Offensive Security
aa4fced35c
DB: 2016-12-05
2016-12-05 05:01:20 +00:00
Offensive Security
a5cd225af0
DB: 2016-12-01
...
7 new exploits
Xitami Web Server 5.0a0 - Denial of Service
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition PoC (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (SUID)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition PoC (Write Access)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition Privilege Escalation (/etc/passwd)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (/etc/passwd)
WinPower 4.9.0.4 - Privilege Escalation
Internet PhotoShow (page) - Remote File Inclusion
Internet PhotoShow 1.3 - 'page' Parameter Remote File Inclusion
EQdkp 1.3.0 - (dbal.php) Remote File Inclusion
EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion
CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion
CaLogic Calendars 1.2.2 - 'CLPath' Remote File Inclusion
MercuryBoard 1.1.4 - (User-Agent) SQL Injection
MercuryBoard 1.1.4 - 'User-Agent' SQL Injection
EQdkp 1.3.1 - (Referer Spoof) Remote Database Backup
EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup
Web Slider 0.6 - (path) Remote File Inclusion
Web Slider 0.6 - 'path' Parameter Remote File Inclusion
Zomplog 3.8 - (mp3playlist.php speler) SQL Injection
Zomplog 3.8 - 'mp3playlist.php' SQL Injection
EQdkp 1.3.2 - (listmembers.php rank) SQL Injection
EQdkp 1.3.2 - 'listmembers.php' SQL Injection
CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection
CKGold Shopping Cart 2.0 - 'category.php' Blind SQL Injection
ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection
ActiveKB KnowledgeBase 2.x - 'catId' Parameter SQL Injection
Zomplog 3.8.1 - upload_files.php Arbitrary File Upload
Zomplog 3.8.1 - Arbitrary File Upload
CMS Made Simple 1.2.2 - (TinyMCE module) SQL Injection
CMS Made Simple 1.2.2 Module TinyMCE - SQL Injection
Mega File Hosting Script 1.2 - (fid) SQL Injection
Mega File Hosting Script 1.2 - 'fid' Parameter SQL Injection
CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload
CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload
AJ HYIP ACME - 'topic_detail.php id' SQL Injection
EQDKP 1.3.2f - (user_id) Authentication Bypass (PoC)
e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection
AJ HYIP ACME - 'topic_detail.php' SQL Injection
EQdkp 1.3.2f - 'user_id' Authentication Bypass (PoC)
e107 Plugin BLOG Engine 2.2 - 'rid' Parameter Blind SQL Injection
CaLogic Calendars 1.2.2 - (langsel) SQL Injection
CaLogic Calendars 1.2.2 - 'langsel' Parameter SQL Injection
EMO Realty Manager - 'news.php ida' SQL Injection
The Real Estate Script - 'dpage.php docID' SQL Injection
Linkspile - 'link.php cat_id' SQL Injection
Freelance Auction Script 1.0 - (browseproject.php) SQL Injection
EMO Realty Manager - 'ida' Parameter SQL Injection
The Real Estate Script - 'docID' Parameter SQL Injection
Linkspile - 'cat_id' Parameter SQL Injection
Freelance Auction Script 1.0 - 'browseproject.php' SQL Injection
rgboard 3.0.12 - (Remote File Inclusioni / Cross-Site Scripting) Multiple Vulnerabilities
Kostenloses Linkmanagementscript - (page_to_include) Remote File Inclusion
rgboard 3.0.12 - Remote File Inclusioni / Cross-Site Scripting
Kostenloses Linkmanagementscript - Remote File Inclusion
newsmanager 2.0 - (Remote File Inclusion / File Disclosure / SQL Injection / pb) Multiple Vulnerabilities
68 Classifieds 4.0 - (category.php cat) SQL Injection
newsmanager 2.0 - Remote File Inclusion / File Disclosure / SQL Injection
68 Classifieds 4.0 - 'category.php' SQL Injection
StanWeb.CMS - (default.asp id) SQL Injection
StanWeb.CMS - SQL Injection
Archangel Weblog 0.90.02 - (post_id) SQL Injection
Archangel Weblog 0.90.02 - 'post_id' Parameter SQL Injection
WR-Meeting 1.0 - (msnum) Local File Disclosure
WR-Meeting 1.0 - 'msnum' Parameter Local File Disclosure
FicHive 1.0 - (category) Blind SQL Injection
Smeego 1.0 - (Cookie lang) Local File Inclusion
FicHive 1.0 - 'category' Parameter Blind SQL Injection
Smeego 1.0 - 'Cookie lang' Local File Inclusion
TAGWORX.CMS - Multiple SQL Injections
TAGWORX.CMS 3.00.02 - Multiple SQL Injections
lulieblog 1.2 - Multiple Vulnerabilities
AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add Admin
easycms 0.4.2 - Multiple Vulnerabilities
Lulieblog 1.2 - Multiple Vulnerabilities
AlkalinePHP 0.77.35 - 'adduser.php' Arbitrary Add Admin
Easycms 0.4.2 - Multiple Vulnerabilities
AlkalinePHP 0.80.00 Beta - (thread.php id) SQL Injection
AlkalinePHP 0.80.00 Beta - 'thread.php' SQL Injection
EntertainmentScript - 'play.php id' SQL Injection
EntertainmentScript 1.4.0 - 'play.php' SQL Injection
ecms 0.4.2 - (SQL Injection / Security Bypass) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 - (Code Execution / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
ComicShout 2.5 - (index.php comic_id) SQL Injection
eCMS 0.4.2 - SQL Injection / Security Bypass
Mantis Bug Tracker 1.1.1 - Code Execution / Cross-Site Scripting / Cross-Site Request Forgery
ComicShout 2.5 - 'comic_id' Parameter SQL Injection
PHP Jokesite 2.0 - 'cat_id' SQL Injection
Netious CMS 0.4 - (index.php pageid) SQL Injection
PHP Jokesite 2.0 - 'cat_id' Parameter SQL Injection
Netious CMS 0.4 - 'pageid' Parameter SQL Injection
6rbScript - 'news.php newsid' SQL Injection
webl?sninger 4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
6rbScript - 'news.php' SQL Injection
Weblosninger 4 - Cross-Site Scripting / SQL Injection
e107 Plugin BLOG Engine 2.2 - 'uid' Blind SQL Injection
Quate CMS 0.3.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting / dt) Multiple Vulnerabilities
e107 Plugin BLOG Engine 2.2 - 'uid' Parameter Blind SQL Injection
Quate CMS 0.3.4 - Multiple Vulnerabilities
RoomPHPlanning 1.5 - (idresa) SQL Injection
PHPRaider 1.0.7 - (PHPbb3.functions.php) Remote File Inclusion
RoomPHPlanning 1.5 - 'idresa' Parameter SQL Injection
PHPRaider 1.0.7 - 'PHPbb3.functions.php' Remote File Inclusion
CMS MAXSITE 1.10 - (category) SQL Injection
CMS MAXSITE 1.10 - 'category' Parameter SQL Injection
CKGold Shopping Cart 2.5 - (category_id) SQL Injection
CKGold Shopping Cart 2.5 - 'category_id' Parameter SQL Injection
ComicShout 2.8 - (news.php news_id) SQL Injection
ComicShout 2.8 - 'news_id' Parameter SQL Injection
AJ HYIP ACME - 'news.php id' SQL Injection
AJ HYIP ACME - 'news.php' SQL Injection
Quate CMS 0.3.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Quate CMS 0.3.4 - Local File Inclusion / Cross-Site Scripting
e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection
e107 Plugin BLOG Engine 2.2 - 'uid' Parameter SQL Injection
AJ HYIP ACME - 'comment.php artid' SQL Injection
AJ HYIP ACME - 'readarticle.php artid' SQL Injection
AJ HYIP ACME - 'comment.php' SQL Injection
AJ HYIP ACME - 'readarticle.php' SQL Injection
6rbScript 3.3 - 'singerid' SQL Injection
6rbScript 3.3 - 'singerid' Parameter SQL Injection
6rbScript 3.3 - (section.php name) Local File Inclusion
6rbScript 3.3 - 'section.php' Local File Inclusion
RoomPHPlanning 1.6 - (userform.php) Create Admin User Exploit
RoomPHPlanning 1.6 - 'userform.php' Create Admin User
Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion
Mega File Hosting Script 1.2 - 'url' Parameter Remote File Inclusion
Advanced Image Hosting (AIH) 2.3 - (gal) Blind SQL Injection
Advanced Image Hosting (AIH) 2.3 - 'gal' Parameter Blind SQL Injection
ActiveKB KnowledgeBase - 'loadpanel.php Panel' Local File Inclusion
ActiveKB KnowledgeBase - 'Panel' Parameter Local File Inclusion
Quate CMS 0.3.5 - (Remote File Inclusioni / Local File Inclusion) Multiple Vulnerabilities
Quate CMS 0.3.5 - Remote File Inclusion / Local File Inclusion
Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
Zomplog 3.9 - Cross-Site Scripting / Cross-Site Request Forgery
YABSoft Advanced Image Hosting Script - SQL Injection
Advanced Image Hosting Script - SQL Injection
MercuryBoard 1.1 - index.php SQL Injection
MercuryBoard 1.1 - 'index.php' SQL Injection
CMS Made Simple 0.10 - Lang.php Remote File Inclusion
CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion
Zomplog 3.3/3.4 - detail.php HTML Injection
Zomplog 3.3/3.4 - 'detail.php' HTML Injection
CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting
CMS Made Simple 1.0.2 - 'SearchInput' Parameter Cross-Site Scripting
EQDKP 1.3.1 - Show Variable Cross-Site Scripting
EQdkp 1.3.1 - Cross-Site Scripting
CMS Made Simple 105 - Stylesheet.php SQL Injection
CMS Made Simple 1.0.5 - 'Stylesheet.php' SQL Injection
Internet PhotoShow - 'login_admin' Parameter Unauthorized Access
68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting
68 Classifieds 4.1 - 'login.php' Cross-Site Scripting
68 Classifieds 4.1 - category.php cat Parameter Cross-Site Scripting
68 Classifieds 4.1 - 'category.php' Cross-Site Scripting
68 Classifieds 4.1 - searchresults.php page Parameter Cross-Site Scripting
68 Classifieds 4.1 - toplistings.php page Parameter Cross-Site Scripting
68 Classifieds 4.1 - viewlisting.php view Parameter Cross-Site Scripting
68 Classifieds 4.1 - viewmember.php member Parameter Cross-Site Scripting
68 Classifieds 4.1 - 'searchresults.php' Cross-Site Scripting
68 Classifieds 4.1 - 'toplistings.php' Cross-Site Scripting
68 Classifieds 4.1 - 'viewlisting.php' Cross-Site Scripting
68 Classifieds 4.1 - 'viewmember.php' Cross-Site Scripting
YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting
Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting
CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload
CMS Made Simple Module Download Manager 1.4.1 - Arbitrary File Upload
CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload
CMS Made Simple Module Antz Toolkit 1.02 - Arbitrary File Upload
Zomplog 3.9 - 'message' Parameter Multiple Cross-Site Scripting Vulnerabilities
Zomplog 3.9 - 'message' Parameter Cross-Site Scripting
YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting
Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting
Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion
Joomla! Component Catalog 1.0.7 - SQL Injection
Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection
Xfinity Gateway - Cross-Site Request Forgery
2016-12-01 07:48:18 +00:00
Offensive Security
91b12c469e
DB: 2016-11-29
...
16 new exploits
rdesktop 1.5.0 - iso_recv_msg() Integer Underflow (PoC)
rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow (PoC)
rdesktop 1.5.0 - 'iso_recv_msg()' Integer Underflow (PoC)
rdesktop 1.5.0 - 'process_redirect_pdu()' BSS Overflow (PoC)
NTP 4.2.8p3 - Denial of Service
Microsoft Internet Explorer 8 MSHTML - 'SRunPointer::SpanQualifier/RunType' Out-Of-Bounds Read (MS15-009)
Microsoft Internet Explorer 11 MSHTML - 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion
Microsoft Internet Explorer 10 MSHTML - 'CEditAdorner::Detach' Use-After-Free (MS13-047)
Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type Confusion (MS16-009)
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation
Linux Kernel 2.6.x < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation
Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation
Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1)
Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1)
Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2)
Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation
TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)
TFTP Server 1.4 - Remote Buffer Overflow (2)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 - ST WRQ Buffer Overflow (Metasploit)
Android - 'BadKernel' Remote Code Execution
VX Search Enterprise 9.1.12 - Buffer Overflow
Sync Breeze Enterprise 9.1.16 - Buffer Overflow
Disk Sorter Enterprise 9.1.12 - Buffer Overflow
Dup Scout Enterprise 9.1.14 - Buffer Overflow
Disk Savvy Enterprise 9.1.14 - Buffer Overflow
Disk Pulse Enterprise 9.1.16 - Buffer Overflow
Linux/x86 - Egg-hunter Shellcode (25 bytes)
Linux/x86 - Egg-hunter Shellcode (31 bytes)
RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion
RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion
CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion
CMS Faethon 1.3.2 - 'mainpath' Parameter Remote File Inclusion
CMS Faethon 2.0 - (mainpath) Remote File Inclusion
CMS Faethon 2.0 - 'mainpath' Parameter Remote File Inclusion
SazCart 1.5 - (cart.php) Remote File Inclusion
SazCart 1.5 - 'cart.php' Remote File Inclusion
Cyberfolio 2.0 RC1 - (av) Remote File Inclusion
Cyberfolio 2.0 RC1 - 'av' Parameter Remote File Inclusion
FipsCMS 4.5 - (index.asp) SQL Injection
FipsCMS 4.5 - 'index.asp' SQL Injection
AJ Classifieds 1.0 - (postingdetails.php) SQL Injection
AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection
RunCMS 1.5.2 - (debug_show.php) SQL Injection
RunCMS 1.5.2 - 'debug_show.php' SQL Injection
OneCMS 2.4 - (userreviews.php abc) SQL Injection
OneCMS 2.4 - 'abc' Parameter SQL Injection
RunCMS 1.6 - disclaimer.php Remote File Overwrite
RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite
PHPEasyData 1.5.4 - 'cat_id' SQL Injection
FipsCMS - 'print.asp lg' SQL Injection
Galleristic 1.0 - (index.php cat) SQL Injection
gameCMS Lite 1.0 - (index.php systemId) SQL Injection
PHPEasyData 1.5.4 - 'cat_id' Parameter SQL Injection
FipsCMS 2.1 - 'print.asp' SQL Injection
Galleristic 1.0 - 'cat' Parameter SQL Injection
GameCMS Lite 1.0 - 'systemId' Parameter SQL Injection
CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities
CMS Faethon 2.2 Ultimate - Remote File Inclusion / Cross-Site Scripting
MusicBox 2.3.7 - (artistId) SQL Injection
RunCMS 1.6.1 - (msg_image) SQL Injection
MusicBox 2.3.7 - 'artistId' Parameter SQL Injection
RunCMS 1.6.1 - 'msg_image' Parameter SQL Injection
vShare YouTube Clone 2.6 - (tid) SQL Injection
vShare YouTube Clone 2.6 - 'tid' Parameter SQL Injection
Cyberfolio 7.12 - (rep) Remote File Inclusion
miniBloggie 1.0 - (del.php) Arbitrary Delete Post
Cyberfolio 7.12 - 'rep' Parameter Remote File Inclusion
miniBloggie 1.0 - 'del.php' Arbitrary Delete Post
SazCart 1.5.1 - (prodid) SQL Injection
SazCart 1.5.1 - 'prodid' Parameter SQL Injection
Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting
Ktools Photostore 3.5.1 - (gallery.php gid) SQL Injection
Ktools Photostore 3.5.1 - 'gid' Parameter SQL Injection
Joomla! Component com_datsogallery 1.6 - Blind SQL Injection
Joomla! Component Datsogallery 1.6 - Blind SQL Injection
Vortex CMS - 'index.php pageid' Blind SQL Injection
AJ Article 1.0 - (featured_article.php) SQL Injection
AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection
Vortex CMS - 'pageid' Parameter Blind SQL Injection
AJ Article 1.0 - 'featured_article.php' SQL Injection
AJ Auction 6.2.1 - 'classifide_ad.php' SQL Injection
clanlite 2.x - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ClanLite 2.x - SQL Injection / Cross-Site Scripting
OneCMS 2.5 - (install_mod.php) Local File Inclusion
OneCMS 2.5 - 'install_mod.php' Local File Inclusion
AJ Auction Web 2.0 - (cate_id) SQL Injection
AJ Auction 1.0 - 'id' SQL Injection
AJ Auction Web 2.0 - 'cate_id' Parameter SQL Injection
AJ Auction 1.0 - 'id' Parameter SQL Injection
FipsCMS Light 2.1 - (r) SQL Injection
FipsCMS Light 2.1 - 'r' Parameter SQL Injection
AJ Auction Pro Platinum Skin - 'detail.php item_id' SQL Injection
AJ Auction Pro Platinum Skin - 'item_id' Parameter SQL Injection
AJ Auction Pro Platinum - (seller_id) SQL Injection
AJ Auction Pro Platinum - 'seller_id' Parameter SQL Injection
miniBloggie 1.0 - (del.php) Blind SQL Injection
miniBloggie 1.0 - 'del.php' Blind SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
AJ ARTICLE - (Authentication Bypass) SQL Injection
AJ Article 1.0 - Authentication Bypass
Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion
Cyberfolio 7.12.2 - 'theme' Parameter Local File Inclusion
AJ ARTICLE - Remote Authentication Bypass
AJ Article 1.0 - Remote Authentication Bypass
MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection
MusicBox 2.3.8 - 'viewalbums.php' SQL Injection
AJ Auction Pro OOPD 2.3 - 'id' SQL Injection
AJ Auction Pro OOPD 2.3 - 'id' Parameter SQL Injection
BigACE CMS 2.5 - 'Username' SQL Injection
BigACE 2.5 - SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
ZeusCart 2.3 - 'maincatid' Parameter SQL Injection
BigACE CMS 2.6 - (cmd) Local File Inclusion
BigACE 2.6 - 'cmd' Parameter Local File Inclusion
RunCMS 1.6.3 - (double ext) Remote Shell Injection
RunCMS 1.6.3 - Remote Shell Injection
AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection
AJ Auction Pro OOPD 2.x - 'id' Parameter SQL Injection
RunCMS 2m1 - store() SQL Injection
RunCMS 2ma - post.php SQL Injection
RunCMS 2m1 - 'store()' SQL Injection
RunCMS 2ma - 'post.php' SQL Injection
AJ Article - Persistent Cross-Site Scripting
AJ Article 3.0 - Cross-Site Scripting
admidio 2.3.5 - Multiple Vulnerabilities
Admidio 2.3.5 - Multiple Vulnerabilities
RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections
RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection
MusicBox 2.3 - Type Parameter SQL Injection
MusicBox 2.3 - 'type' Parameter SQL Injection
RunCMS 1.x - Bigshow.php Cross-Site Scripting
RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting
RunCMS 1.2/1.3 - PMLite.php SQL Injection
RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection
RunCMS 1.x - Ratefile.php Cross-Site Scripting
RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting
BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)
MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection
MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting
MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting
MusicBox 2.3 - 'index.php' SQL Injection
MusicBox 2.3 - 'index.php' Cross-Site Scripting
MusicBox 2.3 - 'cart.php' Cross-Site Scripting
MusicBox 2.3.4 - Page Parameter SQL Injection
MusicBox 2.3.4 - 'page' Parameter SQL Injection
MyWebland miniBloggie 1.0 - Fname Remote File Inclusion
miniBloggie 1.0 - 'Fname' Remote File Inclusion
BigACE 1.8.2 - item_main.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - 'item_main.php' Remote File Inclusion
BigACE 1.8.2 - 'upload_form.php' Remote File Inclusion
BigACE 1.8.2 - 'download.cmd.php' Remote File Inclusion
BigACE 1.8.2 - 'admin.cmd.php' Remote File Inclusion
ClanLite - Config-PHP.php Remote File Inclusion
ClanLite - 'conf-php.php' Remote File Inclusion
FipsCMS 2.1 - PID Parameter SQL Injection
FipsCMS 2.1 - 'pid' Parameter SQL Injection
RunCMS 1.6.1 - votepolls.php bbPath[path] Parameter Remote File Inclusion
RunCMS 1.6.1 - config.php bbPath[root_theme] Parameter Remote File Inclusion
RunCMS 1.6.1 - 'bbPath[path]' Parameter Remote File Inclusion
RunCMS 1.6.1 - 'bbPath[root_theme]' Parameter Remote File Inclusion
FipsCMS 2.1 - 'forum/neu.asp' SQL Injection
FipsCMS 2.1 - 'neu.asp' SQL Injection
OneCMS 2.6.1 - admin/admin.php cat Parameter Cross-Site Scripting
OneCMS 2.6.1 - search.php search Parameter SQL Injection
OneCMS 2.6.1 - admin/admin.php Short1 Parameter Cross-Site Scripting
OneCMS 2.6.1 - 'cat' Parameter Cross-Site Scripting
OneCMS 2.6.1 - 'search' Parameter SQL Injection
OneCMS 2.6.1 - 'short1' Parameter Cross-Site Scripting
RunCMS 'partners' Module - 'id' Parameter SQL Injection
RunCMS Module Partners - 'id' Parameter SQL Injection
Zeuscart v.4 - Multiple Vulnerabilities
Zeuscart 4.0 - Multiple Vulnerabilities
BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
BigACE 2.7.5 - 'LANGUAGE' Parameter Directory Traversal
Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting
Red Hat JBoss EAP - Deserialization of Untrusted Data
2016-11-29 05:01:20 +00:00
Offensive Security
38038a7128
DB: 2016-11-24
...
6 new exploits
Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow
UCanCode - Multiple Vulnerabilities
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)
Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)
Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service (PoC)
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (1)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (2)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (1)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (2)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation (3)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC) (1)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation (2)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation
Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Privilege Escalation
Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation
Linux Kernel 2.6.30 < 2.6.30.1 / SELinux (RHEL 5) - Privilege Escalation
Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Privilege Escalation (2)
Linux Kernel 2.6.18 - 'move_pages()' Information Leak
Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak
Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation
Windows x64 - Download & Execute Shellcode (358 bytes)
2016-11-24 05:01:19 +00:00
Offensive Security
32fc589910
DB: 2016-11-23
...
8 new exploits
xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
3Com OfficeConnect Routers - Denial of Service (Content-Type)
3Com OfficeConnect Routers - (Content-Type) Denial of Service
xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow
Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow
World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow
World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow
Divx Player - Denial of Service
Divx Player 6.8.2 - Denial of Service
Microsoft Word (Win/Mac) - Crash (PoC)
Microsoft Word (Windows/OSX) - Crash (PoC)
TP-LINK TDDP - Multiple Vulnerabilities
Microsoft Internet Explorer 8 MSHTML - 'Ptls5::LsFindSpanVisualBoundaries' Memory Corruption
Office 2008 sp0 - RTF pFragments MAC Exploit
Microsoft Office 2008 SP0 (Mac) - RTF pFragments Exploit
Huawei UTPS - Unquoted Service Path Privilege Escalation
xine-lib 1.1 - (media player library) Remote Format String
Xine-Lib 1.1 - (media player library) Remote Format String
Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite
Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite
3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting
3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Parameter Cross-Site Scripting
xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities
Xine-Lib 1.1.11 - Multiple Heap Based Remote Buffer Overflow Vulnerabilities
Crestron AM-100 - Multiple Vulnerabilities
Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)
Simple Machines Forum 1.0.4 - (modify) SQL Injection
Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL Injection
PHP-Fusion 6.00.109 - (msg_send) SQL Injection
PHP-Fusion 6.00.109 - 'msg_send' Parameter SQL Injection
PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection
PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection
PHP-Fusion 6.00.306 - (srch_where) SQL Injection
PHP-Fusion 6.00.306 - 'srch_where' Parameter SQL Injection
Simple Machines Forum 1.1 rc2 (Windows) - (lngfile) Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploit
Simple Machines Forum 1.1 rc2 - Lock Topics Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit
AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion
AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion
Virtual Law Office - (phpc_root_path) Remote File Inclusion
Virtual Law Office - 'phpc_root_path' Remote File Inclusion
AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion
AllMyGuests 0.3.0 - 'AMG_serverpath' Parameter Remote File Inclusion
Simple Machines Forum 1.1.3 - Blind SQL Injection
Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection
BosClassifieds 3.0 - (index.php cat) SQL Injection
BosNews 4.0 - (article) SQL Injection
BosClassifieds 3.0 - 'index.php' SQL Injection
BosNews 4.0 - 'article' Parameter SQL Injection
Classifieds Caffe - 'index.php cat_id' SQL Injection
Classifieds Caffe - 'cat_id' Parameter SQL Injection
carbon communities 2.4 - Multiple Vulnerabilities
XplodPHP AutoTutorials 2.1 - 'id' SQL Injection
Carbon Communities 2.4 - Multiple Vulnerabilities
XplodPHP AutoTutorials 2.1 - 'id' Parameter SQL Injection
Grape Statistics 0.2a - (location) Remote File Inclusion
5th Avenue Shopping Cart - 'category_id' SQL Injection
Grape Statistics 0.2a - 'location' Parameter Remote File Inclusion
5th Avenue Shopping Cart - 'category_id' Parameter SQL Injection
PhShoutBox 1.5 - (final) Insecure Cookie Handling
Simple Customer 1.2 - (contact.php id) SQL Injection
AllMyGuests 0.4.1 - (AMG_id) SQL Injection
PhShoutBox 1.5 - Insecure Cookie Handling
Simple Customer 1.2 - 'contact.php' SQL Injection
AllMyGuests 0.4.1 - 'AMG_id' Parameter SQL Injection
Simple Machines Forum 1.1.4 - SQL Injection
Simple Machines Forum (SMF) 1.1.4 - SQL Injection
virtual support office-xp 3.0.29 - Multiple Vulnerabilities
Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities
PHP-Fusion Mod Classifieds - (lid) SQL Injection
PHP-Fusion Mod Classifieds - 'lid' Parameter SQL Injection
Simple Machines Forum 1.1.5 (Windows x86) - Admin Reset Password Exploit
Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit
PHP-Fusion Mod freshlinks - (linkid) SQL Injection
PHP-Fusion Mod freshlinks - 'linkid' Parameter SQL Injection
PHP-Fusion Mod manuals - (manual) SQL Injection
PHP-Fusion Mod manuals - 'manual' Parameter SQL Injection
PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection
PHP-Fusion Mod triscoop_race_system - 'raceid' Parameter SQL Injection
BosDev BosClassifieds - 'cat_id' SQL Injection
BosClassifieds - 'cat_id' SQL Injection
Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution
Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution
PHP-Fusion 7.00.1 - (messages.php) SQL Injection
PHP-Fusion 7.00.1 - 'messages.php' SQL Injection
Check New 4.52 - (findoffice.php search) SQL Injection
Check New 4.52 - 'findoffice.php search' SQL Injection
PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection
PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection
PHP-Fusion Mod the_kroax (comment_id) - SQL Injection
PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection
Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload
Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload
Simple Machines Forums - (BBCode) Cookie Stealing
Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing
PHP-Fusion Mod Book Panel - (bookid) SQL Injection
PHP-Fusion Mod Book Panel - 'bookid' Parameter SQL Injection
PHP-Fusion Mod Book Panel - (course_id) SQL Injection
PHP-Fusion Mod Book Panel - 'course_id' Parameter SQL Injection
Opencart 1.1.8 - (route) Local File Inclusion
Opencart 1.1.8 - 'route' Local File Inclusion
exjune officer message system 1 - Multiple Vulnerabilities
Exjune Officer Message System 1 - Multiple Vulnerabilities
Simple Machines Forum - Multiple Security Vulnerabilities
Simple Machines Forum (SMF) - Multiple Security Vulnerabilities
PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection
PHP-Fusion 6.01.15.4 - 'downloads.php' SQL Injection
Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute (PoC)
Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC)
PHP-fusion dsmsf - (module downloads) SQL Injection
PHP-fusion dsmsf Mod Downloads - SQL Injection
Group Office - (comment_id) SQL Injection
Group Office - 'comment_id' SQL Injection
PHP-Fusion MG - User-Fotoalbum SQL Injection
PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection
Simple Machines forum (SMF) 2.0 - session Hijacking
Simple Machines Forum (SMF) 2.0 - Session Hijacking
AllMyGuests 0.x - info.inc.php Arbitrary Code Execution
AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution
Simple Machines Forum 1.0 - Size Tag HTML Injection
Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection
OpenCart 1.5.5.1 - (FileManager.php) Directory Traversal Arbitrary File Access
OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access
PHP-Fusion 4.0 - Viewthread.php Information Disclosure
PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure
PHP-Fusion 4/5 - Setuser.php HTML Injection
PHP-Fusion 4/5 - 'Setuser.php' HTML Injection
PHP-Fusion 4.0/5.0/6.0 - messages.php SQL Injection
PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection
PHP-Fusion 6.0.109 - messages.php SQL Injection
PHP-Fusion 6.0.109 - 'messages.php' SQL Injection
PHP-Fusion 6.0 - members.php Cross-Site Scripting
PHP-Fusion 6.0 - 'members.php' Cross-Site Scripting
PHP-Fusion 6.0.x - news.php SQL Injection
PHP-Fusion 6.0.x - 'news.php' SQL Injection
Simple Machines Forum 1.0/1.1 - 'index.php' Cross-Site Scripting
Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scripting
PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection
PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection
Simple Machines Forum 1.1.4 - Multiple Remote File Inclusion
Simple Machines Forum (SMF) 1.1.4 - Multiple Remote File Inclusion
Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass
Simple Machines Forum (SMF) 1.1.6 - HTTP POST Request Filter Security Bypass
OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection
Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection
PHP-Fusion - 'articles.php' Cross-Site Scripting
AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting
Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery
Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery
Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload
Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload
WordPress Plugin Dharma booking 2.38.3 - File Inclusion
WordPress Plugin Dharma Booking 2.38.3 - File Inclusion
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution
SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection
2016-11-23 05:01:19 +00:00
Offensive Security
dab1517032
DB: 2016-11-22
...
13 new exploits
Borland Interbase 2007 - ibserver.exe Buffer Overflow (PoC)
Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC)
Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22 / 3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
Microsoft Edge - 'CTextExtractor::GetBlockText' Out-of-Bounds Read (MS16-104)
Microsoft Internet Explorer 8 jscript - 'RegExpBase::FBadHeader' Use-After-Free (MS15-018)
NTP 4.2.8p8 - Denial of Service
Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow
Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow
Borland Interbase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)
Borland Interbase 2007 - 'PWD_db_aliased' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'open_marker_file' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - 'jrd8_create_database' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'INET_connect' Buffer Overflow (Metasploit)
Borland Interbase - isc_create_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - isc_attach_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_attach_database()' Buffer Overflow (Metasploit)
Borland Interbase - SVC_attach() Buffer Overflow (Metasploit)
Borland Interbase - 'SVC_attach()' Buffer Overflow (Metasploit)
Borland Interbase - Create-Request Buffer Overflow (Metasploit)
Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit)
Borland Interbase - PWD_db_aliased() Buffer Overflow (Metasploit)
Borland Interbase - open_marker_file() Buffer Overflow (Metasploit)
Borland Interbase - 'PWD_db_aliased()' Buffer Overflow (Metasploit)
Borland Interbase - 'open_marker_file()' Buffer Overflow (Metasploit)
Borland Interbase - jrd8_create_database() Buffer Overflow (Metasploit)
Borland Interbase - INET_connect() Buffer Overflow (Metasploit)
Borland Interbase - 'jrd8_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - 'INET_connect()' Buffer Overflow (Metasploit)
Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
phpunity.postcard - (gallery_path) Remote File Inclusion
phpunity.postcard - 'gallery_path' Parameter Remote File Inclusion
CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion
CcMail 1.0.1 - 'functions_dir' Parameter Remote File Inclusion
1024 CMS 0.7 - (download.php item) Remote File Disclosure
1024 CMS 0.7 - 'download.php' Remote File Disclosure
cpCommerce 1.1.0 - (category.php id_category) SQL Injection
CPCommerce 1.1.0 - 'id_category' Parameter SQL Injection
1024 CMS 1.3.1 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
1024 CMS 1.3.1 - Local File Inclusion / SQL Injection
Mole 2.1.0 - (viewsource.php) Remote File Disclosure
ChartDirector 4.1 - (viewsource.php) File Disclosure
724CMS 4.01 Enterprise - (index.php ID) SQL Injection
My Gaming Ladder 7.5 - (ladderid) SQL Injection
Mole 2.1.0 - 'viewsource.php' Remote File Disclosure
ChartDirector 4.1 - 'viewsource.php' File Disclosure
724CMS 4.01 Enterprise - 'index.php' SQL Injection
My Gaming Ladder 7.5 - 'ladderid' Parameter SQL Injection
exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities
Pligg CMS 9.9.0 - (editlink.php id) SQL Injection
ExBB 0.22 - Local / Remote File Inclusion
Pligg CMS 9.9.0 - 'editlink.php' SQL Injection
Prediction Football 1.x - (matchid) SQL Injection
Prediction Football 1.x - 'matchid' Parameter SQL Injection
Free Photo Gallery Site Script - (path) File Disclosure
Free Photo Gallery Site Script - 'path' Parameter File Disclosure
LiveCart 1.1.1 - (category id) Blind SQL Injection
Ksemail - 'index.php language' Local File Inclusion
LiveCart 1.1.1 - 'id' Parameter Blind SQL Injection
Ksemail - Local File Inclusion
RX Maxsoft - 'popup_img.php fotoID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
RX Maxsoft - 'fotoID' Parameter SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' Parameter SQL Injection
Pollbooth 2.0 - (pollID) SQL Injection
cpcommerce 1.1.0 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Pollbooth 2.0 - 'pollID' Parameter SQL Injection
CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion
SmallBiz eShop - (content_id) SQL Injection
SmallBiz eShop - 'content_id' Parameter SQL Injection
lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection
PostcardMentor - 'cat_fldAuto' Parameter SQL Injection
Pligg CMS 9.9.0 - (story.php id) SQL Injection
Pligg CMS 9.9.0 - 'story.php' SQL Injection
LokiCMS 0.3.4 - writeconfig() Remote Command Execution
LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution
cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
CPCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
cpCommerce 1.2.8 - (id_document) Blind SQL Injection
CPCommerce 1.2.8 - 'id_document' Parameter Blind SQL Injection
cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion
CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion
ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure
ChartDirector 5.0.1 - 'cacheId' Parameter Arbitrary File Disclosure
Pligg CMS 1.0.4 - (story.php?id) SQL Injection
Pligg CMS 1.0.4 - 'story.php' SQL Injection
724CMS 4.59 Enterprise - SQL Injection
724CMS Enterprise 4.59 - SQL Injection
lightneasy 3.2.2 - Multiple Vulnerabilities
LightNEasy 3.2.2 - Multiple Vulnerabilities
My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure
My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure
Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injection
Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection
PhotoKorn 1.53/1.54 - postcard.php id Parameter SQL Injection
PhotoKorn 1.53/1.54 - 'id' Parameter SQL Injection
CPCommerce 1.1 - Manufacturer.php SQL Injection
CPCommerce 1.1 - 'manufacturer.php' SQL Injection
LiveCart 1.0.1 - user/remindPassword return Parameter Cross-Site Scripting
LiveCart 1.0.1 - category q Parameter Cross-Site Scripting
LiveCart 1.0.1 - order return Parameter Cross-Site Scripting
LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'q' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'email' Parameter Cross-Site Scripting
Pligg CMS 1.x - module.php Multiple Parameter Cross-Site Scripting
Pligg CMS 1.x - 'module.php' Multiple Parameter Cross-Site Scripting
Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection
Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection
CMS Made Simple 2.1.5 - Cross-Site Scripting
Atlassian Confluence AppFusions Doxygen 1.3.0 - Directory Traversal
WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery
Mezzanine 4.2.0 - Cross-Site Scripting
LEPTON 2.2.2 - SQL Injection
LEPTON 2.2.2 - Remote Code Execution
FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery
FUDforum 3.0.6 - Local File Inclusion
Wordpress Plugin Olimometer 2.56 - SQL Injection
2016-11-22 05:01:18 +00:00
Offensive Security
8948e76c12
DB: 2016-11-19
...
14 new exploits
Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046)
Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046)
Microsoft Windows - 'Jolt2.c' Denial of Service
Microsoft Windows - 'Jolt2.c' Denial of Service (MS00-029)
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)
Ventrilo 2.3.0 - Remote Denial of Service (All Platforms)
Ventrilo 2.3.0 (All Platforms) - Remote Denial of Service
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)
Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)
Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)
Microsoft Windows Vista - Access Violation from Limited Account Exploit (BSoD)
Microsoft Windows Vista - Access Violation from Limited Account Exploit (Blue Screen of Death)
Microsoft Windows 2003 - '.EOT' BSOD Crash
Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash
Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote BSOD
Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063)
Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution (Metasploit)
Microsoft Windows 2000<2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit)
Google Chrome 4.1 - OOB Array Indexing
Google Chrome 4.1 - Out-of-Bounds Array Indexing
Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow 10-020 (PoC)
Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)
CommView 6.1 (Build 636) - Local Denial of Service (BSOD)
CommView 6.1 (Build 636) - Local Denial of Service (Blue Screen of Death)
Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051)
Microsoft Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051)
Microsoft Cinepak Codec CVDecompress - Heap Overflow
Microsoft Cinepak Codec CVDecompress - Heap Overflow (MS10-055)
Microsoft Unicode Scripts Processor - Remote Code Execution
Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)
Microsoft Office - HtmlDlgHelper Class Memory Corruption
Microsoft Office - HtmlDlgHelper Class Memory Corruption (MS10-071)
Microsoft Plug and Play Service - Overflow Exploit (Metasploit)
Microsoft Plug and Play Service - Overflow Exploit (MS05-039) (Metasploit)
Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC)
Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC) (MS11-02)
Microsoft HyperV - Persistent Denial of Service
Microsoft HyperV - Persistent Denial of Service (MS11-047)
Crush FTP 5 - 'APPE' command Remote JVM BSOD (PoC)
Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC)
Microsoft WINS Service 5.2.3790.4520 - Memory Corruption
Microsoft WINS - ECommEndDlg Input Validation Error
Microsoft WINS Service 5.2.3790.4520 - Memory Corruption (MS11-035)
Microsoft WINS - ECommEndDlg Input Validation Error (MS11-035/MS11-070)
Win32k - Null Pointer De-reference PoC (MS11-077)
Microsoft Win32k - Null Pointer De-reference PoC (MS11-077)
Winows 7 keylayout - Blue Screen
Microsoft Winows 7 - Keyoard Layout Blue Screen of Death (MS10-073)
Apple Safari - GdiDrawStream BSoD
Apple Safari - GdiDrawStream Blue Screen of Death
PeerBlock 1.1 - BSOD Exploit
PeerBlock 1.1 - Blue Screen of Death Exploit
.NET Framework EncoderParameter - Integer Overflow
Microsoft .NET Framework EncoderParameter - Integer Overflow (MS12-025)
Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034)
Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034)
Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass
Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050)
Microsoft Windows Media Services 4.0/4.1 - Denial of Service
Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038)
Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (2)
Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (MS00-040) (2)
Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service
Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service (MS00-070)
Microsoft IIS 4.0/5.0 - FTP Denial of Service
Microsoft IIS 4.0/5.0 - FTP Denial of Service (MS01-026)
Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service
Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031)
Microsoft Windows XP/2000 - showHelp CHM File Execution
Microsoft Windows XP/2000 - showHelp '.CHM' File Execution (MS03-004)
Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service
Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051)
Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities
Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012)
DirectShow - Arbitrary Memory Overwrite (MS13-056)
Microsoft DirectShow - Arbitrary Memory Overwrite (MS13-056)
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1)
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (MS08-025) (1)
Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow
Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow (MS11-083)
Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads
Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads (MS15-021)
Google Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow
Google Chrome - open-vcdiff Out-of-Bounds Read in Browser Process Integer Overflow
Avast! - OOB Write Decrypting PEncrypt Packed executables
Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables
Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007)
Microsoft Office / COM Object - 'WMALFXGFXDSP.dll' DLL Planting (MS16-007)
Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX Kernel - Out-of-Bounds Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Microsoft Edge - 'Array.splice' Heap Overflow
Moxa SoftCMS 1.5 - Denial of Service (PoC)
Microsoft Edge - 'FillFromPrototypes' Type Confusion
Microsoft Edge - 'Array.filter' Info Leak
Microsoft Edge - 'Array.reverse' Overflow
Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow
Microsoft Windows 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)
Microsoft Windows 2000 - POSIX Subsystem Privilege Escalation (MS04-020)
Microsoft Windows 2000 - Universal Language Utility Manager Exploit (MS04-019)
Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022)
Microsoft Windows 2000 - Utility Manager All-in-One Exploit (MS04-019)
Microsoft Windows Server 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)
Microsoft Windows Server 2000 - POSIX Subsystem Privilege Escalation (MS04-020)
Microsoft Windows Server 2000 - Universal Language Utility Manager Exploit (MS04-019)
Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022)
Microsoft Windows Server 2000 - Utility Manager All-in-One Exploit (MS04-019)
Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)
Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin)
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)
Microsoft Excel - 0x5D record Stack Overflow
Microsoft Excel - 0x5D record Stack Overflow (MS10-038)
Win32k - Keyboard Layout (MS10-073)
Microsoft Win32k - Keyboard Layout (MS10-073)
Adobe - Doc.media.newPlayer Use-After-Free (1)
Adobe - 'util.printf()' Buffer Overflow (1)
Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1)
Adobe - 'util.printf()' Buffer Overflow (Metasploit) (1)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (1)
Adobe - JBIG2Decode Memory Corruption (1)
Adobe - Collab.getIcon() Buffer Overflow (1)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)
Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (Metasploit)
Adobe - JBIG2Decode Memory Corruption (Metasploit) (1)
Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (1)
Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (MS09-032/MS09-037) (Metasploit)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2)
Media Jukebox 8.0.400 - Buffer Overflow (SEH)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (2)
Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (2)
Adobe - Doc.media.newPlayer Use-After-Free (2)
Adobe - 'util.printf()' Buffer Overflow (2)
Microsoft Excel - Malformed FEATHEADER Record (Metasploit)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (2)
Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2)
Adobe - 'util.printf()' Buffer Overflow (Metasploit) (2)
Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (3)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3)
WM Downloader 3.1.2.2 - Buffer Overflow (2)
WM Downloader 3.1.2.2 - Buffer Overflow (Metasploit) (2)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (2)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (2)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (2)
Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (Metasploit)
Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit)
gAlan 0.2.1 - Buffer Overflow (2)
Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (Metasploit)
gAlan 0.2.1 - Buffer Overflow (Metasploit) (2)
Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (MS10-004) (Metasploit)
BACnet OPC Client - Buffer Overflow (2)
BACnet OPC Client - Buffer Overflow (Metasploit) (2)
Adobe - JBIG2Decode Memory Corruption (2)
Adobe - JBIG2Decode Memory Corruption (Metasploit) (2)
Mini-stream 3.0.1.1 - Buffer Overflow (2)
Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2)
Adobe - Collab.getIcon() Buffer Overflow (2)
Adobe PDF - Escape EXE Social Engineering (No JavaScript)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (4)
Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2)
Adobe PDF - Escape EXE Social Engineering (No JavaScript)(Metasploit)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4)
Microsoft Word - RTF pFragments Stack Buffer Overflow (File Format)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)
Microsoft Word - '.RTF' pFragments Stack Buffer Overflow (File Format) (MS10-087) (Metasploit)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (2)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (1)
Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit)
Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (MS10-028) (Metasploit)
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016)
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit)
Microsoft Excel 2007 SP2 - Buffer Overwrite
Microsoft Excel 2007 SP2 - Buffer Overwrite (MS11-021)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (Metasploit) (3)
Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021)
Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021) (Metasploit)
Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038)
Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) (Metasploit)
Microsoft Office 2003 Home/Pro - Code Execution
Microsoft Office 2003 Home/Pro - Code Execution (MS10-087)
Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005)
Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005) (Metasploit)
Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit)
Microsoft Windows - Task Scheduler .XML Privilege Escalation (MS10-092) (Metasploit)
Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request
Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request (MS00-003)
Microsoft Windows Kernel - Intel x64 SYSRET (PoC)
Microsoft Windows Kernel - Intel x64 SYSRET (MS12-042) (PoC)
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080)
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit)
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)
Microsoft Windows Kerberos - Security Feature Bypass (MS16-101)
Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation
Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011)
Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation
Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020)
Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005)
Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) (Metasploit)
VMware - Setuid VMware-mount Unsafe popen(3)
VMware - Setuid VMware-mount Unsafe popen(3) (Metasploit)
Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (Metasploit)
Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (MS13-081) (Metasploit)
Microsoft Word - RTF Object Confusion (MS14-017)
Microsoft Word - RTF Object Confusion (MS14-017) (Metasploit)
Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit)
.NET Deployment Service - IE Sandbox Escape (MS14-009)
Registry Symlink - IE Sandbox Escape (MS13-097)
Microsoft .NET Deployment Service - IE Sandbox Escape (MS14-009) (Metasploit)
Microsoft Registry Symlink - IE Sandbox Escape (MS13-097) (Metasploit)
Microsoft Windows - OLE Package Manager Code Execution (MS14-060)
Microsoft Windows - OLE Package Manager Code Execution (MS14-060) (Metasploit)
Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (Metasploit)
Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit)
Microsoft Windows - OLE Package Manager Code Execution Through Python (MS14-064)
Microsoft Windows - OLE Package Manager Code Execution (MS14-064)
Microsoft Windows - OLE Package Manager Code Execution (via Python) (MS14-064) (Metasploit)
Microsoft Windows - OLE Package Manager Code Execution (MS14-064) (Metasploit)
Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004)
Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004) (Metasploit)
Microsoft Windows Server 2003 SP2 - Privilege Escalation
Microsoft Windows Server 2003 SP2 - Privilege Escalation (MS14-070)
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation (MS10-073)
Publish-It - '.PUI' Buffer Overflow (SEH)
Publish-It - '.PUI' Buffer Overflow (SEH) (Metasploit)
Microsoft Windows - ClientCopyImage Win32k Exploit (Metasploit)
Microsoft Windows - ClientCopyImage Win32k Exploit (MS15-051) (Metasploit)
Microsoft Word - Local Machine Zone Remote Code Execution
Microsoft Word - Local Machine Zone Remote Code Execution (MS15-022)
VideoCharge Studio - Buffer Overflow (SEH)
VideoCharge Studio - Buffer Overflow (SEH) (Metasploit)
Microsoft Windows - NtUserGetClipboardAccessToken Token Leak
Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)
Microsoft Windows - Font Driver Buffer Overflow (MS15-078)
Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit)
Nagios 4.2.2 - Privilege Escalation
ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)
ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) (Metasploit)
Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset OOB Privilege Escalation
Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) (Metasploit)
VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)
VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation
Palo Alto Networks PanOS root_trace - Privilege Escalation
Palo Alto Networks PanOS root_reboot - Privilege Escalation
RealServer < 8.0.2 - Remote Exploit (Windows Platforms)
RealServer < 8.0.2 (Windows Platforms) - Remote Exploit
Microsoft Windows 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)
Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)
Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049)
Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049)
Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)
Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)
Microsoft Windows - 'WINS' Remote Buffer Overflow (3)
Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045) (3)
Microsoft Windows Message - Queuing Buffer Overflow Universal Exploit (MS05-017) (v.0.3)
Microsoft Windows Message Queuing - Buffer Overflow Universal Exploit (MS05-017) (v.0.3)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) (MS05-039)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039)
eIQnetworks License Manager - Remote Buffer Overflow (1) (Metasploit)
eIQnetworks License Manager - Remote Buffer Overflow (2) (Metasploit)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)
Microsoft Windows 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)
Microsoft Windows Server 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (1) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1)
Microsoft Windows - NetpManageIPCConnect - Stack Overflow (Python)
Microsoft Windows - NetpManageIPCConnect - Stack Overflow (MS06-070) (Python)
Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow
Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow
Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow (MS07-033)
Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow (MS07-033)
CCProxy 6.2 - Telnet Proxy Ping Overflow (1) (Metasploit)
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1)
Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065)
Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue Exploit (MS07-065)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065)
Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC)
Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC) (MS09-054)
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)
Movie Maker - Remote Code Execution (MS10-016)
Microsoft Movie Maker - Remote Code Execution (MS10-016)
ASP.NET - Padding Oracle (MS10-070)
Microsoft ASP.NET - Padding Oracle (MS10-070)
ASP.NET - Padding Oracle File Download (MS10-070)
Microsoft Windows - NTLM Weak Nonce
Microsoft ASP.NET - Padding Oracle File Download (MS10-070)
Microsoft Windows - NTLM Weak Nonce (MS10-012)
ASP.NET - Auto-Decryptor File Download Exploit (MS10-070)
Microsoft ASP.NET - Auto-Decryptor File Download Exploit (MS10-070)
Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)
Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (Loop) (Metasploit)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1)
PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (1)
PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie) (Metasploit)
Axis2 - Authenticated Code Execution (via REST)
Axis2 - Authenticated Code Execution (via REST) (Metasploit)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) (Metasploit)
Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (Metasploit)
Microsoft Private Communications Transport - Overflow Exploit (Metasploit)
Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (MS10-025) (Metasploit)
Microsoft Private Communications Transport - Overflow Exploit (MS04-011) (Metasploit)
Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit)
Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit)
Microsoft IIS - Phone Book Service Overflow (Metasploit)
Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (MS03-022) (Metasploit)
Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (MS03-051) (Metasploit)
Microsoft IIS - Phone Book Service Overflow (MS00-094) (Metasploit)
Microsoft WINS - Service Memory Overwrite (Metasploit)
Microsoft Windows - SMB Relay Code Execution (Metasploit)
Microsoft Windows - Print Spooler Service Impersonation (MS10-061)
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)
Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (Metasploit)
Microsoft RRAS Service - Overflow Exploit (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (Metasploit)
Microsoft Server Service - NetpwPathCanonicalize Overflow (Metasploit)
Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (Metasploit)
Microsoft Services - 'nwwks.dll' (MS06-066)
Microsoft WINS - Service Memory Overwrite (MS04-045) (Metasploit)
Microsoft Windows - SMB Relay Code Execution (MS08-068) (Metasploit)
Microsoft Windows - Print Spooler Service Impersonation (MS10-061) (Metasploit)
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) (Metasploit)
Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (MS09-050) (Metasploit)
Microsoft RRAS Service - Overflow Exploit (MS06-025) (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (MS07-029) (Metasploit)
Microsoft Server Service - NetpwPathCanonicalize Overflow (MS06-040) (Metasploit)
Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (MS04-011) (Metasploit)
Microsoft Services - 'nwwks.dll' (MS06-066) (Metasploit)
Microsoft NetDDE Service - Overflow Exploit (Metasploit)
Microsoft Workstation Service - NetpManageIPCConnect Overflow (Metasploit)
Microsoft Services - 'nwapi32.dll' (MS06-066)
Microsoft NetDDE Service - Overflow Exploit (MS04-031) (Metasploit)
Microsoft Workstation Service - NetpManageIPCConnect Overflow (MS06-070) (Metasploit)
Microsoft Services - 'nwapi32.dll' (MS06-066) (Metasploit)
Microsoft RRAS Service - RASMAN Registry Overflow (Metasploit)
Microsoft RRAS Service - RASMAN Registry Overflow (MS06-025) (Metasploit)
Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007)
Microsoft Workstation Service - NetAddAlternateComputerName Overflow (Metasploit)
Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (Metasploit)
Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) (Metasploit)
Microsoft Workstation Service - NetAddAlternateComputerName Overflow (MS03-049) (Metasploit)
Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (MS05-030) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (2) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (Metasploit)
Microsoft SQL Server - Resolution Overflow (Metasploit)
Microsoft SQL Server - Payload Execution (via SQL Injection)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (Metasploit)
Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit)
Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (via SQL Injection)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (via SQL Injection) (Metasploit)
Microsoft SQL Server - Hello Overflow (Metasploit)
Microsoft SQL Server - Hello Overflow (MS02-056) (Metasploit)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (3)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (1)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (1)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1)
Microsoft DirectX DirectShow - SAMI Buffer Overflow (Metasploit)
Microsoft DirectX DirectShow - SAMI Buffer Overflow (MS07-064) (Metasploit)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (2)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2)
Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (Metasploit)
Microsoft IIS 4.0 - '.htr' Path Overflow (Metasploit)
Microsoft IIS 5.0 - Printer Host Header Overflow (Metasploit)
Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit)
Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (MS01-026) (Metasploit)
Microsoft IIS 4.0 - '.htr' Path Overflow (MS02-018) (Metasploit)
Microsoft IIS 5.0 - Printer Host Header Overflow (MS01-023) (Metasploit)
Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (MS03-007) (Metasploit)
Microsoft IIS 5.0 - IDQ Path Overflow (Metasploit)
Microsoft IIS 5.0 - IDQ Path Overflow (MS01-033) (Metasploit)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (1)
Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (Metasploit)
Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (Metasploit)
Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (MS06-067) (Metasploit)
Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit)
Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit)
Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) (Metasploit)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) (MS07-017) (Metasploit)
Microsoft Internet Explorer - XML Core Services HTTP Request Handling (Metasploit)
Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (Metasploit)
Microsoft Internet Explorer - XML Core Services HTTP Request Handling (MS06-071) (Metasploit)
Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (MS11-003) (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (MS09-043) (Metasploit)
Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (Metasploit)
Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (Metasploit)
Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit)
Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (MS09-043) (Metasploit)
Microsoft Help Center - Cross-Site Scripting / Command Execution (Metasploit)
Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (Metasploit)
Microsoft Help Center - Cross-Site Scripting / Command Execution (MS10-042) (Metasploit)
Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (MS09-072) (Metasploit)
Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (Metasploit)
Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (MS10-090) (Metasploit)
Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (Metasploit)
Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (MS09-002) (Metasploit)
Microsoft Internet Explorer - COM CreateObject Code Execution (Metasploit)
Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (MS06-057) (Metasploit) (2)
Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (Metasploit)
Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (MS10-018) (Metasploit)
Microsoft Windows - Shell LNK Code Execution (Metasploit)
Microsoft Windows - Shell LNK Code Execution (MS10-046) (Metasploit)
Microsoft Internet Explorer - createTextRange() Code Execution (Metasploit)
Microsoft Internet Explorer - createTextRange() Code Execution (MS06-013) (Metasploit)
Microsoft Internet Explorer - Object Type (MS03-020)
Microsoft Internet Explorer - Object Type (MS03-020) (Metasploit)
Microsoft Internet Explorer - Data Binding Memory Corruption (Metasploit)
Microsoft Internet Explorer - Data Binding Memory Corruption (MS08-078) (Metasploit)
Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (Metasploit)
Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (MS10-018) (Metasploit)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (1)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (MS06-055) (Metasploit)
Microsoft Internet Explorer - 'Aurora' Memory Corruption (Metasploit)
Microsoft Internet Explorer - 'Aurora' Memory Corruption (MS10-002) (Metasploit)
Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (Metasploit)
Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)
CCProxy 6.2 - Telnet Proxy Ping Overflow (2) (Metasploit)
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)
Outlook - ATTACH_BY_REF_RESOLVE File Execution (Metasploit)
Outlook - ATTACH_BY_REF_ONLY File Execution (Metasploit)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) (MS07-017) (Metasploit)
Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit)
Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit)
Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST)
Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) (Metasploit)
FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)
FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD) (Metasploit)
httpdx - tolog() Function Format String (1)
httpdx - tolog() Function Format String (Metasploit) (1)
Microsoft IIS FTP Server - NLST Response Overflow (Metasploit)
Microsoft IIS FTP Server - NLST Response Overflow (MS09-053) (Metasploit)
Microsoft Message Queueing Service - Path Overflow (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() Overflow (TCP)
Microsoft RPC DCOM Interface - Overflow Exploit (Metasploit)
Microsoft Message Queueing Service - DNS Name Path Overflow (Metasploit)
Microsoft Message Queueing Service - Path Overflow (MS05-017) (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() TCP Overflow (MS07-029) (Metasploit)
Microsoft RPC DCOM Interface - Overflow Exploit (MS03-026) (Metasploit)
Microsoft Message Queueing Service - DNS Name Path Overflow (MS07-065) (Metasploit)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (2)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1)
httpdx - tolog() Function Format String (2)
httpdx - tolog() Function Format String (Metasploit) (2)
Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)
Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (MS03-046) (Metasploit)
NetSupport Manager Agent - Remote Buffer Overflow (2)
NetSupport Manager Agent - Remote Buffer Overflow (Metasploit) (2)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (Metasploit) (1)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (Metasploit) (2)
SquirrelMail PGP Plugin - Command Execution (SMTP)
SquirrelMail PGP Plugin - Command Execution (SMTP) (Metasploit)
ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)
ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) (Metasploit)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (2)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (2)
Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050)
Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) (Metasploit)
Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)
Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview ('.lzh' Attachment) (Metasploit)
Mozilla Firefox - 'nsTreeRange' Dangling Pointer (1)
Mozilla Firefox - 'nsTreeRange' Dangling Pointer (Metasploit) (1)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (1)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1)
Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)
Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026) (Metasploit)
ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2)
ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (Metasploit) (2)
Mozilla Firefox - Array.reduceRight() Integer Overflow (2)
Mozilla Firefox - Array.reduceRight() Integer Overflow (Metasploit) (2)
Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (Metasploit)
Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (MS05-054) (Metasploit)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (2)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2)
Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)
Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) (Metasploit)
Sun Java Web Start Plugin - Command Line Argument Injection (2012)
Sun Java Web Start Plugin - Command Line Argument Injection (2012) (Metasploit)
Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002)
Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002) (Metasploit)
Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)
Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) (Metasploit)
quickshare file share 1.2.1 - Directory Traversal (2)
quickshare file share 1.2.1 - Directory Traversal (Metasploit) (2)
Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit)
Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065) (Metasploit)
Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)
Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037) (Metasploit)
ComSndFTP 1.3.7 Beta - USER Format String (Write4)
Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (Metasploit)
ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit)
Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (MS12-043) (Metasploit)
Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL redirection
Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL Redirection (MS99-043)
Microsoft Office SharePoint Server 2007 - Remote Code Execution (Metasploit)
Microsoft Office SharePoint Server 2007 - Remote Code Execution (MS10-104) (Metasploit)
Microsoft IIS 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal
Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 - Directory Traversal (MS00-006)
Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (Metasploit)
Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (MS12-037) (Metasploit)
Microsoft Internet Explorer 5.5 - Index.dat
Microsoft Internet Explorer 5.5 - 'Index.dat' Exploit (MS00-055)
Microsoft Visual Studio RAD Support - Buffer Overflow (Metasploit)
Microsoft Visual Studio RAD Support - Buffer Overflow (MS03-051) (Metasploit)
JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)
JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) (Metasploit)
Microsoft Internet Explorer 5 - Zone Spoofing
Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)
HP SiteScope - Remote Code Execution (1)
HP SiteScope - Remote Code Execution (Metasploit) (1)
Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure
Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure (MS02-023)
Metasploit Web UI - Diagnostic Console Command Execution
Metasploit Web UI - Diagnostic Console Command Execution (Metasploit)
Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address
Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063)
Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) (Metasploit)
Microsoft Internet Explorer 5 - XML Page Object Type Validation
Microsoft Internet Explorer 5 - XML Page Object Type Validation (MS03-040)
Microsoft Windows XP/2000 - Messenger Service Buffer Overrun
Microsoft Windows XP/2000 - Messenger Service Buffer Overrun (MS03-043)
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy
Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy (MS04-004)
Microsoft Internet Explorer - Option Element Use-After-Free (Metasploit)
Microsoft Internet Explorer - Option Element Use-After-Free (MS11-081) (Metasploit)
Java Applet JMX - Remote Code Execution (1)
Java Applet JMX - Remote Code Execution (Metasploit) (1)
myServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting
MyServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting
VMware OVF Tools - Format String (1)
VMware OVF Tools - Format String (Metasploit) (1)
VMware OVF Tools - Format String (2)
VMware OVF Tools - Format String (Metasploit) (2)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009)
Java Applet JMX - Remote Code Execution (2)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)
Java Applet JMX - Remote Code Execution (Metasploit) (2)
Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code
Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2)
phpMyAdmin - Authenticated Remote Code Execution via preg_replace()
phpMyAdmin - 'preg_replace' Authenticated Remote Code Execution (Metasploit)
Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow
Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow (MS05-020)
Microsoft Internet Explorer - textNode Use-After-Free (Metasploit)
Microsoft Internet Explorer - textNode Use-After-Free (MS13-037) (Metasploit)
Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009)
Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009) (Metasploit)
D-Link Devices - Unauthenticated Remote Command Execution (2)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2)
D-Link Devices - Unauthenticated Remote Command Execution (1)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1)
Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)
Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) (Metasploit)
Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055)
HP SiteScope - Remote Code Execution (2)
Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055) (Metasploit)
HP SiteScope - Remote Code Execution (Metasploit) (2)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (2)
Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069)
Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2)
Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069) (Metasploit)
Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071) (Metasploit)
Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)
Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080) (Metasploit)
Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090)
Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022)
Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) (Metasploit)
Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) (Metasploit)
Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012)
Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012) (Metasploit)
Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012)
Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012) (Metasploit)
Microsoft Windows Media Center - MCL Exploit (MS15-100)
Microsoft Windows Media Center - MCL Exploit (MS15-100) (Metasploit)
Advantech Switch - Bash Environment Variable Code Injection (Shellshock)
Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Oracle BeeHive 2 - voice-servlet processEvaluation()
Oracle BeeHive 2 - voice-servlet processEvaluation() (Metasploit)
Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference
Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference (MS15-134)
IPFire - Bash Environment Variable Injection (Shellshock)
IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
Ruby on Rails - Dynamic Render File Upload / Remote Code Execution
Ruby on Rails - Dynamic Render File Upload / Remote Code Execution (Metasploit)
FTPShell Client 5.24 - 'PWD' Remote Buffer Overflow
Windows x64 - Reverse Shell TCP Shellcode (694 bytes)
phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (2)
phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (Metasploit) (2)
PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2)
PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) (Metasploit)
Wordpress Plugin BBS e-Franchise 1.1.1 - SQL Injection
Wordpress Plugin Product Catalog 8 1.2.0 - SQL Injection
EditMe CMS - Cross-Site Request Forgery (Add New Admin)
2016-11-19 05:01:21 +00:00
Offensive Security
b22e31535e
DB: 2016-11-18
...
3 new exploits
Winamp 5.21 - (Midi File Header Handling) Buffer Overflow (PoC)
Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC)
Nullsoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC)
NullSoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC)
Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)
Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)
Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC)
Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow (PoC)
WinAmp GEN_MSN Plugin - Heap Buffer Overflow (PoC)
Winamp GEN_MSN Plugin - Heap Buffer Overflow (PoC)
Winamp 5.572 - whatsnew.txt Stack Overflow (PoC)
Winamp 5.572 - 'whatsnew.txt' Stack Overflow (PoC)
Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow
NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow
WinAmp 5.63 - Invalid Pointer Dereference
WinAmp 5.63 - Stack Based Buffer Overflow
Winamp 5.63 - Invalid Pointer Dereference
Winamp 5.63 - Stack Based Buffer Overflow
Winamp 5.666 build 3516 - (Corrupted flv) Crash (PoC)
Winamp 5.666 build 3516 - Corrupted .flv Crash (PoC)
Microsoft Edge - 'eval' Type Confusion
Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow
NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow
SCO UnixWare < 7.1.4 p534589 - (pkgadd) Privilege Escalation
SCO UnixWare Reliant HA - Privilege Escalation
SCO UnixWare Merge - mcd Privilege Escalation
Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow
SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Privilege Escalation
SCO UnixWare Reliant HA 1.1.4 - Privilege Escalation
SCO UnixWare Merge - 'mcd' Privilege Escalation
Winamp 5.05-5.13 - '.ini' Local Stack Buffer Overflow (PoC)
Winamp 5.05<5.13 - '.ini' Local Stack Buffer Overflow (PoC)
Winamp 5.572 - whatsnew.txt Stack Overflow
Winamp 5.572 - whatsnew.txt Local Buffer Overflow (Windows XP SP3 DE)
Winamp 5.572 - 'whatsnew.txt' Stack Overflow
Winamp 5.572 (Windows XP SP3 DE) - 'whatsnew.txt' Local Buffer Overflow
Winamp 5.572 - whatsnew.txt SEH (Metasploit)
Winamp 5.572 - 'whatsnew.txt' SEH (Metasploit)
Winamp 5.572 - Local Buffer Overflow (Windows 7 ASLR + DEP Bypass)
Winamp 5.572 (Windows 7) - Local Buffer Overflow (ASLR + DEP Bypass)
Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking
NullSoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking
WinAmp 5.63 - (winamp.ini) Local Exploit
Winamp 5.63 - 'winamp.ini' Local Exploit
Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation
Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)
Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)
Nullsoft Winamp 2.x - AIP Buffer Overflow
NullSoft Winamp 2.x - AIP Buffer Overflow
Nullsoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow
NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow
winamp Web interface 7.5.13 - Multiple Vulnerabilities
Winamp Web interface 7.5.13 - Multiple Vulnerabilities
Nullsoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow
NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow
LinPHA 1.3.1 - (new_images.php) Blind SQL Injection
LinPHA 1.3.1 - 'new_images.php' Blind SQL Injection
KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection
KwsPHP Module jeuxflash 1.0 - 'id' Parameter SQL Injection
KwsPHP 1.0 - Newsletter Module SQL Injection
KwsPHP 1.0 Module Newsletter - SQL Injection
DaZPHP 0.1 - (prefixdir) Local File Inclusion
PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion
KwsPHP Module Galerie - (id_gal) SQL Injection
KwsPHP Module Archives - 'id' SQL Injection
KwsPHP Module jeuxflash (cat) 1.0 - SQL Injection
KwsPHP Module ConcoursPhoto - (C_ID) SQL Injection
XPOZE Pro 3.05 - (reed) SQL Injection
Vastal I-Tech Software Zone - 'cat_id' SQL Injection
sabros.us 1.75 - (thumbnails.php) Remote File Disclosure
Comdev News Publisher - SQL Injection
Affiliate Directory - 'cat_id' SQL Injection
PHP Photo Gallery 1.0 - (photo_id) SQL Injection
Blogator-script 0.95 - (incl_page) Remote File Inclusion
PIGMy-SQL 1.4.1 - (getdata.php id) Blind SQL Injection
Blogator-script 0.95 - (id_art) SQL Injection
Dragoon 0.1 - (lng) Local File Inclusion
DaZPHP 0.1 - 'prefixdir' Parameter Local File Inclusion
PhpBlock a8.4 - 'PATH_TO_CODE' Parameter Remote File Inclusion
KwsPHP 1.3.456 Module Galerie - 'id_gal' Parameter SQL Injection
KwsPHP 1.3.456 Module Archives - 'id' Parameter SQL Injection
KwsPHP Module jeuxflash 1.0 - 'cat' Parameter SQL Injection
KwsPHP Module ConcoursPhoto 2.0 - 'C_ID' Parameter SQL Injection
XPOZE Pro 3.05 - 'reed' Parameter SQL Injection
Vastal I-Tech Software Zone - 'cat_id' Parameter SQL Injection
Sabros.us 1.75 - 'thumbnails.php' Remote File Disclosure
Comdev News Publisher 4.1.2 - SQL Injection
Affiliate Directory - 'cat_id' Parameter SQL Injection
PHP Photo Gallery 1.0 - 'photo_id' Parameter SQL Injection
Blogator-script 0.95 - 'incl_page' Parameter Remote File Inclusion
PIGMy-SQL 1.4.1 - 'getdata.php' Blind SQL Injection
Blogator-script 0.95 - 'id_art' Parameter SQL Injection
Dragoon 0.1 - 'lng' Parameter Local File Inclusion
Easynet Forum Host - 'forum.php forum' SQL Injection
CoBaLT 0.1 - Multiple SQL Injections
Gaming Directory 1.0 - 'cat_id' SQL Injection
Easynet Forum Host - 'forum.php' SQL Injection
Cobalt 0.1 - Multiple SQL Injections
Gaming Directory 1.0 - 'cat_id' Parameter SQL Injection
Links Directory 1.1 - 'cat_id' SQL Injection
Software Index 1.1 - 'cid' SQL Injection
Links Directory 1.1 - 'cat_id' Parameter SQL Injection
Software Index 1.1 - 'cid' Parameter SQL Injection
Blog PixelMotion - 'index.php categorie' SQL Injection
Site Sift Listings - 'id' SQL Injection
Blog PixelMotion - 'categorie' Parameter SQL Injection
Site Sift Listings - 'id' Parameter SQL Injection
Prozilla Forum Service - 'forum.php forum' SQL Injection
Prozilla Forum Service - 'forum' Parameter SQL Injection
Prozilla Freelancers - (project) SQL Injection
Prozilla Freelancers - 'project' Parameter SQL Injection
LinPHA 1.3.3 - (maps plugin) Remote Command Execution
Dragoon 0.1 - (root) Remote File Inclusion
LinPHA 1.3.3 Plugin Maps - Remote Command Execution
Dragoon 0.1 - 'root' Parameter Remote File Inclusion
k-links directory - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
k-links directory - SQL Injection / Cross-Site Scripting
SFS Affiliate Directory - 'id' SQL Injection
Affiliate Directory - 'id' Parameter SQL Injection
SFS EZ Gaming Directory - 'Directory.php id' SQL Injection
SFS EZ Gaming Directory - 'directory.php' SQL Injection
SFS EZ Gaming Directory - 'cat_id' SQL Injection
SFS EZ Gaming Directory - 'cat_id' Parameter SQL Injection
LinPHA 1.3.2 - (rotate.php) Remote Command Execution
LinPHA 1.3.2 - 'rotate.php' Remote Command Execution
cobalt qube webmail 1.0 - Directory Traversal
Cobalt Qube Webmail 1.0 - Directory Traversal
LinPHA 0.9.x/1.0 - 'index.php' lang Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion
LinPHA 0.9.x/1.0 - 'lang' Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - 'install.php' Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion
LinPHA 1.1 - Multiple Cross-Site Scripting Vulnerabilities
Drake CMS 0.2 - 'index.php' Cross-Site Scripting
Sabros.US 1.7 - 'index.php' Cross-Site Scripting
Drake CMS 0.3.7 - 404.php Local File Inclusion
Drake CMS 0.3.7 - '404.php' Local File Inclusion
Drake CMS 0.4.9 - 'index.php' Cross-Site Scripting
Blogator-script 0.95 - 'bs_auth.php' Cross-Site Scripting
CoBaLT 2.0 - 'adminler.asp' SQL Injection
Cobalt 2.0 - 'adminler.asp' SQL Injection
VisualPic 0.3.1 - Cross-Site Scripting
LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting
LinPHA 1.3.2/1.3.3 - new_images.php Cross-Site Scripting
Software Index - 'signinform.php' Cross-Site Scripting
CMSimple 4.4.4 - Remote file Inclusion
CMSimple 4.4.4 - Remote File Inclusion
Wordpress Plugin Answer My Question 1.3 - SQL Injection
Wordpress Plugin Sirv 1.3.1 - SQL Injection
2016-11-18 05:01:22 +00:00
Offensive Security
e1c4e9e1ec
DB: 2016-11-17
...
3 new exploits
Redhat 6.1 / 6.2 - TTY Flood Users Exploit
RedHat 6.1 / 6.2 - TTY Flood Users Exploit
Microsoft Windows - Kernel ANI File Parsing Crash
Microsoft Windows Kernel - '.ANI' File Parsing Crash
PunBB 2.0.10 - (Register Multiple Users) Denial Of Service
PunBB 2.0.10 - (Register Multiple Users) Denial of Service
Apple Mac OSX 10.4.x - Kernel shared_region_map_file_np() Memory Corruption
Apple Mac OSX 10.4.x Kernel - shared_region_map_file_np() Memory Corruption
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service
MailEnable Professional/Enterprise 2.37 - Denial Of Service
MailEnable Professional/Enterprise 2.37 - Denial of Service
Apple Mac OSX 10.4.x - Kernel i386_set_ldt() Integer Overflow (PoC)
Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial of Service
snircd 1.3.4 - (send_user_mode) Denial of Service
MPlayer - sdpplin_parse() Array Indexing Buffer Overflow (PoC)
Snircd 1.3.4 - 'send_user_mode' Denial of Service
MPlayer 1.0 rc2 - 'sdpplin_parse()' Array Indexing Buffer Overflow (PoC)
LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial Of Service)
LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial of Service)
ZoIPer 2.22 - Call-Info Remote Denial Of Service
ZoIPer 2.22 - Call-Info Remote Denial of Service
Dualis 20.4 - '.bin' Local Denial Of Service
Dualis 20.4 - '.bin' Local Denial of Service
Dolphin 2.0 - '.elf' Local Denial Of Service
Dolphin 2.0 - '.elf' Local Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server 1.10.3 (build 144) - Denial of Service
Red Hat Linux - stickiness of /tmp Exploit
RedHat Linux - Stickiness of /tmp Exploit
Apple Mac OSX < 10.6.7 - Kernel Panic Exploit
Apple Mac OSX < 10.6.7 - Kernel Panic
Red Hat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service
RedHat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service
Titan FTP Server 3.0 - 'LIST' Command Denial Of Service
Titan FTP Server 3.0 - 'LIST' Command Denial of Service
Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Service
Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial of Service
I Hear U 0.5.6 - Multiple Remote Denial Of Service Vulnerabilities
I Hear U 0.5.6 - Multiple Remote Denial of Service Vulnerabilities
Microsoft Windows Explorer - '.png' Image Local Denial Of Service
Microsoft Windows Explorer - '.png' Image Local Denial of Service
Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial Of Service
Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial of Service
MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service
MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial of Service
PHP 5.2.5 - Multiple GetText functions Denial Of Service Vulnerabilities
PHP 5.2.5 - Multiple GetText functions Denial of Service Vulnerabilities
LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial Of Service
LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial of Service
Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial Of Service
Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial of Service
Sami FTP Server 2.0.x - Multiple Commands Remote Denial Of Service Vulnerabilities
Sami FTP Server 2.0.x - Multiple Commands Remote Denial of Service Vulnerabilities
SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial Of Service
SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial of Service
RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial Of Service
RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial of Service
MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service
snircd 1.3.4 And ircu 2.10.12.12 - 'set_user_mode' Remote Denial of Service
MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial of Service
SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service / Memory Corruption Vulnerabilities
Microsoft Windows XP/Vista/2000/2003/2008 - Kernel Usermode Callback Privilege Escalation (1)
SLMail Pro 6.3.1.0 - Multiple Remote Denial of Service / Memory Corruption Vulnerabilities
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1)
SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial Of Service
SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service
Apple iCal 3.0.1 - 'ATTACH' Parameter Denial Of Service
Apple iCal 3.0.1 - 'ATTACH' Parameter Denial of Service
WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service
WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service
Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service
Computer Associates ARCserve Backup Discovery Service Remote - Denial of Service
Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service
Microsoft Excel 2007 - JavaScript Code Remote Denial of Service
GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service
GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial of Service
GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial Of Service
GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial of Service
SWAT 4 - Multiple Denial Of Service Vulnerabilities
SWAT 4 - Multiple Denial of Service Vulnerabilities
Unreal Tournament 3 - Denial Of Service / Memory Corruption
Unreal Tournament 3 - Denial of Service / Memory Corruption
Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities
Combat Evolved 1.0.7.0615 - Multiple Denial of Service Vulnerabilities
Noticeware Email Server 4.6 - NG LOGIN Messages Denial Of Service
Noticeware Email Server 4.6 - NG LOGIN Messages Denial of Service
Ruby 1.9 - REXML Remote Denial Of Service
Ruby 1.9 - REXML Remote Denial of Service
Red Hat 8/9 - Directory Server Crafted Search Pattern Denial of Service
RedHat 8/9 - Directory Server Crafted Search Pattern Denial of Service
MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service
MySQL 6.0.4 - Empty Binary String Literal Remote Denial of Service
Mass Downloader - Malformed Executable Denial Of Service
Mass Downloader - Malformed Executable Denial of Service
Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service
Zope 2.11.2 - PythonScript Multiple Remote Denial Of Service Vulnerabilities
Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service
Zope 2.11.2 - PythonScript Multiple Remote Denial of Service Vulnerabilities
GeSHi 1.0.x - XML Parsing Remote Denial Of Service
GeSHi 1.0.x - XML Parsing Remote Denial of Service
Symbian S60 - Malformed SMS/Mms Remote Denial Of Service
Symbian S60 - Malformed SMS/Mms Remote Denial of Service
InfraRecorder 0.53 - Memory Corruption (Denial Of Service)
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service
InfraRecorder 0.53 - Memory Corruption (Denial of Service)
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service
QNX RTOS 6.4 - Malformed ELF Binary File Local Denial Of Service
QNX RTOS 6.4 - Malformed ELF Binary File Local Denial of Service
Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial Of Service
PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial Of Service
Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service
PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service
Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial Of Service
Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service
MySQL 6.0.9 - XPath Expression Remote Denial Of Service
MySQL 6.0.9 - XPath Expression Remote Denial of Service
MPlayer - Malformed AAC File Handling Denial of Service
MPlayer - Malformed OGM File Handling Denial of Service
MPlayer - '.AAC' File Handling Denial of Service
MPlayer - '.OGM' File Handling Denial of Service
Mani's Admin Plugin - Remote Denial Of Service
Mani's Admin Plugin - Remote Denial of Service
cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial Of Service)
CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial Of Service
cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial of Service)
CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service
Git 1.6.3 - Parameter Processing Remote Denial Of Service
Git 1.6.3 - Parameter Processing Remote Denial of Service
GUPnP 0.12.7 - Message Handling Denial Of Service
GUPnP 0.12.7 - Message Handling Denial of Service
ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial Of Service
ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial of Service
FileCOPA FTP Server 5.01 - 'NOOP' Command Denial Of Service
FileCOPA FTP Server 5.01 - 'NOOP' Command Denial of Service
Snort 2.8.5 - Multiple Denial Of Service Vulnerabilities
Snort 2.8.5 - Multiple Denial of Service Vulnerabilities
lighttpd 1.4/1.5 - Slow Request Handling Remote Denial Of Service
lighttpd 1.4/1.5 - Slow Request Handling Remote Denial of Service
Skybox Security 6.3.x < 6.4.x - Multiple Denial Of Service Issue
Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Issue
Hybserv2 - ':help' Command Denial Of Service
Hybserv2 - ':help' Command Denial of Service
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service
Apple Safari 4.0.4 - Remote Denial Of Service
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 - Remote Denial of Service
FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial Of Service
FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial of Service
PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial Of Service
PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial of Service
Remote Help HTTP 0.0.7 - GET Request Format String Denial Of Service
Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service
netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial Of Service
netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial of Service
Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial Of Service
Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial Of Service
Xitami 5.0 - '/AUX' Request Remote Denial Of Service
Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial of Service
Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial of Service
Xitami 5.0 - '/AUX' Request Remote Denial of Service
Torque Game Engine - Multiple Denial Of Service Vulnerabilities
Torque Game Engine - Multiple Denial of Service Vulnerabilities
EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities
EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial of Service Vulnerabilities
Unreal Engine - 'ReceivedRawBunch()' Denial Of Service
Unreal Engine - 'ReceivedRawBunch()' Denial of Service
Chrome Engine 4 - Denial Of Service
Chrome Engine 4 - Denial of Service
Sagem Fast 3304-V1 - Denial Of Service
Sagem Fast 3304-V1 - Denial of Service
Sumatra PDF 1.1 - Denial Of Service
Sumatra PDF 1.1 - Denial of Service
Freeciv 2.2.1 - Multiple Remote Denial Of Service Vulnerabilities
Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial Of Service Vulnerabilities
Freeciv 2.2.1 - Multiple Remote Denial of Service Vulnerabilities
Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial of Service Vulnerabilities
Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities
Microsoft DirectX 8/9 DirectPlay - Multiple Denial of Service Vulnerabilities
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial Of Service
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service
Sniper Elite 1.0 - Null Pointer Dereference Denial Of Service
Sniper Elite 1.0 - Null Pointer Dereference Denial of Service
MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial Of Service
MySQL 5.1.48 - 'EXPLAIN' Denial Of Service
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service
MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial of Service
MySQL 5.1.48 - 'EXPLAIN' Denial of Service
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial of Service
Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial Of Service
Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service
Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service
Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service
Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial of Service
Oracle MySQL < 5.1.49 - 'DDL' Statements Denial of Service
GNU glibc - 'regcomp()' Stack Exhaustion Denial Of Service
GNU glibc - 'regcomp()' Stack Exhaustion Denial of Service
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial Of Service
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service
Microsoft Internet Explorer 11 - Denial Of Service
Microsoft Internet Explorer 11 - Denial of Service
Golden FTP Server 4.70 - Malformed Message Denial Of Service
Golden FTP Server 4.70 - Malformed Message Denial of Service
TP-Link TL-WR740N - Denial Of Service
PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial Of Service
TP-Link TL-WR740N - Denial of Service
PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial of Service
Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial Of Service
Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service
Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial Of Service
Air Contacts Lite - HTTP Packet Denial Of Service
Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial of Service
Air Contacts Lite - HTTP Packet Denial of Service
TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial Of Service)
TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial of Service)
Perl 5.10 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
Perl 5.10 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial Of Service
Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial of Service
Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial Of Service
Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial of Service
RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial Of Service
RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial of Service
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial Of Service
Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service
Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial of Service
Microsoft Host Integration Server 2004-2010 - Remote Denial of Service
Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service
Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial of Service
Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service
Titan FTP Server 8.40 - 'APPE' Command Remote Denial of Service
Apache APR - Hash Collision Denial Of Service
PHP PDORow Object - Remote Denial Of Service
Apache APR - Hash Collision Denial of Service
PHP PDORow Object - Remote Denial of Service
PHP 5.3.8 - Remote Denial Of Service
PHP 5.3.8 - Remote Denial of Service
Mercury MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerabilities
Mercury MR804 Router - Multiple HTTP Header Fields Denial of Service Vulnerabilities
Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service
Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial of Service
Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service
Universal Reader 1.16.740.0 - 'uread.exe' Denial of Service
Apache Sling - Denial Of Service
Apache Sling - Denial of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial of Service
Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (2)
Microsoft Windows - Kernel DeferWindowPos Use-After-Free (MS15-073)
Microsoft Windows - Kernel UserCommitDesktopMemory Use-After-Free (MS15-073)
Microsoft Windows - Kernel Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Microsoft Windows - Kernel HmgAllocateObjectAttr Use-After-Free (MS15-061)
Microsoft Windows - Kernel win32k!vSolidFillRect Buffer Overflow (MS15-061)
Microsoft Windows - Kernel SURFOBJ Null Pointer Dereference (MS15-061)
Microsoft Windows - Kernel Brush Object Use-After-Free (MS15-061)
Microsoft Windows - Kernel WindowStation Use-After-Free (MS15-061)
Microsoft Windows - Kernel Null Pointer Dereference with Window Station and Clipboard (MS15-061)
Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (1)
Microsoft Windows - Kernel FlashWindowEx Memory Corruption (MS15-097)
Microsoft Windows - Kernel bGetRealizedBrush Use-After-Free (MS15-097)
Microsoft Windows - Kernel Use-After-Free with Cursor Object (MS15-097)
Microsoft Windows - Kernel Use-After-Free with Printer Device Contexts (MS15-097)
Microsoft Windows - Kernel NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2)
Microsoft Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)
Microsoft Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)
Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Microsoft Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)
Microsoft Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)
Microsoft Windows Kernel - SURFOBJ Null Pointer Dereference (MS15-061)
Microsoft Windows Kernel - Brush Object Use-After-Free (MS15-061)
Microsoft Windows Kernel - WindowStation Use-After-Free (MS15-061)
Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)
Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1)
Microsoft Windows Kernel - FlashWindowEx Memory Corruption (MS15-097)
Microsoft Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)
Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097)
Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)
Microsoft Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Microsoft Windows - Kernel NtGdiBitBlt Buffer Overflow (MS15-097)
Microsoft Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)
MySQL / MariaDB - Geometry Query Denial Of Service
MySQL / MariaDB - Geometry Query Denial of Service
Apple Mac OSX - Kernel IOAccelMemoryInfoUserClient Use-After-Free
Apple Mac OSX Kernel - IOAccelMemoryInfoUserClient Use-After-Free
Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows Kernel - 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows Kernel - 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Blue Coat ProxySG 5.x - and Security Gateway OS Denial Of Service
Blue Coat ProxySG 5.x - and Security Gateway OS Denial of Service
Microsoft Windows - Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Microsoft Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Apple Mac OSX - Kernel no-more-senders Use-After-Free
Apple Mac OSX Kernel - no-more-senders Use-After-Free
Apple Mac OSX - Kernel IOAccelDisplayPipeUserClient2 Use-After-Free
Apple Mac OSX Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free
TFTPD32 / Tftpd64 - Denial Of Service
TFTPD32 / Tftpd64 - Denial of Service
Apple Mac OSX / iOS - Kernel IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free
Apple Mac OSX / iOS - Kernel iokit Registry Iterator Manipulation Double-Free
Apple Mac OSX / iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free
Apple Mac OSX / iOS Kernel - iokit Registry Iterator Manipulation Double-Free
Apple Mac OSX - Kernel Hypervisor Driver Use-After-Free
Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)
Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)
Apple Mac OSX - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort
Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort
Apple Mac OSX - Kernel AppleKeyStore Use-After-Free
Apple Mac OSX - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver
Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver
Apple Mac OSX Kernel - AppleKeyStore Use-After-Free
Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver
Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver
Microsoft Windows - Kernel Bitmap Use-After-Free
Microsoft Windows - Kernel NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Microsoft Windows Kernel - Bitmap Use-After-Free
Microsoft Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Microsoft Windows - Kernel DrawMenuBarTemp Wild-Write (MS16-039)
Microsoft Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)
Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Microsoft Windows Kernel - 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX - Kernel Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX - Kernel OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
Apple Mac OSX / iOS - Kernel UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
Apple Mac OSX - Kernel Stack Buffer Overflow in GeForce GPU Driver
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
Apple Mac OSX / iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
Apple Mac OSX Kernel - GeForce GPU Driver Stack Buffer Overflow
Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)
Microsoft Windows Kernel - 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)
Apple OS X - Kernel IOBluetoothFamily.kext Use-After-Free
Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
Linux Kernel 2.2.x / 2.4.x (Redhat) - 'ptrace/kmod' Privilege Escalation
Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation
XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0)
xtokkaetama 1.0b - Local Game Exploit (Red Hat 9.0)
XGalaga 2.0.34 (RedHat 9.0) - Local Game Exploit
xtokkaetama 1.0b (RedHat 9.0) - Local Game Exploit
hztty 2.0 - Privilege Escalation (Red Hat 9.0)
hztty 2.0 (RedHat 9.0) - Privilege Escalation
Redhat 6.2 /sbin/restore - Exploit
RedHat 6.2 /sbin/restore - Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
RedHat 6.2 Restore and Dump - Local Exploit (Perl)
Redhat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit
dump 0.4b15 (Redhat 6.2) - Exploit
RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit
dump 0.4b15 (RedHat 6.2) - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
xsoldier 0.96 (RedHat 6.2) - Exploit
Redhat 6.1 man - Local Exploit (egid 15)
RedHat 6.1 man - Local Exploit (egid 15)
Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows - Kernel Privilege Escalation (MS06-049)
Microsoft Windows Kernel - Privilege Escalation (MS06-049)
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Privilege Escalation
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation
Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Privilege Escalation (1)
Linux Kernel 2.x (RedHat) - 'sock_sendpage()' Ring0 Privilege Escalation (1)
(Linux Kernel 2.6.34-rc3) ReiserFS (Redhat / Ubuntu 9.10) - xattr Privilege Escalation
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - xattr Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - 'compat' Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation
Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)
Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)
Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Immunix OS 6.2/7.0 / Redhat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow
Immunix OS 6.2/7.0 / RedHat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow
Microsoft Windows - Kernel Intel x64 SYSRET (PoC)
Microsoft Windows Kernel - Intel x64 SYSRET (PoC)
Linux Kernel 3.7.6 (Redhat x86/x64) - 'MSR' Driver Privilege Escalation
Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation
Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation
Microsoft Windows XP/7 - Kernel 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows - Kernel 'win32k.sys' Privilege Escalation (MS14-058)
Microsoft Windows Kernel - 'win32k.sys' Privilege Escalation (MS14-058)
Apple OS X/iOS - Kernel IOSurface Use-After-Free
Apple OS X/iOS Kernel - IOSurface Use-After-Free
Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit)
Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Privilege Escalation (Metasploit)
Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal
Ruby 1.8.6/1.9 (WEBick Httpd 1.3.1) - Directory Traversal
mg-soft net Inspector 6.5.0.828 - Multiple Vulnerabilities
MG-SOFT Net Inspector 6.5.0.828 - Multiple Vulnerabilities
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit
Red Hat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
Red Hat Interchange 4.8.x - Arbitrary File Read
RedHat Interchange 4.8.x - Arbitrary File Read
Red Hat Apache 2.0.40 - Directory Index Default Configuration Error
RedHat Apache 2.0.40 - Directory Index Default Configuration Error
Foreman (Red Hat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit)
Foreman (RedHat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit)
Red Hat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities
RedHat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities
Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)
RedHat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation (Metasploit)
Katello (RedHat Satellite) - users/update_roles Missing Authorisation (Metasploit)
Red Hat Stronghold Web Server 2.3 - Cross-Site Scripting
RedHat Stronghold Web Server 2.3 - Cross-Site Scripting
Red Hat Piranha - Remote Security Bypass
RedHat Piranha - Remote Security Bypass
KISGB 5.1.1 - (Authenticate.php) Remote File Inclusion
KISGB 5.1.1 - 'Authenticate.php' Remote File Inclusion
Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion
Jshop Server 1.3 - 'fieldValidation.php' Remote File Inclusion
phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution
phpBP RC3 (2.204) - SQL Injection / Remote Code Execution
eXV2 Module MyAnnonces - (lid) SQL Injection
eXV2 Module eblog 1.2 - (blog_id) SQL Injection
eXV2 Module Viso 2.0.4.3 - (kid) SQL Injection
eXV2 Module WebChat 1.60 - (roomid) SQL Injection
eXV2 Module MyAnnonces - 'lid' Parameter SQL Injection
eXV2 Module eblog 1.2 - 'blog_id' Parameter SQL Injection
eXV2 Module Viso 2.0.4.3 - 'kid' Parameter SQL Injection
eXV2 Module WebChat 1.60 - 'roomid' Parameter SQL Injection
Fuzzylime CMS 3.01 - (admindir) Remote File Inclusion
Fuzzylime CMS 3.01 - 'admindir' Parameter Remote File Inclusion
Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion
Exero CMS 1.0.1 - 'theme' Parameter Multiple Local File Inclusion
Joomla! Component Acajoom (com_acajoom) - SQL Injection
Joomla! Component Acajoom 1.1.5 - SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
Joomla! Component joovideo 1.2.2 - 'id' SQL Injection
Joomla! Component Alberghi 2.1.3 - 'id' SQL Injection
Mambo Component 'com_accombo' 1.x - 'id' SQL Injection
Joomla! Component Restaurante 1.0 - 'id' SQL Injection
PEEL CMS - Admin Hash Extraction / Arbitrary File Upload
RunCMS Module section - (artid) SQL Injection
ASPapp Knowledge Base - SQL Injection
ASPapp Knowledge Base - 'CatId' Parameter SQL Injection
Joomla! Component joovideo 1.2.2 - 'id' Parameter SQL Injection
Joomla! Component Alberghi 2.1.3 - 'id' Parameter SQL Injection
Mambo Component Accombo 1.x - 'id' Parameter SQL Injection
Joomla! Component Restaurante 1.0 - 'id' Parameter SQL Injection
PEEL CMS 3.x - Admin Hash Extraction / Arbitrary File Upload
RunCMS Module section - 'artid' Parameter SQL Injection
ASPapp Knowledge Base - SQL Injection
RunCMS Module Photo 3.02 - 'cid' SQL Injection
D.E. Classifieds - 'cat_id' SQL Injection
RunCMS Module Photo 3.02 - 'cid' Parameter SQL Injection
D.E. Classifieds - 'cat_id' Parameter SQL Injection
PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection
PHP-Nuke Platinum 7.6.b.5 - 'dynamic_titles.php' SQL Injection
Joomla! Component rekry 1.0.0 - (op_id) SQL Injection
destar 0.2.2-5 - Arbitrary Add New User Exploit
Joomla! Component rekry 1.0.0 - 'op_id' Parameter SQL Injection
Destar 0.2.2-5 - Arbitrary Add New User Exploit
destar 0.2.2-5 - Arbitrary Add Admin
Destar 0.2.2-5 - Arbitrary Add Admin
BolinOS 4.6.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Security Vulnerabilities
Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection
BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting
Joomla! Component Alphacontent 2.5.8 - 'id' Parameter SQL Injection
TopperMod 1.0 - (mod.php) Local File Inclusion
TopperMod 1.0 - 'mod.php' Local File Inclusion
Joomla! Component MyAlbum 1.0 - (album) SQL Injection
Joomla! Component MyAlbum 1.0 - 'album' Parameter SQL Injection
Smoothflash - 'admin_view_image.php cid' SQL Injection
Smoothflash - 'cid' Parameter SQL Injection
JShop 1.x < 2.x - (page.php xPage) Local File Inclusion
WordPress Plugin Download - (dl_id) SQL Injection
PHPSpamManager 0.53b - (body.php) Remote File Disclosure
Woltlab Burning Board Addon JGS-Treffen - SQL Injection
Neat weblog 0.2 - 'articleId' SQL Injection
EasyNews 40tr - (SQL Injection / Cross-Site Scripting / Local File Inclusion) SQL Injection
FaScript FaPhoto 1.0 - (show.php id) SQL Injection
Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection
eggBlog 4.0 - Password Retrieve SQL Injection
Joomla! Component actualite 1.0 - 'id' SQL Injection
JShop 1.x < 2.x - 'xPage' Parameter Local File Inclusion
WordPress Plugin Download - 'dl_id' Parameter SQL Injection
PHPSpamManager 0.53b - 'body.php' Remote File Disclosure
Woltlab Burning Board Addon JGS-Treffen 2.0.2 - SQL Injection
Neat weblog 0.2 - 'articleId' Parameter SQL Injection
EasyNews 40tr - SQL Injection / Cross-Site Scripting / Local File Inclusion
FaScript FaPhoto 1.0 - 'show.php' SQL Injection
Mambo Component Ahsshop 1.51 - 'vara' Parameter SQL Injection
eggBlog 4.0 - SQL Injection
Joomla! Component actualite 1.0 - 'id' Parameter SQL Injection
PHPAddressBook 2.11 - (view.php id) SQL Injection
PHPAddressBook 2.11 - 'view.php' SQL Injection
Joomla! Component com_alphacontent - Blind SQL Injection
Joomla! Component Alphacontent 2.5.8 - Blind SQL Injection
Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection
Joomla! Component Event Booking 2.10.1 - SQL Injection
Nuked-klaN 1.3 - Multiple Cross-Site Scripting Vulnerabilities
JShop E-Commerce Suite - xSearch Cross-Site Scripting
JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting
JShop E-Commerce Suite 1.2 - product.php Cross-Site Scripting
Nuked-klaN 1.7 Sections Module - artid Parameter SQL Injection
Nuked-klaN 1.7 Sections Module - 'artid' Parameter SQL Injection
Nuked-klaN 1.7 Download Module - dl_id Parameter SQL Injection
Nuked-klaN 1.7 Links Module - link_id Parameter SQL Injection
Nuked-klaN 1.7 Download Module - 'dl_id' Parameter SQL Injection
Nuked-klaN 1.7 Links Module - 'link_id' Parameter SQL Injection
Nuked-klaN 1.7 - 'index.php' Cross-Site Scripting
Foreman (Red Hat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)
Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)
Eggblog 3.1 - admin/articles.php edit Parameter Cross-Site Scripting
Eggblog 3.1 - admin/comments.php edit Parameter Cross-Site Scripting
Eggblog 3.1 - admin/users.php add Parameter Cross-Site Scripting
Eggblog 3.1 - rss.php Cross-Site Scripting
Nuked-klaN 1.7.5 - File Parameter News Module Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/edittemplate_step2.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showfields.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showuser.php language Parameter Cross-Site Scripting
CS-Cart 4.3.10 - XML External Entity Injection
CoronaMatrix phpAddressBook 2.0 - 'Username' Cross-Site Scripting
Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting
Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting
Cacti 0.8.7 (RedHat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting
Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload
Mambo Component 'com_ahsshop' - SQL Injection
Mambo Component Ahsshop - SQL Injection
Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
Joomla 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation
Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation
WordPress Plugin XCloner 3.1.5 - Multiple Vulnerabilities
2016-11-17 05:01:21 +00:00
Offensive Security
2e7215ec08
DB: 2016-11-16
...
8 new exploits
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service
MailEnable Professional/Enterprise 2.37 - Denial of Service
MailEnable Professional/Enterprise 2.37 - Denial Of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service
MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service
VideoLAN VLC Media Player - Subtitle StripTags() Function Memory Corruption
VideoLAN VLC Media Player 1.1 - Subtitle StripTags() Function Memory Corruption
VideoLAN VLC Media Player - XSPF Local File Integer Overflow in XSPF Playlist parser
VideoLAN VLC Media Player 1.1.9 - XSPF Local File Integer Overflow in XSPF Playlist parser
VideoLAN VLC Media Player - '.3gp' File Divide-by-Zero Denial of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service
VideoLAN VLC Media Player - '.wav' File Memory Corruption
VideoLAN VLC Media Player 2.1.3 - '.wav' File Memory Corruption
Microsoft Edge 11.0.10240.16384 - 'edgehtml' CAttrArray::Destroy Use-After-Free
Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference
Microsoft Windows Kernel - Registry Hive Loading 'nt!RtlEqualSid' Out-of-Bounds Read (MS16-138)
VideoLAN VLC Media Player - '.TY' File Stack Based Buffer Overflow
VideoLAN VLC Media Player 0.9.4 - '.TY' File Stack Based Buffer Overflow
VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking
VideoLAN VLC Media Player 1.1.3 - 'wintab32.dll' DLL Hijacking
VideoLAN VLC Media Player - TiVo Buffer Overflow (Metasploit)
VideoLAN VLC Media Player 0.9.4 - TiVo Buffer Overflow (Metasploit)
VideoLAN VLC Media Player - MKV Memory Corruption (Metasploit)
VideoLAN VLC Media Player 1.1.6 - 'MKV' Memory Corruption (Metasploit)
VideoLAN VLC Media Player - RealText Subtitle Overflow (Metasploit)
VideoLAN VLC Media Player 0.9.5 - RealText Subtitle Overflow (Metasploit)
Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)
Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138)
Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138)
MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow
MailEnable Professional/Enterprise 2.37 - 'APPEND' Remote Buffer Overflow
Versant Object Database 7.0.1.3 - Commands Execution Exploit
Versant Object Database 7.0.1.3 - Commands Execution
VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit
VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit
MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow
MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow
MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow
VideoLAN VLC Media Player - AMV Dangling Pointer (Metasploit)
VideoLAN VLC Media Player 1.1.4 - 'AMV' Dangling Pointer (Metasploit)
VideoLAN VLC Media Player - ModPlug ReadS3M Stack Buffer Overflow (Metasploit)
VideoLAN VLC Media Player 1.1.8 - ModPlug ReadS3M Stack Buffer Overflow (Metasploit)
VideoLAN VLC Media Player - Mms Stream Handling Buffer Overflow (Metasploit)
VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit)
Easy Internet Sharing Proxy Server 2.2 - SEH Overflow (Metasploit)
Disk Pulse Enterprise 9.0.34 - Buffer Overflow
Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow
Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit)
Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow' (Metasploit)
WinaXe 7.7 FTP Client - Remote Buffer Overflow (Metasploit)
phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion
phpMyNewsletter 0.6.10 - 'customize.php' Remote File Inclusion
QuickTalk forum 1.3 - 'lang' Local File Inclusion
QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion
QuickTalk forum 1.3 - 'lang' Parameter Local File Inclusion
QuickTicket 1.2 - 'qti_checkname.php' Local File Inclusion
Mambo Component com_Musica - 'id' SQL Injection
phpArcadeScript 3.0RC2 - (userid) SQL Injection
phpComasy 0.8 - (mod_project_id) SQL Injection
Dynamic photo Gallery 1.02 - 'albumID' SQL Injection
Mambo Component com_Musica - 'id' Parameter SQL Injection
phpArcadeScript 3.0RC2 - 'userid' Parameter SQL Injection
phpComasy 0.8 - 'mod_project_id' Parameter SQL Injection
Dynamic photo Gallery 1.02 - 'albumID' Parameter SQL Injection
XOOPS Module Glossario 2.2 - 'sid' SQL Injection
XOOPS Module wfdownloads - 'cid' SQL Injection
XOOPS Module Glossario 2.2 - 'sid' Parameter SQL Injection
XOOPS Module wfdownloads - 'cid' Parameter SQL Injection
Joomla! Component Candle 1.0 - (cID) SQL Injection
QuickTicket 1.5 - (qti_usr.php id) SQL Injection
Joomla! Component Candle 1.0 - 'cid' Parameter SQL Injection
QuickTicket 1.5 - 'qti_usr.php' SQL Injection
Mambo Component eWriting 1.2.1 - (cat) SQL Injection
phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection
Mapbender 2.4.4 - (mapFiler.php) Remote Code Execution
Mapbender 2.4.4 - (gaz) SQL Injection
Mambo Component eWriting 1.2.1 - 'cat' Parameter SQL Injection
phpMyNewsletter 0.8b5 - 'msg_id' Parameter SQL Injection
Mapbender 2.4.4 - 'mapFiler.php' Remote Code Execution
Mapbender 2.4.4 - 'gaz' Parameter SQL Injection
phpBB Mod FileBase - 'id' SQL Injection
phpBB Mod FileBase 2.0 - 'id' Parameter SQL Injection
XOOPS Module Gallery 0.2.2 - (gid) SQL Injection
XOOPS Module My_eGallery 3.04 - (gid) SQL Injection
XOOPS Module Gallery 0.2.2 - 'gid' Parameter SQL Injection
XOOPS Module My_eGallery 3.04 - 'gid' Parameter SQL Injection
XOOPS Module tutorials - 'printpage.php' SQL Injection
XOOPS Module tutorials 2.1b - 'printpage.php' SQL Injection
easygallery 5.0tr - Multiple Vulnerabilities
EasyGallery 5.0tr - Multiple Vulnerabilities
phpArcadeScript 4 - (cat) SQL Injection
phpArcadeScript 4 - 'cat' Parameter SQL Injection
phpComasy 0.9.1 - (entry_id) SQL Injection
phpComasy 0.9.1 - 'entry_id' Parameter SQL Injection
phpArcadeScript 4.0 - (linkout.php id) SQL Injection
phpArcadeScript 4.0 - 'id' Parameter SQL Injection
Myiosoft EasyGallery - 'catid' Blind SQL Injection
EasyGallery - 'catid' Parameter Blind SQL Injection
phpArcadeScript 2.0 - tellafriend.php gamename Parameter Cross-Site Scripting
phpArcadeScript 2.0 - loginbox.php login_status Parameter Cross-Site Scripting
phpArcadeScript 2.0 - 'index.php' submissionstatus Parameter Cross-Site Scripting
phpArcadeScript 2.0 - browse.php Multiple Parameter Cross-Site Scripting
phpArcadeScript 2.0 - displaygame.php gamefile Parameter Cross-Site Scripting
EasyGallery 1.17 - EasyGallery.php Cross-Site Scripting
Bloo 1.00 - Googlespell_Proxy.php Cross-Site Scripting
Mitra Informatika Solusindo Cart - 'p' Parameter SQL Injection
2016-11-16 05:01:23 +00:00
Offensive Security
c27aa131c8
DB: 2016-11-15
...
5 new exploits
MyServer 0.8.11 - (204 No Content) error Remote Denial of Service
MyServer 0.8.11 - '204 No Content' error Remote Denial of Service
Microsoft Internet Explorer 11 MSHTML - CMapElement::Notify Use-After-Free (MS15-009)
Microsoft Internet Explorer 9-11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104)
Microsoft Internet Explorer 9<11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104)
MySQL 4.0.17 - UDF Dynamic Library Exploit
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (1)
MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Privilege Escalation
MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (2)
Solaris 8 / 9 - (/usr/ucb/ps) Local Information Leak Exploit
Solaris 8 / 9 - '/usr/ucb/ps' Local Information Leak Exploit
Solaris 10 (libnspr) - Arbitrary File Creation Privilege Escalation
Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (1)
Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (2)
Solaris 10 (libnspr) - Constructor Privilege Escalation
Solaris 10 libnspr - 'Constructor' Arbitrary File Creation Privilege Escalation (3)
IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug
IBM AIX 5.6/6.1 - '_LIB_INIT_DBG' Arbitrary File Overwrite via Libc Debug
Apple MacOS 10.12 - 'task_t' Privilege Escalation
Apple macOS 10.12 - 'task_t' Privilege Escalation
Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation
Solaris 8/9 ps - Environment Variable Information Leak
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation
Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation
Linux Kernel 4.4 (Ubuntu 16.04) - BPF Local Privilege Escalation (Metasploit)
Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - /bin/login Buffer Overflow
Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Buffer Overflow
Oracle 9i / 10g (extproc) - Local+Remote Command Execution
Oracle 9i / 10g (extproc) - Local / Remote Command Execution
Solaris/SPARC 2.5.1/2.6/7/8 - Derived 'login' Buffer Overflow
Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084)
Microsoft Internet Explorer 8<11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084)
Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit)
MiniNuke 1.8.2 - (news.asp hid) SQL Injection
MiniNuke 1.8.2 - 'hid' Parameter SQL Injection
MiniNuke 1.8.2b - (pages.asp) SQL Injection
MiniNuke 1.8.2b - 'pages.asp' SQL Injection
MiniNuke 2.x - (create an admin) SQL Injection
MiniNuke 2.x - SQL Injection (Add Admin)
Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit
Nukedit CMS 4.9.6 - Unauthorized Admin Add
Portail Web PHP 2.5.1 - (includes.php) Remote File Inclusion
Portail Web PHP 2.5.1 - 'includes.php' Remote File Inclusion
CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion
Mambo Module Weather - 'absolute_path' Remote File Inclusion
CodeBreak 1.1.2 - 'codebreak.php' Remote File Inclusion
Mambo Module Weather - 'absolute_path' Parameter Remote File Inclusion
mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion
mxBB Module MX Shotcast 1.0 RC2 - 'getinfo1.php' Remote File Inclusion
RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion
RicarGBooK 1.2.1 - 'lang' Parameter Local File Inclusion
BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection
BlogPHP 2 - 'id' Parameter Cross-Site Scripting / SQL Injection
MultiCart 2.0 - (productdetails.php) SQL Injection
PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection
PHP-Nuke Module Siir - 'id' SQL Injection
MultiCart 2.0 - 'productdetails.php' SQL Injection
PHP-Nuke Modules Manuales 0.1 - 'cid' Parameter SQL Injection
PHP-Nuke Module Siir - 'id' Parameter SQL Injection
OSSIM 0.9.9rc5 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection
OSSIM 0.9.9rc5 - Cross-Site Scripting / SQL Injection
PHP-Nuke Module NukeC 2.1 - 'id_catg' Parameter SQL Injection
PHPProfiles 4.5.2 Beta - (body_comm.inc.php) Remote File Inclusion
PHPProfiles 4.5.2 Beta - 'body_comm.inc.php' Remote File Inclusion
PHPUserBase 1.3b - (unverified.inc.php) Local File Inclusion
PHPUserBase 1.3b - (unverified.inc.php) Remote File Inclusion
PHPUserBase 1.3b - 'unverified.inc.php' Local File Inclusion
PHPUserBase 1.3b - 'unverified.inc.php' Remote File Inclusion
PHP-Nuke Module Kose_Yazilari - (artid) SQL Injection
MiniNuke 2.1 - (members.asp uid) SQL Injection
PHP-Nuke Module Kose_Yazilari - 'artid' Parameter SQL Injection
MiniNuke 2.1 - 'uid' Parameter SQL Injection
Nukedit 4.9.x - Remote Create Admin Exploit
WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities
Mambo Component SimpleBoard 1.0.3 - 'catid' SQL Injection
Nukedit 4.9.x - Remote Create Admin
WordPress Plugin Sniplets 1.1.2 - Remote File Inclusion / Cross-Site Scripting / Remote Code Execution
Mambo Component SimpleBoard 1.0.3 - 'catid' Parameter SQL Injection
GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion
Koobi Pro 5.7 - (categ) SQL Injection
GROUP-E 1.6.41 - 'head_auth.php' Remote File Inclusion
Dream4 Koobi Pro 5.7 - 'categ' Parameter SQL Injection
barryvan compo manager 0.5pre-1 - Remote File Inclusion
PHP-Nuke My_eGallery 2.7.9 - SQL Injection
Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure
Koobi CMS 4.3.0 < 4.2.3 - (categ) SQL Injection
Barryvan Compo Manager 0.3 - Remote File Inclusion
PHP-Nuke Module My_eGallery 2.7.9 - SQL Injection
Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure
Dream4 Koobi CMS 4.3.0 < 4.2.3 - 'categ' Parameter SQL Injection
Koobi Pro 6.25 - links SQL Injection
Koobi Pro 6.25 - shop SQL Injection
Koobi Pro 6.25 - gallery SQL Injection
Koobi Pro 6.25 - showimages SQL Injection
Koobi 4.4/5.4 - gallery SQL Injection
Dream4 Koobi Pro 6.25 Links - 'categ' Parameter SQL Injection
Dream4 Koobi Pro 6.25 Shop - 'categ' Parameter SQL Injection
Dream4 Koobi Pro 6.25 Gallery - 'galid' Parameter SQL Injection
Dream4 Koobi Pro 6.25 Showimages - 'galid' Parameter SQL Injection
Dream4 Koobi 4.4/5.4 - gallery SQL Injection
Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections
Koobi Pro 6.25 - poll SQL Injection
Dream4 Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections
Dream4 Koobi Pro 6.25 Poll - 'poll_id' Parameter SQL Injection
Podcast Generator 1.2 - GLOBALS[] Multiple Vulnerabilities
Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities
DBHCMS Web Content Management System 1.1.4 - Remote File Inclusion
DBHcms 1.1.4 - Remote File Inclusion
Koobi Pro 6.1 - Gallery (img_id)
Dream4 Koobi Pro 6.1 Gallery - 'img_id' Parameter SQL Injection
dbhcms 1.1.4 - Persistent Cross-Site Scripting
DBHcms 1.1.4 - Persistent Cross-Site Scripting
DBHcms 1.1.4 (dbhcms_user and SearchString) - SQL Injection
DBHcms 1.1.4 - 'dbhcms_user/SearchString' Parameter SQL Injection
podcast generator 1.3 - Multiple Vulnerabilities
Podcast Generator 1.3 - Multiple Vulnerabilities
PHP Download Manager 1.1.x - files.php SQL Injection
PHP Download Manager 1.1.x - 'files.php' SQL Injection
Koobi 5.0 - BBCode URL Tag Script Injection
Dream4 Koobi 5.0 - BBCode URL Tag Script Injection
Koobi Pro 5.6 - showtopic Module toid Parameter Cross-Site Scripting
Koobi Pro 5.6 - showtopic Module toid Parameter SQL Injection
Dream4 Koobi Pro 5.6 - 'showtopic' Parameter SQL Injection
Portail Web PHP 2.5.1 - config/conf-activation.php site_path Parameter Remote File Inclusion
Portail Web PHP 2.5.1 - menu/item.php site_path Parameter Remote File Inclusion
Portail Web PHP 2.5.1 - modules/conf_modules.php site_path Parameter Remote File Inclusion
Portail Web PHP 2.5.1 - system/login.php site_path Parameter Remote File Inclusion
Portail Web PHP 2.5.1 - 'conf-activation.php' Remote File Inclusion
Portail Web PHP 2.5.1 - 'item.php' Remote File Inclusion
Portail Web PHP 2.5.1 - 'conf_modules.php' Remote File Inclusion
Portail Web PHP 2.5.1 - 'login.php' Remote File Inclusion
Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting
Barryvan Compo Manager 0.3 - 'main.php' Remote File Inclusion
Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities
DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion
DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion
Boonex Dolphin 7.3.2 - Authentication Bypass / Remote Code Execution
2016-11-15 05:01:20 +00:00
Offensive Security
3c006aac19
DB: 2016-11-13
2016-11-13 05:01:17 +00:00
Offensive Security
490539b3f3
DB: 2016-11-09
...
17 new exploits
DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion
DigitalHive 2.0 RC2 - 'base_include.php' Remote File Inclusion
DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion
DodosMail 2.0.1 - 'dodosmail.php' Remote File Inclusion
DoSePa 1.0.4 - (textview.php) Information Disclosure
DoSePa 1.0.4 - 'textview.php' Information Disclosure
TrueCrypt 4.3 - Privilege Escalation
TrueCrypt 4.3 - 'setuid' Privilege Escalation
w-Agora 4.2.1 - (cat) SQL Injection
w-Agora 4.2.1 - 'cat' Parameter SQL Injection
IPTBB 0.5.4 - (viewdir id) SQL Injection
IPTBB 0.5.4 - 'id' Parameter SQL Injection
LoudBlog 0.6.1 - (parsedpage) Remote Code Execution
LoudBlog 0.6.1 - 'parsedpage' Parameter Remote Code Execution
evilboard 0.1a - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
evilboard 0.1a - SQL Injection / Cross-Site Scripting
QuickTime Player 7.3.1.70 - (rtsp) Buffer Overflow
QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow
DigitalHive 2.0 RC2 - (user_id) SQL Injection
DigitalHive 2.0 RC2 - 'user_id' Parameter SQL Injection
X7 Chat 2.0.5 - 'day' SQL Injection
X7 Chat 2.0.5 - 'day' Parameter SQL Injection
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/DoS
Cisco VPN Client - Integer Overflow (DOS)
Cisco VPN Client - Integer Overflow (DoS)
Multiple WordPress Plugins - timthumb.php File Upload
Multiple WordPress Plugins - 'timthumb.php' File Upload
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation
glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation
NetServe FTP Client 1.0 - Local DOS (Overflow)
NetServe FTP Client 1.0 - Local DoS (Overflow)
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial Of Service (PoC)
Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084)
Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read
Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084)
Microsoft Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read
Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation
Solaris 8/9 ps - Environment Variable Information leak
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation
Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation
Linux Kernel - TCP Related Read Use-After-Free
WordPress Plugin 'XCloner' 3.1.5 - Multiple Vulnerabilities
WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting
WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting
MOVISTAR ADSL Router BHS_RTA - Remote File Disclosure
D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure
NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure
NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure
PLANET ADSL Router AND-4101 - Remote File Disclosure
Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit)
Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution
2016-11-09 05:01:25 +00:00
Offensive Security
1edbc5ecc4
DB: 2016-11-04
...
14 new exploits
Microsoft Windows - Metafile (.WMF) Remote File Download Exploit Generator
Microsoft Windows - Metafile '.WMF' Arbitrary File Download (Generator)
Redaxo CMS 3.2 - 'INCLUDE_PATH' Remote File Inclusion
Redaxo 3.2 - 'INCLUDE_PATH' Remote File Inclusion
Mambo Component com_loudmouth 4.0j - Remote File Inclusion
Mambo Component com_loudmouth 4.0j - Remote File Inclusion
Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download
Sisfo Kampus 2006 - 'dwoprn.php f' Arbitrary File Download
Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection
Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection
Joomla! / Mambo Component com_catalogproduction - 'id' SQL Injection
Joomla! / Mambo Component 'com_catalogproduction' - 'id' SQL Injection
Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit
Megacubo 5.0.7 - 'mega://' Arbitrary File Download and Execute
DMXReady SDK 1.1 - Remote File Download
DMXReady SDK 1.1 - Arbitrary File Download
Joomla! 1.5.12 RCE via TinyMCE - Arbitrary File Upload
Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload)
Joomla! Component Jw_allVideos - Remote File Download
Joomla! Component Jw_allVideos - Arbitrary File Download
Trouble Ticket Software - ttx.cgi Remote File Download
Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download
Redaxo CMS 4.2.1 - Remote File Inclusion
Redaxo 4.2.1 - Remote File Inclusion
Joomla! Component Music Manager - Local File Inclusion
Joomla! Component 'Music Manager' - Local File Inclusion
Joomla! Component NeoRecruit (com_neorecruit Itemid) - Blind SQL Injection
Joomla! Component 'com_neorecruit' - 'Itemid' Parameter Blind SQL Injection
Joomla! Component artforms 2.1b7.2 rc2 - Multiple Vulnerabilities
Joomla! Component PaymentsPlus - Mtree 2.1.5 - Blind SQL Injection
Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities
Joomla! Component 'PaymentsPlus' 2.1.5 - Blind SQL Injection
Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting
Joomla! Component IXXO Cart - SQL Injection
Joomla! Component com_jomtube - (user_id) Blind SQL Injection / SQL Injection
Joomla! Component redSHOP 1.0 (com_redshop pid) - SQL Injection
Joomla! Component QuickFAQ (com_quickfaq) - Blind SQL Injection
Joomla! Component 'Minify4Joomla' - Arbitrary File Upload / Persistent Cross-Site Scripting
Joomla! Component 'IXXO Cart' - SQL Injection
Joomla! Component 'com_jomtube' - 'user_id' Parameter Blind SQL Injection
Joomla! Component 'com_redshop' 1.0 - 'pid' Parameter SQL Injection
Joomla! Component 'com_quickfaq' - Blind SQL Injection
Joomla! Component MyHome (com_myhome) - Blind SQL Injection
Joomla! Component MySms (com_mysms) - Arbitrary File Upload
Joomla! Component Health & Fitness Stats - Persistent Cross-Site Scripting
Joomla! Component 'com_myhome' - Blind SQL Injection
Joomla! Component 'com_mysms' - Arbitrary File Upload
Joomla! Component 'healthstats' - Persistent Cross-Site Scripting
Joomla! Component Rapid Recipe - Persistent Cross-Site Scripting
Joomla! Component 'Rapid-Recipe' - Persistent Cross-Site Scripting
Joomla! Component EasyBlog - Persistent Cross-Site Scripting
Joomla! Component 'EasyBlog' - Persistent Cross-Site Scripting
Joomla! Component QContacts (com_qcontacts) - SQL Injection
Joomla! Component 'com_qcontacts' - SQL Injection
Joomla! Component RedShop 1.0.23.1 - Blind SQL Injection
Joomla! Component 'com_redshop' 1.0.23.1 - Blind SQL Injection
Joomla! Component com_spa - SQL Injection (2)
Joomla! Component com_staticxt - SQL Injection
Joomla! Component 'com_spa' - SQL Injection (2)
Joomla! Component 'com_staticxt' - SQL Injection
Joomla! Component com_spa - SQL Injection (1)
Joomla! Component 'com_spa' - SQL Injection (1)
Joomla! Component com_golfcourseguide) 0.9.6.0 (Beta) / 1 (Beta - SQL Injection
Joomla! Component com_huruhelpdesk - SQL Injection
Joomla! Component com_iproperty - SQL Injection
Joomla! Component 'com_golfcourseguide' 0.9.6.0 - SQL Injection
Joomla! Component 'com_huruhelpdesk' - SQL Injection
Joomla! Component 'com_iproperty' - SQL Injection
Joomla! Component Ozio Gallery (com_oziogallery) - SQL Injection
Joomla! Component ITArmory (com_itarmory) - SQL Injection
Joomla! Component 'com_oziogallery' - SQL Injection
Joomla! Component 'com_itarmory' - SQL Injection
Joomla! Component com_joomdle) 0.24 - SQL Injection
Joomla! Component com_youtube - SQL Injection
Joomla! Component 'com_joomdle' 0.24 - SQL Injection
Joomla! Component 'com_youtube' - SQL Injection
Joomla! Component com_Joomla-visites - Remote File Inclusion
Joomla! Component 'com_Joomla-visites' - Remote File Inclusion
Joomla! Component TTVideo 1.0 - SQL Injection
Joomla! Component 'com_ttvideo' 1.0 - SQL Injection
Joomla! Component appointinator 1.0.1 - Multiple Vulnerabilities
Joomla! Component 'com_appointinator' 1.0.1 - Multiple Vulnerabilities
Joomla! Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injections
Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections
Joomla! Component com_beamospetition - SQL Injection
Joomla! Component 'com_beamospetition' - SQL Injection
Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download
Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download
Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload
Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload
ADA IMGSVR 0.4 - Remote File Download
ADA IMGSVR 0.4 - Arbitrary File Download
Joomla! / Mambo Component com_buslicense - 'aid' Parameter SQL Injection
Joomla! / Mambo Component 'com_buslicense' - 'aid' Parameter SQL Injection
Joomla! / Mambo Component com_sermon 0.2 - 'gid' Parameter SQL Injection
Joomla! / Mambo Component 'com_sermon' 0.2 - 'gid' Parameter SQL Injection
Joomla! / Mambo Component com_comments 0.5.8.5g - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_comments' 0.5.8.5g - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_iomezun - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_iomezun' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_Joomlavvz - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_most - 'secid' Parameter SQL Injection
Joomla! / Mambo Component com_asortyment - 'katid' Parameter SQL Injection
Joomla! / Mambo Component 'com_Joomlavvz' - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_most' - 'secid' Parameter SQL Injection
Joomla! / Mambo Component 'com_asortyment' - 'katid' Parameter SQL Injection
Joomla! / Mambo Component com_model - 'objid' Parameter SQL Injection
Joomla! / Mambo Component com_omnirealestate - 'objid' Parameter SQL Injection
Joomla! / Mambo Component 'com_model' - 'objid' Parameter SQL Injection
Joomla! / Mambo Component 'com_omnirealestate' - 'objid' Parameter SQL Injection
Joomla! / Mambo Component com_smslist - 'listid' Parameter SQL Injection
Joomla! / Mambo Component com_activities - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_smslist' - 'listid' Parameter SQL Injection
Joomla! / Mambo Component 'com_activities' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_lexikon - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_lexikon' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_team - SQL Injection
Joomla! / Mambo Component com_iigcatalog - 'cat' Parameter SQL Injection
Joomla! / Mambo Component com_formtool - 'catid' Parameter SQL Injection
Joomla! / Mambo Component com_genealogy - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_team' - SQL Injection
Joomla! / Mambo Component 'com_iigcatalog' - 'cat' Parameter SQL Injection
Joomla! / Mambo Component 'com_formtool' - 'catid' Parameter SQL Injection
Joomla! / Mambo Component 'com_genealogy' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_hello_world - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_hello_world' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_publication - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_blog - 'pid' Parameter SQL Injection
Joomla! / Mambo Component 'com_publication' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component 'com_blog' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_wines 1.0 - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_wines' 1.0 - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_inter - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_inter' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_guide - 'category' Parameter SQL Injection
Joomla! / Mambo Component 'com_guide' - 'category' Parameter SQL Injection
Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections
Joomla! / Mambo Component 'com_is' 1.0.1 - Multiple SQL Injections
Joomla! / Mambo Component com_utchat 0.2 - Multiple Remote File Inclusion
Joomla! / Mambo Component 'com_utchat' 0.2 - Multiple Remote File Inclusion
Vana CMS - 'Filename' Parameter Remote File Download
Vana CMS - 'Filename' Parameter Arbitrary File Download
Joomla! Component Rapid-Recipe - HTML Injection
Joomla! Component 'Rapid-Recipe' - HTML Injection
Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component 'FreiChat' 1.0/2.x - Unspecified HTML Injection
REDAXO - 'subpage' Parameter Cross-Site Scripting
Redaxo CMS 5.0.0 - Multiple Vulnerabilities
Redaxo 5.0.0 - Multiple Vulnerabilities
DarkComet Server - Remote File Download Exploit (Metasploit)
DarkComet Server - Arbitrary File Download (Metasploit)
WinaXe 7.7 'FTP client' - Remote Buffer Overflow
Rapid PHP Editor 14.1 - Remote Command Execution
Memcached 1.4.33 - PoC (1)
Memcached 1.4.33 - PoC (2)
Memcached 1.4.33 - PoC (3)
SweetRice 1.5.1 - Arbitrary File Download
Axessh 4.2 - Denial Of Service
SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution
ETchat 3.7 - Cross-Site Request Forgery
sNews 1.7.1 - Cross-Site Request Forgery
sNews 1.7.1 - Arbitrary File Upload
PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow
nodCMS - Cross-Site Request Forgery
Redaxo 5.2.0 - Cross-Site Request Forgery
2016-11-04 05:01:21 +00:00
Offensive Security
1f59ca27c2
DB: 2016-11-03
...
15 new exploits
Joomla! Component PBBooking 1.0.4_3 - Multiple Blind SQL Injection
Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection
Joomla! Component SimpleShop (com_SimpleShop) - SQL Injection
Joomla! Component 'com_SimpleShop' - SQL Injection
Joomla! Component Spielothek 1.6.9 - Multiple Blind SQL Injection
Joomla! Component 'com_spielothek' 1.6.9 - Multiple Blind SQL Injection
Joomla! Component CamelcityDB 2.2 - SQL Injection
Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection
Joomla! Component cgtestimonial 2.2 - Multiple Vulnerabilities
Joomla! Component 'com_cgtestimonial' 2.2 - Multiple Vulnerabilities
Joomla! Component com_neorecruit 1.4 - SQL Injection
Joomla! Component 'com_neorecruit' 1.4 - SQL Injection
Joomla! Component Teams - Multiple Blind SQL Injection
Joomla! Component 'com_teams' - Multiple Blind SQL Injection
Joomla! Component Yellowpages - SQL Injection
Joomla! Component 'com_yellowpages' - SQL Injection
Joomla! Component Amblog 1.0 - Multiple SQL Injections
Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections
Joomla! Component com_equipment - SQL Injection
Joomla! Component Jgrid 1.0 - Local File Inclusion
Joomla! Component OnGallery - SQL Injection
Joomla! Component 'com_equipment' - SQL Injection
Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion
Joomla! Component 'com_ongallery' - SQL Injection
Joomla! Component com_Fabrik - SQL Injection
Joomla! Component com_extcalendar - Blind SQL Injection
Joomla! Component 'com_Fabrik' - SQL Injection
Joomla! Component 'com_extcalendar' - Blind SQL Injection
Joomla! Component com_zina - SQL Injection
Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections
Joomla! Component 'com_zina' - SQL Injection
Joomla! Component 'com_biblioteca' 1.0 Beta - Multiple SQL Injections
Joomla! Component com_zoomportfolio - SQL Injection
Joomla! Component 'com_zoomportfolio' - SQL Injection
Joomla! Component com_remository - Arbitrary File Upload
Joomla! Component 'com_remository' - Arbitrary File Upload
Joomla! Component com_picsell - Local File Disclosure
Joomla! Component com_jefaqpro - Multiple Blind SQL Injection
Joomla! Component 'com_picsell' - Local File Disclosure
Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection
Joomla! Component iJoomla! magazine 3.0.1 - Remote File Inclusion
Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion
Joomla! Component Clantools 1.5 - Blind SQL Injection
Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection
Joomla! Component 'com_clantools' 1.5 - Blind SQL Injection
Joomla! Component 'com_clantools' 1.2.3 - Multiple Blind SQL Injection
Joomla! Component Gantry Framework 3.0.10 - Blind SQL Injection
Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection
Joomla! Component Aardvertiser 2.1 Free - Blind SQL Injection
Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection
Joomla! Component RSform! 1.0.5 - Multiple Vulnerabilities
Joomla! Component 'com_forme' 1.0.5 - Multiple Vulnerabilities
Joomla! Component com_jphone - Local File Inclusion
Joomla! Component 'com_jphone' - Local File Inclusion
Joomla! Component Mosets Tree 2.1.5 - Arbitrary File Upload
Joomla! Component 'com_mtree' 2.1.5 - Arbitrary File Upload
Joomla! Component com_jgen - SQL Injection
Joomla! Component 'com_jgen' - SQL Injection
Joomla! Component com_restaurantguide - Multiple Vulnerabilities
Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities
Joomla! Component com_elite_experts - SQL Injection
Joomla! Component 'com_elite_experts' - SQL Injection
Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection
Joomla! Component com_ezautos - SQL Injection
Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection
Joomla! Component 'com_ezautos' - SQL Injection
Joomla! Component je Guestbook 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities
Joomla! Component JE Job - SQL Injection
Joomla! Component JE Directory - SQL Injection
Joomla! Component 'com_jejob' - SQL Injection
Joomla! Component 'com_jedirectory' - SQL Injection
Joomla! Component Community Builder Enhenced (CBE) - Local File Inclusion / Remote Code Execution
Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution
Joomla! Component js Calendar 1.5.1 Joomla! - Multiple Vulnerabilities
Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities
Joomla! Component JE Ajax Event Calendar (com_jeajaxeventcalendar) - SQL Injection
Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection
Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload
Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload
Joomla! Component Flip Wall (com_flipwall) - SQL Injection
Joomla! Component Sponsor Wall (com_sponsorwall) - SQL Injection
Joomla! Component 'com_flipwall' - SQL Injection
Joomla! Component 'com_sponsorwall' - SQL Injection
sweetrice CMS 0.6.7 - Multiple Vulnerabilities
SweetRice 0.6.7 - Multiple Vulnerabilities
Joomla! Component ccInvoices (com_ccinvoices) - SQL Injection
Joomla! Component 'com_ccinvoices' - SQL Injection
Joomla! Component com_connect - Local File Inclusion
Joomla! Component DCNews com_dcnews - Local File Inclusion
Joomla! Component 'com_connect' - Local File Inclusion
Joomla! Component 'com_dcnews' - Local File Inclusion
Joomla! Component com_ckforms - Local File Inclusion
Joomla! Component com_clan - SQL Injection
Joomla! Component 'com_ckforms' - Local File Inclusion
Joomla! Component 'com_clan' - SQL Injection
Joomla! Component com_clanlist - SQL Injection
Joomla! Component 'com_clanlist' - SQL Injection
Joomla! Component ProDesk 1.5 - Local File Inclusion
Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion
Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection
Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection
Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection
Joomla! Component com_markt - SQL Injection
Joomla! Component com_img - Local File Inclusion
Joomla! Component 'btg_oglas' - HTML / Cross-Site Scripting Injection
Joomla! Component 'com_markt' - SQL Injection
Joomla! Component 'com_img' - Local File Inclusion
Joomla! Component com_jsupport - Cross-Site Scripting
Joomla! Component com_jsupport - SQL Injection
Joomla! Component 'com_jsupport' - Cross-Site Scripting
Joomla! Component 'com_jsupport' - SQL Injection
Joomla! Component ccBoard 1.2-RC - Multiple Vulnerabilities
Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities
Joomla! Component com_alfurqan15x - SQL Injection
Joomla! Component 'com_alfurqan15x' - SQL Injection
Joomla! Component Maian Media (com_maianmedia) - SQL Injection
Joomla! Component 'com_maianmedia' - SQL Injection
Joomla! Component Template Mosets Tree 2.1.6 - Overwrite Cross-Site Request Forgery
Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery
Joomla! Component com_jimtawl - Local File Inclusion
Joomla! Component 'com_jimtawl' - Local File Inclusion
Joomla! Component JE Auto 1.0 - SQL Injection
Joomla! Component 'com_jeauto' 1.0 - SQL Injection
Joomla! Component Billy Portfolio 1.1.2 - Blind SQL Injection
Joomla! Component 'com_billyportfolio' 1.1.2 - Blind SQL Injection
Joomla! Component JRadio (com_jradio) - Local File Inclusion
Joomla! Component 'com_jradio' - Local File Inclusion
Joomla! Component JE Auto (com_jeauto) - Local File Inclusion
Joomla! Component 'com_jeauto' - Local File Inclusion
Joomla! Component Jotloader 2.2.1 - Local File Inclusion
Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion
Joomla! Component com_xgallery 1.0 - Local File Inclusion
Joomla! Component 'com_xgallery' 1.0 - Local File Inclusion
Joomla! Component com_ponygallery - Remote File Inclusion
Joomla! Component com_adsmanager - Remote File Inclusion
Joomla! Component 'com_ponygallery' - Remote File Inclusion
Joomla! Component 'com_adsmanager' - Remote File Inclusion
Joomla! Component com_xmovie 1.0 - Local File Inclusion
Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion
Joomla! Component com_idoblog - SQL Injection
Joomla! Component 'com_idoblog' - SQL Injection
Joomla! Plugin Captcha 4.5.1 - Local File Disclosure
Joomla! Plugin 'Captcha' 4.5.1 - Local File Disclosure
Joomla! Component People 1.0.0 - SQL Injection
Joomla! Component 'com_people' 1.0.0 - SQL Injection
Joomla! Component People 1.0.0 - Local File Inclusion
Joomla! Component 'com_people' 1.0.0 - Local File Inclusion
Joomla! Component allCineVid 1.0.0 - Blind SQL Injection
Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection
Joomla! Component B2 Portfolio 1.0.0 - Multiple SQL Injections
Joomla! Component 'com_b2portfolio' 1.0.0 - Multiple SQL Injections
Joomla! Component XCloner (com_xcloner-backupandrestore) - Remote Command Execution
Joomla! Component 'com_xcloner-backupandrestore' - Remote Command Execution
Joomla! Component com_booklibrary - SQL Injection
Joomla! Component 'com_booklibrary' - SQL Injection
Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection
Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection
Joomla! Component JCE (com_jce) - Blind SQL Injection
Joomla! Component 'com_jce' - Blind SQL Injection
Joomla! Component com_versioning - SQL Injection
Joomla! Component com_hello - SQL Injection
Joomla! Component 'com_versioning' - SQL Injection
Joomla! Component 'com_hello' - SQL Injection
Joomla! Component com_question - SQL Injection
Joomla! Component 'com_question' - SQL Injection
Joomla! Component 1.0 jDownloads - Arbitrary File Upload
Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload
Joomla! Component com_jmsfileseller - Local File Inclusion
Joomla! Component 'com_jmsfileseller' - Local File Inclusion
Joomla! Component com_joomnik - SQL Injection
Joomla! Component 'com_joomnik' - SQL Injection
Joomla! Plugin Scriptegrator 1.5 - File Inclusion
Joomla! Component 'Scriptegrator' 1.5 - File Inclusion
Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion
Joomla! Component com_team - SQL Injection
Joomla! Component 'com_acooldebate' 1.0.3 - Local File Inclusion
Joomla! Component 'com_team' - SQL Injection
Joomla! Component Calc Builder - 'id' Blind SQL Injection
Joomla! Component 'com_calcbuilder' - 'id' Parameter Blind SQL Injection
Joomla! Component JoomlaXi - Persistent Cross-Site Scripting
Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting
Joomla! Component mdigg - SQL Injection
Joomla! Component 'mdigg' - SQL Injection
Joomla! Component Xmap 1.2.11 - Blind SQL Injection
Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection
Joomla! Component SOBI2 2.9.3.2 - Blind SQL Injections
Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections
Joomla! Component Appointment Booking Pro - Local File Inclusion
Joomla! Component 'com_rsappt_pro2' - Local File Inclusion
Joomla! Component JE K2 Story Submit - Local File Inclusion
Joomla! Component 'com_jesubmit' - Local File Inclusion
Joomla! Component mod_spo - SQL Injection
Joomla! Component 'mod_spo' - SQL Injection
Joomla! Component com_virtuemart 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)
Joomla! Component 'com_virtuemart' 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)
Joomla! Component com_obSuggest - Local File Inclusion
Joomla! Component 'com_obSuggest' - Local File Inclusion
Joomla! Component com_jdirectory - SQL Injection
Joomla! Component 'com_jdirectory' - SQL Injection
Joomla! Component TNR Enhanced Joomla! Search - SQL Injection
Joomla! Component 'com_esearch' - SQL Injection
Joomla! Component JoomTouch - Local File Inclusion
Joomla! Component 'com_joomtouch' - Local File Inclusion
Joomla! Extension JCE 2.0.10 - Multiple Vulnerabilities
Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities
Joomla! Component simple file lister module 1.0 - Directory Traversal
Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal
Joomla! Component YJ Contact us - Local File Inclusion
Joomla! Component 'com_yjcontactus' - Local File Inclusion
Joomla! Component Time Returns (com_timereturns) 2.0 - SQL Injection
Joomla! Component 'com_timereturns' 2.0 - SQL Injection
Joomla! Component Techfolio 1.0 - SQL Injection
Joomla! Component 'com_techfolio' 1.0 - SQL Injection
Joomla! Component JEEMA Sms 3.2 - Multiple Vulnerabilities
Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jeemasms' 3.2 - Multiple Vulnerabilities
Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities
Joomla! Component HM-Community com_hmcommunity - Multiple Vulnerabilities
Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities
Joomla! Component Alameda (com_alameda) 1.0 - SQL Injection
Joomla! Component 'com_alameda' 1.0 - SQL Injection
Joomla! Component Jobprofile (com_jobprofile) - SQL Injection
Joomla! Component 'com_jobprofile' - SQL Injection
Joomla! Component QContacts 1.0.6 - SQL Injection
Joomla! Component 'com_qcontacts' 1.0.6 - SQL Injection
Joomla! Component com_dshop - SQL Injection
Joomla! Component 'com_dshop' - SQL Injection
Joomla! Component Discussions (com_discussions) - SQL Injection
Joomla! Component 'com_discussions' - SQL Injection
Joomla! Component The Estate Agent (com_estateagent) - SQL Injection
Joomla! Component com_bearleague - SQL Injection
Joomla! Component 'com_estateagent' - SQL Injection
Joomla! Component 'com_bearleague' - SQL Injection
Joomla! Component com_ponygallery - SQL Injection
Joomla! Component 'com_ponygallery' - SQL Injection
Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal
Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal
Joomla! Component com_weblinks - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection
Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection
Joomla! Component com_dirfrm - Multiple SQL Injections
Joomla! Component 'com_dirfrm' - Multiple SQL Injections
Joomla! Component Spain - 'nv' Parameter SQL Injection
Joomla! Component 'com_spain' - 'nv' Parameter SQL Injection
Joomla! Component com_tax - 'eid' Parameter SQL Injection
Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection
Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection
Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection
Joomla! / Mambo Component com_trade - 'PID' Parameter Cross-Site Scripting
Joomla! / Mambo Component 'com_trade' - 'PID' Parameter Cross-Site Scripting
Joomla! Component com_jstore - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion
Joomla! Component Catalogue - SQL Injection / Local File Inclusion
Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion
Joomla! Component AutoArticles 3000 - 'id' Parameter SQL Injection
Joomla! Component 'com_a3000' - 'id' Parameter SQL Injection
Joomla! Component Store Directory - 'id' Parameter SQL Injection
Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection
Joomla! Component Annuaire - 'id' Parameter SQL Injection
Joomla! Component 'com_annuaire' - 'id' Parameter SQL Injection
Joomla! Component Jeformcr - 'id' Parameter SQL Injection
Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection
Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection
Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection
Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component Redirect 'com_redirect' 1.5.19 - Local File Inclusion
Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion
Joomla! Component Classified - SQL Injection
Joomla! Component 'com_classified' - SQL Injection
Joomla! Component com_frontenduseraccess - Local File Inclusion
Joomla! Component 'com_frontenduseraccess' - Local File Inclusion
Joomla! Component VirtueMart eCommerce 1.1.6 - SQL Injection
Joomla! Component 'com_virtuemart' 1.1.6 - SQL Injection
Joomla! Component com_clan_members - 'id' Parameter SQL Injection
Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection
Joomla! Component com_phocadownload - Local File Inclusion
Joomla! Component 'com_phocadownload' - Local File Inclusion
Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection
Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection
Joomla! Component com_maplocator - 'cid' Parameter SQL Injection
Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection
Joomla! Component com_shop - SQL Injection
Joomla! Component 'com_shop' - SQL Injection
Joomla! Component Virtual Money 'com_virtualmoney' 1.5 - SQL Injection
Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload
Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection
Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload
Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection
Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection
Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_voj - SQL Injection
Joomla! Component 'com_voj' - SQL Injection
Joomla! Component Foto - 'id_categoria' Parameter SQL Injection
Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection
Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection
Joomla! Component com_hospital - SQL Injection
Joomla! Component Controller - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection
Joomla! Component 'com_hospital' - SQL Injection
Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection
Joomla! Component com_resman - Cross-Site Scripting
Joomla! Component com_newssearch - SQL Injection
Joomla! Component 'com_newssearch' - SQL Injection
Joomla! Component Slideshow Gallery - 'id' Parameter SQL Injection
Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection
Joomla! Component com_community - 'userid' Parameter SQL Injection
Joomla! Component 'com_community' - 'userid' Parameter SQL Injection
Joomla! Component com_biitatemplateshop - 'groups' Parameter SQL Injection
Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection
Joomla! Component com_expedition - 'id' Parameter SQL Injection
Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection
Joomla! Component com_tree - 'key' Parameter SQL Injection
Joomla! Component com_br - 'state_id' Parameter SQL Injection
Joomla! Component com_shop - 'id' Parameter SQL Injection
Joomla! Component 'com_tree' - 'key' Parameter SQL Injection
Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection
Joomla! Component 'com_shop' - 'id' Parameter SQL Injection
Joomla! Component Sgicatalog 1.0 - 'id' Parameter SQL Injection
Joomla! Component 'com_sgicatalog' 1.0 - 'id' Parameter SQL Injection
Joomla! Extension com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component 'com_alfcontact' 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component Content - 'year' Parameter SQL Injection
Joomla! Component 'com_content' - 'year' Parameter SQL Injection
Joomla! Component com_tsonymf - 'idofitem' Parameter SQL Injection
Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection
Joomla! Component com_caproductprices - 'id' Parameter SQL Injection
Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection
Joomla! Component HD Video Share 1.3 - 'id' Parameter SQL Injection
Joomla! Component 'com_contushdvideoshare' 1.3 - 'id' Parameter SQL Injection
Joomla! Component com_br - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion
Joomla! Component Full 'com_full' - 'id' Parameter SQL Injection
Joomla! Component com_sanpham - Multiple SQL Injections
Joomla! Component com_xball - 'team_id' Parameter SQL Injection
Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion
Joomla! Component com_car - Multiple SQL Injections
Joomla! Component com_some - 'Controller' Parameter Local File Inclusion
Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion
Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_full' - 'id' Parameter SQL Injection
Joomla! Component 'com_sanpham' - Multiple SQL Injections
Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection
Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_car' - Multiple SQL Injections
Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_jesubmit - 'index.php' Arbitrary File Upload
Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload
Joomla! Component com_motor - 'cid' Parameter SQL Injection
Joomla! Component com_products - Multiple SQL Injections
Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection
Joomla! Component 'com_products' - Multiple SQL Injections
Joomla! Component com_visa - Local File Inclusion / SQL Injection
Joomla! Component com_firmy - 'Id' Parameter SQL Injection
Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection
Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection
Joomla! Component com_crhotels - 'catid' Parameter SQL Injection
Joomla! Component com_propertylab - 'id' Parameter SQL Injection
Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection
Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection
Joomla! Component com_bbs - Multiple SQL Injections
Joomla! Component 'com_bbs' - Multiple SQL Injections
Joomla! Component com_cmotour - 'id' Parameter SQL Injection
Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection
Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection
Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection
Joomla! Component Currency Converter - 'from' Parameter Cross-Site Scripting
Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting
Joomla! Component X-Shop - 'idd' Parameter SQL Injection
Joomla! Component Xcomp 'com_xcomp' - Local File Inclusion
Joomla! Component 'com_x-shop' - 'idd' Parameter SQL Injection
Joomla! Component 'com_xcomp' - Local File Inclusion
Joomla! Component com_xvs - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_xvs' - 'Controller' Parameter Local File Inclusion
Joomla! Component Machine - Multiple SQL Injections
Joomla! Component 'com_machine' - Multiple SQL Injections
Joomla! Component CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection
Joomla! Component Video Gallery - Local File Inclusion / SQL Injection
Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection
Joomla! Component 'com_videogallery' - Local File Inclusion / SQL Injection
Joomla! Component Alphacontent - 'limitstart' Parameter SQL Injection
Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload
Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection
Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload
Joomla! Component Simple SWFupload - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component Art Uploader - 'upload.php' Arbitrary File Upload
Joomla! Component DentroVideo - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload
PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition
MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow
Alienvault OSSIM/USM 5.3.1 - PHP Object Injection
Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting
Alienvault OSSIM/USM 5.3.1 - SQL Injection
Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056)
Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass
SunellSecurity NVR / Camera - Denial Of Service
Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit)
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' Privilege Escalation
Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution (Metasploit)
LifeSize Room 5.0.9 - Multiple Vulnerabilities
Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free
SweetRice 1.5.1 - Cross-Site Request Forgery
2016-11-03 05:01:18 +00:00
Offensive Security
c76e893f94
DB: 2016-11-02
...
12 new exploits
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow
Apple iOS 4.0.3 - DPAP Server Denial of Service
KarjaSoft Sami FTP Server 2.02 - USER Overflow (Metasploit)
KarjaSoft Sami FTP Server 2.0.2 - USER Remote Buffer Overflow (Metasploit)
Freefloat FTP Server - (LIST command) Buffer Overflow
Freefloat FTP Server - 'LIST' Command Buffer Overflow
Freefloat FTP Server 1.00 - MKD Buffer Overflow
Freefloat FTP Server - MKD Buffer Overflow (Metasploit)
Freefloat FTP Server 1.0 - 'MKD' Buffer Overflow
Freefloat FTP Server - 'MKD' Buffer Overflow (Metasploit)
Freefloat FTP Server 1.0 - REST & PASV Buffer Overflow
Freefloat FTP Server 1.0 - 'REST' / 'PASV' Buffer Overflow
Freefloat FTP Server - REST Buffer Overflow (Metasploit)
Freefloat FTP Server - 'REST' Buffer Overflow (Metasploit)
Freefloat FTP Server 1.0 - ACCL Buffer Overflow
Freefloat FTP Server 1.0 - 'ACCL' Buffer Overflow
Nagios Plugin check_ups - Local Buffer Overflow (PoC)
Nagios Plugins check_ups - Local Buffer Overflow (PoC)
Joomla! Component KISS Advertiser - Remote File / Bypass Upload
Joomla! Component 'com_ksadvertiser' - Remote File / Bypass Upload
Joomla! Component OS Property 2.0.2 - Unrestricted Arbitrary File Upload
Joomla! Component 'com_osproperty' 2.0.2 - Unrestricted Arbitrary File Upload
Joomla! Component com_niceajaxpoll 1.3.0 - SQL Injection
Joomla! Component 'com_niceajaxpoll' 1.3.0 - SQL Injection
Joomla! Extension Movm Extension (com_movm) - SQL Injection
Joomla! Component 'com_movm' - SQL Injection
Joomla! Component joomgalaxy 1.2.0.4 - Multiple Vulnerabilities
Joomla! Component 'com_joomgalaxy' 1.2.0.4 - Multiple Vulnerabilities
Joomla! Component En Masse 1.2.0.4 - SQL Injection
Joomla! Component 'com_enmasse' 1.2.0.4 - SQL Injection
Joomla! Component FireBoard (com_fireboard) - SQL Injection
Joomla! Component 'com_fireboard' - SQL Injection
Joomla! Component Spider Calendar Lite (com_spidercalendar) - SQL Injection
Joomla! Component 'com_spidercalendar' - SQL Injection
Joomla! Component RokModule - 'index.php module Parameter' Blind SQL Injection
Joomla! Component 'com_rokmodule' - 'module' Parameter Blind SQL Injection
Joomla! Component iCagenda - (id Parameter) Multiple Vulnerabilities
Joomla! Component 'com_icagenda' - 'id' Parameter Multiple Vulnerabilities
Joomla! Component FreeStyle Support com_fss 1.9.1.1447 - SQL Injection
Joomla! Component Tags - 'index.php tag Parameter' SQL Injection
Joomla! Component 'com_fss' 1.9.1.1447 - SQL Injection
Joomla! Component 'com_tag' - 'tag' Parameter SQL Injection
Joomla! Plugin Commedia - 'index.php task Parameter' SQL Injection
Joomla! Component Kunena - 'index.php search Parameter' SQL Injection
Joomla! Component 'com_commedia' - 'task' Parameter SQL Injection
Joomla! Component 'com_kunena' - 'search' Parameter SQL Injection
Freefloat FTP Server - PUT Command Buffer Overflow
Freefloat FTP Server - 'PUT' Command Buffer Overflow
Joomla! Component Spider Catalog - 'index.php Product_ID Parameter' SQL Injection
Joomla! Component 'com_spidercatalog' - 'Product_ID' Parameter SQL Injection
Free Float FTP Server - USER Command Buffer Overflow
Freefloat FTP Server - 'USER' Command Buffer Overflow
Joomla! Component JooProperty 1.13.0 - Multiple Vulnerabilities
Joomla! Component 'com_jooproperty' 1.13.0 - Multiple Vulnerabilities
Joomla! Component Spider Calendar - 'index.php date Parameter' Blind SQL Injection
Joomla! Component 'com_spidercalendar' - 'date' Parameter Blind SQL Injection
Joomla! Component com_collector - Arbitrary File Upload
Joomla! Component 'com_collector' - Arbitrary File Upload
Freefloat FTP 1.0 - Raw Commands Buffer Overflow
Freefloat FTP Server 1.0 - 'Raw' Commands Buffer Overflow
Joomla! 3.0.2 - (highlight.php) PHP Object Injection
Joomla! 3.0.2 - 'highlight.php' PHP Object Injection
Joomla! Component RSfiles - (cid parameter) SQL Injection
Joomla! Component 'com_rsfiles' - 'cid' Parameter SQL Injection
Joomla! Component CiviCRM 4.2.2 - Remote Code Injection
Joomla! Component 'com_civicrm' 4.2.2 - Remote Code Injection
Freefloat FTP 1.0 - DEP Bypass with ROP
Freefloat FTP Server 1.0 - DEP Bypass with ROP
Joomla! 3.0.3 - (remember.php) PHP Object Injection
Joomla! 3.0.3 - 'remember.php' PHP Object Injection
Joomla! Extension DJ Classifieds 2.0 - Blind SQL Injection
Joomla! Component 'dj-classifieds' 2.0 - Blind SQL Injection
Joomla! Component S5 Clan Roster com_s5clanroster - 'index.php id Parameter' SQL Injection
Joomla! Component 'com_s5clanroster' - 'id' Parameter SQL Injection
Joomla! Component Sectionex 2.5.96 - SQL Injection
Joomla! Component 'com_sectionex' 2.5.96 - SQL Injection
Joomla! Component redSHOP 1.2 - SQL Injection
Joomla! Component 'com_redshop' 1.2 - SQL Injection
Joomla! Component Media Manager - Arbitrary File Upload (Metasploit)
Joomla! Component 'com_media' - Arbitrary File Upload (Metasploit)
Apple iOS Mobile Safari - Memory Exhaustion Remote Denial of Service
check_dhcp - Nagios Plugins 2.0.1 - Arbitrary Option File Read
Nagios Plugins check_dhcp 2.0.1 - Arbitrary Option File Read
check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition
Nagios Plugins check_dhcp 2.0.2 - Arbitrary Option File Read Race Condition
Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation
Joomla! Component IDoEditor - 'image.php' Arbitrary File Upload
Joomla! Component jFancy - 'script.php' Arbitrary File Upload
Joomla! Component 'IDoEditor' - 'image.php' Arbitrary File Upload
Joomla! Component 'mod_jfancy' - 'script.php' Arbitrary File Upload
Joomla! Component hwdVideoShare - 'flash_upload.php' Arbitrary File Upload
Joomla! Component 'com_hwdvideoshare' - 'flash_upload.php' Arbitrary File Upload
Joomla! Component Maian Media - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component JCal Pro Calendar - SQL Injection
Joomla! Component 'com_maianmedia' - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component 'com_jcalpro' - SQL Injection
Joomla! Component com_szallasok - 'id' Parameter SQL Injection
Joomla! Component 'com_szallasok' - 'id' Parameter SQL Injection
Joomla! Module Language Switcher 2.5.x - Multiple Cross-Site Scripting Vulnerabilities
My Little Forum 2.3.7 - Multiple Vulnerabilities
Joomla! Component com_hello - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_hello' - 'Controller' Parameter Local File Inclusion
Joomla! Component Odudeprofile - 'profession' Parameter SQL Injection
Joomla! Component 'com_odudeprofile' - 'profession' Parameter SQL Injection
Joomla! Component com_photo - Multiple SQL Injections
Joomla! Component 'com_photo' - Multiple SQL Injections
Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities
Joomla! Component 'com_civicrm' - Multiple Arbitrary File Upload Vulnerabilities
Joomla! Component Komento - 'cid' Parameter SQL Injection
Joomla! Component 'Komento' - 'cid' Parameter SQL Injection
Joomla! Component com_quiz - SQL Injection
Joomla! Component 'com_quiz' - SQL Injection
Joomla! Component com_parcoauto - 'idVeicolo' Parameter SQL Injection
Joomla! Component 'com_parcoauto' - 'idVeicolo' Parameter SQL Injection
Joomla! Component ZT Autolinks - 'Controller' Parameter Local File Inclusion
Joomla! Component Bit - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_ztautolink' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_bit' - 'Controller' Parameter Local File Inclusion
Joomla! Component Incapsula - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component 'com_incapsula' - Multiple Cross-Site Scripting Vulnerabilities
Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation
Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation
Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)
Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)
Joomla! Component RokDownloads - Arbitrary File Upload
Joomla! Component 'com_rokdownloads' - Arbitrary File Upload
Apple Intel HD 3000 Graphics driver 10.0.0 - Privilege Escalation
Apple Intel HD 3000 Graphics Driver 10.0.0 - Privilege Escalation
MyLittleForum 2.3.5 - PHP Command Injection
My Little Forum 2.3.5 - PHP Command Injection
Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
OS X/iOS Kernel - IOSurface Use-After-Free
OS X/iOS - mach_ports_register Multiple Memory Safety Issues
Apple OS X - Kernel IOBluetoothFamily.kext Use-After-Free
Apple OS X/iOS - Kernel IOSurface Use-After-Free
Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues
MacOS 10.12 - 'task_t' Privilege Escalation
Apple MacOS 10.12 - 'task_t' Privilege Escalation
Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow
School Registration and Fee System - Authentication Bypass
Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'HOST' Command Buffer Overflow
KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (SEH)
Freefloat FTP Server 1.0 - 'RENAME' Command Buffer Overflow
MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition
MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation
2016-11-02 05:01:19 +00:00
Offensive Security
d97b4f7c48
DB: 2016-10-28
2016-10-28 11:54:09 +00:00
Offensive Security
da85686a94
DB: 2016-10-28
...
6 new exploits
Real Server < 8.0.2 - Remote Exploit (Windows Platforms)
RealServer < 8.0.2 - Remote Exploit (Windows Platforms)
OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh)
OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident
CdRecord 2.0 - Mandrake Privilege Escalation
CDRTools CDRecord 2.0 - Mandrake Privilege Escalation
LeapFTP 2.7.x - Remote Buffer Overflow
LeapWare LeapFTP 2.7.x - Remote Buffer Overflow
GNU Cfengine 2.-2.0.3 - Remote Stack Overflow
GNU CFEngine 2.-2.0.3 - Remote Stack Overflow
IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP)
IPSwitch IMail LDAP Daemon - Remote Buffer Overflow
Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow
RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow
Traceroute - Privilege Escalation
LBL Traceroute - Privilege Escalation
Perl (Redhat 6.2) - Restore and Dump Local Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
HP-UX 11.00/10.20 - crontab Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 - locale Format String
HP-UX 11.00/10.20 crontab - Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 locale - Format String
Solaris - locale Format Strings (noexec stack) Exploit
Solaris locale - Format Strings (noexec stack) Exploit
glibc - locale bug mount Exploit
GLIBC locale - bug mount Exploit
Red Hat 6.2 xsoldier-0.96 - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
OpenBSD 2.6 / 2.7 ftpd - Remote Exploit
OpenBSD ftpd 2.6 / 2.7 - Remote Exploit
GLIBC - Locale Format Strings Exploit
GLIBC locale - Format Strings Exploit
IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit
SquirrelMail - chpasswd Buffer Overflow
SquirrelMail - 'chpasswd' Buffer Overflow
rlpr 2.04 - msg() Remote Format String
Rlpr 2.04 - msg() Remote Format String
Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit
IRIX - Multiple Buffer Overflows (LsD)
SGI IRIX - Multiple Buffer Overflows (LsD)
IRIX - /bin/login Local Buffer Overflow
SGI IRIX - /bin/login Local Buffer Overflow
Solaris 2.4 - passwd & yppasswd & nispasswd Overflows
Solaris 2.4 passwd / yppasswd / nispasswd - Overflows
BlackJumboDog - Remote Buffer Overflow
BlackJumboDog FTP Server - Remote Buffer Overflow
Ollydbg 1.10 - Format String
OllyDbg 1.10 - Format String
SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit)
SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit)
CDRecord - '$RSH' exec() SUID Shell Creation
CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation
MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
HP-UX 11.0/11.11 swxxx - Privilege Escalation
HP-UX 11.0/11.11 - swxxx Privilege Escalation
Zinf 2.2.1 - Local Buffer Overflow
Zinf Audio Player 2.2.1 - Local Buffer Overflow
ShixxNote 6.net - Remote Buffer Overflow
ShixxNOTE 6.net - Remote Buffer Overflow
MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
MailCarrier 2.51 - Remote Buffer Overflow
SLMail 5.5 - POP3 PASS Buffer Overflow
TABS MailCarrier 2.51 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow
eZshopper - 'loadpage.cgi' Directory Traversal
Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002)
Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support)
Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow
Knet 1.04c - Buffer Overflow Denial of Service
KNet Web Server 1.04c - Buffer Overflow Denial of Service
Einstein 1.01 - Local Password Disclosure (asm)
Einstein 1.01 - Local Password Disclosure (ASM)
RealPlayer 10 - '.smil' Local Buffer Overflow
RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow
phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)
phpBB 2.0.12 - Session Handling Authentication Bypass
UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection
xmlrpc.php Library 1.3.0 - Remote Command Execution (2)
xmlrpc.php Library 1.3.0 - Remote Command Execution (3)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3)
wMailServer 1.0 - Remote Denial of Service
SoftiaCom wMailServer 1.0 - Remote Denial of Service
ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)
Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit)
BusinessMail 4.60.00 - Remote Buffer Overflow
BusinessMail Server 4.60.00 - Remote Buffer Overflow
WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid)
Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid)
Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow
Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow
CA iGateway - (debug mode) Remote Buffer Overflow
CA iTechnology iGateway - (debug mode) Remote Buffer Overflow
Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
Zorum Forum 3.5 - (rollid) SQL Injection
Zorum Forum 3.5 - 'rollid' SQL Injection
SaphpLesson 2.0 - (forumid) SQL Injection
saPHP Lesson 2.0 - (forumid) SQL Injection
zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service
zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service
Zix Forum 1.12 - (layid) SQL Injection
Zix Forum 1.12 - 'layid' SQL Injection
QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow
QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow
INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion
Indexu 5.0.1 - (admin_template_path) Remote File Inclusion
SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion
SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion
Solaris 10 - sysinfo() Local Kernel Memory Disclosure
Solaris 10 sysinfo() - Local Kernel Memory Disclosure
SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion
ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion
WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC)
Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC)
Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow
Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion
ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion
Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl)
Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl)
PHPMyWebmin 1.0 - (window.php) Remote File Inclusion
phpMyWebmin 1.0 - (window.php) Remote File Inclusion
VideoDB 2.2.1 - (pdf.php) Remote File Inclusion
VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion
Microsoft Office 2003 - PPT Local Buffer Overflow (PoC)
Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)
Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 libnspr - Constructor Privilege Escalation
Solaris 10 (libnspr) - Constructor Privilege Escalation
Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service
Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit
BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC)
BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC)
AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow
DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit
KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit
Irokez CMS 0.7.1 - Multiple Remote File Inclusion
Irokez Blog 0.7.1 - Multiple Remote File Inclusion
PHP-update 2.7 - Multiple Vulnerabilities
PHP-Update 2.7 - Multiple Vulnerabilities
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
TFTPDWIN 0.4.2 - Remote Buffer Overflow
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit)
FdScript 1.3.2 - 'download.php' Remote File Disclosure
FD Script 1.3.2 - 'download.php' Remote File Disclosure
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass
SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass
ZebraFeeds 1.0 - (zf_path) Remote File Inclusion
ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion
MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable Professional 2.35 - Remote Buffer Overflow
MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow
Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2)
Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2)
3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl)
madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl)
Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service
ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service
NetVios Portal - 'page.asp' SQL Injection
NetVIOS Portal - 'page.asp' SQL Injection
Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow
Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow
Microsoft Windows GDI - Privilege Escalation (MS07-017) (1)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (1)
qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Microsoft Windows GDI - Privilege Escalation (MS07-017) (2)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (2)
Zomplog 3.8 - (force_download.php) Remote File Disclosure
Zomplog 3.8 - 'force_download.php' Remote File Disclosure
Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service
Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow
GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC)
Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003)
Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2)
Microsoft Windows GDI+ - ICO File Remote Denial of Service
Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service
Safari 3 for Windows Beta - Remote Command Execution (PoC)
Apple Safari 3 for Windows Beta - Remote Command Execution (PoC)
YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
Oracle 9i/10g Evil Views - Change Passwords Exploit
Oracle 9i/10g - Evil Views Change Passwords Exploit
Savant 3.1 - GET Request Remote Overflow (Universal)
Savant Web Server 3.1 - GET Request Remote Overflow (Universal)
Easy Chat Server 2.2 - Remote Denial of Service
EFS Easy Chat Server 2.2 - Remote Denial of Service
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite
Thomson SIP phone ST 2030 - Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service
MSN messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution
Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution
AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
MDPro 1.0.76 - SQL Injection
MD-Pro 1.0.76 - SQL Injection
ZZ FlashChat 3.1 - (help.php) Local File Inclusion
ZZ FlashChat 3.1 - 'help.php' Local File Inclusion
PHP-AGTC membership system 1.1a - Remote Add Admin
PHP-AGTC Membership System 1.1a - Remote Add Admin
Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion
badblue 2.72b - Multiple Vulnerabilities
BadBlue 2.72b - Multiple Vulnerabilities
SquirrelMail G/PGP Plugin - deletekey() Command Injection
SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection
hp software update client 3.0.8.4 - Multiple Vulnerabilities
HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities
Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow
Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow
QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)
QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC)
Gradman 0.1.3 - (agregar_info.php) Local File Inclusion
Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion
mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities
Mini File Host 1.2 - (upload.php language) Local File Inclusion
Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service
Mini File Host 1.2 - 'language' Parameter Local File Inclusion
Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service
Gradman 0.1.3 - (info.php tabla) Local File Inclusion
Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow
Gradman 0.1.3 - 'info.php' Local File Inclusion
Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion
Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow
Mini File Host 1.2.1 - (upload.php language) Local File Inclusion
Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion
Frimousse 0.0.2 - explorerdir.php Local Directory Traversal
360 Web Manager 3.0 - (IDFM) SQL Injection
bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal
360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection
bloofox 0.3 - SQL Injection / File Disclosure
Mooseguy Blog System 1.0 - (blog.php month) SQL Injection
Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection
IDM-OS 1.0 - (download.php Filename) File Disclosure
IDM-OS 1.0 - 'Filename' Parameter File Disclosure
MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit
aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection
MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit
aflog 1.01 - Cross-Site Scripting / SQL Injection
Easysitenetwork Recipe - 'categoryId' SQL Injection
Coppermine Photo Gallery 1.4.14 - SQL Injection
Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection
web wiz rich text editor 4.0 - Multiple Vulnerabilities
Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities
Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure
Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure
Joomla! Component Marketplace 1.1.1 - SQL Injection
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
ASPapp - 'links.asp CatId' SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
Quick TFTP Pro 2.1 - Remote SEH Overflow
Quick TFTP Server Pro 2.1 - Remote SEH Overflow
Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016)
Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC)
Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC)
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow
Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow
hp openview nnm 7.53 - Multiple Vulnerabilities
HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities
PHPKB 1.5 Knowledge Base - 'ID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021)
Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow
siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
ZeusCart 2.0 - (category_list.php) SQL Injection
ZeusCart 2.0 - 'category_list.php' SQL Injection
Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
Zomplog 3.8.2 - (force_download.php) File Disclosure
Zomplog 3.8.2 - 'force_download.php' File Disclosure
PHP AGTC-Membership System 1.1a - Arbitrary Add Admin
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
PHP Booking Calendar 10 d - SQL Injection
phpBookingCalendar 10 d - SQL Injection
SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Yuhhu 2008 SuperStar - (board) SQL Injection
Yuhhu 2008 SuperStar - 'board' SQL Injection
gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow
Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow
Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities
pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities
z-breaknews 2.0 - (single.php) SQL Injection
z-breaknews 2.0 - 'single.php' SQL Injection
Ultra Office - ActiveX Control Remote Buffer Overflow
Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow
Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC)
Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC)
phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - (page) SQL Injection
phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit
Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit
Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
opennms < 1.5.96 - Multiple Vulnerabilities
OpenNMS < 1.5.96 - Multiple Vulnerabilities
yerba sacphp 6.3 - Multiple Vulnerabilities
Yerba SACphp 6.3 - Multiple Vulnerabilities
Microsoft Windows GDI+ - PoC (MS08-052) (2)
Microsoft Windows - GDI+ PoC (MS08-052) (2)
zeeproperty - (adid) SQL Injection
zeeproperty - 'adid' SQL Injection
TUGzip 3.00 archiver - '.zip' Local Buffer Overflow
TugZip 3.00 Archiver - '.zip' Local Buffer Overflow
AJ ARTICLE - 'featured_article.php mode' SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
Article Publisher PRO 1.5 - Insecure Cookie Handling
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
YourFreeWorld Classifieds - (category) SQL Injection
YourFreeWorld Classifieds - 'category' SQL Injection
PG Roomate Finder Solution - (Authentication Bypass) SQL Injection
Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection
iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC)
Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)
ProFTPd with mod_mysql - Authentication Bypass
ProFTPd - 'mod_mysql' Authentication Bypass
ppim 1.0 - Multiple Vulnerabilities
pPIM 1.0 - Multiple Vulnerabilities
Orbit 2.8.4 - Long Hostname Remote Buffer Overflow
Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow
Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC)
bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Racer 0.5.3b5 - Remote Stack Buffer Overflow
Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow
Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution
Online Guestbook Pro - (display) Blind SQL Injection
Esoftpro Online Guestbook Pro - (display) Blind SQL Injection
tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ZaoCMS - (user_id) SQL Injection
ZaoCMS - 'user_id' SQL Injection
Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin
ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin
AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
WebBoard 2.90 Beta - Remote File Disclosure
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
ZeusCart 2.3 - (maincatid) SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs
otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs
Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC)
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
DD-WRT - (httpd service) Remote Command Execution
DD-WRT HTTPd Daemon/Service - Remote Command Execution
GLinks 2.1 - (cat) Blind SQL Injection
Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection
XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH)
Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH)
Payment Processor Script - 'shop.htm cid' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection
Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
BandCMS 0.10 - news.php Multiple SQL Injection
Rock Band CMS 0.10 - news.php Multiple SQL Injection
Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow
Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow
Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Eureka Mail Client 2.2q - PoC Buffer Overflow
Eureka Email Client 2.2q - PoC Buffer Overflow
Solaris 8.0 - LPD Command Execution (Metasploit)
Solaris 8.0 LPD - Command Execution (Metasploit)
Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow
BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow
Dopewars 1.5.12 Server - Denial of Service
Dopewars Server 1.5.12 - Denial of Service
Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution
Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution
HP Power Manager Administration - Universal Buffer Overflow
Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow
Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
HP Openview NNM 7.53 - Invalid DB Error Code
HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code
Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
Eureka Mail Client - Remote Buffer Overflow
Eureka Email Client - Remote Buffer Overflow
IDEAL Administration 2009 9.7 - Local Buffer Overflow
PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow
phpshop 0.8.1 - Multiple Vulnerabilities
phpShop 0.8.1 - Multiple Vulnerabilities
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
DigitalHive - Multiple Vulnerabilities
Digital Hive - Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Zabbix Server - Multiple Vulnerabilities
freekot - (Authentication Bypass) SQL Injection
Digiappz Freekot - (Authentication Bypass) SQL Injection
TFTP Daemon 1.9 - Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service
B2B Trading Marketplace - SQL Injection
SoftBiz B2B trading Marketplace Script - SQL Injection
Mini-stream - Windows XP SP2 and SP3 Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow
Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow
Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC
Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC)
Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
bild flirt system 2.0 - 'index.php' 'id' SQL Injection
Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection
SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
iOS Safari - Bad 'VML' Remote Denial of Service
iOS Safari - Remote Denial of Service
Apple iOS Safari - Bad 'VML' Remote Denial of Service
Apple iOS Safari - Remote Denial of Service
HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow
HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow
Adobe Reader - Escape From PDF
Adobe Reader - Escape From '.PDF'
TugZip 3.5 - '.ZIP' File Buffer Overflow
TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow
Joomla! Component jp_jobs - SQL Injection
Joomla! Component com_jp_jobs - SQL Injection
Joomla! Component QPersonel - SQL Injection
Joomla! Component com_QPersonel - SQL Injection
Bild Flirt 1.0 - SQL Injection
Bild Flirt System 1.0 - SQL Injection
Safari 4.0.5 - (531.22.7) Denial of Service
Apple Safari 4.0.5 - (531.22.7) Denial of Service
Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Safari 4.0.3 / 4.0.4 - Stack Exhaustion
Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion
724CMS Enterprise 4.59 - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections
724CMS 4.59 Enterprise - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections
Joomla! Component JE Job - Local File Inclusion
Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion
Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Joomla! Component com_jejob 1.0 - 'catid' SQL Injection
Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection
Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service
Office^2 iPhone - XLS Denial of Service
GoodiWare GoodReader iPhone - XLS Denial of Service
Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service
Office^2 iPhone - '.XLS' Denial of Service
GoodiWare GoodReader iPhone - '.XLS' Denial of Service
Yamamah (news) - SQL Injection / Source Code Disclosure
Yamamah - 'news' SQL Injection / Source Code Disclosure
Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan
UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan
k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
YPNinc JokeScript - (ypncat_id) SQL Injection
YPNinc JokeScript - 'ypncat_id' SQL Injection
YPNinc PHP Realty Script - (docID) SQL Injection
YPNinc PHP Realty Script - 'docID' SQL Injection
HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit
HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
Safari Browser 4.0.2 - Clickjacking
Apple Safari 4.0.2 - Clickjacking
Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7'
Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)
Apple iOS - pdf Jailbreak Exploit
Apple iOS - '.pdf' Jailbreak Exploit
HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking
Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking
Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution
AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit)
AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit)
DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow
FatPlayer 0.6b - '.wav' Buffer Overflow (SEH)
Fat Player 0.6b - '.wav' Buffer Overflow (SEH)
CubeCart 2.0.1 - SQL Injection
Brooky CubeCart 2.0.1 - SQL Injection
DATAC RealWin SCADA 1.06 - Buffer Overflow
DATAC RealWin SCADA Server 1.06 - Buffer Overflow
pilot cart 7.3 - Multiple Vulnerabilities
ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities
Mp3-Nator 2.0 - Buffer Overflow (SEH)
MP3-Nator 2.0 - Buffer Overflow (SEH)
Safari 5.02 - Stack Overflow Denial of Service
Apple Safari 5.02 - Stack Overflow Denial of Service
Microsoft Windows Task Scheduler - Privilege Escalation
Microsoft Windows - Task Scheduler Privilege Escalation
Pandora Fms 3.1 - Authentication Bypass
Pandora FMS 3.1 - Authentication Bypass
bugtracker.net 3.4.4 - Multiple Vulnerabilities
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
WMITools ActiveX - Remote Command Execution
Microsoft WMITools ActiveX - Remote Command Execution
VideoSpirit Pro 1.68 - Local Buffer Overflow
VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow
Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit)
Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit)
PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit)
PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit)
Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit)
Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit)
Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit)
Solaris sadmind - Command Execution (Metasploit)
Solaris Sadmind - Command Execution (Metasploit)
Sun Solaris - Telnet Remote Authentication Bypass (Metasploit)
Sun Solaris Telnet - Remote Authentication Bypass (Metasploit)
Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit)
Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit)
TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit)
Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit)
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit)
Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit)
Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit)
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit)
CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
IMail IMAP4D - Delete Overflow (Metasploit)
IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit)
Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit)
AOL Instant Messenger - goaway Overflow (Metasploit)
AOL Instant Messenger AIM - goaway Overflow (Metasploit)
Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit)
Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit)
Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit)
RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit)
RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit)
Adobe Shockwave - rcsL Memory Corruption (Metasploit)
Adobe Shockwave Player - rcsL Memory Corruption (Metasploit)
Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit)
WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
ACDSee - XPM File Section Buffer Overflow (Metasploit)
ACDSee - '.XPM' File Section Buffer Overflow (Metasploit)
HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit)
HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
Serv-U FTPD - MDTM Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit)
FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
SentinelLM - UDP Buffer Overflow (Metasploit)
Sentinel LM - UDP Buffer Overflow (Metasploit)
Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit)
Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit)
Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)
Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit)
Sambar 6 - Search Results Buffer Overflow (Metasploit)
Sambar Server 6 - Search Results Buffer Overflow (Metasploit)
IA WebMail 3.x - Buffer Overflow (Metasploit)
IA WebMail Server 3.x - Buffer Overflow (Metasploit)
Savant 3.1 Web Server - Overflow Exploit (Metasploit)
Savant Web Server 3.1 - Overflow Exploit (Metasploit)
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit)
Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit)
Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit)
PSOProxy 0.91 - Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit)
NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit)
NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)
MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
YPOPS 0.6 - Buffer Overflow (Metasploit)
YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit)
Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit)
Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit)
IMail LDAP Service - Buffer Overflow (Metasploit)
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit)
GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Poptop - Negative Read Overflow (Metasploit)
UoW IMAP server - LSUB Buffer Overflow (Metasploit)
PoPToP - Negative Read Overflow (Metasploit)
UoW IMAPd Server - LSUB Buffer Overflow (Metasploit)
DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit)
DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)
Samba (Linux/x86) - trans2open Overflow (Metasploit)
iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer - LoginExt PathName Overflow (Metasploit)
Samba (Linux x86) - trans2open Overflow (Metasploit)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit)
Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Safari - Archive Metadata Command Execution (Metasploit)
Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Apple Safari - Archive Metadata Command Execution (Metasploit)
iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit)
Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit)
Samba trans2open (*BSD/x86) - Overflow Exploit (Metasploit)
Samba (*BSD x86) - trans2open Overflow Exploit (Metasploit)
PHP XML-RPC - Arbitrary Code Execution (Metasploit)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit)
AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit)
HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit)
AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)
HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit)
TWiki Search Function - Arbitrary Command Execution (Metasploit)
TWiki - Search Function Arbitrary Command Execution (Metasploit)
Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit)
Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit)
Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit)
Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit)
7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities
HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit)
Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit)
manageengine support center plus 7.8 build 7801 - Directory Traversal
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit)
TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit)
Sports PHool 1.0 - Remote File Inclusion
SportsPHool 1.0 - Remote File Inclusion
Mini-stream 3.0.1.1 - Buffer Overflow (3)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3)
Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Zabbix 1.8.4 - (popup.php) SQL Injection
Zabbix 1.8.4 - 'popup.php' SQL Injection
CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit)
Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit)
Family Connections - less.php Remote Command Execution (Metasploit)
Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)
FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting
Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting
openemr 4 - Multiple Vulnerabilities
Safari - GdiDrawStream BSoD
OpenEMR 4 - Multiple Vulnerabilities
Apple Safari - GdiDrawStream BSoD
clip bucket 2.6 - Multiple Vulnerabilities
Clipbucket 2.6 - Multiple Vulnerabilities
Tube Ace(Adult PHP Tube Script) - SQL Injection
Tube Ace (Adult PHP Tube Script) - SQL Injection
Dolibarr CMS 3.2.0 < Alpha - File Inclusion
Dolibarr 3.2.0 < Alpha - File Inclusion
PBLang - Local File Inclusion
PBLang Bulletin Board System - Local File Inclusion
NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit)
Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities
Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities
Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit)
TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit)
Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit)
TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
samsung net-i ware 1.37 - Multiple Vulnerabilities
Samsung NET-i ware 1.37 - Multiple Vulnerabilities
iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
GIMP - script-fu Server Buffer Overflow (Metasploit)
GIMP script-fu - Server Buffer Overflow (Metasploit)
SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit)
Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit)
Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
UoW imapd 10.234/12.264 - Buffer Overflow
UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit)
UoW IMAPd Server 10.234/12.264 - Buffer Overflow
UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit)
RedHat 6.2 - Piranha Virtual Server Package Default Account and Password
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password
Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit)
Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit)
hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal
HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal
Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
RedHat 6 - glibc/locale Subsystem Format String
Solaris 2.6/7.0 - /locale Subsystem Format String
RedHat 6 GLIBC/locale - Subsystem Format String
Solaris 2.6/7.0 /locale - Subsystem Format String
Solaris 2.6/7.0 - 'eject' locale Subsystem Format String
Solaris 2.6/7.0 'eject' locale - Subsystem Format String
Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5)
Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5)
RedHat restore 0.4 b15 - Insecure Environment Variables
RedHat 0.4 b15 restore - Insecure Environment Variables
Viscosity OpenVPN Client (OSX) - Privilege Escalation
Viscosity - Privilege Escalation
Solaris 2.x/7.0/8 catman - Race Condition (1)
Solaris 2.x/7.0/8 catman - Race Condition (2)
Solaris 2.x/7.0/8 Catman - Race Condition (1)
Solaris 2.x/7.0/8 Catman - Race Condition (2)
sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
T-dah Webmail - Multiple Persistent Cross-Site Scripting
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting
Ntpd - Remote Buffer Overflow
NTPd - Remote Buffer Overflow
Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Solaris 2.x/7.0/8 lpd - Remote Command Execution
HP-UX 11.0 SWVerify - Buffer Overflow
Solaris 2.x/7.0/8 LPD - Remote Command Execution
HP-UX 11.0 - SWVerify Buffer Overflow
phusion WebServer 1.0 - Directory Traversal (1)
phusion WebServer 1.0 - Directory Traversal (2)
Phusion WebServer 1.0 - Directory Traversal (1)
Phusion WebServer 1.0 - Directory Traversal (2)
Progress 9.1 - sqlcpp Local Buffer Overflow
Progress Database 9.1 - sqlcpp Local Buffer Overflow
PsyBNC 2.3 - Oversized Passwords Denial of Service
psyBNC 2.3 - Oversized Passwords Denial of Service
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
Midicart - PHP Arbitrary File Upload
Midicart PHP - Arbitrary File Upload
otrs 3.1 - Persistent Cross-Site Scripting
OTRS 3.1 - Persistent Cross-Site Scripting
EType EServ 2.9x POP3 - Remote Denial of Service
EType EServ 2.9x - POP3 Remote Denial of Service
Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board 3.3.4 - Unserialize Regex Bypass
Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass
ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion
ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion
Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Kerio MailServer 5.6.3 - add_acl Module Overflow
Kerio MailServer 5.6.3 add_acl Module - Overflow
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting
IBM System Director - Remote System Level Exploit
IBM System Director Agent - Remote System Level Exploit
Tectia SSH - USERAUTH Change Request Password Reset (Metasploit)
(SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit)
Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit)
Oracle MySQL (Windows) - MOF Execution (Metasploit)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
IWConfig - Local ARGV Command Line Buffer Overflow (1)
IWConfig - Local ARGV Command Line Buffer Overflow (2)
IWConfig - Local ARGV Command Line Buffer Overflow (3)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3)
Novell File Reporter Agent - XML Parsing Remote Code Execution
Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Nagios - history.cgi Remote Command Execution
Nagios3 - history.cgi Remote Command Execution
phpshop 2.0 - SQL Injection
phpShop 2.0 - SQL Injection
Freesshd - Authentication Bypass (Metasploit)
FreeSSHD - Authentication Bypass (Metasploit)
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
SLMail 5.5 - POP3 PASS Remote Buffer Overflow
SLMail 5.5 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow
AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service
Microsoft Windows Light HTTPD 0.1 - Buffer Overflow
Light HTTPD 0.1 (Windows) - Buffer Overflow
MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Smail-3 - Multiple Remote and Local Vulnerabilities
Smail 3 - Multiple Remote and Local Vulnerabilities
Cisco Linksys E4200 Firmware - Multiple Vulnerabilities
Cisco Linksys E4200 - Multiple Vulnerabilities
Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow
Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow
Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection
NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection
NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection
NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection
NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting
SlimServe httpd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal
Quick TFTP Server 2.2 - Denial of Service
Quick TFTP Server Pro 2.2 - Denial of Service
aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
XMB 1.9.3 - u2u.php Cross-Site Scripting
XMB Forum 1.9.3 - u2u.php Cross-Site Scripting
PHPAlbum 0.2.3/4.1 - Local File Inclusion
PHP Photo Album 0.2.3/4.1 - Local File Inclusion
Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities
Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities
BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret)
NetBSD mail.local - Privilege Escalation (Metasploit)
NetBSD mail.local(8) - Privilege Escalation (Metasploit)
PCMAN FTP 2.07 - PASS Command Buffer Overflow
PCMan FTP Server 2.07 - PASS Command Buffer Overflow
PCMAN FTP 2.07 - STOR Command Buffer Overflow
PCMan FTP Server 2.07 - STOR Command Buffer Overflow
EImagePro - - subList.asp CatID Parameter SQL Injection
EImagePro - subList.asp CatID Parameter SQL Injection
OZJournals 1.2 - Vname Parameter Cross-Site Scripting
OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting
SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection
OZJournals 1.5 - Multiple Input Validation Vulnerabilities
Baby FTP server 1.24 - Denial of Service
PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit)
Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit)
Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit)
Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow
Festalon 0.5 - '.HES' Remote Heap Buffer Overflow
EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow
Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow
A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)
Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002)
Fish - Multiple Remote Buffer Overflow Vulnerabilities
FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service
Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service
Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting
Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting
LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection
Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection
Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection
Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection
Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service
Uebimiau 2.7.x - 'index.php' Cross-Site Scripting
Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting
Seagate BlackArmor - Root Exploit
Seagate BlackArmor NAS - Root Exploit
Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
PCMAN FTP 2.07 - ABOR Command Buffer Overflow
PCMAN FTP 2.07 - CWD Command Buffer Overflow
PCMan FTP Server 2.07 - ABOR Command Buffer Overflow
PCMan FTP Server 2.07 - CWD Command Buffer Overflow
HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access
HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access
amfphp 1.2 - browser/details class Parameter Cross-Site Scripting
amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting
PCMAN FTP 2.07 - Buffer Overflow
PCMan FTP Server 2.07 - Buffer Overflow
Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Novell Groupwise Messenger 2.0 - Client Buffer Overflow
Novell Groupwise Messenger 2.0 Client - Buffer Overflow
Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting
Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities
Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities
OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNms 1.5.x - HTTP Response Splitting
OpenNMS 1.5.x - HTTP Response Splitting
Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution
Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass
Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass
Pilot Group PG Roommate - SQL Injection
Pilot Group PG Roommate Finder Solution - SQL Injection
OpenSSL TLS Heartbeat Extension - Memory Disclosure
OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)
OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions)
Heartbleed OpenSSL - Information Leak Exploit (1)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1)
IBM Director 5.20 - CIM Server Privilege Escalation
IBM System Director Agent 5.20 - CIM Server Privilege Escalation
Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support)
Kolibri 2.0 - GET Request Stack Buffer Overflow
Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow
Easy Chat Server 3.1 - Stack Buffer Overflow
EFS Easy Chat Server 3.1 - Stack Buffer Overflow
Sphider 1.3.6 - Multiple Vulnerabilities
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
Kolibri WebServer 2.0 - GET Request SEH Exploit
Kolibri Web Server 2.0 - GET Request SEH Exploit
MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit)
Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)
VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit)
VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit)
Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
PPScript - 'shop.htm' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm' SQL Injection
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution
Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060)
Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload
WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload
Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit)
Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit)
Exim ESMTP 4.80 glibc gethostbyname - Denial of Service
Exim ESMTP 4.80 - glibc gethostbyname Denial of Service
Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection
Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection
alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
Publish-It - PUI Buffer Overflow (SEH)
Publish-It - '.PUI' Buffer Overflow (SEH)
WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin)
Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
abrt (Fedora 21) - Race Condition
Abrt (Fedora 21) - Race Condition
Webgate WESP SDK 1.2 - ChangePassword Stack Overflow
WebGate WESP SDK 1.2 - ChangePassword Stack Overflow
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Oracle - Outside-In DOCX File Parsing Memory Corruption
Oracle - Outside-In '.DOCX' File Parsing Memory Corruption
iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting
WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting
Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit
Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit)
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
MiniUPnP - Multiple Denial of Service Vulnerabilities
MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities
Kaseya Virtual System Administrator - Multiple Vulnerabilities (2)
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)
Safari - User-Assisted Applescript Exec Attack (Metasploit)
Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption
Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption
Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection
Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection
Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution
Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution
pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read
pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read
pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read
pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read
pdfium CPDF_Function::Call - Stack Based Buffer Overflow
pdfium - CPDF_Function::Call Stack Based Buffer Overflow
Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption
Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit)
Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass
MiCasa VeraLite - Remote Code Execution
MiCasaVerde VeraLite - Remote Code Execution
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service
GNU GTypist 2.9.5-2 - Local Buffer Overflow
uSQLite 1.0.0 - Denial Of Service
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation
Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation
CherryTree 0.36.9 - Memory Corruption (PoC)
2016-10-28 05:01:21 +00:00
Offensive Security
506182d72d
DB: 2016-10-22
...
7 new exploits
RealSecure / Blackice - iss_pam1.dll Remote Overflow
RealSecure / Blackice - 'iss_pam1.dll' Remote Overflow
Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit
Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Exploit
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking
uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit
Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit
uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking
Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking
Mozilla Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit
Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit
Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)
Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll)
TeamViewer 5.0.8703 - (dwmapi.dll) DLL Hijacking Exploit
Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Exploit
Microsoft Address Book 6.00.2900.5512 - (wab32res.dll) DLL Hijacking Exploit
Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking Exploit
TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking Exploit
Mozilla Firefox 3.6.8 - 'dwmapi.dll' DLL Hijacking
Microsoft Windows Movie Maker 2.6.4038.0 - 'hhctrl.ocx' DLL Hijacking
Opera 10.61 - 'dwmapi.dll' DLL Hijacking
Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL
TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking
Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking
Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking
Microsoft Address Book 6.00.2900.5512 - 'wab32res.dll' DLL Hijacking
Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking
TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking
BS.Player 2.56 build 1043 - (mfc71loc.dll) DLL Hijacking Exploit
Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)
Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Exploit
BS.Player 2.56 build 1043 - 'mfc71loc.dll' DLL Hijacking
Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking
Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking
Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit
Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking
VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Exploit
VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking
Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Exploit
Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll)
InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Exploit
Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Exploit
Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Exploit
Ettercap NG-0.7.3 - (wpcap.dll) DLL Hijacking Exploit
Microsoft Group Convertor - 'imm.dll' DLL Hijacking Exploit
Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking
Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking
Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking
Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking
Ettercap NG-0.7.3 - 'wpcap.dll' DLL Hijacking
Microsoft Group Convertor - 'imm.dll' DLL Hijacking
TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking Exploit
MediaPlayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll)
Skype 4.2.0.169 - (wab32.dll) DLL Hijacking Exploit
TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking
MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking
Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Exploit
Nvidia Driver - DLL Hijacking Exploit (nview.dll)
Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Exploit
Cisco Packet Tracer 5.2 - (wintab32.dll) DLL Hijacking Exploit
Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking
Nvidia Driver - 'nview.dll' DLL Hijacking
Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking
Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking
Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking
Cisco Packet Tracer 5.2 - 'wintab32.dll' DLL Hijacking
Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking
Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Exploit
Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit
Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Exploit
Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Exploit
Mozilla Thunderbird - DLL Hijacking Exploit (dwmapi.dll)
Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit (dwmapi.dll)
Adobe ExtendedScript Toolkit CS5 3.5.0.52 - DLL Hijacking Exploit (dwmapi.dll)
CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll)
Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll)
Media Player Classic 6.4.9.1 - (iacenc.dll) DLL Hijacking Exploit
Nullsoft Winamp 5.581 - DLL Hijacking Exploit (wnaspi32.dll)
Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll)
Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Exploit
Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking
Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking
Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking
Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking
Mozilla Thunderbird - 'dwmapi.dll' DLL Hijacking
Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking
Adobe ExtendedScript Toolkit CS5 3.5.0.52 - 'dwmapi.dll' DLL Hijacking
CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
Media Player Classic 6.4.9.1 - 'iacenc.dll' DLL Hijacking
Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking
Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking
Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking
Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Exploit
Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking
Microsoft Edge - Array.map Heap Overflow (MS16-119)
Microsoft Edge - 'Array.map' Heap Overflow (MS16-119)
Microsoft Edge - Array.join Info Leak (MS16-119)
Microsoft Edge - 'Array.join' Infomation Leak (MS16-119)
Adobe Flash - Transform.colorTranform Getter Info Leak
Adobe Flash - Transform.colorTranform Getter Infomation Leak
Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123)
Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)
Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123)
Microsoft Windows - DeviceApi CMApi PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124)
Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Info Leak (MS16-119)
Microsoft Windows - 'win32k.sys' TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Microsoft Windows - 'win32k.sys' TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Microsoft Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Infomation Leak (MS16-119)
Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access)
Just Dial Clone Script - SQL Injection
FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation
RealPlayer 18.1.5.705 - '.QCP' Crash (PoC)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID)
Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC)
TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
2016-10-22 05:01:17 +00:00
Offensive Security
07fdc778ee
DB: 2016-10-21
...
24 new exploits
NetAuctionHelp 4.1 - search.asp SQL Injection
Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution
Microsoft Edge - Array.map Heap Overflow (MS16-119)
Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow
Microsoft Edge - Array.join Info Leak (MS16-119)
Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
HikVision Security Systems - Activex Buffer Overflow
Oracle Netbeans IDE 8.1 - Directory Traversal
MiCasa VeraLite - Remote Code Execution
Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection
Classifieds Rental Script - SQL Injection
SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service
SAP Adaptive Server Enterprise 16 - Denial of Service
Event Calendar PHP 1.5 - SQL Injection
SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution
SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal
SPIP 3.1.2 - Cross-Site Request Forgery
Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Info Leak (MS16-119)
Microsoft Edge - Spread Operator Stack Overflow (MS16-119)
Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)
OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)
2016-10-21 05:01:17 +00:00
Offensive Security
01eb066d9d
DB: 2016-10-13
...
11 new exploits
IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow
Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery
PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
Subversion 1.6.6 / 1.6.12 - Code Execution
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption
Categorizator 0.3.1 - SQL Injection
NetBilletterie 2.8 - Multiple Vulnerabilities
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
Android - Binder Generic ASLR Leak
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
2016-10-13 05:01:17 +00:00
Offensive Security
f8b17d14a1
DB: 2016-10-12
...
12 new exploits
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery
phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection
Android - 'gpsOneXtra' Data Files Denial of Service
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
2016-10-12 05:01:17 +00:00
Offensive Security
a3dbf3113e
DB: 2016-10-11
...
9 new exploits
ShoreTel Connect ONSITE - Blind SQL Injection
Leap Service - Unquoted Service Path Privilege Escalation
Wacom Consumer Service - Unquoted Service Path Privilege Escalation
Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation
Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation
Zend Studio IDE 13.5.1 - Insecure File Permissions Privilege Escalation
HP Client - Automation Command Injection / Remote Code Execution
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
2016-10-11 05:01:15 +00:00
Offensive Security
5fbed83086
DB: 2016-10-06
...
10 new exploits
Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials
Bind 9 DNS Server - Denial of Service
ISC BIND 9 - Denial of Service
Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion
Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution
VX Search Enterprise 9.0.26 - Buffer Overflow
Sync Breeze Enterprise 8.9.24 - Buffer Overflow
Dup Scout Enterprise 9.0.28 - Buffer Overflow
Disk Sorter Enterprise 9.0.24 - Buffer Overflow
Disk Savvy Enterprise 9.0.32 - Buffer Overflow
Abyss Web Server X1 2.11.1 - Unquoted Service Path Privilege Escalation
Fortitude HTTP 1.0.4.0 - Unquoted Service Path Privilege Escalation
2016-10-06 05:01:22 +00:00
Offensive Security
d9bdc2e376
DB: 2016-10-04
...
7 new exploits
maplab ms4w 2.2.1 - Remote File Inclusion
MapLab MS4W 2.2.1 - Remote File Inclusion
Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow
Grandsteam GXV3611_HD - SQL Injection
Glassfish Server - Unquoted Service Path Privilege Escalation
Windows Firewall Control - Unquoted Service Path Privilege Escalation
Android - Insufficient Binder Message Verification Pointer Leak
DWebPro 8.4.2 - Multiple Vulnerabilities
Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation
Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)
2016-10-04 05:01:17 +00:00
Offensive Security
f421077feb
DB: 2016-09-28
...
6 new exploits
UUCP Exploit - file creation/overwriting (symlinks)
UUCP Exploit - File Creation/Overwriting (symlinks) Exploit
Serv-U 3.x < 5.x - Privilege Escalation
Serv-U FTP Server 3.x < 5.x - Privilege Escalation
TiTan FTP Server - Long Command Heap Overflow (PoC)
Titan FTP Server - Long Command Heap Overflow (PoC)
Serv-U < 5.2 - Remote Denial of Service
Serv-U FTP Server < 5.2 - Remote Denial of Service
chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC)
Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
WS_FTP Server 5.03 - (RNFR) Buffer Overflow
Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow
TYPSoft FTP Server 1.11 - (RETR) Denial of Service
TYPSoft FTP Server 1.11 - 'RETR' Denial of Service
XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)
XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)
WinFtp Server 2.0.2 - (PASV) Remote Denial of Service
WinFTP Server 2.0.2 - (PASV) Remote Denial of Service
DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service
Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service
XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service
XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service
Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service
Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service
TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service
XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service
MiniWeb Http Server 0.8.x - Remote Denial of Service
MiniWeb HTTP Server 0.8.x - Remote Denial of Service
JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion
JAF CMS 4.0 RC2 - Multiple Remote File Inclusion
XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service
XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service
Belkin wireless G router + ADSL2 modem - Authentication Bypass
Belkin Wireless G router + ADSL2 modem - Authentication Bypass
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement
Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement
WinFTP 2.3.0 - (PASV mode) Remote Denial of Service
WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service
Titan FTP server 6.26 build 630 - Remote Denial of Service
Titan FTP Server 6.26 build 630 - Remote Denial of Service
Netgear WG102 - Leaks SNMP write Password with read access
Netgear WG102 - Leaks SNMP Write Password With Read Access
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Netgear embedded Linux for the SSL312 router - Denial of Service
Netgear SSL312 Router - Denial of Service
Belkin BullDog Plus UPS-Service - Buffer Overflow
Belkin BullDog Plus - UPS-Service Buffer Overflow
Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service
XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service
XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service
TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service
TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit
Firebird SQL - op_connect_request main listener shutdown
Firebird SQL - op_connect_request main listener shutdown Exploit
HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service
BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service
XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service
XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service
TYPSoft 1.10 - APPE DELE Denial of Service
TYPSoft FTP Server 1.10 - APPE DELE Denial of Service
WingFTP Server 3.2.4 - Cross-Site Request Forgery
Wing FTP Server 3.2.4 - Cross-Site Request Forgery
Quick Player 1.2 -Unicode BoF - bindshell
Quick Player 1.2 - Unicode Buffer Overflow (Bindshell)
UplusFtp Server 1.7.0.12 - Remote Buffer Overflow
UplusFTP Server 1.7.0.12 - Remote Buffer Overflow
Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe
Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow
iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC
iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC
TopDownloads MP3 Player 1.0 - '.m3u' crash
TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php
eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
uhttp Server - Directory Traversal
uhttp Server 0.1.0-alpha - Directory Traversal
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - RETR Command Denial of Service
SmallFTPd 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
SolarWinds 10.4.0.10 - TFTP Denial of Service
SolarWinds TFTP Server 10.4.0.10 - Denial of Service
e107 - Code Exec
e107 - Code Exection
HomeFTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service
TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE)
TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service
SolarWinds 10.4.0.13 - Denial of Service
SolarWinds TFTP Server 10.4.0.13 - Denial of Service
ISC-DHCPD - Denial of Service
ISC DHCPD - Denial of Service
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
deepin tftp server 1.25 - Directory Traversal
Deepin TFTP Server 1.25 - Directory Traversal
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit
JCMS 2010 - file download
JCMS 2010 - File Download Exploit
SolarFTP 2.0 - Multiple Commands Denial of Service
Solar FTP Server 2.0 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - RETR CMD Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
Xynph 1.0 - USER Denial of Service
Xynph FTP Server 1.0 - USER Denial of Service
XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service
Solar FTP 2.1 - Denial of Service
Solar FTP Server 2.1 - Denial of Service
Red Hat Linux - stickiness of /tmp
Red Hat Linux - stickiness of /tmp Exploit
home ftp server 1.12 - Directory Traversal
Home FTP Server 1.12 - Directory Traversal
NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)
RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit)
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
SmallFTPd 1.0.3 FTP Server - Denial of Service
SmallFTPd 1.0.3 - Denial of Service
PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit)
PCMan FTP Server Buffer Overflow - PUT Command (Metasploit)
Solar FTP 2.1.1 - PASV Buffer Overflow (PoC)
Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)
BisonFTP Server 3.5 - Remote Buffer Overflow
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow
Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit)
Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit)
BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
zFTP Server - 'cwd/stat' Remote Denial of Service
zFTPServer - 'cwd/stat' Remote Denial of Service
Serv-U FTP - Jail Break
Serv-U FTP Server - Jail Break
Typsoft FTP Server 1.10 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service
PeerBlock 1.1 - BSOD
PeerBlock 1.1 - BSOD Exploit
distinct tftp server 3.01 - Directory Traversal
Distinct TFTP Server 3.01 - Directory Traversal
PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection
PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
Berkeley Sendmail 5.58 - DEBUG
Berkeley Sendmail 5.58 - Debug exploit
SunView (SunOS 4.1.1) - selection_svc
Digital Ultrix 4.0/4.1 - /usr/bin/chroot
SunOS 4.1.1 - /usr/release/bin/makeinstall
SunOS 4.1.1 - /usr/release/bin/winstall
SunView (SunOS 4.1.1) - selection_svc Exploit
Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit
SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit
SunOS 4.1.1 - /usr/release/bin/winstall Exploit
SunOS 4.1.3 - kmem setgid /etc/crash
SunOS 4.1.3 - kmem setgid /etc/crash Exploit
IRIX 6.4 - pfdisplay.cgi
IRIX 6.4 - 'pfdisplay.cgi' Exploit
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit
FreePBX < 13.0.188 - Remote Command Execution (Metasploit)
HP JetAdmin 1.0.9 Rev. D - symlink
HP JetAdmin 1.0.9 Rev. D - symlink Exploit
Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
TP-Link Archer CR-700 - Cross-Site Scripting
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit
Cat Soft Serv-U 2.5 - Buffer Overflow
BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE
Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow
BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit
Linux Kernel 2.0 / 2.1 / 2.2 - autofs
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit
Debian 2.1 - httpd
S.u.S.E. 5.2 - gnuplot
Debian 2.1 - httpd Exploit
S.u.S.E. Linux 5.2 - gnuplot Exploit
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit
SGI IRIX 6.2 - /usr/lib/netaddpr
SGI IRIX 6.2 - /usr/lib/netaddpr Exploit
SGI IRIX 6.2 - day5notifier
SGI IRIX 6.2 - day5notifier Exploit
SGI IRIX 6.4 - datman/cdman
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.3 - cgi-bin webdist.cgi
SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit
SGI IRIX 6.4 - cgi-bin handler
SGI IRIX 6.4 - cgi-bin handler Exploit
SGI IRIX 6.4 - login
SGI IRIX 6.4 - login Exploit
IBM AIX 3.2.5 - IFS
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 3.2.5 - login(1)
IBM AIX 3.2.5 - login(1) Exploit
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2)
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit
GNU glibc 2.1/2.1.1 -6 - pt_chown
GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit
ProFTPd 1.2 pre6 - snprintf
ProFTPd 1.2 pre6 - snprintf Exploit
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit
S.u.S.E. Linux 6.1/6.2 - cwdtools
S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin'
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit
SCO Unixware 7.1 - 'pkg' commands
SCO Unixware 7.1 - 'pkg' command Exploit
Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service
Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service
Nortel Networks Optivity NETarchitect 2.0 - PATH
Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit
SGI IRIX 6.2 - midikeys/soundplayer
SGI IRIX 6.2 - midikeys/soundplayer Exploit
Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE
Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit
Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit
Microsoft Windows 95/98/NT 4.0 - autorun.inf
Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - setxconf
Corel Linux OS 1.0 - buildxconfig Exploit
Corel Linux OS 1.0 - setxconf Exploit
TP Link Gateway 3.12.4 - Multiple Vulnerabilities
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit
Cisco IOS 11.x/12.x - HTTP %%
Cisco IOS 11.x/12.x - HTTP %% Exploit
RedHat Linux 6.0/6.1/6.2 - pam_console
RedHat Linux 6.0/6.1/6.2 - pam_console Exploit
HP-UX 10.20/11.0 man - /tmp symlink
HP-UX 10.20/11.0 man - /tmp Symlink Exploit
IRIX 5.3/6.x - mail
IRIX 5.3/6.x - mail Exploit
TYPSoft 0.7 x - FTP Server Remote Denial of Service
TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service
Oracle Internet Directory 2.0.6 - oidldap
Oracle Internet Directory 2.0.6 - oidldap Exploit
CatSoft FTP Serv-U 2.5.x - Brute Force
Cat Soft Serv-U FTP Server 2.5.x - Brute Force
Small HTTP server 2.0 1 - Non-Existent File Denial of Service
Small HTTP Server 2.0 1 - Non-Existent File Denial of Service
NCSA httpd-campas 1.2 - sample script
NCSA httpd-campas 1.2 - sample script Exploit
Novell NetWare Web Server 2.x - convert.bas
Novell NetWare Web Server 2.x - convert.bas Exploit
Serv-U 2.4/2.5 - FTP Directory Traversal
Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal
Novell Netware Web Server 3.x - files.pl
Novell Netware Web Server 3.x - files.pl Exploit
guido frassetto sedum http server 2.0 - Directory Traversal
Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal
robin twombly a1 http server 1.0 - Directory Traversal
Robin Twombly A1 HTTP Server 1.0 - Directory Traversal
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit
michael lamont savant http server 2.1 - Directory Traversal
Michael Lamont Savant HTTP Server 2.1 - Directory Traversal
zeroo http server 1.5 - Directory Traversal (1)
zeroo http server 1.5 - Directory Traversal (2)
Zeroo HTTP Server 1.5 - Directory Traversal (1)
Zeroo HTTP Server 1.5 - Directory Traversal (2)
Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service
Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service
Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service
Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure
Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure
BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting
BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting
XLight FTP Server 1.x - Long Directory Request Remote Denial of Service
Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service
XLight FTP Server 1.52 - Remote Send File Request Denial of Service
Xlight FTP Server 1.52 - Remote Send File Request Denial of Service
gweb http server 0.5/0.6 - Directory Traversal
GWeb HTTP Server 0.5/0.6 - Directory Traversal
MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC)
MiniWeb HTTP Server (build 300) - Crash (PoC)
TP-Link Print Server TL PS110U - Sensitive Information Enumeration
TP-Link PS110U Print Server TL - Sensitive Information Enumeration
PCMan's FTP Server 2.0.7 - Buffer Overflow
PCMan FTP Server 2.0.7 - Buffer Overflow
PCMan's FTP Server 2.0 - Remote Buffer Overflow
PCMan FTP Server 2.0 - Remote Buffer Overflow
PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3-5 - ZendEngine ECalloc Integer Overflow
PHP 3 < 5 - ZendEngine ECalloc Integer Overflow
NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static Http Server 1.0 - Denial of Service
TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static HTTP Server 1.0 - Denial of Service
NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)
Netgear ReadyNAS - Perl Code Evaluation (Metasploit)
NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
Ipswitch 8.0 - WS_FTP Client Format String
Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String
NETGEAR WGR614 - Administration Interface Remote Denial of Service
Netgear WGR614 - Administration Interface Remote Denial of Service
Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities
Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities
Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow
Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow
Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit
Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit
NetMan 204 - Backdoor Account
NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Serv-U 11.1.0.3 - Denial of Service / Security Bypass
Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass
TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change
TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change
NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND9 - TKEY (PoC)
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND 9 - TKEY (PoC)
ISC BIND9 - TKEY Remote Denial of Service (PoC)
ISC BIND 9 - TKEY Remote Denial of Service (PoC)
NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Android (Stagefright) - Remote Code Execution
Android - 'Stagefright' Remote Code Execution
Microsoft Windows Media Center - MCL (MS15-100)
Microsoft Windows Media Center - MCL Exploit (MS15-100)
Android libstagefright - Integer Overflow Remote Code Execution
Android - libstagefright Integer Overflow Remote Code Execution
NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
pdfium IsFlagSet (v8 memory management) - SIGSEGV
pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit
NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities
Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities
XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service
NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service
Metaphor - Stagefright Exploit with ASLR Bypass
Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution
Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities
FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation
FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation
Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)
2016-09-28 11:55:43 +00:00
Offensive Security
35000196e1
DB: 2016-09-27
...
11 new exploits
Berlios gpsd 2.7.x - Remote Format String
Berlios GPSD 2.7.x - Remote Format String
bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit
Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1)
boastMachine 3.1 - (mail.php id) SQL Injection
BoastMachine 3.1 - 'mail.php' id SQL Injection
BIGACE 2.4 - Multiple Remote File Inclusion
BigACE 2.4 - Multiple Remote File Inclusion
attachmax dolphin 2.1.0 - Multiple Vulnerabilities
Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities
AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH)
AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH)
BIGACE CMS 2.5 - 'Username' SQL Injection
BigACE CMS 2.5 - 'Username' SQL Injection
BIGACE CMS 2.6 - (cmd) Local File Inclusion
BigACE CMS 2.6 - (cmd) Local File Inclusion
Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation
Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation
DistCC Daemon - Command Execution (Metasploit)
DistCC Daemon - Command Execution (Metasploit) (1)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1)
Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption
Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption
bitrix site manager 4.0.5 - Remote File Inclusion
Bitrix Site Manager 4.0.5 - Remote File Inclusion
boastMachine 3.1 - Arbitrary File Upload
BoastMachine 3.1 - Arbitrary File Upload
blog system 1.5 - Multiple Vulnerabilities
Blog System 1.5 - Multiple Vulnerabilities
b2b gold script - 'id' SQL Injection
B2B Gold Script - 'id' SQL Injection
TinyBrowser - Arbitrary File Upload
Wordpress Plugin TinyBrowser - Arbitrary File Upload
Nginx http server 0.6.36 - Directory Traversal
Nginx 0.6.36 - Directory Traversal
atomic photo album 1.0.2 - Multiple Vulnerabilities
Atomic Photo Album 1.0.2 - Multiple Vulnerabilities
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1)
Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)
bitweaver 2.8.1 - Persistent Cross-Site Scripting
Bitweaver 2.8.1 - Persistent Cross-Site Scripting
bitweaver 2.8.0 - Multiple Vulnerabilities
Bitweaver 2.8.0 - Multiple Vulnerabilities
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2)
DistCC Daemon - Command Execution (Metasploit)
DistCC Daemon - Command Execution (Metasploit) (2)
Bigace 2.7.5 - Arbitrary File Upload
BigACE 2.7.5 - Arbitrary File Upload
atutor 2.0.2 - Multiple Vulnerabilities
ATutor 2.0.2 - Multiple Vulnerabilities
boastMachine 3.1 - Cross-Site Request Forgery (Add Admin)
BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin)
Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111)
atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution
AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution
Macro Expert 4.0 - Multiple Privilege Escalations
axigen mail server 8.0.1 - Persistent Cross-Site Scripting
Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting
Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation
MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation
Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation
Joomla! Component Event Booking 2.10.1 - SQL Injection
NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation
bitweaver 2.8.1 - Multiple Vulnerabilities
Bitweaver 2.8.1 - Multiple Vulnerabilities
Contrexx CMS egov Module 1.0.0 - SQL Injection
Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)
White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
atutor 1.2 - Multiple Vulnerabilities
ATutor 1.2 - Multiple Vulnerabilities
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Clockstone and other CMSMasters Theme - Arbitrary File Upload
Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload
Nginx HTTP Server 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit)
Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit)
BuilderEngine 3.5.0 - Arbitrary File Upload
PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution
PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution
Bigace CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BoastMachine 3.1 - admin.php Cross-Site Scripting
BoastMachine 3.1 - 'admin.php' Cross-Site Scripting
Western Digital Arkeia - Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (1)
Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting
Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting
Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting
Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting
Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
boastMachine 2.8 - 'index.php' Local File Inclusion
BoastMachine 2.8 - 'index.php' Local File Inclusion
TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
boastMachine 3.1 - 'key' Parameter Cross-Site Scripting
BoastMachine 3.1 - 'key' Parameter Cross-Site Scripting
Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities
Creative Contact Form 0.9.7 - Arbitrary File Upload
Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload
Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting
Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting
Paid Memberships Pro 1.7.14.2 - Directory Traversal
Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal
DukaPress 2.5.2 - Directory Traversal
Wordpress Plugin DukaPress 2.5.2 - Directory Traversal
Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection
Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection
WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting
Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting
Duplicator 0.5.8 - Privilege Escalation
Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation
VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload
Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload
Shareaholic 7.6.0.3 - Cross-Site Scripting
Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting
Paypal Currency Converter Basic For WooCommerce - File Read
Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read
Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection
Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection
Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
Western Digital Arkeia - Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (2)
Multiple WordPress Themes WPScientist - Arbitrary File Upload
Multiple WordPress WPScientist Themes - Arbitrary File Upload
EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
Avast AntiVirus - X.509 Error Rendering Command Execution
Avast! AntiVirus - X.509 Error Rendering Command Execution
Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
Avast - OOB Write Decrypting PEncrypt Packed executables
Avast - JetDb::IsExploited4x Performs Unbounded Search on Input
Avast - Heap Overflow Unpacking MoleBox Archives
Avast - Integer Overflow Verifying numFonts in TTC Header
Avast! - OOB Write Decrypting PEncrypt Packed executables
Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input
Avast! - Heap Overflow Unpacking MoleBox Archives
Avast! - Integer Overflow Verifying numFonts in TTC Header
BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
Simple Ads Manager 2.9.4.116 - SQL Injection
Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection
MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation
Avast - Authenticode Parsing Memory Corruption
Avast! - Authenticode Parsing Memory Corruption
Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting
Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting
Job Script by Scubez - Remote Code Execution
Wordpress Plugin Job Script by Scubez - Remote Code Execution
Premium SEO Pack 1.9.1.3 - wp_options Overwrite
Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite
Ocomon 2.0 - SQL Injection
2016-09-27 05:01:25 +00:00
Offensive Security
102574cb3e
DB: 2016-09-24
...
5 new exploits
EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion
EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion
WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Adobe Acrobat Reader 7<9 - U3D Buffer Overflow
Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)
Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit)
Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Adobe Flash - Crash When Freeing Memory After AVC decoding
Adobe Flash - Video Decompression Memory Corruption
Linux - SELinux W+X Protection Bypass via AIO
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation
Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service
Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities
Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass
Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass
Microsoft Excel 95<2004 - Malformed Graphic File Code Execution
Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
Git-1.9.5 - ssh-agent.exe Buffer Overflow
Git 1.9.5 - ssh-agent.exe Buffer Overflow
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Skybox Platform <= 7.0.611 - Multiple Vulnerabilities
SOLIDserver <=5.0.4 - Local File Inclusion
SOLIDserver <= 5.0.4 - Local File Inclusion
WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities
WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
2016-09-24 05:05:07 +00:00
Offensive Security
b8ebed3824
DB: 2016-09-22
...
6 new exploits
Setuid perl - PerlIO_Debug() Root owned file creation
Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
VideoCache 1.9.2 - vccleaner Root
VideoCache 1.9.2 - 'vccleaner' Privilege Escalation
UK One Media CMS - 'id' Error Based SQL Injection
UK One Media CMS - 'id' Error-Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection
Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Ultimate eShop - Error Based SQL Injection
Ultimate eShop - Error-Based SQL Injection
WordPress Plugin Multiple - timthumb.php Vulnerabilities
Multiple WordPress Plugins - timthumb.php File Upload
Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service
Slackware Linux 3.5 - /etc/group missing results in Root access
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service
Sudo 1.6.3 - Unclean Environment Variable Root Program Execution
Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass
Microweber 0.905 - Error Based SQL Injection
Microweber 0.905 - Error-Based SQL Injection
WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
2016-09-22 05:06:28 +00:00
Offensive Security
235761b103
DB: 2016-09-20
...
12 new exploits
OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs
OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs
ZineBasic 1.1 - Arbitrary File Disclosure
SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation
VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions
VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow
MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities
MyBB 1.8.6 - SQL Injection
Kajona 4.7 - Cross-Site Scripting / Directory Traversal
Docker Daemon - Privilege Escalation (Metasploit)
SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation
EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure
PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow
2016-09-20 05:07:15 +00:00
Offensive Security
d5138d6962
DB: 2016-09-14
...
17 new exploits
Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script
Cherry Music 0.35.1 - Arbitrary File Disclosure
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation
Windows x86 - Password Protected TCP Bind Shell (637 bytes)
wdCalendar 2 - SQL Injection
Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation
Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change
Open-Xchange App Suite 7.8.2 - Cross Site Scripting
Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting
Multiple Icecream Apps - Insecure File Permissions Privilege Escalation
WinSMS 3.43 - Insecure File Permissions Privilege Escalation
Microsoft Internet Explorer 11.0.9600.18482 - Use After Free
AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure
AIOCP 1.3.x - Multiple Vulnerabilities
ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change
COMTREND ADSL Router CT-5367 C01_R12_ CT-5624 C01_R03 - Unauthenticated DNS Change
Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change
PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change
PIKATEL 96338WS_ 96338L-2M-8M - Unauthenticated DNS Change
Inteno EG101R1 VoIP Router - Unauthenticated DNS Change
2016-09-14 05:08:39 +00:00
Offensive Security
28e25eeea1
DB: 2016-09-13
...
1 new exploits
Too many to list!
2016-09-13 05:08:52 +00:00
Offensive Security
7607be84a3
DB: 2016-09-10
...
3 new exploits
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)
freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated
freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow
freeSSHd 1.2.1 - Authenticated Remote SEH Overflow
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit
AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection
AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow PoC
LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection
LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow PoC
Hannon Hill Cascade Server - (Authenticated) Command Execution
Hannon Hill Cascade Server - Authenticated Command Execution
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - Authenticated Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - Authenticated Multiple Vulnerabilities
Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service
FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service
NetAccess IP3 - (Authenticated) (ping option) Command Injection
NetAccess IP3 - Authenticated (ping option) Command Injection
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow
Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting
Apache Axis2 Administration console - Authenticated Cross-Site Scripting
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
ActFax Server FTP - Authenticated Remote Buffer Overflow
Oracle Database - Protocol Authentication Bypass
Oracle Database - Protocol Authentication Bypass
IRIS Citations Management Tool - (Authenticated) Remote Command Execution
IRIS Citations Management Tool - Authenticated Remote Command Execution
Airmail 3.0.2 - Cross-Site Scripting
LamaHub 0.0.6.2 - Buffer Overflow
Vodafone Mobile Wifi - Reset Admin Password
Zabbix 2.0 - 3.0.3 - SQL Injection
Zabbix 2.0 < 3.0.3 - SQL Injection
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)
Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF)
Alfresco - /proxy endpoint Parameter Server Side Request Forgery
Alfresco - /cmisbrowser url Parameter Server Side Request Forgery
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery
2016-09-10 05:08:39 +00:00
Offensive Security
0be1ea959a
DB: 2016-09-09
...
11 new exploits
Samba 3.0.4 - SWAT Authorization Buffer Overflow
Samba 3.0.4 SWAT - Authorisation Buffer Overflow
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)
HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)
HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)
WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)
WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC)
FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service
FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service
Multiple Applications - Local Credentials Disclosure
Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service
Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service
IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit
IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit
Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2)
Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2)
IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit
IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit
Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite
SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)
Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)
Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)
Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow
Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow
SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution
McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)
SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution
McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC)
MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow
MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow
NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit
NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit
HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow
BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow
Joomla Component JPad 1.0 - Post-Authentication SQL Injection
Joomla Component JPad 1.0 - Authenticated SQL Injection
CMS Made Simple 1.2.4 - (FileManager module) File Upload
CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication)
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)
freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow
freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow
vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit
vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit
Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service
Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service
Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit
Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service
Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service
AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection
AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection
AvailScript Jobs Portal Script - (Post-Authentication) File Upload
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service
Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement
Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)
Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service
Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service
freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC
LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection
LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection
freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC
AJ Auction Authentication - Bypass Exploit
AJ Auction - Authentication Bypass
Simple Directory Listing 2 - Cross-Site File Upload
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload
Mini File Host 1.x - Arbitrary PHP File Upload
Mini File Host 1.x - Arbitrary .PHP File Upload
Memberkit 1.0 - Remote PHP File Upload
Memberkit 1.0 - Remote Arbitrary .PHP File Upload
WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload
Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload
Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)
Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)
WikkiTikkiTavi 1.11 - Remote PHP File Upload
WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload
Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
zFeeder 1.6 - 'admin.php' Pre-Authentication
zFeeder 1.6 - 'admin.php' Unauthenticated
Addonics NAS Adapter - Post-Authentication Denial of Service
Addonics NAS Adapter - Authenticated Denial of Service
Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Hannon Hill Cascade Server - (Post-Authentication) Command Execution
Hannon Hill Cascade Server - (Authenticated) Command Execution
Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC)
XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)
Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service
Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service
Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure
MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC
Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal
Adobe JRun 4 - (logfile) Authenticated Directory Traversal
FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service
NetAccess IP3 - (Post-Authentication) (ping option) Command Injection
NetAccess IP3 - (Authenticated) (ping option) Command Injection
Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute
Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution
Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service
Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service
HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC)
Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC)
Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
uTorrent WebUI 0.370 - Authorization header Denial of Service
uTorrent WebUI 0.370 - Authorisation Header Denial of Service
Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)
Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting
Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass)
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)
dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)
dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)
UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow
Achievo 1.4.3 - Multiple Authorization Flaws
Achievo 1.4.3 - Multiple Authorisation Flaws
PHPMotion 1.62 - 'FCKeditor' File Upload
PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload
Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal
Home FTP Server 1.11.1.149 - Authenticated Directory Traversal
News Script PHP Pro - 'FCKeditor' File Upload
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload
Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow
Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow
Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion
Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion
HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow
MailEnable - Authorization Header Buffer Overflow
MailEnable - Authorisation Header Buffer Overflow
ColdFusion 8.0.1 - Arbitrary File Upload and Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution
ColdFusion 8.0.1 - Arbitrary File Upload / Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution
OpenX - banner-edit.php File Upload PHP Code Execution
OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution
Joomla 1.5.12 - tinybrowser File Upload Code Execution
Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution
N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit
N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit
If-CMS 2.07 - Pre-Authentication Local File Inclusion (1)
If-CMS 2.07 - Unauthenticated Local File Inclusion (1)
IPComp - encapsulation Pre-Authentication kernel memory Corruption
IPComp - encapsulation Unauthenticated kernel memory Corruption
SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit
SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass)
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass)
Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2)
If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)
DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit
DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit
TomatoCart 1.1 - Post-Authentication Local File Inclusion
TomatoCart 1.1 - Authenticated Local File Inclusion
BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass
BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass
QuiXplorer 2.3 - Bugtraq File Upload
QuiXplorer 2.3 - Bugtraq Arbitrary File Upload
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit)
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit)
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution
Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)
Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)
BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR
BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection
Dolibarr ERP & CRM 3 - Authenticated OS Command Injection
V-CMS - PHP File Upload and Execution
V-CMS - Arbitrary .PHP File Upload / Execution
WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection
WebCalendar 1.2.4 - Unauthenticated Remote Code Injection
appRain CMF - Arbitrary PHP File Upload
appRain CMF - Arbitrary .PHP File Upload
EGallery - PHP File Upload
EGallery - Arbitrary .PHP File Upload
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload
WebPageTest - Arbitrary PHP File Upload
WebPageTest - Arbitrary .PHP File Upload
XODA 0.4.5 - Arbitrary PHP File Upload
XODA 0.4.5 - Arbitrary .PHP File Upload
Elcom CMS 7.4.10 - Community Manager Insecure File Upload
Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection
Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow
Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1)
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2)
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit
qdPM 7.0 - Arbitrary PHP File Upload
qdPM 7.0 - Arbitrary .PHP File Upload
Oracle Database - Authentication Protocol Security Bypass
Oracle Database - Protocol Authentication Bypass
Mod_NTLM 0.x - Authorization Heap Overflow
Mod_NTLM 0.x - Authorisation Heap Overflow
Mod_NTLM 0.x - Authorization Format String
Mod_NTLM 0.x - Authorisation Format String
Geeklog 1.3.x - Authentication SQL Injection
Geeklog 1.3.x - Authenticated SQL Injection
NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution
MySQL - Remote Pre-Authentication User Enumeration
MySQL - Remote Unauthenticated User Enumeration
vbPortal 2.0 alpha 8.1 - Authentication SQL Injection
vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)
WordPress WP-Property Plugin - PHP File Upload
WordPress Asset-Manager Plugin - PHP File Upload
WordPress WP-Property Plugin - Arbitrary .PHP File Upload
WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload
Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution
Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution
RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service
RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun
Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun
Novell NCP - Pre-Authentication Remote Root Exploit
Novell NCP - Unauthenticated Remote Root Exploit
Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass
Polar Helpdesk 3.0 - Cookie Based Authentication Bypass
IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution
IRIS Citations Management Tool - (Authenticated) Remote Command Execution
Polycom HDX - Telnet Authorization Bypass (Metasploit)
Polycom HDX - Telnet Authentication Bypass (Metasploit)
OpenEMR - PHP File Upload
OpenEMR - Arbitrary .PHP File Upload
PolarPearCMS - PHP File Upload
PolarPearCMS - Arbitrary .PHP File Upload
Apache 2.0.x - mod_ssl Remote Denial of Service
Apache/mod_ssl 2.0.x - Remote Denial of Service
phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload
phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload
BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal
BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal
MoinMoin - twikidraw Action Traversal File Upload
MoinMoin - twikidraw Action Traversal Arbitrary File Upload
Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption
Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption
Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow
Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow
FlexWATCH 3.0 - AIndex.asp Authorization Bypass
FlexWATCH 3.0 - AIndex.asp Authentication Bypass
HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload
HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload
WordPress Curvo Themes - Cross-Site Request Forgery File Upload
WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload
PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass
PHPBB2 - Admin_Ug_Auth.php Administrative Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass
Castripper 2.50.70 - '.pls' DEP Exploit
Castripper 2.50.70 - '.pls' DEP Bypass Exploit
Google Urchin 5.7.3 - Report.cgi Authorization Bypass
Google Urchin 5.7.3 - Report.cgi Authentication Bypass
Adobe Flash - Method Calls Use-After-Free
Adobe Flash - Transform.colorTranform Getter Info Leak
RSA Authentication Agent for Web 5.3 - URI redirection
RSA Authentication Agent for Web 5.3 - URI Redirection
Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Zabbix 2.0 - 3.0.3 - SQL Injection
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution
Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure
LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload
Katello (Red Hat Satellite) - users/update_roles Missing Authorization
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation
Freepbx 13.0.x < 13.0.154 - Remote Command Execution
FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution
Jobberbase 2.0 - Multiple Vulnerabilities
Windows x86 - Bind Shell TCP Shellcode
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload
Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Moab < 7.2.9 - Authorization Bypass
Moab < 7.2.9 - Authentication Bypass
Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection
Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection
Drupal Core < 7.32 - Pre-Authentication SQL Injection
Drupal Core < 7.32 - Unauthenticated SQL Injection
Tincd - Post-Authentication Remote TCP Stack Buffer Overflow
Tincd - Authenticated Remote TCP Stack Buffer Overflow
PMB 4.1.3 - Post-Authentication SQL Injection
PMB 4.1.3 - Authenticated SQL Injection
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution
ManageEngine Multiple Products - Authenticated File Upload
ManageEngine Multiple Products - Authenticated Arbitrary File Upload
Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass)
Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass)
Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution
Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution
Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection
Symantec Web Gateway 5 - restore.php Authenticated Command Injection
JBoss Seam 2 - Arbitrary File Upload and Execution
JBoss Seam 2 - Arbitrary File Upload / Execution
Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit)
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution
JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass
JibberBook 2.3 - 'Login_form.php' Authentication Bypass
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
Zenoss 3.2.1 - Remote Post-Authentication Command Execution
Zenoss 3.2.1 - Remote Authenticated Command Execution
Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution
Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution
Magento CE < 1.9.0.1 - Authenticated Remote Code Execution
Netsweeper 4.0.9 - Arbitrary File Upload and Execution
Netsweeper 4.0.9 - Arbitrary File Upload / Execution
Netsweeper 4.0.8 - Arbitrary File Upload and Execution
Netsweeper 4.0.8 - Arbitrary File Upload / Execution
EasyITSP - 'customers_edit.php' Authentication Security Bypass
EasyITSP - 'customers_edit.php' Authentication Bypass
Wolf CMS - Arbitrary File Upload and Execution
Wolf CMS - Arbitrary File Upload / Execution
Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow
Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow
GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution
vBulletin 5.1.x - Pre-Authentication Remote Code Execution
vBulletin 5.1.x - Unauthenticated Remote Code Execution
WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass
WordPress WP to Twitter Plugin - Authorization Bypass
WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass
WordPress WP to Twitter Plugin - Authentication Bypass
Novell ServiceDesk - Authenticated File Upload
Novell ServiceDesk - Authenticated Arbitrary File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)
phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers
phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)
vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API
vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit)
phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution
phpMyAdmin 4.6.2 - Authenticated Remote Code Execution
vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
2016-09-09 05:09:09 +00:00
Offensive Security
2aa9d941de
DB: 2016-09-08
...
6 new exploits
Too many to list!
2016-09-08 05:08:29 +00:00
Offensive Security
d36011b4f9
DB: 2016-09-07
...
3 new exploits
Too many to list!
2016-09-07 05:09:19 +00:00
Offensive Security
5e2fc10125
DB: 2016-09-03
2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d
DB: 2016-09-03
...
14 new exploits
Too many to list!
2016-09-03 05:08:42 +00:00
Offensive Security
1f0c845486
DB: 2016-08-31
...
3 new exploits
Too many to list!
2016-08-31 05:07:37 +00:00
Offensive Security
760d823bc8
DB: 2016-08-30
...
18 new exploits
Too many to list!
2016-08-30 05:08:40 +00:00
Offensive Security
4c43b1da2b
DB: 2016-08-25
2016-08-25 05:07:18 +00:00
Offensive Security
6be90e9280
DB: 2016-08-24
...
5 new exploits
Too many to list!
2016-08-24 05:06:46 +00:00
Offensive Security
32bd251480
DB: 2016-08-20
...
17 new exploits
Too many to list!
2016-08-20 05:06:28 +00:00
Offensive Security
29076928d8
DB: 2016-08-17
...
10 new exploits
Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service Exploit
Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service
LifeType 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit
LifeType 1.0.4 - Multiple Vulnerabilities
Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote DoS Exploit
Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote Denial of Service
cms-bandits 2.5 - (spaw_root) Remote File Inclusion
Enterprise Payroll Systems 1.1 - (footer) Remote Include
CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion
Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion
0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash Exploit
empris r20020923 - (phormationdir) Remote Include
aePartner 0.8.3 - (dir[data]) Remote Include
0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash PoC
empris r20020923 - (phormationdir) Remote File Inclusion
aePartner 0.8.3 - (dir[data]) Remote File Inclusion
SmartSiteCMS 1.0 - (root) Remote File Inclusion
Opera 9 - (long href) Remote Denial of Service Exploit
SmartSite CMS 1.0 - (root) Remote File Inclusion
Opera 9 - (long href) Remote Denial of Service
w-Agora 4.2.0 - (inc_dir) Remote File Inclusion Exploit
w-Agora 4.2.0 - (inc_dir) Remote File Inclusion
BitchX 1.1-final do_hook() Remote Denial of Service Exploit
BitchX 1.1-final - do_hook() Remote Denial of Service
BLOG:CMS 4.0.0k SQL Injection Exploit
BLOG:CMS 4.0.0k - SQL Injection
Sun Board 1.00.00 alpha Remote File Inclusion
Sun Board 1.00.00 alpha - Remote File Inclusion
Mailist 3.0 Insecure Backup/Local File Inclusion
Mailist 3.0 - Insecure Backup/Local File Inclusion
AdaptCMS 2.0.0 Beta (init.php) Remote File Inclusion
AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion
VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion
VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion
VisualShapers ezContents 1.x/2.0 - db.php Arbitrary File Inclusion
VisualShapers ezContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion
VoteBox 2.0 Votebox.php Remote File Inclusion
VoteBox 2.0 - Votebox.php Remote File Inclusion
TRG News 3.0 Script Remote File Inclusion
TRG News 3.0 Script - Remote File Inclusion
Vortex Portal 2.0 content.php act Parameter Remote File Inclusion
Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion
Shoutbox 1.0 Shoutbox.php Remote File Inclusion
Shoutbox 1.0 - Shoutbox.php Remote File Inclusion
Ajaxmint Gallery 1.0 Local File Inclusion
Ajaxmint Gallery 1.0 - Local File Inclusion
Zabbix 2.2.x_ 3.0.x - SQL Injection
Microsoft Office Word 2013_2016 - sprmSdyaTop Denial of Service (MS16-099)
Zabbix 2.2.x / 3.0.x - SQL Injection
Microsoft Office Word 2013/2016 - sprmSdyaTop Denial of Service (MS16-099)
Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use After Free PoC
Windows x86 - MessageBoxA Shellcode (242 bytes)
Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes)
Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal
Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection
Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist
Nagios Log Server 1.4.1 - Multiple Vulnerabilities
Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities
Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities
Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV
2016-08-17 05:02:47 +00:00
Offensive Security
8c28728c9f
DB: 2016-08-15
...
2 new exploits
Cacti 0.8.6d Remote Command Execution Exploit
Cacti 0.8.6d - Remote Command Execution Exploit
Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit
Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin Exploit
PHP < 4.4.5 - / 5.2.1 - php_binary Session Deserialization Information Leak
PHP < 4.4.5 - / 5.2.1 - WDDX Session Deserialization Information Leak
PHP < 4.4.5 / 5.2.1 - php_binary Session Deserialization Information Leak
PHP < 4.4.5 / 5.2.1 - WDDX Session Deserialization Information Leak
PHP < 4.4.5 - / 5.2.1 - _SESSION unset() Local Exploit
PHP < 4.4.5 - / 5.2.1 - _SESSION Deserialization Overwrite Exploit
PHP < 4.4.5 / 5.2.1 - _SESSION unset() Local Exploit
PHP < 4.4.5 / 5.2.1 - _SESSION Deserialization Overwrite Exploit
Cacti 0.8.6-d graph_view.php Command Injection (Metasploit)
Cacti 0.8.6-d - graph_view.php Command Injection (Metasploit)
Samba 3.0.10 - 3.3.5 - Format String And Security Bypass
Samba 3.0.10 < 3.3.5 - Format String And Security Bypass
Allomani - E-Store 1.0 - CSRF Add Admin Account
Allomani - Super Multimedia 2.5 - CSRF Add Admin Account
Allomani - E-Store 1.0 - CSRF (Add Admin Account)
Allomani - Super Multimedia 2.5 - CSRF (Add Admin Account)
HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS
HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow DoS
HP Data Protector Media Operations NULL Pointer Dereference Remote DoS
HP Data Protector Media Operations - NULL Pointer Dereference Remote DoS
JBoss Application Server Remote Exploit
JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Exploit
EasyFTP Server 1.7.0.11 MKD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - MKD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 LIST Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - LIST Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 CWD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - CWD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 list.html path Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow
Cacti graph_view.php Remote Command Execution
Cacti - graph_view.php Remote Command Execution
Linux/SuperH (sh4) - setuid(0) - chmod(_/etc/shadow__ 0666) - exit(0) shellcode (43 bytes)
Linux/SuperH (sh4) - setuid(0) / chmod(_/etc/shadow__ 0666) / exit(0) Shellcode (43 bytes)
HP Data Protector 6.20 EXEC_CMD Buffer Overflow
HP Data Protector 6.20 - EXEC_CMD Buffer Overflow
HP Data Protector Remote Shell for HP-UX
HP Data Protector - Remote Shell for HP-UX
WHMCompleteSolution (cart.php) 3.x.x < 4.0.x - Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - (cart.php) Local File Disclosure
hp data protector media operations 6.20 - Directory Traversal
HP Data Protector Media Operations 6.20 - Directory Traversal
HP Data Protector 6.1 EXEC_CMD Remote Code Execution
HP Data Protector 6.1 - EXEC_CMD Remote Code Execution
HP Data Protector Client EXEC_CMD Remote Code Execution
HP Data Protector Client - EXEC_CMD Remote Code Execution
HP Data Protector Create New Folder Buffer Overflow
HP Data Protector - Create New Folder Buffer Overflow
Irfanview JPEG2000 <= 4.3.2.0 - jp2 - Stack Buffer Overflow
Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow
HP Data Protector DtbClsLogin Buffer Overflow
HP Data Protector - DtbClsLogin Buffer Overflow
RaXnet Cacti 0.5/0.6/0.8 Config_Settings.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - Config_Settings.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - Top_Graph_Header.php Remote File Inclusion
RaXnet Cacti 0.5/0.6.x/0.8.x Graph_Image.php Remote Command Execution Variant
RaXnet Cacti 0.5/0.6.x/0.8.x - Graph_Image.php Remote Command Execution Variant
TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) - Crash PoC
TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash PoC
HP Data Protector Arbitrary Remote Command Execution
HP Data Protector - Arbitrary Remote Command Execution
Indusoft Thin Client 7.1 - ActiveX - Buffer Overflow
Indusoft Thin Client 7.1 - ActiveX Buffer Overflow
BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities
HP Data Protector Cell Request Service Buffer Overflow
HP Data Protector - Cell Request Service Buffer Overflow
Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution
Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution
Cacti 0.8.7 graph_view.php graph_list Parameter SQL Injection
Cacti 0.8.7 graph.php view_type Parameter XSS
Cacti 0.8.7 graph_view.php filter Parameter XSS
Cacti 0.8.7 tree.php Multiple Parameter SQL Injection
Cacti 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection
Cacti 0.8.7 index.php/sql.php Login Action login_username Parameter SQL Injection
Cacti 0.8.7 - graph_view.php graph_list Parameter SQL Injection
Cacti 0.8.7 - graph.php view_type Parameter XSS
Cacti 0.8.7 - graph_view.php filter Parameter XSS
Cacti 0.8.7 - tree.php Multiple Parameter SQL Injection
Cacti 0.8.7 - graph_xport.php local_graph_id Parameter SQL Injection
Cacti 0.8.7 - index.php/sql.php Login Action login_username Parameter SQL Injection
MG2 - 'list' Parameter - Cross-Site Scripting
MG2 - 'list' Parameter Cross-Site Scripting
HP Data Protector Backup Client Service - Directory Traversal
HP Data Protector - Backup Client Service Directory Traversal
HP Data Protector EXEC_BAR Remote Command Execution
HP Data Protector - EXEC_BAR Remote Command Execution
HP Data Protector Backup Client Service Remote Code Execution
HP Data Protector - Backup Client Service Remote Code Execution
Cacti 0.8.x graph.php Multiple Parameter XSS
Cacti 0.8.x - graph.php Multiple Parameter XSS
Jetty 6.1.x JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities
Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities
Cacti 0.8.7 on Red Hat High Performance Computing (HPC) utilities.php filter Parameter XSS
Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter XSS
HP Data Protector EXEC_INTEGUTIL Remote Code Execution
HP Data Protector - EXEC_INTEGUTIL Remote Code Execution
HP Data Protector 8.10 Remote Command Execution
HP Data Protector 8.10 - Remote Command Execution
Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow
Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow
Exim 4 (Debian / Ubuntu) - Spool Local Privilege Escalation
Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Local Privilege Escalation
Wireshark 2.0.0 - 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Wireshark 2.0.0 - 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - PacketBB Dissector Denial of Service
Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - WSP Dissector Denial of Service
Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - RLC Dissector Denial of Service
Wireshark 2.0.0 < 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Wireshark 2.0.0 < 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - PacketBB Dissector Denial of Service
Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - WSP Dissector Denial of Service
Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - RLC Dissector Denial of Service
FreePBX 13 / 14 - Remote Code Execution
FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation
Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit
Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
Samsung Smart Home Camera SNH-P-6410 - Command Injection
2016-08-15 05:09:55 +00:00
Offensive Security
52c4bb1e58
DB: 2016-08-14
...
5 new exploits
AWStats (5.0-6.3) Input Validation Hole in 'logfile'
AWStats 5.0-6.3 - Input Validation Hole in 'logfile'
Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross-Site Scripting
Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting
Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow
WorldMail imapd 3.0 SEH Overflow (egg hunter)
WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)
e107 website system 0.7.5 contact.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 download.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 admin.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 fpw.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 news.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - contact.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - download.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - admin.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - fpw.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - news.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 signup.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 submitnews.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - signup.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - submitnews.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 user.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter XSS
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (1)
PHP-Nuke Sarkilar Module 'id' Parameter SQL Injection
PHP-Nuke Sarkilar Module - 'id' Parameter SQL Injection
PHP-Nuke Nuke League Module 'tid' Parameter Cross-Site Scripting
PHP-Nuke Nuke League Module - 'tid' Parameter Cross-Site Scripting
Kimson CMS 'id' Parameter Cross-Site Scripting
Kimson CMS - 'id' Parameter Cross-Site Scripting
Ocean12 FAQ Manager Pro 'Keyword' Parameter Cross-Site Scripting
Multiple Ocean12 Products 'Admin_ID' Parameter SQL Injection
Ocean12 FAQ Manager Pro - 'Keyword' Parameter Cross-Site Scripting
Multiple Ocean12 Products - 'Admin_ID' Parameter SQL Injection
LinksPro 'OrderDirection' Parameter SQL Injection
LinksPro - 'OrderDirection' Parameter SQL Injection
PHP-Nuke Downloads Module 'url' Parameter SQL Injection
PHP-Nuke Downloads Module - 'url' Parameter SQL Injection
PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass
PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass
PuterJam\'s Blog PJBlog3 3.0.6 \'action.asp\' SQL Injection
PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection
PHP-Nuke 8.0 Downloads Module 'query' Parameter Cross-Site Scripting
PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting
Oracle 10g Secure Enterprise Search 'search_p_groups' Parameter Cross-Site Scripting
Oracle 10g Secure Enterprise Search - 'search_p_groups' Parameter Cross-Site Scripting
Scriptsez Easy Image Downloader 'id' Parameter Cross-Site Scripting
Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting
XOOPS 2.3.3 \\\'op\\\' Parameter Multiple Cross-Site Scripting Vulnerabilities
XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities
Joomla! CB Resume Builder 'group_id' Parameter SQL Injection
X-Cart Email Subscription 'email' Parameter Cross-Site Scripting
Joomla! CB Resume Builder - 'group_id' Parameter SQL Injection
X-Cart Email Subscription - 'email' Parameter Cross-Site Scripting
RunCMS 'forum' Parameter SQL Injection
RunCMS - 'forum' Parameter SQL Injection
Multiple JiRo's Products 'files/login.asp' Multiple SQL Injection
Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection
Elxis 'filename' Parameter Directory Traversal
Elxis - 'filename' Parameter Directory Traversal
Ez Cart 'sid' Parameter Cross-Site Scripting
Ez Cart - 'sid' Parameter Cross-Site Scripting
Joomla! iF Portfolio Nexus 'controller' Parameter Remote File Inclusion
Joomla! iF Portfolio Nexus - 'controller' Parameter Remote File Inclusion
Joomla! Jobads 'type' Parameter SQL Injection
Joomla! Jobads - 'type' Parameter SQL Injection
Jamit Job Board 'post_id' Parameter Cross-Site Scripting
Jamit Job Board - 'post_id' Parameter Cross-Site Scripting
Tribisur 'cat' Parameter Cross-Site Scripting
Tribisur - 'cat' Parameter Cross-Site Scripting
Extreme Mobster 'login' Parameter Cross-Site Scripting
Extreme Mobster - 'login' Parameter Cross-Site Scripting
Subex Nikira Fraud Management System GUI 'message' Parameter Cross-Site Scripting
Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-Site Scripting
Softbiz Jobs 'sbad_type' Parameter Cross-Site Scripting
Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting
HD FLV Player Component for Joomla! 'id' Parameter SQL Injection
HD FLV Player Component for Joomla! - 'id' Parameter SQL Injection
Spectrum Software WebManager CMS 'pojam' Parameter Cross-Site Scripting
Saskia's Shopsystem 'id' Parameter Local File Inclusion
Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting
Saskia's Shopsystem - 'id' Parameter Local File Inclusion
Pars CMS 'RP' Parameter Multiple SQL Injection
Pars CMS - 'RP' Parameter Multiple SQL Injection
Kasseler CMS News Module 'id' Parameter SQL Injection
Kasseler CMS News Module - 'id' Parameter SQL Injection
Ziggurat Farsi CMS 'id' Parameter Unspecified Cross-Site Scripting
Ziggurat Farsi CMS - 'id' Parameter Unspecified Cross-Site Scripting
Vana CMS 'filename' Parameter Remote File Download
Vana CMS - 'filename' Parameter Remote File Download
Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal
Ziggurrat Farsi CMS - 'bck' Parameter Directory Traversal
Viennabux Beta! 'cat' Parameter SQL Injection
Viennabux Beta! - 'cat' Parameter SQL Injection
HP System Management Homepage 'RedirectUrl' Parameter URI Redirection
HP System Management Homepage - 'RedirectUrl' Parameter URI Redirection
Sterlite SAM300 AX Router 'Stat_Radio' Parameter Cross-Site Scripting
Sterlite SAM300 AX Router - 'Stat_Radio' Parameter Cross-Site Scripting
Last Wizardz 'id' Parameter SQL Injection
Last Wizardz - 'id' Parameter SQL Injection
Plesk Server Administrator (PSA) 'locale' Parameter Local File Inclusion
Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion
VideoWhisper PHP 2 Way Video Chat 'r' Parameter Cross-Site Scripting
VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting
KubeSupport 'lang' Parameter SQL Injection
KubeSupport - 'lang' Parameter SQL Injection
ReCMS 'users_lang' Parameter Directory Traversal
ReCMS - 'users_lang' Parameter Directory Traversal
jCore 'search' Parameter Cross-Site Scripting
jCore - 'search' Parameter Cross-Site Scripting
PHP168 Template Editor 'filename' Parameter Directory Traversal
PHP168 Template Editor - 'filename' Parameter Directory Traversal
uzbl \'uzbl-core\' \'@SELECTED_URI\' Mouse Button Bindings Command Injection
uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection
SyntaxCMS 'rows_per_page' Parameter SQL Injection
Edit-X PHP CMS 'search_text' Parameter Cross-Site Scripting
SyntaxCMS - 'rows_per_page' Parameter SQL Injection
Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting
Nasim Guest Book 'page' Parameter Cross-Site Scripting
Nasim Guest Book - 'page' Parameter Cross-Site Scripting
FreeSchool 'key_words' Parameter Cross-Site Scripting
FreeSchool - 'key_words' Parameter Cross-Site Scripting
tourismscripts HotelBook 'hotel_id' Parameter Multiple SQL Injection
tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection
Spiceworks 'query' Parameter Cross-Site Scripting
Spiceworks - 'query' Parameter Cross-Site Scripting
NWS-Classifieds 'cmd' Parameter Local File Inclusion
NWS-Classifieds - 'cmd' Parameter Local File Inclusion
WebAsyst Shop-Script PREMIUM 'searchstring' Parameter Cross-Site Scripting
WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting
Web TV 'chn' Parameter Cross-Site Scripting
Web TV - 'chn' Parameter Cross-Site Scripting
Honest Traffic 'msg' Parameter Cross-Site Scripting
Honest Traffic - 'msg' Parameter Cross-Site Scripting
PHP Photo Vote 1.3F 'page' Parameter Cross-Site Scripting
PHP Photo Vote 1.3F - 'page' Parameter Cross-Site Scripting
Wap-motor 'image' Parameter Directory Traversal
Wap-motor - 'image' Parameter Directory Traversal
QuarkMail 'tf' Parameter Directory Traversal
QuarkMail - 'tf' Parameter Directory Traversal
Microsoft Windows VISTA 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution
Microsoft Windows VISTA - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution
LES PACKS 'ID' Parameter SQL Injection
LES PACKS - 'ID' Parameter SQL Injection
PHPShop 2.1 EE 'name_new' Parameter Cross-Site Scripting
PHPShop 2.1 EE - 'name_new' Parameter Cross-Site Scripting
IBM OmniFind 'command' Parameter Cross-Site Scripting
IBM OmniFind - 'command' Parameter Cross-Site Scripting
Joomla Store Directory 'id' Parameter SQL Injection
Joomla Store Directory - 'id' Parameter SQL Injection
PHP State 'id' Parameter SQL Injection
Joomla Jeformcr 'id' Parameter SQL Injection
JExtensions Property Finder Component for Joomla! 'sf_id' Parameter SQL Injection
PHP State - 'id' Parameter SQL Injection
Joomla Jeformcr - 'id' Parameter SQL Injection
JExtensions Property Finder Component for Joomla! - 'sf_id' Parameter SQL Injection
Social Share 'postid' Parameter SQL Injection
Social Share - 'postid' Parameter SQL Injection
Openfiler 'device' Parameter Cross-Site Scripting
Openfiler - 'device' Parameter Cross-Site Scripting
Social Share 'username' Parameter SQL Injection
Social Share - 'username' Parameter SQL Injection
Social Share 'search' Parameter Cross-Site Scripting
HotWeb Scripts HotWeb Rentals 'PageId' Parameter SQL Injection
Social Share - 'search' Parameter Cross-Site Scripting
HotWeb Scripts HotWeb Rentals - 'PageId' Parameter SQL Injection
SnapProof 'retPageID' Parameter Cross-Site Scripting
SnapProof - 'retPageID' Parameter Cross-Site Scripting
VidiScript 'vp' Parameter Cross-Site Scripting
VidiScript - 'vp' Parameter Cross-Site Scripting
PHP-Fusion 'article_id' Parameter SQL Injection
PHP-Fusion - 'article_id' Parameter SQL Injection
Qianbo Enterprise Web Site Management System 'Keyword' Parameter Cross-Site Scripting
RunCMS 'partners' Module 'id' Parameter SQL Injection
Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-Site Scripting
RunCMS 'partners' Module - 'id' Parameter SQL Injection
Technicolor THOMSON TG585v7 Wireless Router 'url' Parameter Cross-Site Scripting
Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-Site Scripting
SyCtel Design 'menu' Parameter Multiple Local File Inclusion
SyCtel Design - 'menu' Parameter Multiple Local File Inclusion
phpGraphy 0.9.13 b 'theme_dir' Parameter Cross-Site Scripting
phpGraphy 0.9.13 b - 'theme_dir' Parameter Cross-Site Scripting
Web Auction 0.3.6 'lang' Parameter Cross-Site Scripting
Web Auction 0.3.6 - 'lang' Parameter Cross-Site Scripting
Multiple GoT.MY Products 'theme_dir' Parameter Cross-Site Scripting
Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting
Flash Tag Cloud And MT-Cumulus Plugin 'tagcloud' Parameter Cross-Site Scripting
Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting
Joomla! 'com_cbcontact' Component 'contact_id' Parameter SQL Injection
Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection
Joomla! 'com_maplocator' Component 'cid' Parameter SQL Injection
Joomla! 'com_maplocator' Component - 'cid' Parameter SQL Injection
Tolinet Agencia 'id' Parameter SQL Injection
Tolinet Agencia - 'id' Parameter SQL Injection
WebFileExplorer 3.6 'user' and 'pass' SQL Injection
WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection
Sitemagic CMS 'SMTpl' Parameter Directory Traversal
Sitemagic CMS - 'SMTpl' Parameter Directory Traversal
Nodesforum '_nodesforum_node' Parameter SQL Injection
Joomla! 'com_morfeoshow' Component 'idm' Parameter SQL Injection
Nodesforum - '_nodesforum_node' Parameter SQL Injection
Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection
Joomla! 'com_jr_tfb' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_jr_tfb' Component - 'controller' Parameter Local File Inclusion
eTAWASOL 'id' Parameter SQL Injection
eTAWASOL - 'id' Parameter SQL Injection
Prontus CMS 'page' Parameter Cross-Site Scripting
ICMusic '1.2 music_id' Parameter SQL Injection
Prontus CMS - 'page' Parameter Cross-Site Scripting
ICMusic 1.2 - 'music_id' Parameter SQL Injection
Flowplayer 3.2.7 linkUrl' Parameter Cross-Site Scripting
Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting
Easy Estate Rental 's_location' Parameter SQL Injection
Joomla Foto Component 'id_categoria' Parameter SQL Injection
Easy Estate Rental - 's_location' Parameter SQL Injection
Joomla Foto Component - 'id_categoria' Parameter SQL Injection
Joomla Juicy Gallery Component 'picId' Parameter SQL Injection
Joomla Juicy Gallery Component - 'picId' Parameter SQL Injection
Joomla Controller Component 'Itemid' Parameter SQL Injection
Joomla Controller Component - 'Itemid' Parameter SQL Injection
Synergy Software 'id' Parameter SQL Injection
Godly Forums 'id' Parameter SQL Injection
Synergy Software - 'id' Parameter SQL Injection
Godly Forums - 'id' Parameter SQL Injection
MyBB MyTabs Plugin 'tab' Parameter SQL Injection
MyBB MyTabs Plugin - 'tab' Parameter SQL Injection
mt LinkDatenbank 'b' Parameter Cross-Site Scripting
mt LinkDatenbank - 'b' Parameter Cross-Site Scripting
Joomla! Slideshow Gallery Component 'id' Parameter SQL Injection
Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection
Joomla! 'com_community' Component 'userid' Parameter SQL Injection
Joomla! 'com_community' Component - 'userid' Parameter SQL Injection
phpWebSite 'page_id' Parameter Cross-Site Scripting
phpWebSite - 'page_id' Parameter Cross-Site Scripting
Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection
VicBlog 'tag' Parameter SQL Injection
Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection
VicBlog - 'tag' Parameter SQL Injection
Kisanji 'gr' Parameter Cross-Site Scripting
Kisanji - 'gr' Parameter Cross-Site Scripting
Joomla! 'com_biitatemplateshop' Component 'groups' Parameter SQL Injection
Joomla! 'com_biitatemplateshop' Component - 'groups' Parameter SQL Injection
Vanira CMS 'vtpidshow' Parameter SQL Injection
Vanira CMS - 'vtpidshow' Parameter SQL Injection
Joomla! 'com_expedition' Component 'id' Parameter SQL Injection
Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection
Joomla! 'com_tree' Component 'key' Parameter SQL Injection
Joomla! 'com_br' Component 'state_id' Parameter SQL Injection
Joomla! 'com_shop' Component 'id' Parameter SQL Injection
Joomla! 'com_tree' Component - 'key' Parameter SQL Injection
Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection
Joomla! 'com_shop' Component - 'id' Parameter SQL Injection
Splunk 4.1.6 'segment' Parameter Cross-Site Scripting
Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting
Multiple Cisco Products 'file' Parameter Directory Traversal
Multiple Cisco Products - 'file' Parameter Directory Traversal
IBSng B1.34(T96) 'str' Parameter Cross-Site Scripting
IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting
SmartJobBoard 'keywords' Parameter Cross-Site Scripting
SmartJobBoard - 'keywords' Parameter Cross-Site Scripting
Joomla Content Component 'year' Parameter SQL Injection
Joomla Content Component - 'year' Parameter SQL Injection
Webistry 1.6 'pid' Parameter SQL Injection
Webistry 1.6 - 'pid' Parameter SQL Injection
WordPress Skysa App Bar Plugin 'idnews' Parameter Cross-Site Scripting
WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting
Video Community Portal 'userID' Parameter SQL Injection
Video Community Portal - 'userID' Parameter SQL Injection
PHP Booking Calendar 10e 'page_info_message' Parameter Cross-Site Scripting
Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection
PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting
Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection
Joomla! 'com_caproductprices' Component 'id' Parameter SQL Injection
Joomla! 'com_caproductprices' Component - 'id' Parameter SQL Injection
GraphicsClone Script 'term' parameter Cross-Site Scripting
GraphicsClone Script - 'term' parameter Cross-Site Scripting
PostNuke pnAddressbook Module 'id' Parameter SQL Injection
PostNuke pnAddressbook Module - 'id' Parameter SQL Injection
Joomla! 'com_br' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion
Joomla! Full 'com_full' Component 'id' Parameter SQL Injection
Joomla! Full 'com_full' Component - 'id' Parameter SQL Injection
Joomla! 'com_xball' Component 'team_id' Parameter SQL Injection
Joomla! 'com_boss' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_xball' Component - 'team_id' Parameter SQL Injection
Joomla! 'com_boss' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_some' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_kp' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_some' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion
Ultimate Locator 'radius' Parameter SQL Injection
Joomla! 'com_jesubmit' Component 'index.php' Arbitrary File Upload
Ultimate Locator - 'radius' Parameter SQL Injection
Joomla! 'com_jesubmit' Component - 'index.php' Arbitrary File Upload
Joomla! 'com_motor' Component 'cid' Parameter SQL Injection
Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection
Joomla! 'com_firmy' Component 'Id' Parameter SQL Injection
Joomla! 'com_firmy' Component - 'Id' Parameter SQL Injection
Joomla! 'com_crhotels' Component 'catid' Parameter SQL Injection
Joomla! 'com_propertylab' Component 'id' Parameter SQL Injection
Joomla! 'com_crhotels' Component - 'catid' Parameter SQL Injection
Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection
Joomla! 'com_cmotour' Component 'id' Parameter SQL Injection
Joomla! 'com_cmotour' Component - 'id' Parameter SQL Injection
Joomla! 'com_bnf' Component 'seccion_id' Parameter SQL Injection
Joomla! 'com_bnf' Component - 'seccion_id' Parameter SQL Injection
Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting
Joomla! Currency Converter Component - 'from' Parameter Cross-Site Scripting
RabbitWiki 'title' Parameter Cross-Site Scripting
RabbitWiki - 'title' Parameter Cross-Site Scripting
Zimbra 'view' Parameter Cross-Site Scripting
Zimbra - 'view' Parameter Cross-Site Scripting
SMW+ 1.5.6 'target' Parameter HTML Injection
SMW+ 1.5.6 - 'target' Parameter HTML Injection
ProWiki 'id' Parameter Cross-Site Scripting
ProWiki - 'id' Parameter Cross-Site Scripting
Tiki Wiki CMS Groupware 'url' Parameter URI Redirection
Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection
Impulsio CMS 'id' Parameter SQL Injection
Impulsio CMS - 'id' Parameter SQL Injection
Joomla! X-Shop Component 'idd' Parameter SQL Injection
Joomla! X-Shop Component - 'idd' Parameter SQL Injection
Joomla! 'com_xvs' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_xvs' Component - 'controller' Parameter Local File Inclusion
starCMS 'q' Parameter URI Cross-Site Scripting
starCMS - 'q' Parameter URI Cross-Site Scripting
JPM Article Script 6 'page2' Parameter SQL Injection
JPM Article Script 6 - 'page2' Parameter SQL Injection
LeKommerce 'id' Parameter SQL Injection
LeKommerce - 'id' Parameter SQL Injection
Event Calendar PHP 'cal_year' Parameter Cross-Site Scripting
Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting
XM Forum 'id' Parameter Multiple SQL Injection
Uiga FanClub 'p' Parameter SQL Injection
XM Forum - 'id' Parameter Multiple SQL Injection
Uiga FanClub - 'p' Parameter SQL Injection
WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross-Site Scripting
WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting
Ramui Forum Script 'query' Parameter Cross-Site Scripting
Ramui Forum Script - 'query' Parameter Cross-Site Scripting
GD Star Rating 1.9.16 'tpl_section' Parameter Cross-Site Scripting
GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
LongTail JW Player 'debug' Parameter Cross-Site Scripting
LongTail JW Player - 'debug' Parameter Cross-Site Scripting
Small-Cms 'hostname' Parameter Remote PHP Code Injection
Small-Cms - 'hostname' Parameter Remote PHP Code Injection
Joomla! Alphacontent Component 'limitstart' Parameter SQL Injection
Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection
Flogr 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities
Flogr - 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities
e107 Image Gallery Plugin 'name' Parameter Remote File Disclosure
e107 Image Gallery Plugin - 'name' Parameter Remote File Disclosure
Joomla! 'com_szallasok' Component 'id' Parameter SQL Injection
Joomla! 'com_szallasok' Component - 'id' Parameter SQL Injection
SWFUpload 'movieName' Parameter Cross-Site Scripting
SWFUpload - 'movieName' Parameter Cross-Site Scripting
WordPress SocialFit Plugin 'msg' Parameter Cross-Site Scripting
WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting
WordPress church_admin Plugin 'id' parameter Cross-Site Scripting
WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting
WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting
WordPress church_admin Plugin - 'id' parameter Cross-Site Scripting
sflog! 'section' Parameter Local File Inclusion
sflog! - 'section' Parameter Local File Inclusion
WebsitePanel 'ReturnUrl' Parameter URI Redirection
WebsitePanel - 'ReturnUrl' Parameter URI Redirection
WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Inclusion
web@all 'name' Parameter Cross-Site Scripting
WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion
web@all - 'name' Parameter Cross-Site Scripting
Joomla! 'com_hello' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion
REDAXO 'subpage' Parameter Cross-Site Scripting
Joomla Odudeprofile component 'profession' Parameter SQL Injection
REDAXO - 'subpage' Parameter Cross-Site Scripting
Joomla Odudeprofile component - 'profession' Parameter SQL Injection
BarCodeWiz 'BarcodeWiz.dll' ActiveX Control 'Barcode' Method Remote Buffer Overflow
BarCodeWiz 'BarcodeWiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow
JW Player 'playerready' Parameter Cross-Site Scripting
eNdonesia 'cid' Parameter SQL Injection
JW Player - 'playerready' Parameter Cross-Site Scripting
eNdonesia - 'cid' Parameter SQL Injection
ntop 'arbfile' Parameter Cross-Site Scripting
ntop - 'arbfile' Parameter Cross-Site Scripting
Elefant CMS 'id' Parameter Cross-Site Scripting
Elefant CMS - 'id' Parameter Cross-Site Scripting
YT-Videos Script 'id' Parameter SQL Injection
YT-Videos Script - 'id' Parameter SQL Injection
GetSimple 'path' Parameter Local File Inclusion
GetSimple - 'path' Parameter Local File Inclusion
LISTSERV 16 'SHOWTPL' Parameter Cross-Site Scripting
LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting
JPM Article Blog Script 6 'tid' Parameter Cross-Site Scripting
JPM Article Blog Script 6 - 'tid' Parameter Cross-Site Scripting
KindEditor 'name' Parameter Cross-Site Scripting
KindEditor - 'name' Parameter Cross-Site Scripting
PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Inclusion
PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion
JW Player 'logo.link' Parameter Cross-Site Scripting
JW Player - 'logo.link' Parameter Cross-Site Scripting
PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion
Joomla! Komento Component 'cid' Parameter SQL Injection
PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion
Joomla! Komento Component - 'cid' Parameter SQL Injection
WordPress Cloudsafe365 Plugin 'file' Parameter Remote File Disclosure
WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure
Wiki Web Help 'configpath' Parameter Remote File Inclusion
Wiki Web Help - 'configpath' Parameter Remote File Inclusion
LiteSpeed Web Server 'gtitle' parameter Cross-Site Scripting
LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting
WordPress Download Monitor Plugin 'dlsearch' Parameter Cross-Site Scripting
WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting
FBDj 'id' Parameter SQL Injection
FBDj - 'id' Parameter SQL Injection
vBSEO 'u' parameter Cross-Site Scripting
vBSEO - 'u' parameter Cross-Site Scripting
WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Inclusion
WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion
TAGWORX.CMS 'cid' Parameter SQL Injection
TAGWORX.CMS - 'cid' Parameter SQL Injection
WordPress Video Lead Form Plugin 'errMsg' Parameter Cross-Site Scripting
WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting
WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting
WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting
Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting
Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting
WordPress ABC Test Plugin 'id' Parameter Cross-Site Scripting
WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting
Open Realty 'select_users_lang' Parameter Local File Inclusion
Open Realty - 'select_users_lang' Parameter Local File Inclusion
FirePass 7.0 SSL VPN 'refreshURL' Parameter URI Redirection
FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection
SMF 'view' Parameter Cross-Site Scripting
SMF - 'view' Parameter Cross-Site Scripting
Gramophone 'rs' Parameter Cross-Site Scripting
Gramophone - 'rs' Parameter Cross-Site Scripting
Joomla! com_parcoauto Component 'idVeicolo' Parameter SQL Injection
Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection
OrangeHRM 'sortField' Parameter SQL Injection
WordPress FLV Player Plugin 'id' Parameter SQL Injection
OrangeHRM - 'sortField' Parameter SQL Injection
WordPress FLV Player Plugin - 'id' Parameter SQL Injection
WordPress Kakao Theme 'ID' Parameter SQL Injection
WordPress PHP Event Calendar Plugin 'cid' Parameter SQL Injection
WordPress Eco-annu Plugin 'eid' Parameter SQL Injection
WordPress Kakao Theme - 'ID' Parameter SQL Injection
WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection
WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection
WordPress Dailyedition-mouss Theme 'id' Parameter SQL Injection
WordPress Tagged Albums Plugin 'id' Parameter SQL Injection
WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection
WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection
Omni-Secure 'dir' Parameter Multiple File Disclosure Vulnerabilities
Friends in War The FAQ Manager 'question' Parameter SQL Injection
Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities
Friends in War The FAQ Manager - 'question' Parameter SQL Injection
openSIS 'modname' Parameter Local File Inclusion
openSIS - 'modname' Parameter Local File Inclusion
WordPress Madebymilk Theme 'id' Parameter SQL Injection
WordPress Madebymilk Theme - 'id' Parameter SQL Injection
WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload
WordPress Webplayer Plugin 'id' Parameter SQL Injection
WordPress Plg Novana Plugin 'id' Parameter SQL Injection
WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload
WordPress Webplayer Plugin - 'id' Parameter SQL Injection
WordPress Plg Novana Plugin - 'id' Parameter SQL Injection
WordPress Magazine Basic Theme 'id' Parameter SQL Injection
WordPress Magazine Basic Theme - 'id' Parameter SQL Injection
WordPress Ads Box Plugin 'count' Parameter SQL Injection
WordPress Ads Box Plugin - 'count' Parameter SQL Injection
Forescout CounterACT 'a' Parameter Open Redirection
WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection
Forescout CounterACT - 'a' Parameter Open Redirection
WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection
WordPress Toolbox Theme 'mls' Parameter SQL Injection
Elastix 'page' Parameter Cross-Site Scripting
TinyMCPUK 'test' Parameter Cross-Site Scripting
WordPress Toolbox Theme - 'mls' Parameter SQL Injection
Elastix - 'page' Parameter Cross-Site Scripting
TinyMCPUK - 'test' Parameter Cross-Site Scripting
WordPress Zingiri Forums Plugin 'language' Parameter Local File Inclusion
WordPress Nest Theme 'codigo' Parameter SQL Injection
Sourcefabric Newscoop 'f_email' Parameter SQL Injection
WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion
WordPress Nest Theme - 'codigo' Parameter SQL Injection
Sourcefabric Newscoop - 'f_email' Parameter SQL Injection
FOOT Gestion 'id' Parameter SQL Injection
FOOT Gestion - 'id' Parameter SQL Injection
PHP Address Book 'group' Parameter Cross-Site Scripting
PHP Address Book - 'group' Parameter Cross-Site Scripting
Joomla! ZT Autolinks Component 'controller' Parameter Local File Inclusion
Joomla! Bit Component 'controller' Parameter Local File Inclusion
Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion
Joomla! Bit Component - 'controller' Parameter Local File Inclusion
MyBB Transactions Plugin 'transaction' Parameter SQL Injection
MyBB Transactions Plugin - 'transaction' Parameter SQL Injection
WHM 'filtername' Parameter Cross-Site Scripting
WHM - 'filtername' Parameter Cross-Site Scripting
Havalite CMS 'comment' Parameter HTML Injection
Havalite CMS - 'comment' Parameter HTML Injection
WordPress NextGEN Gallery Plugin 'test-head' Parameter Cross-Site Scripting
WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting
WordPress Gallery Plugin 'filename_1' Parameter Remote Arbitrary File Access
WordPress Gallery Plugin - 'filename_1' Parameter Remote Arbitrary File Access
phpLiteAdmin 'table' Parameter SQL Injection
IP.Gallery 'img' Parameter SQL Injection
phpLiteAdmin - 'table' Parameter SQL Injection
IP.Gallery - 'img' Parameter SQL Injection
gpEasy CMS 'section' Parameter Cross-Site Scripting
gpEasy CMS - 'section' Parameter Cross-Site Scripting
iCart Pro 'section' Parameter SQL Injection
iCart Pro - 'section' Parameter SQL Injection
WordPress WP-Table Reloaded Plugin 'id' Parameter Cross-Site Scripting
WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting
WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross-Site Scripting
WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting
WordPress Audio Player Plugin 'playerID' Parameter Cross-Site Scripting
WordPress Pinboard Theme 'tab' Parameter Cross-Site Scripting
WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting
WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting
Squirrelcart 'table' Parameter Cross-Site Scripting
Squirrelcart - 'table' Parameter Cross-Site Scripting
OpenEMR 'site' Parameter Cross-Site Scripting
OpenEMR - 'site' Parameter Cross-Site Scripting
WordPress Uploader Plugin 'blog' Parameter Cross-Site Scripting
WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting
WordPress Count Per Day Plugin 'daytoshow' Parameter Cross-Site Scripting
WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting
WordPress podPress Plugin 'playerID' Parameter Cross-Site Scripting
WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting
Jaow CMS 'add_ons' Parameter Cross-Site Scripting
Jaow CMS - 'add_ons' Parameter Cross-Site Scripting
WordPress Feedweb Plugin 'wp_post_id' Parameter Cross-Site Scripting
WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting
Symphony 'sort' Parameter SQL Injection
Symphony - 'sort' Parameter SQL Injection
WordPress Traffic Analyzer Plugin 'aoid' Parameter Cross-Site Scripting
WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting
WordPress Spiffy XSPF Player Plugin 'playlist_id' Parameter SQL Injection
WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection
WordPress Spider Video Player Plugin 'theme' Parameter SQL Injection
Request Tracker 'ShowPending' Parameter SQL Injection
WordPress Spider Video Player Plugin - 'theme' Parameter SQL Injection
Request Tracker - 'ShowPending' Parameter SQL Injection
Fork CMS 'file' Parameter Local File Inclusion
Fork CMS - 'file' Parameter Local File Inclusion
WordPress wp-FileManager Plugin 'path' Parameter Arbitrary File Download
Open Flash Chart 'get-data' Parameter Cross-Site Scripting
WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download
Open Flash Chart - 'get-data' Parameter Cross-Site Scripting
Jojo CMS 'search' Parameter Cross-Site Scripting
Jojo CMS - 'search' Parameter Cross-Site Scripting
WordPress Ambience Theme 'src' Parameter Cross-Site Scripting
WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting
TaxiMonger for Android 'name' Parameter HTML Injection
TaxiMonger for Android - 'name' Parameter HTML Injection
ZamFoo 'date' Parameter Remote Command Injection
ZamFoo - 'date' Parameter Remote Command Injection
Xorbin Analog Flash Clock 'widgetUrl' Parameter Cross-Site Scripting
Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
WordPress WP Feed Plugin 'nid' Parameter SQL Injection
WordPress Category Grid View Gallery Plugin 'ID' Parameter Cross-Site Scripting
WordPress WP Feed Plugin - 'nid' Parameter SQL Injection
WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting
WordPress FlagEm Plugin 'cID' Parameter Cross-Site Scripting
WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting
Xibo 'layout' Parameter HTML Injection
Xibo - 'layout' Parameter HTML Injection
Flo CMS 'archivem' Parameter SQL Injection
Flo CMS - 'archivem' Parameter SQL Injection
eTransfer Lite 'file name' Parameter HTML Injection
WordPress mukioplayer4wp Plugin 'cid' Parameter SQL Injection
eTransfer Lite - 'file name' Parameter HTML Injection
WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection
Monstra CMS 'login' Parameter SQL Injection
Monstra CMS - 'login' Parameter SQL Injection
Joomla! JVideoClip Component 'uid' Parameter SQL Injection
Joomla! JVideoClip Component - 'uid' Parameter SQL Injection
WordPress WP-Realty Plugin 'listing_id' Parameter SQL Injection
WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection
Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload
Joomla! Maian15 Component - 'name' Parameter Arbitrary Shell Upload
Nagios XI 'tfPassword' Parameter SQL Injection
Nagios XI - 'tfPassword' Parameter SQL Injection
Enorth Webpublisher CMS 'thisday' Parameter SQL Injection
Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection
WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection
WordPress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection
eduTrac 'showmask' Parameter Directory Traversal
eduTrac - 'showmask' Parameter Directory Traversal
Veno File Manager 'q' Parameter Arbitrary File Download
Veno File Manager - 'q' Parameter Arbitrary File Download
Leed 'id' Parameter SQL Injection
Leed - 'id' Parameter SQL Injection
xBoard 'post' Parameter Local File Inclusion
xBoard - 'post' Parameter Local File Inclusion
i-doit Pro 'objID' Parameter SQL Injection
i-doit Pro - 'objID' Parameter SQL Injection
Joomla! Sexy Polling Extension 'answer_id' Parameter SQL Injection
Joomla! Sexy Polling Extension - 'answer_id' Parameter SQL Injection
XOS Shop 'goto' Parameter SQL Injection
XOS Shop - 'goto' Parameter SQL Injection
Eventum 'hostname' Parameter Remote Code Execution
Eventum - 'hostname' Parameter Remote Code Execution
WordPress Relevanssi Plugin 'category_name' Parameter SQL Injection
WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection
Professional Designer E-Store 'id' Parameter Multiple SQL Injection
Professional Designer E-Store - 'id' Parameter Multiple SQL Injection
MeiuPic 'ctl' Parameter Local File Inclusion
MeiuPic - 'ctl' Parameter Local File Inclusion
Jorjweb 'id' Parameter SQL Injection
qEngine 'run' Parameter Local File Inclusion
Jorjweb - 'id' Parameter SQL Injection
qEngine - 'run' Parameter Local File Inclusion
Seo Panel 'file' Parameter Directory Traversal
Seo Panel - 'file' Parameter Directory Traversal
ZeusCart 'prodid' Parameter SQL Injection
ZeusCart - 'prodid' Parameter SQL Injection
VoipSwitch 'action' Parameter Local File Inclusion
VoipSwitch - 'action' Parameter Local File Inclusion
Joomla! Spider Video Player Extension 'theme' Parameter SQL Injection
Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection
Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)
Microsoft Office Excel - Out-of-Bounds Read Remote Code Execution (MS16-042)
Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
FreePBX 13 / 14 - Remote Code Execution
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (2)
Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit
2016-08-14 05:06:43 +00:00
Offensive Security
832f9cf8b5
DB: 2016-08-11
...
10 new exploits
Nagios Network Analyzer 2.2.1 - Multiple CSRF
Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)
Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)
Microsoft Office Word 2007_2010_2013_2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF)
EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation
EyeLock nano NXT 3.5 - Local File Disclosure
EyeLock nano NXT 3.5 - Remote Root Exploit
WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities
SAP SAPCAR - Multiple Vulnerabilities
2016-08-11 05:08:59 +00:00
Offensive Security
428f25fc1c
DB: 2016-08-07
...
8 new exploits
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
ntop 2.3 <= 2.5 - Multiple Vulnerabilities
Subrion CMS 4.0.5 - SQL Injection
zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
PHP Power Browse 1.2 - Directory Traversal
Davolink DV-2051 - Multiple Vulnerabilities
WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
2016-08-07 02:36:02 +00:00
Offensive Security
d1e88dd6d0
DB: 2016-07-30
2016-07-30 07:05:01 +00:00
Offensive Security
09544fdd22
DB: 2016-07-29
2016-07-29 05:07:16 +00:00
Offensive Security