opendata CMS SQL Injection Vulnerability Parnian Opendata CMS - SQL Injection Vulnerability Time and Expense Management System Multiple Vulnerabilities Time and Expense Management System - Multiple Vulnerabilities ZyWALL USG - Appliance Multiple Vulnerabilities ZyWALL USG - Appliance - Multiple Vulnerabilities Cisco Unified Operations Manager Multiple Vulnerabilities Microsoft Windows Vista/Server 2008 - _nsiproxy.sys_ Local Kernel DoS Exploit Cisco Unified Operations Manager - Multiple Vulnerabilities Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit HP Data Protector Client EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055) HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055) Mozilla Firefox - _nsTreeRange_ Dangling Pointer Exploit Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit Ollance Member Login Script Multiple Vulnerabilities Ollance Member Login Script - Multiple Vulnerabilities Adobe Reader X Atom Type Confusion Vulnerability Exploit Adobe Reader X 10.0.0 - 10.0.1 - Atom Type Confusion Vulnerability Exploit Mozilla Firefox _nsTreeRange_ Dangling Pointer Vulnerability Mozilla Firefox - 'nsTreeRange' Dangling Pointer Vulnerability Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities Safari - SVG DOM Processing PoC CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities Safari 5.0.6_ 5.1 - SVG DOM Processing PoC Link Station Pro Multiple Vulnerabilities Link Station Pro - Multiple Vulnerabilities Cart Software Multiple Vulnerabilities Cart Software - Multiple Vulnerabilities Omnistar Mailer Multiple Vulnerabilities Omnistar Mailer - Multiple Vulnerabilities Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit MYRE Real Estate Software Multiple Vulnerabilities MYRE Real Estate Software - Multiple Vulnerabilities Cisco TelePresence Multiple Vulnerabilities - SOS-11-010 Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities FreeBSD UIPC socket heap Overflow proof-of-concept FreeBSD - UIPC socket heap Overflow Proof of Concept GotoCode Online Bookstore Multiple Vulnerabilities GotoCode Online Bookstore - Multiple Vulnerabilities DivX Plus Web Player _file://_ Buffer Overflow Vulnerability PoC DivX Plus Web Player - 'file://' Buffer Overflow Vulnerability PoC EFront <= 3.6.9 Community Edition Multiple Vulnerabilities EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities GotoCode Online Classifieds Multiple Vulnerabilities GotoCode Online Classifieds - Multiple Vulnerabilities 6kbbs Multiple Vulnerabilities 6kbbs - Multiple Vulnerabilities POSH Multiple Vulnerabilities POSH - Multiple Vulnerabilities NoNumber Framework Joomla! Plugin Multiple Vulnerabilities NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities Uiga Personal Portal Multiple Vulnerabilities Uiga Personal Portal - Multiple Vulnerabilities Barter Sites 1.3 Joomla Component Multiple Vulnerabilities Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities zFTP Server _cwd/stat_ Remote Denial-of-Service zFTP Server - 'cwd/stat' Remote Denial-of-Service JEEMA Sms 3.2 Joomla Component Multiple Vulnerabilities Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities osCSS2 - __ID_ parameter Local file inclusion osCSS2 - '_ID' parameter Local file inclusion Infoproject Business Hero Multiple Vulnerabilities Infoproject Business Hero - Multiple Vulnerabilities SugarCRM CE <= 6.3.1 - _unserialize()_ PHP Code Execution SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution ARYADAD Multiple Vulnerabilities Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (1) ARYADAD - Multiple Vulnerabilities Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1) vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit swDesk Multiple Vulnerabilities swDesk - Multiple Vulnerabilities Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI/XSS) Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials) DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities Adobe Flash Player .mp4 - 'cprt' Overflow_ Adobe Flash Player .mp4 - 'cprt' Overflow Wolfcms <= 0.75 - Multiple Vulnerabilities (CSRF - XSS) Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow_ Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow' MailMax <= 4.6 - POP3 - _USER_ Remote Buffer Overflow Exploit (No Login Needed) MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed) Samsung D6000 TV Multiple Vulnerabilities Samsung D6000 TV - Multiple Vulnerabilities Websense Triton Multiple Vulnerabilities Websense Triton - Multiple Vulnerabilities QNX phrelay/phindows/phditto Multiple Vulnerabilities QNX phrelay/phindows/phditto - Multiple Vulnerabilities Lynx Message Server Multiple Vulnerabilities Lynx Message Server - Multiple Vulnerabilities SAP Netweaver Dispatcher Multiple Vulnerabilities SAP Netweaver Dispatcher - Multiple Vulnerabilities elearning server 4g Multiple Vulnerabilities elearning server 4g - Multiple Vulnerabilities Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS) Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities Active Collab _chat module_ <= 2.3.8 - Remote PHP Code Injection Exploit Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability SunOS <= 4.1.3 - kmem setgid /etc/crash Vulnerability Linux kernel 2.0/2.1 - SIGIO Vulnerability Linux Kernel 2.0 / 2.1 - SIGIO Vulnerability Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability Microsoft Windows - _April Fools 2001_ Vulnerability Microsoft Windows - 'April Fools 2001' Vulnerability Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking _Save Password_ Vulnerability Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - _Pass the Hash_ with Modified SMB Client Vulnerability Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password' Vulnerability Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client Vulnerability Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability Linux kernel 2.0/2.1/2.2 - autofs Vulnerability Linux Kernel 2.0 / 2.1 / 2.2 - autofs Vulnerability QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities Linux kernel 2.0 - TCP Port DoS Vulnerability Linux kernel 2.2 - ldd core Vulnerability Linux Kernel 2.0 - TCP Port DoS Vulnerability Linux Kernel 2.2 - ldd core Force Reboot Vulnerability Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability Linux Kernel 2.0.33 - IP Fragment Overlap Vulnerability Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities Linux kernel 2.0.37 - Segment Limit Vulnerability Linux Kernel 2.0.37 - Segment Limit Local Root Vulnerability BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability Quinn _the Eskimo_ and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability Fujitsu Chocoa 1.0 beta7R _Topic_ Buffer Overflow Vulnerability Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow Vulnerability Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability Microsoft Internet Explorer 5.0 - ActiveX _Object for constructing type libraries for scriptlets_ Vulnerability Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets' Vulnerability Microsoft Internet Explorer 4.0/5.0 - ActiveX _Eyedog_ Vulnerability Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog' Vulnerability Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability Linux Kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability MediaHouse Software Statistics Server 4.28/5.1 - _Server ID_ Buffer Overflow Vulnerability MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow Vulnerability Tiki Wiki CMS Groupware <= 8.3 - _unserialize()_ PHP Code Execution Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Vulnerability Linux Kernel - fs/eventpoll.c Local Denial of Service Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service Netscape Enterprise Server _Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities Netscape Enterprise Server_ Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities Netsweeper WebAdmin Portal Multiple Vulnerabilities Netsweeper WebAdmin Portal - Multiple Vulnerabilities Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x _ALG_ Client Vulnerability Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client Vulnerability gpm 1.18.1/1.19_Debian 2.x_RedHat 6.x_S.u.S.E 5.3/6.x gpm Setgid Vulnerability gpm 1.18.1/1.19_ Debian 2.x_ RedHat 6.x_ S.u.S.E 5.3/6.x gpm Setgid Vulnerability Linux kernel 2.2.12/2.2.14/2.3.99_RedHat 6.x - Socket Denial of Service Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service Linux Kernel - Sendpage Local Privilege Escalation Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit) kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (1) kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (2) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2) Cart32 3.0 - _expdate_ Administrative Information Disclosure Vulnerability Cart32 3.0 - 'expdate' Administrative Information Disclosure Vulnerability DALnet Bahamut IRCd 4.6.5 - _SUMMON_ Buffer Overflow Vulnerability DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow Vulnerability BitchX IRC Client 75p1/75p3/1.0 c16 - _/INVITE_ Format String Vulnerability BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String Vulnerability CVSWeb Developer CVSWeb 1.80 insecure perl _open_ Vulnerability CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open' Vulnerability Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (1) Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (2) Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (1) Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (2) Solaris 2.6/7.0 - _eject_ Exploit for locale subsystem format string Solaris 2.6/7.0 - 'eject' Exploit for locale subsystem format string UoW Pine 4.0.4/4.10/4.21 - _From:_ Field Buffer Overflow Vulnerability UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow Vulnerability Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities Tickets CAD 2.20G Multiple Vulnerabilities Tickets CAD 2.20G - Multiple Vulnerabilities Cisco IOS 12 - Software _?/_ HTTP Request DoS Vulnerability Cisco IOS 12 - Software '?/' HTTP Request DoS Vulnerability Markus Triska CGIForum 1.0 - _thesection_ Directory Traversal Vulnerability Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal Vulnerability Tunnelblick - Local Root Exploit Tunnelblick - Local Root Exploit (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (2) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (3) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (4) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4) ReiserFS 3.5.28 Kernel - DoS (Possible Code Execution Vulnerability) (Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution) Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment Vulnerability Linux sysctl() Kernel 2.2.x - Memory Reading Vulnerability Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept Vulnerability IOServer _Root Directory_ Trailing Backslash Multiple Vulnerabilities IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (1) Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (2) Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1) Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2) Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion Rit Research Labs _The Bat!_ 1.x - Missing Linefeeds DoS Vulnerability Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS Vulnerability Ad Manager Pro Multiple Vulnerabilities Ad Manager Pro - Multiple Vulnerabilities Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root Vulnerability HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS ID Software Quake 3 - _smurf attack_ Denial of Service Vulnerability ID Software Quake 3 - 'smurf attack' Denial of Service Vulnerability Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service Vulnerability Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root Vulnerability Pinterest Clone Script Multiple Vulnerabilities Pinterest Clone Script - Multiple Vulnerabilities User-Mode Linux Kernel 2.4.17-8 - Memory Access Vulnerability User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root Vulnerability Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit Ezylog Photovoltaic Management Server Multiple Vulnerabilities Ezylog Photovoltaic Management Server - Multiple Vulnerabilities Auxilium PetRatePro Multiple Vulnerabilities Netsweeper WebAdmin Portal Multiple Vulnerabilities Auxilium PetRatePro - Multiple Vulnerabilities Netsweeper WebAdmin Portal - Multiple Vulnerabilities Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC Vulnerability Fortigate UTM WAF Appliance Multiple Vulnerabilities Fortigate UTM WAF Appliance - Multiple Vulnerabilities Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 cleanSearchString() Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 Get Request Denial of Service Vulnerability Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 - Get Request Denial of Service Vulnerability Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability Working Resources 1.7.3 BadBlue - Null Byte File Disclosure Vulnerability Working Resources 1.7.x BadBlue Administrative Interface Arbitrary File Access Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access Qualcomm Eudora 5 MIME Multipart Boundary Buffer Overflow Vulnerability Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow Vulnerability AFD 1.2.x Working Directory Local Buffer Overflow Vulnerabilities AFD 1.2.x - Working Directory Local Buffer Overflow Vulnerabilities Trillian 0.74 IRC PART Message Denial of Service Vulnerability Trillian 0.74 - IRC PART Message Denial of Service Vulnerability Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (1) Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (2) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (1) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (2) Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness CheckPoint/Sofaware Firewall Multiple Vulnerabilities CheckPoint/Sofaware Firewall - Multiple Vulnerabilities Working Resources 1.7.x/2.15 BadBlue Ext.DLL Command Execution Vulnerability Working Resources 1.7.x/2.15 BadBlue - Ext.DLL Command Execution Vulnerability Working Resources BadBlue 1.7.x/2.x Unauthorized HTS Access Vulnerability Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access Vulnerability Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service Vulnerability MYRE Realty Manager Multiple Vulnerabilities MYRE Realty Manager - Multiple Vulnerabilities Myrephp Business Directory Multiple Vulnerabilities MYREphp Vacation Rental Software Multiple Vulnerabilities Myrephp Business Directory - Multiple Vulnerabilities MYREphp Vacation Rental Software - Multiple Vulnerabilities BabyGekko 1.2.2e Multiple Vulnerabilities BabyGekko 1.2.2e - Multiple Vulnerabilities Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability Linux Kernel 2.4 - execve() System Call Race Condition Vulnerability Linux Kernel 2.4 - execve() System Call Race Condition PoC Vulnerability Aardvark Topsites 4.1 PHP Multiple Vulnerabilities Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities phpwcms <= 1.5.4.6 - _preg_replace_ - Multiple Vulnerabilities phpwcms <= 1.5.4.6 - 'preg_replace' - Multiple Vulnerabilities KAME Racoon _Initial Contact_ SA Deletion Vulnerability lionmax software www file share pro 2.4x Multiple Vulnerabilities (1) lionmax software www file share pro 2.4x Multiple Vulnerabilities (2) KAME Racoon 'Initial Contact' SA Deletion Vulnerability lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1) lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2) DUware Software Multiple Vulnerabilities DUware Software - Multiple Vulnerabilities Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Vulnerability ASP Portal Multiple Vulnerabilities ASP Portal - Multiple Vulnerabilities Working Resources BadBlue Server 2.40 phptest.php Path Disclosure Vulnerability Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure Vulnerability SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities Remote Root Exploit Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service Vulnerability Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service Vulnerability phpBugTracker 0.9 user.php bugid Parameter XSS phpBugTracker 0.9 - user.php bugid Parameter XSS Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability e107 website system 0.6 - _email article to a friend_ Feature XSS e107 website system 0.6 - 'email article to a friend' Feature XSS Rlpr 2.0 msg() Function Multiple Vulnerabilities Rlpr 2.0 msg() Function - Multiple Vulnerabilities Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay Vulnerability Netgear SPH200D Multiple Vulnerabilities Netgear SPH200D - Multiple Vulnerabilities Fortinet FortiMail 400 IBE Multiple Vulnerabilities Fortinet FortiMail 400 IBE - Multiple Vulnerabilities Cisco Unity Express Multiple Vulnerabilities Cisco Unity Express - Multiple Vulnerabilities Linux Kernel - /dev/ptmx Key Stroke Timing Local Disclosure Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure SAP Netweaver Message Server Multiple Vulnerabilities SAP Netweaver Message Server - Multiple Vulnerabilities Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Vulnerability Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC Vulnerability Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag - Multiple Vulnerabilities Ubuntu 12.10 - (64-Bit) sock_diag_handlers - Local Root Exploit Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit event calendar Multiple Vulnerabilities event calendar - Multiple Vulnerabilities opera Web browser 7.54 java implementation Multiple Vulnerabilities (1) opera Web browser 7.54 java implementation Multiple Vulnerabilities (2) opera Web browser 7.54 java implementation Multiple Vulnerabilities (3) opera Web browser 7.54 java implementation Multiple Vulnerabilities (4) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4) ca3de Multiple Vulnerabilities ca3de - Multiple Vulnerabilities Vivotek IP Cameras Multiple Vulnerabilities Vivotek IP Cameras - Multiple Vulnerabilities Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (1) Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (2) Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (1) Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (2) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (1) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (2) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1) Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2) Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Icecast 2.x - XSL Parser Multiple Vulnerabilities Icecast 2.x - XSL Parser - Multiple Vulnerabilities Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (1) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (2) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (3) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (4) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4) Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 StrSubCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - IntCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - CurCatalogID Parameter Remote SQL Injection Vulnerability neteyes nexusway border gateway Multiple Vulnerabilities neteyes nexusway border gateway - Multiple Vulnerabilities McAfee IntruShield Security Management System Multiple Vulnerabilities McAfee IntruShield Security Management System - Multiple Vulnerabilities Gaim AIM/ICQ Protocols Multiple Vulnerabilities Gaim AIM/ICQ Protocols - Multiple Vulnerabilities bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities Linux Kernel <= 2.6 - Console Keymap Local Command Injection Vulnerability Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection QuickPayPro 3.1 tracking.details.php trackingid Parameter SQL Injection QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection oracle application server discussion forum portlet Multiple Vulnerabilities oracle application server discussion forum portlet - Multiple Vulnerabilities Linux Kernel - 'MSR' Driver Local Privilege Escalation Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation Linux Kernel 2.4.x/2.5.x/2.6.x - Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Apache James 2.2 SMTP Denial of Service Vulnerability Apache James 2.2 - SMTP Denial of Service Vulnerability Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Vulnerability Microsoft windows xp/2000/2003 help Multiple Vulnerabilities Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities ArticleSetup Multiple Vulnerabilities ArticleSetup - Multiple Vulnerabilities PhotoStore details.php gid Parameter XSS PhotoStore view_photog.php photogid Parameter XSS PhotoStore details.php - gid Parameter XSS PhotoStore view_photog.php - photogid Parameter XSS MailEnable 2.x SMTP NTLM Authentication Multiple Vulnerabilities MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities Simplog 0.9.3 BlogID Parameter Multiple SQL Injection Vulnerabilities Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities Oracle January 2007 Security Update Multiple Vulnerabilities Oracle January 2007 Security Update - Multiple Vulnerabilities Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS Vulnerability E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection OpenBase 10.0.x - Multiple Vulnerabilities (Buffer Overflow & Remote Command Execution) OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities ZyXEL P-330W Multiple Vulnerabilities ZyXEL P-330W - Multiple Vulnerabilities WinComLPD Total 3.0.2.623 - Multiple Vulnerabilities (Buffer Overflow and Authentication Bypass) WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities Linux Kernel 3.4 < 3.13.2 - Arbitrary write with CONFIG_X86_X32 Linux Kernel 3.4 < 3.13.2 - Local Root (CONFIG_X86_X32=y) Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y) IBM solidDB 6.0.10 - Multiple Vulnerabilities (Format String and Denial of Service) IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities Linux Kernel < 3.4.5 - Local Root Exploit (ARM - Android 4.2.2 / 4.4) Linux Kernel < 3.4.5 (ARM - Android 4.2.2 / 4.4) - Local Root Exploit Catia V5-6R2013 - _CATV5_AllApplications_ - Stack Buffer Overflow Catia V5-6R2013 - 'CATV5_AllApplications' - Stack Buffer Overflow Catia V5-6R2013 - _CATV5_Backbone_Bus_ - Stack Buffer Overflow Catia V5-6R2013 - 'CATV5_Backbone_Bus' - Stack Buffer Overflow Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (1) Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (2) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (1) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (2) EasyE-Cards 3.10 - Multiple Vulnerabilities (SQL Injection and Cross-Site Scripting) EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities Jamroom <= 3.3.8 - Multiple Vulnerabilities (Cookie Authentication Bypass and Unspecified Security Issues) Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection) LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness PG Roommate Finder Solution quick_search.php part Parameter XSS PG Roommate Finder Solution viewprofile.php part Parameter XSS PG Roommate Finder Solution - quick_search.php part Parameter XSS PG Roommate Finder Solution - viewprofile.php part Parameter XSS Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow Vulnerability e107 0.7.x - Multiple Vulnerabilities ('CAPTCHA' Security Bypass and Cross-Site Scripting) e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (1) Linux Kernel 2.6.x - pipe.c Local Privilege Escalation Vulnerability (2) Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation Vulnerability (1) Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (2) Linux Kernel 3.3 < 3.8 - SOCK_DIAG Local Root Exploit Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit Linux Kernel - 'find_keyring_by_name()' Local Memory Corruption Vulnerability Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption Vulnerability Linux Kernel - ptrace/sysret - Local Privilege Escalation Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities ServletExec - Multiple Vulnerabilities (Directory Traversal and Authentication-Bypass) ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities Creative Contact Form - Arbitrary File Upload Creative Contact Form 0.9.7 - Arbitrary File Upload Aireplay-ng 1.2 beta3 - _tcp_test_ Length Parameter Stack Overflow Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060) Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060) Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities Xerox Multifunction Printers (MFP) _Patch_ DLM Vulnerability Xerox Multifunction Printers (MFP) 'Patch' DLM Vulnerability Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2) Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2) Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control - Multiple Vulnerabilities Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406 Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 - ActiveX Control Multiple Vulnerabilities RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities OS X networkd _effective_audit_token_ XPC Type Confusion Sandbox Escape OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Vulnerability Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept AJ Classifieds 'listingid' Parameter SQL Injection Vulnerability AJ Classifieds 'listingid' Parameter - SQL Injection Vulnerability BlueSoft Social Networking CMS SQL Injection Vulnerability BlueSoft Social Networking CMS - SQL Injection Vulnerability Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC Linux Kernel Associative Array Garbage Collection - Crash PoC Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC Linux Kernel - Network Namespace Remote Denial of Service Vulnerability Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service Vulnerability Kayako SupportSuite 3.x Multiple Vulnerabilities Kayako SupportSuite 3.x - Multiple Vulnerabilities Linux Kernel splice() System Call - Local DoS Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS Mac OS X - _Rootpipe_ Privilege Escalation Mac OS X - 'Rootpipe' Privilege Escalation Apport - Local Linux Root Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit SixApart MovableType Storable Perl Code Execution SixApart MovableType - Storable Perl Code Execution WordPress TagGator 'tagid' Parameter SQL Injection Vulnerability WordPress TagGator 'tagid' Parameter - SQL Injection Vulnerability JSPMyAdmin 1.1 Multiple Vulnerabilities JSPMyAdmin 1.1 - Multiple Vulnerabilities WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities ESC 8832 Data Controller Multiple Vulnerabilities ESC 8832 Data Controller - Multiple Vulnerabilities ZTE AC 3633R USB Modem Multiple Vulnerabilities ZTE AC 3633R USB Modem - Multiple Vulnerabilities OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shell) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell) Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shadow File) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File) OSSEC WUI 0.8 - Denial of Service Adobe Flash Use-After-Free in Drawing Methods _this_ Adobe Flash - Use-After-Free in Drawing Methods 'this' Kaspersky Antivirus _Yoda's Protector_ Unpacking Memory Corruption Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability Kallithea 0.2.9 - (came_from) HTTP Response Splitting Vulnerability Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities WordPress WP Private Messages Plugin 'msgid' Parameter SQL Injection Vulnerability WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection Vulnerability Microsoft Windows Media Center Library Parsing RCE Vulnerability aka _self-executing_ MCL File Microsoft Windows Media Center Library - Parsing RCE Vulnerability aka 'self-executing' MCL File MyBB 'misc.php' Remote Denial of Service Vulnerability MyBB 1.6.12 - 'misc.php' Remote Denial of Service Vulnerability WHMCS 'cart.php' Denial of Service Vulnerability phpBB <= 3.0.8 Remote Denial of Service Vulnerability WHMCS 5.12 - 'cart.php' Denial of Service Vulnerability phpBB <= 3.0.8 - Remote Denial of Service Vulnerability Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit Linux Kernel overlayfs - Local Privilege Escalation Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Linux Kernel - prima WLAN Driver Heap Overflow Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability WordPress Wordfence Security Plugin Multiple Vulnerabilities WordPress Wordfence Security Plugin - Multiple Vulnerabilities STIMS Buffer - Buffer Overflow SEH - DoS STIMS Cutter - Buffer Overflow DoS STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS) STIMS Cutter 1.1.3.20 - Buffer Overflow DoS Linux Kernel - digi_acceleport Nullpointer Dereference Linux Kernel - Wacom Multiple Nullpointer Dereferences Linux Kernel - visor (treo_attach) Nullpointer Dereference Linux Kernel - visor clie_5_attach Nullpointer Dereference Linux Kernel - cypress_m8 Nullpointer Dereference Linux Kernel - mct_u232 Nullpointer Dereference Linux Kernel - cdc_acm Nullpointer Dereference Linux Kernel - aiptek Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference RHEL 7.1 Kernel - snd-usb-audio Crash PoC RHEL 7.1 Kernel - iowarrior driver Crash PoC RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC LShell <= 0.9.15 - Remote Code Execution LShell <= 0.9.15 - Remote Code Execution Exim _perl_startup_ Privilege Escalation Exim - 'perl_startup' Privilege Escalation NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit i.FTP 2.21 - Host Address / URL Field SEH Exploit All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes MediaInfo 0.7.61 - Crash PoC Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC Core FTP Server 32-bit Build 587 - Heap Overflow Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities Adobe Reader DC 15.010.20060 - Memory Corruption Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities	2016-05-11 05:03:54 +00:00
Offensive Security	3ca3a35ce6	DB: 2016-04-28 4 new exploits EMC ViPR SRM - Cross-Site Request Forgery Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048) Mach Race OS X Local Privilege Escalation Exploit	2016-04-28 05:03:01 +00:00
Offensive Security	39fe341c5b	DB: 2016-04-26 9 new exploits Totemomail 4.x and 5.x - Persistent XSS C/C++ Offline Compiler and C For OS - Persistent XSS Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF) Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF) CompuSource Systems - Real Time Home Banking - Local Privilege Escalation Linux x64 - Bind Shell Shellcode Generator PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF) NationBuilder Multiple Stored XSS Vulnerabilities Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC	2016-04-26 05:03:34 +00:00
Offensive Security	22a4c5d4cc	DB: 2016-04-22 5 new exploits freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability FreePBX 2.1.3 - (upgrade.php) Remote File Include Vulnerability FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution FreePBX <= 2.8.0 - Recordings Interface Allows Remote Code Execution FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution FreePBX 2.2 SIP Packet Multiple HTML Injection Vulnerabilities FreePBX 2.2 - SIP Packet Multiple HTML Injection Vulnerabilities FreePBX config.php Remote Code Execution FreePBX - config.php Remote Code Execution FreePBX 2.5.2 admin/config.php tech Parameter XSS FreePBX 2.5.2 Zap Channel Addition Description Parameter XSS FreePBX 2.5.2 - admin/config.php tech Parameter XSS FreePBX 2.5.2 - Zap Channel Addition Description Parameter XSS phpLiteAdmin 1.9.6 - Multiple Vulnerabilities Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities Linux/x86_64 - bindshell (Port 5600) - 86 bytes Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (Powershell)	2016-04-22 05:03:45 +00:00
Offensive Security	29fc5c4082	DB: 2016-04-19 5 new exploits Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64) WordPress leenk.me Plugin 2.5.0 - CSRF/XSS WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials Novell ServiceDesk Authenticated File Upload pfSense Community Edition 2.2.6 - Multiple Vulnerabilities	2016-04-19 05:04:12 +00:00
Offensive Security	b185ddf9b2	DB: 2016-04-15 6 new exploits RockMongo PHP MongoDB Administrator 1.1.8 - Multiple Vulnerabilities Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042) pfSense Firewall <= 2.2.6 - Services CSRF Brickcom Corporation Network Cameras - Multiple Vulnerabilities PHPmongoDB 1.0.0 - Multiple Vulnerabilities Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)	2016-04-15 05:03:51 +00:00
Offensive Security	921bb6b2e3	DB: 2016-04-12 9 new exploits Hikvision Digital Video Recorder - Cross-Site Request Forgery WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution CAM UnZip 5.1 - Archive Path Traversal Axis Network Cameras - Multiple Vulnerabilities Linux/x86_64 - bindshell (PORT: 5600) - 81 bytes Android - IOMX getConfig/getParameter Information Disclosure Android - IMemory Native Interface is Insecure for IPC Use Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities	2016-04-12 05:04:12 +00:00
Offensive Security	1f79ff2236	DB: 2016-04-09 3 new exploits WordPress Freshmail - Unauthenticated SQL Injection WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection Express Zip <= 2.40 - Path Traversal Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation op5 7.1.9 - Remote Command Execution	2016-04-09 05:02:52 +00:00
Offensive Security	dd626b05db	DB: 2016-04-08 2 new exploits PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities Mess Emulator 0.154-3.1 - Local Buffer Overflow	2016-04-08 05:03:53 +00:00
Offensive Security	13d072b592	DB: 2016-04-05 4 new exploits Outlook ATTACH_BY_REF_ONLY File Execution Outlook - ATTACH_BY_REF_ONLY File Execution HB Ecommerce SQL Injection Vulnerability HB Ecommerce - SQL Injection Vulnerability SCO Open Server <= 5.0.4 POP Server Buffer Overflow Vulnerability SCO Open Server <= 5.0.4 - POP Server Buffer Overflow Vulnerability Debian Linux <= 2.1 Print Queue Control Vulnerability Debian Linux <= 2.1 - Print Queue Control Vulnerability FreeBSD 3.3 gdc Buffer Overflow Vulnerability FreeBSD 3.3 gdc - Buffer Overflow Vulnerability Netscape FastTrack Server 2.0.1 a GET Buffer Overflow Vulnerability Netscape FastTrack Server 2.0.1a - GET Buffer Overflow Vulnerability NullSoft Winamp 2.10 Playlist Vulnerability NullSoft Winamp 2.10 - Playlist Vulnerability S.u.S.E. 4.x/5.x/6.x/7.0_Slackware 3.x/4.0_Turbolinux 6_OpenLinux 7.0 fdmount Buffer Overflow (2) S.u.S.E. 4.x/5.x/6.x/7.0_Slackware 3.x/4.0_Turbolinux 6_OpenLinux 7.0 fdmount - Buffer Overflow (2) Computer Associates InoculateIT 4.53 Microsoft Exchange Agent Vulnerability Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent Vulnerability NetcPlus SmartServer3 3.75 Weak Encryption Vulnerability NetcPlus SmartServer3 3.75 - Weak Encryption Vulnerability NetcPlus BrowseGate 2.80.2 Weak Encryption Vulnerability NetcPlus BrowseGate 2.80.2 - Weak Encryption Vulnerability My Postcards 6.0 MagicCard.CGI Arbitrary File Disclosure Vulnerability My Postcards 6.0 - MagicCard.CGI Arbitrary File Disclosure Vulnerability Gom Player 2.1.44.5123 (Unicode) NULL Pointer Dereference Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference Tower Toppler 0.99.1 Display Variable Local Buffer Overflow Vulnerability Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow Vulnerability Ximian Evolution 1.x UUEncoding Denial of Service Vulnerability Ximian Evolution 1.x - UUEncoding Denial of Service Vulnerability IDA Pro 6.3 Crash PoC IDA Pro 6.3 - Crash PoC Confixx 2 Perl Debugger Remote Command Execution Vulnerability Confixx 2 - Perl Debugger Remote Command Execution Vulnerability Microsoft Outlook Express 4.x/5.x/6.0 Attachment Processing File Extension Obfuscation Vulnerability Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation Vulnerability Novell NetMail 3.x Automatic Script Execution Vulnerability Novell NetMail 3.x - Automatic Script Execution Vulnerability Juniper Netscreen 5.0 VPN Username Enumeration Vulnerability Juniper Netscreen 5.0 - VPN Username Enumeration Vulnerability Microsoft Internet Explorer 7.0 MHTML Denial of Service Vulnerability Microsoft Internet Explorer 7.0 - MHTML Denial of Service Vulnerability WordPress Freshmail Unauthenticated SQL Injection WordPress Freshmail - Unauthenticated SQL Injection WordPress Download Manager Free 2.7.94 & Pro 4 Authenticated Stored XSS WordPress Download Manager Free 2.7.94 & Pro 4 - Authenticated Stored XSS Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass ADH-Web Server IP-Cameras - Multiple Vulnerabilities Xion Audio Player <= 1.5 (build 160) - .mp3 Crash PoC Hexchat IRC Client 2.11.0 - Directory Traversal Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX - Multiple Vulnerabilities	2016-04-05 05:03:46 +00:00
Offensive Security	5de0917681	DB: 2016-04-01 4 new exploits Apache 1.3.x mod_mylo Remote Code Execution Exploit Apache 1.3.x mod_mylo - Remote Code Execution Exploit Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit Apache <= 1.3.31 mod_include - Local Buffer Overflow Exploit Sire 2.0 (lire.php) Remote File Inclusion/Arbitary File Upload Vulnerability Sire 2.0 (lire.php) - Remote File Inclusion/Arbitrary File Upload Vulnerability HP Digital Imaging (hpqxml.dll 2.0.0.133) Arbitary Data Write Exploit HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit SecureBlackbox (PGPBBox.dll 5.1.0.112) Arbitary Data Write Exploit SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit Kwalbum <= 2.0.2 Arbitary File Upload Vulnerability Kwalbum <= 2.0.2 - Arbitrary File Upload Vulnerability ZaoCMS (PhpCommander) Arbitary Remote File Upload Vulnerability ZaoCMS (PhpCommander) - Arbitrary Remote File Upload Vulnerability CMS Balitbang 3.3 Arbitary File Upload Vulnerability CMS Balitbang 3.3 - Arbitrary File Upload Vulnerability CMS Lokomedia 1.5 Arbitary File Upload Vulnerability CMS Lokomedia 1.5 - Arbitrary File Upload Vulnerability Apache 1.3.12 WebDAV Directory Listings Vulnerability Apache 1.3.12 - WebDAV Directory Listings Vulnerability Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability Apache 1.3 Web Server with PHP 3 - File Disclosure Vulnerability NCSA 1.3/1.4.x/1.5_Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability NCSA 1.3/1.4.x/1.5_ Apache httpd 0.8.11/0.8.14 - ScriptAlias Source Retrieval Vulnerability Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1) Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2) Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3) Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4) Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (1) Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (2) Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (3) Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (4) Shareplex 2.1.3.9/2.2.2 beta - Arbitary Local File Disclosure Vulnerability Shareplex 2.1.3.9/2.2.2 beta - Arbitrary Local File Disclosure Vulnerability Apache 1.3 Possible Directory Index Disclosure Vulnerability Apache 1.3 - Possible Directory Index Disclosure Vulnerability Apache 1.0/1.2/1.3 Server Address Disclosure Vulnerability Apache 1.0/1.2/1.3 - Server Address Disclosure Vulnerability Apache 1.3/2.0.x Server Side Include Cross-Site Scripting Vulnerability Apache 1.3/2.0.x - Server Side Include Cross-Site Scripting Vulnerability sendmail 8.11.6 Address Prescan Memory Corruption Vulnerability SendMail 8.11.6 - Address Prescan Memory Corruption Vulnerability Apache 1.3.x mod_include Local Buffer Overflow Vulnerability Apache 1.3.x mod_include - Local Buffer Overflow Vulnerability Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1) Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2) Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1) Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2) PodHawk 1.85 - Arbitary File Upload Vulnerability PodHawk 1.85 - Arbitrary File Upload Vulnerability LibrettoCMS File Manager Arbitary File Upload Vulnerability LibrettoCMS File Manager - Arbitrary File Upload Vulnerability DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload Axway Secure Transport 5.1 SP2 - Arbitary File Upload via CSRF Axway Secure Transport 5.1 SP2 - Arbitrary File Upload via CSRF Apache Spark Cluster 1.3.x - Arbitary Code Execution Apache Spark Cluster 1.3.x - Arbitrary Code Execution Elastix 'graph.php' Local File Include Vulnerability Elastix 2.2.0 - 'graph.php' Local File Include Vulnerability MOBOTIX Video Security Cameras - CSRF Add Admin Exploit Apache OpenMeetings 1.9.x - 3.1.0 - ZIP File path Traversal Apache Jetspeed Arbitrary File Upload Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read	2016-04-01 05:03:13 +00:00
Offensive Security	67cc75a29b	DB: 2016-03-29 9 new exploits Serv-U 3x - 5.x - Local Privilege Escalation Exploit Serv-U 3.x - 5.x - Local Privilege Escalation Exploit SHOUTcast 1.9.4 File Request Format String Remote Exploit (win) SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows) Monstra CMS 3.0.3 - Multiple Vulnerabilities pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (win) GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (win) pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows) GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows) PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (win) PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows) Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (win) Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (Windows) Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (win) Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows) AJA Portal 1.2 - Local File Inclusion Vulnerabilities (win) AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win) XBMC 8.10 - (GET Request) Remote Buffer Overflow Exploit (Windows) MonGoose 2.4 Webserver Directory Traversal Vulnerability (win) MonGoose 2.4 - Webserver Directory Traversal Vulnerability (Windows) Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (win) Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows) Adobe Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation PulseAudio setuid - Local Privilege Escalation Exploit Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C) Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit (py) Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python) Serv-u Web client 9.0.0.5 - Buffer Overflow Serv-U Web Client 9.0.0.5 - Buffer Overflow (2) Serv-u Web client 9.0.0.5 - Buffer Overflow Serv-U Web Client 9.0.0.5 - Buffer Overflow (1) Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation Vulnerability Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities Sysax Multi Server 5.50 Create Folder BOF Sysax Multi Server 5.50 - Create Folder BOF Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter) Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter) Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Sysax <= 5.53 SSH Username BoF Pre Auth RCE (Egghunter) Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter) Sysax 5.53 SSH Username Buffer Overflow (Metasploit) Sysax 5.53 - SSH Username Buffer Overflow (Metasploit) sysax <= 5.57 - Directory Traversal Sysax <= 5.57 - Directory Traversal Sysax <= 5.60 Create SSL Certificate Buffer Overflow Sysax <= 5.60 - Create SSL Certificate Buffer Overflow Sysax <= 5.62 Admin Interface Local Buffer Overflow Sysax <= 5.62 - Admin Interface Local Buffer Overflow Sysax Multi-Server 5.64 Create Folder Buffer Overflow Sysax Multi Server 5.64 Create Folder Buffer Overflow Sysax Multi Server 5.64 - Create Folder Buffer Overflow ActFax 4.31 - Local Privilege Escalation Exploit ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability STHS v2 Web Portal prospects.php team Parameter SQL Injection STHS v2 Web Portal prospect.php team Parameter SQL Injection STHS v2 Web Portal team.php team Parameter SQL Injection STHS v2 Web Portal - prospects.php team Parameter SQL Injection STHS v2 Web Portal - prospect.php team Parameter SQL Injection STHS v2 Web Portal - team.php team Parameter SQL Injection WK UDID v1.0.1 iOS - Command Inject Vulnerability WK UDID 1.0.1 iOS - Command Inject Vulnerability Hawkeye-G v3.0.1.4912 CSRF Vulnerability Hawkeye-G 3.0.1.4912 - CSRF Vulnerability Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage Reaver Pro Local Privilege Escalation Vulnerability Reaver Pro - Local Privilege Escalation Vulnerability Sysax Multi Server 6.40 SSH Component Denial of Service Sysax Multi Server 6.40 - SSH Component Denial of Service WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection w3tw0rk / Pitbul IRC Bot Remote Code Execution w3tw0rk / Pitbul IRC Bot - Remote Code Execution Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download v1.0.16 - Local File Disclosure WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download 1.0.16 - Local File Disclosure WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions Cyclope Employee Surveillance <= 8.6.1- Insecure File Permissions XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability Liferay Portal 5.1.2 - Persistent XSS Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities Linux/x86_x64 - execve(/bin/sh) - 25 bytes Linux/x86_x64 - execve(/bin/bash) - 33 bytes TallSoft SNMP TFTP Server 1.0.0 - Denial of Service FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip) Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege	2016-03-29 05:02:00 +00:00
Offensive Security	2c01698aec	DB: 2016-03-22 14 new exploits Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit Drupal <= 4.5.3 & <= 4.6.1 - Comments PHP Injection Exploit phpBB 2.0.15 - Remote PHP Code Execution Exploit (metasploit) phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit) vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit) WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit) Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (metasploit) Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) PHP RapidKill Pro 5.x Shell Upload Vulnerability PHP RapidKill Pro 5.x - Shell Upload Vulnerability Shellcode - Win32 MessageBox (Metasploit module) Shellcode - Win32 MessageBox (Metasploit) Php Nuke 8.x.x - BlindSQL Injection Vulnerability PHP-Nuke 8.x.x - BlindSQL Injection Vulnerability Integard Pro 2.2.0.9026 - (Win7 ROP-Code Metasploit Module) Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) Digital Music Pad 8.2.3.3.4 - SEH Overflow Metasploit Module Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit) MaticMarket 2.02 for PHP Nuke LFI Vulnerability MaticMarket 2.02 for PHP-Nuke - LFI Vulnerability Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027) Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0day) (Metasploit) Metasploit 4.1.0 Web UI stored XSS Vulnerability Metasploit 4.1.0 Web UI - Stored XSS Vulnerability PHP Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit) Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit PHP Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty PHP-Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty PHP Nuke 5.x Error Message Web Root Disclosure Vulnerability PHP-Nuke 5.x - Error Message Web Root Disclosure Vulnerability PHP Nuke 8.2.4 - CSRF Vulnerability PHP-Nuke 8.2.4 - CSRF Vulnerability DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability DCP-Portal 3.7/4.x/5.x - Calendar.PHP HTTP Response Splitting Vulnerability PHP Nuke 0-7 Double Hex Encoded Input Validation Vulnerability PHP-Nuke 0-7 - Double Hex Encoded Input Validation Vulnerability PHP 4.x/5.x Html_Entity_Decode() Information Disclosure Vulnerability PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure Vulnerability Western Digital Arkeia Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit Apache + PHP 5.x (< 5.3.12 / < 5.4.2) - Remote Code Execution (Multithreaded Scanner) Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner) PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability PHP PEAR <= 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability GNU bash Environment Variable Command Injection (Metasploit) GNU Bash - Environment Variable Command Injection (Metasploit) Bash - CGI RCE (Metasploit) Shellshock Exploit Bash - CGI RCE Shellshock Exploit (Metasploit) Endian Firewall < 3.0.0 - OS Command Injection (Metasploit Module) Endian Firewall < 3.0.0 - OS Command Injection (Metasploit) Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032) WordPress eBook Download Plugin 1.1 - Directory Traversal WordPress Import CSV Plugin 1.0 - Directory Traversal WordPress Abtest Plugin - Local File Inclusion Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit Disc ORGanizer - DORG - Multiple Vulnerabilities D-Link DWR-932 Firmware 4.00 - Authentication Bypass Xoops 2.5.7.2 - Arbitrary User Deletions CSRF Xoops 2.5.7.2 - Directory Traversal Bypass WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit Dating Pro Genie 2015.7 - CSRF Vulnerabilities iTop 2.2.1 - CSRF Vulnerability ProjectSend r582 - Multiple XSS Vulnerabilities	2016-03-22 05:02:50 +00:00
Offensive Security	95bca4864b	DB: 2016-03-19	2016-03-19 05:03:36 +00:00
Offensive Security	477bcbdcc0	DB: 2016-03-17 5 new exploits phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities My Book World Edition NAS Multiple Vulnerability My Book World Edition NAS - Multiple Vulnerabilities Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php) DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities New-CMS - Multiple Vulnerability New-CMS - Multiple Vulnerabilities Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities i-Gallery - Multiple Vulnerability i-Gallery - Multiple Vulnerabilities My Kazaam Notes Management System Multiple Vulnerability My Kazaam Notes Management System - Multiple Vulnerabilities Omnidocs - Multiple Vulnerability Omnidocs - Multiple Vulnerabilities Web Cookbook Multiple Vulnerability Web Cookbook - Multiple Vulnerabilities KikChat - (LFI/RCE) Multiple Vulnerability KikChat - (LFI/RCE) Multiple Vulnerabilities Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability xEpan 1.0.4 - Multiple Vulnerability xEpan 1.0.4 - Multiple Vulnerabilities AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow Cisco UCS Manager 2.1(1b) - Shellshock Exploit OpenSSH <= 7.2p1 - xauth Injection FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow	2016-03-17 07:07:56 +00:00
Offensive Security	363cbde9cc	DB: 2016-02-05 10 new exploits	2016-02-05 05:02:27 +00:00
Offensive Security	1221dcb78e	DB: 2016-02-04 6 new exploits	2016-02-04 05:01:40 +00:00
Offensive Security	958f5c3f9d	DB: 2016-01-29 40 new exploits	2016-01-29 05:03:51 +00:00
Offensive Security	97940c47e2	DB: 2016-01-08 10 new exploits	2016-01-08 05:03:43 +00:00
Offensive Security	53d9096a7c	DB: 2016-01-07 10 new exploits	2016-01-07 05:01:40 +00:00
Offensive Security	538f42e815	DB: 2015-12-15 13 new exploits	2015-12-15 05:03:05 +00:00
Offensive Security	9139d945b7	DB: 2015-12-11 8 new exploits	2015-12-11 05:01:56 +00:00
Offensive Security	69243df248	DB: 2015-12-10 14 new exploits	2015-12-10 05:02:23 +00:00
Offensive Security	b6f9265856	DB: 2015-12-02 14 new exploits	2015-12-02 05:02:23 +00:00
Offensive Security	1871e649f0	DB: 2015-11-21 10 new exploits	2015-11-21 05:01:59 +00:00
Offensive Security	ab27bce7a8	DB: 2015-11-17 37 new exploits	2015-11-17 05:03:43 +00:00
Offensive Security	8a3d4b8a4b	DB: 2015-11-10 9 new exploits	2015-11-10 05:03:39 +00:00
Offensive Security	6dfa3e2539	DB: 2015-10-31 15 new exploits	2015-10-31 05:02:40 +00:00

1 2 3 4

181 commits