Offensive Security
b3a7c78388
DB: 2016-11-25
...
4 new exploits
Groupwise 7.0 - (mailto: scheme) Buffer Overflow (PoC)
Groupwise 7.0 - 'mailto: scheme' Buffer Overflow (PoC)
Remote Utilities Host 6.3 - Denial of Service
Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation (MS16-135)
GNU Wget < 1.18 - Access List Bypass / Race Condition
miniBB - 'user' Input Validation Hole
MiniBB 1.7f - 'user' Parameter SQL Injection
TR Newsportal 0.36tr1 - (poll.php) Remote File Inclusion
TR Newsportal 0.36tr1 - 'poll.php' Remote File Inclusion
PHP Forge 3 Beta 2 - (cfg_racine) Remote File Inclusion
PHP Forge 3 Beta 2 - 'cfg_racine' Parameter Remote File Inclusion
miniBB keyword_replacer 1.0 - (pathToFiles) File Inclusion
MiniBB keyword_replacer 1.0 - 'pathToFiles' Parameter File Inclusion
miniBB 2.0.2 - (bb_func_txt.php) Remote File Inclusion
MiniBB 2.0.2 - 'bb_func_txt.php' Remote File Inclusion
W1L3D4 philboard 0.2 - (W1L3D4_bolum.asp forumid) SQL Injection
W1L3D4 philboard 0.2 - 'W1L3D4_bolum.asp' SQL Injection
miniBB 2.1 - (table) SQL Injection
MiniBB 2.1 - 'table' Parameter SQL Injection
Joovili 3.0.6 - (joovili.images.php) Remote File Disclosure
Joovili 3.0.6 - 'joovili.images.php' Remote File Disclosure
Apartment Search Script - 'listtest.php r' SQL Injection
XOOPS Module Recipe - 'detail.php id' SQL Injection
Aterr 0.9.1 - (class) Local File Inclusion (PHP5)
W1L3D4 philboard 1.0 - (philboard_reply.asp) SQL Injection
Apartment Search Script - 'listtest.php' SQL Injection
XOOPS Module Recipe 2.2 - 'detail.php' SQL Injection
Aterr 0.9.1 - Local File Inclusion (PHP5)
W1L3D4 philboard 1.0 - 'philboard_reply.asp' SQL Injection
KubeLance 1.6.4 - (ipn.php i) Local File Inclusion
acidcat CMS 3.4.1 - Multiple Vulnerabilities
BlogWorx 1.0 - (view.asp id) SQL Injection
Crazy Goomba 1.2.1 - 'id' SQL Injection
RedDot CMS 7.5 - (LngId) SQL Injection
TR News 2.1 - (nb) SQL Injection
KubeLance 1.6.4 - 'ipn.php' Local File Inclusion
Acidcat CMS 3.4.1 - Multiple Vulnerabilities
BlogWorx 1.0 - 'id' Parameter SQL Injection
Crazy Goomba 1.2.1 - 'id' Parameter SQL Injection
RedDot CMS 7.5 - 'LngId' Parameter SQL Injection
TR News 2.1 - 'nb' Parameter SQL Injection
E RESERV 2.1 - (index.php ID_loc) SQL Injection
Joomla! Component Filiale 1.0.4 - (idFiliale) SQL Injection
E RESERV 2.1 - 'index.php' SQL Injection
Joomla! Component Filiale 1.0.4 - 'idFiliale' Parameter SQL Injection
minibb 2.2 - (Cross-Site Scripting / SQL Injection / Full Path Disclosure) Multiple Vulnerabilities
PostNuke Module PostSchedule - (eid) SQL Injection
MiniBB 2.2 - Cross-Site Scripting / SQL Injection / Full Path Disclosure
PostNuke Module PostSchedule 1.0 - 'eid' Parameter SQL Injection
Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Siteman 2.x - Code Execution / Local File Inclusion / Cross-Site Scripting
PHP Forge 3 Beta 2 - 'id' SQL Injection
PHP Forge 3 Beta 2 - 'id' Parameter SQL Injection
megabbs forum 2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Jokes Site Script - 'jokes.php?catagorie' SQL Injection
FluentCMS - 'view.php sid' SQL Injection
megabbs forum 2.2 - SQL Injection / Cross-Site Scripting
Jokes Site Script - 'jokes.php' SQL Injection
FluentCMS - 'view.php' SQL Injection
Prozilla Hosting Index - 'Directory.php cat_id' SQL Injection
Softbiz Web Host Directory Script (host_id) - SQL Injection
Joovili 3.1 - (browse.videos.php category) SQL Injection
Prozilla Hosting Index - 'cat_id' Parameter SQL Injection
Softbiz Web Host Directory Script - 'host_id' Parameter SQL Injection
Joovili 3.1 - 'browse.videos.php' SQL Injection
w1l3d4 philboard 1.2 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
W1L3D4 philboard 1.2 - Blind SQL Injection / Cross-Site Scripting
apartment search script - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
Apartment Search Script - Arbitrary File Upload / Cross-Site Scripting
Mini Web Calendar 1.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Mini Web Calendar 1.2 - File Disclosure / Cross-Site Scripting
Prozilla Hosting Index - 'id' SQL Injection
Prozilla Hosting Index - 'id' Parameter SQL Injection
web Calendar system 3.12/3.30 - Multiple Vulnerabilities
Web Calendar System 3.12/3.30 - Multiple Vulnerabilities
Web Calendar 4.1 - (Authentication Bypass) SQL Injection
Web Calendar 4.1 - Authentication Bypass
web Calendar system 3.40 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Web Calendar System 3.40 - Cross-Site Scripting / SQL Injection
KubeLance - 'profile.php?id' SQL Injection
KubeLance 1.7.6 - 'profile.php' SQL Injection
Clever Copy 2.0 - calendar.php Cross-Site Scripting
Clever Copy 2.0 - 'calendar.php' Cross-Site Scripting
Clever Copy 2.0 - results.php Multiple Parameter Cross-Site Scripting
Clever Copy 2.0 - categorysearch.php Multiple Parameter Cross-Site Scripting
Clever Copy 2.0 - 'results.php' Cross-Site Scripting
Clever Copy 2.0 - 'categorysearch.php' Cross-Site Scripting
Acidcat CMS 2.1.13 - default.asp ID Parameter SQL Injection
Acidcat CMS 2.1.13 - acidcat.mdb Remote Information Disclosure
Acidcat CMS 2.1.13 - 'ID' Parameter SQL Injection
Acidcat CMS 2.1.13 - 'acidcat.mdb' Remote Information Disclosure
ODFaq 2.1 - faq.php SQL Injection
ODFaq 2.1 - 'faq.php' SQL Injection
MiniBB 1.5 - news.php Remote File Inclusion
MiniBB 1.5 - 'news.php' Remote File Inclusion
W1L3D4 philboard 0.3 - W1L3D4_Aramasonuc.asp Cross-Site Scripting
W1L3D4 philboard 0.3 - Cross-Site Scripting
Proverbs Web Calendar 1.1 - Password Parameter SQL Injection
Proverbs Web Calendar 1.1 - 'Password' Parameter SQL Injection
Chimaera Project Aterr 0.9.1 - Multiple Local File Inclusion
miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting
miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion
MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusion
DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting
eZoneScripts Apartment Search Script - 'listtest.php' SQL Injection
miniBB 3.1 - Blind SQL Injection
MiniBB 3.1 - Blind SQL Injection
Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting
2016-11-25 05:01:20 +00:00
Offensive Security
dab1517032
DB: 2016-11-22
...
13 new exploits
Borland Interbase 2007 - ibserver.exe Buffer Overflow (PoC)
Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC)
Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22 / 3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
Microsoft Edge - 'CTextExtractor::GetBlockText' Out-of-Bounds Read (MS16-104)
Microsoft Internet Explorer 8 jscript - 'RegExpBase::FBadHeader' Use-After-Free (MS15-018)
NTP 4.2.8p8 - Denial of Service
Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow
Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow
Borland Interbase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)
Borland Interbase 2007 - 'PWD_db_aliased' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'open_marker_file' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - 'jrd8_create_database' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'INET_connect' Buffer Overflow (Metasploit)
Borland Interbase - isc_create_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - isc_attach_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_attach_database()' Buffer Overflow (Metasploit)
Borland Interbase - SVC_attach() Buffer Overflow (Metasploit)
Borland Interbase - 'SVC_attach()' Buffer Overflow (Metasploit)
Borland Interbase - Create-Request Buffer Overflow (Metasploit)
Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit)
Borland Interbase - PWD_db_aliased() Buffer Overflow (Metasploit)
Borland Interbase - open_marker_file() Buffer Overflow (Metasploit)
Borland Interbase - 'PWD_db_aliased()' Buffer Overflow (Metasploit)
Borland Interbase - 'open_marker_file()' Buffer Overflow (Metasploit)
Borland Interbase - jrd8_create_database() Buffer Overflow (Metasploit)
Borland Interbase - INET_connect() Buffer Overflow (Metasploit)
Borland Interbase - 'jrd8_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - 'INET_connect()' Buffer Overflow (Metasploit)
Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
phpunity.postcard - (gallery_path) Remote File Inclusion
phpunity.postcard - 'gallery_path' Parameter Remote File Inclusion
CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion
CcMail 1.0.1 - 'functions_dir' Parameter Remote File Inclusion
1024 CMS 0.7 - (download.php item) Remote File Disclosure
1024 CMS 0.7 - 'download.php' Remote File Disclosure
cpCommerce 1.1.0 - (category.php id_category) SQL Injection
CPCommerce 1.1.0 - 'id_category' Parameter SQL Injection
1024 CMS 1.3.1 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
1024 CMS 1.3.1 - Local File Inclusion / SQL Injection
Mole 2.1.0 - (viewsource.php) Remote File Disclosure
ChartDirector 4.1 - (viewsource.php) File Disclosure
724CMS 4.01 Enterprise - (index.php ID) SQL Injection
My Gaming Ladder 7.5 - (ladderid) SQL Injection
Mole 2.1.0 - 'viewsource.php' Remote File Disclosure
ChartDirector 4.1 - 'viewsource.php' File Disclosure
724CMS 4.01 Enterprise - 'index.php' SQL Injection
My Gaming Ladder 7.5 - 'ladderid' Parameter SQL Injection
exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities
Pligg CMS 9.9.0 - (editlink.php id) SQL Injection
ExBB 0.22 - Local / Remote File Inclusion
Pligg CMS 9.9.0 - 'editlink.php' SQL Injection
Prediction Football 1.x - (matchid) SQL Injection
Prediction Football 1.x - 'matchid' Parameter SQL Injection
Free Photo Gallery Site Script - (path) File Disclosure
Free Photo Gallery Site Script - 'path' Parameter File Disclosure
LiveCart 1.1.1 - (category id) Blind SQL Injection
Ksemail - 'index.php language' Local File Inclusion
LiveCart 1.1.1 - 'id' Parameter Blind SQL Injection
Ksemail - Local File Inclusion
RX Maxsoft - 'popup_img.php fotoID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
RX Maxsoft - 'fotoID' Parameter SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' Parameter SQL Injection
Pollbooth 2.0 - (pollID) SQL Injection
cpcommerce 1.1.0 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Pollbooth 2.0 - 'pollID' Parameter SQL Injection
CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion
SmallBiz eShop - (content_id) SQL Injection
SmallBiz eShop - 'content_id' Parameter SQL Injection
lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection
PostcardMentor - 'cat_fldAuto' Parameter SQL Injection
Pligg CMS 9.9.0 - (story.php id) SQL Injection
Pligg CMS 9.9.0 - 'story.php' SQL Injection
LokiCMS 0.3.4 - writeconfig() Remote Command Execution
LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution
cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
CPCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
cpCommerce 1.2.8 - (id_document) Blind SQL Injection
CPCommerce 1.2.8 - 'id_document' Parameter Blind SQL Injection
cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion
CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion
ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure
ChartDirector 5.0.1 - 'cacheId' Parameter Arbitrary File Disclosure
Pligg CMS 1.0.4 - (story.php?id) SQL Injection
Pligg CMS 1.0.4 - 'story.php' SQL Injection
724CMS 4.59 Enterprise - SQL Injection
724CMS Enterprise 4.59 - SQL Injection
lightneasy 3.2.2 - Multiple Vulnerabilities
LightNEasy 3.2.2 - Multiple Vulnerabilities
My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure
My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure
Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injection
Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection
PhotoKorn 1.53/1.54 - postcard.php id Parameter SQL Injection
PhotoKorn 1.53/1.54 - 'id' Parameter SQL Injection
CPCommerce 1.1 - Manufacturer.php SQL Injection
CPCommerce 1.1 - 'manufacturer.php' SQL Injection
LiveCart 1.0.1 - user/remindPassword return Parameter Cross-Site Scripting
LiveCart 1.0.1 - category q Parameter Cross-Site Scripting
LiveCart 1.0.1 - order return Parameter Cross-Site Scripting
LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'q' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'email' Parameter Cross-Site Scripting
Pligg CMS 1.x - module.php Multiple Parameter Cross-Site Scripting
Pligg CMS 1.x - 'module.php' Multiple Parameter Cross-Site Scripting
Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection
Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection
CMS Made Simple 2.1.5 - Cross-Site Scripting
Atlassian Confluence AppFusions Doxygen 1.3.0 - Directory Traversal
WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery
Mezzanine 4.2.0 - Cross-Site Scripting
LEPTON 2.2.2 - SQL Injection
LEPTON 2.2.2 - Remote Code Execution
FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery
FUDforum 3.0.6 - Local File Inclusion
Wordpress Plugin Olimometer 2.56 - SQL Injection
2016-11-22 05:01:18 +00:00
Offensive Security
b22e31535e
DB: 2016-11-18
...
3 new exploits
Winamp 5.21 - (Midi File Header Handling) Buffer Overflow (PoC)
Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC)
Nullsoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC)
NullSoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC)
Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)
Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)
Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC)
Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow (PoC)
WinAmp GEN_MSN Plugin - Heap Buffer Overflow (PoC)
Winamp GEN_MSN Plugin - Heap Buffer Overflow (PoC)
Winamp 5.572 - whatsnew.txt Stack Overflow (PoC)
Winamp 5.572 - 'whatsnew.txt' Stack Overflow (PoC)
Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow
NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow
WinAmp 5.63 - Invalid Pointer Dereference
WinAmp 5.63 - Stack Based Buffer Overflow
Winamp 5.63 - Invalid Pointer Dereference
Winamp 5.63 - Stack Based Buffer Overflow
Winamp 5.666 build 3516 - (Corrupted flv) Crash (PoC)
Winamp 5.666 build 3516 - Corrupted .flv Crash (PoC)
Microsoft Edge - 'eval' Type Confusion
Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow
NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow
SCO UnixWare < 7.1.4 p534589 - (pkgadd) Privilege Escalation
SCO UnixWare Reliant HA - Privilege Escalation
SCO UnixWare Merge - mcd Privilege Escalation
Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow
SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Privilege Escalation
SCO UnixWare Reliant HA 1.1.4 - Privilege Escalation
SCO UnixWare Merge - 'mcd' Privilege Escalation
Winamp 5.05-5.13 - '.ini' Local Stack Buffer Overflow (PoC)
Winamp 5.05<5.13 - '.ini' Local Stack Buffer Overflow (PoC)
Winamp 5.572 - whatsnew.txt Stack Overflow
Winamp 5.572 - whatsnew.txt Local Buffer Overflow (Windows XP SP3 DE)
Winamp 5.572 - 'whatsnew.txt' Stack Overflow
Winamp 5.572 (Windows XP SP3 DE) - 'whatsnew.txt' Local Buffer Overflow
Winamp 5.572 - whatsnew.txt SEH (Metasploit)
Winamp 5.572 - 'whatsnew.txt' SEH (Metasploit)
Winamp 5.572 - Local Buffer Overflow (Windows 7 ASLR + DEP Bypass)
Winamp 5.572 (Windows 7) - Local Buffer Overflow (ASLR + DEP Bypass)
Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking
NullSoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking
WinAmp 5.63 - (winamp.ini) Local Exploit
Winamp 5.63 - 'winamp.ini' Local Exploit
Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation
Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)
Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)
Nullsoft Winamp 2.x - AIP Buffer Overflow
NullSoft Winamp 2.x - AIP Buffer Overflow
Nullsoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow
NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow
winamp Web interface 7.5.13 - Multiple Vulnerabilities
Winamp Web interface 7.5.13 - Multiple Vulnerabilities
Nullsoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow
NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow
LinPHA 1.3.1 - (new_images.php) Blind SQL Injection
LinPHA 1.3.1 - 'new_images.php' Blind SQL Injection
KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection
KwsPHP Module jeuxflash 1.0 - 'id' Parameter SQL Injection
KwsPHP 1.0 - Newsletter Module SQL Injection
KwsPHP 1.0 Module Newsletter - SQL Injection
DaZPHP 0.1 - (prefixdir) Local File Inclusion
PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion
KwsPHP Module Galerie - (id_gal) SQL Injection
KwsPHP Module Archives - 'id' SQL Injection
KwsPHP Module jeuxflash (cat) 1.0 - SQL Injection
KwsPHP Module ConcoursPhoto - (C_ID) SQL Injection
XPOZE Pro 3.05 - (reed) SQL Injection
Vastal I-Tech Software Zone - 'cat_id' SQL Injection
sabros.us 1.75 - (thumbnails.php) Remote File Disclosure
Comdev News Publisher - SQL Injection
Affiliate Directory - 'cat_id' SQL Injection
PHP Photo Gallery 1.0 - (photo_id) SQL Injection
Blogator-script 0.95 - (incl_page) Remote File Inclusion
PIGMy-SQL 1.4.1 - (getdata.php id) Blind SQL Injection
Blogator-script 0.95 - (id_art) SQL Injection
Dragoon 0.1 - (lng) Local File Inclusion
DaZPHP 0.1 - 'prefixdir' Parameter Local File Inclusion
PhpBlock a8.4 - 'PATH_TO_CODE' Parameter Remote File Inclusion
KwsPHP 1.3.456 Module Galerie - 'id_gal' Parameter SQL Injection
KwsPHP 1.3.456 Module Archives - 'id' Parameter SQL Injection
KwsPHP Module jeuxflash 1.0 - 'cat' Parameter SQL Injection
KwsPHP Module ConcoursPhoto 2.0 - 'C_ID' Parameter SQL Injection
XPOZE Pro 3.05 - 'reed' Parameter SQL Injection
Vastal I-Tech Software Zone - 'cat_id' Parameter SQL Injection
Sabros.us 1.75 - 'thumbnails.php' Remote File Disclosure
Comdev News Publisher 4.1.2 - SQL Injection
Affiliate Directory - 'cat_id' Parameter SQL Injection
PHP Photo Gallery 1.0 - 'photo_id' Parameter SQL Injection
Blogator-script 0.95 - 'incl_page' Parameter Remote File Inclusion
PIGMy-SQL 1.4.1 - 'getdata.php' Blind SQL Injection
Blogator-script 0.95 - 'id_art' Parameter SQL Injection
Dragoon 0.1 - 'lng' Parameter Local File Inclusion
Easynet Forum Host - 'forum.php forum' SQL Injection
CoBaLT 0.1 - Multiple SQL Injections
Gaming Directory 1.0 - 'cat_id' SQL Injection
Easynet Forum Host - 'forum.php' SQL Injection
Cobalt 0.1 - Multiple SQL Injections
Gaming Directory 1.0 - 'cat_id' Parameter SQL Injection
Links Directory 1.1 - 'cat_id' SQL Injection
Software Index 1.1 - 'cid' SQL Injection
Links Directory 1.1 - 'cat_id' Parameter SQL Injection
Software Index 1.1 - 'cid' Parameter SQL Injection
Blog PixelMotion - 'index.php categorie' SQL Injection
Site Sift Listings - 'id' SQL Injection
Blog PixelMotion - 'categorie' Parameter SQL Injection
Site Sift Listings - 'id' Parameter SQL Injection
Prozilla Forum Service - 'forum.php forum' SQL Injection
Prozilla Forum Service - 'forum' Parameter SQL Injection
Prozilla Freelancers - (project) SQL Injection
Prozilla Freelancers - 'project' Parameter SQL Injection
LinPHA 1.3.3 - (maps plugin) Remote Command Execution
Dragoon 0.1 - (root) Remote File Inclusion
LinPHA 1.3.3 Plugin Maps - Remote Command Execution
Dragoon 0.1 - 'root' Parameter Remote File Inclusion
k-links directory - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
k-links directory - SQL Injection / Cross-Site Scripting
SFS Affiliate Directory - 'id' SQL Injection
Affiliate Directory - 'id' Parameter SQL Injection
SFS EZ Gaming Directory - 'Directory.php id' SQL Injection
SFS EZ Gaming Directory - 'directory.php' SQL Injection
SFS EZ Gaming Directory - 'cat_id' SQL Injection
SFS EZ Gaming Directory - 'cat_id' Parameter SQL Injection
LinPHA 1.3.2 - (rotate.php) Remote Command Execution
LinPHA 1.3.2 - 'rotate.php' Remote Command Execution
cobalt qube webmail 1.0 - Directory Traversal
Cobalt Qube Webmail 1.0 - Directory Traversal
LinPHA 0.9.x/1.0 - 'index.php' lang Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion
LinPHA 0.9.x/1.0 - 'lang' Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - 'install.php' Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion
LinPHA 1.1 - Multiple Cross-Site Scripting Vulnerabilities
Drake CMS 0.2 - 'index.php' Cross-Site Scripting
Sabros.US 1.7 - 'index.php' Cross-Site Scripting
Drake CMS 0.3.7 - 404.php Local File Inclusion
Drake CMS 0.3.7 - '404.php' Local File Inclusion
Drake CMS 0.4.9 - 'index.php' Cross-Site Scripting
Blogator-script 0.95 - 'bs_auth.php' Cross-Site Scripting
CoBaLT 2.0 - 'adminler.asp' SQL Injection
Cobalt 2.0 - 'adminler.asp' SQL Injection
VisualPic 0.3.1 - Cross-Site Scripting
LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting
LinPHA 1.3.2/1.3.3 - new_images.php Cross-Site Scripting
Software Index - 'signinform.php' Cross-Site Scripting
CMSimple 4.4.4 - Remote file Inclusion
CMSimple 4.4.4 - Remote File Inclusion
Wordpress Plugin Answer My Question 1.3 - SQL Injection
Wordpress Plugin Sirv 1.3.1 - SQL Injection
2016-11-18 05:01:22 +00:00
Offensive Security
e1c4e9e1ec
DB: 2016-11-17
...
3 new exploits
Redhat 6.1 / 6.2 - TTY Flood Users Exploit
RedHat 6.1 / 6.2 - TTY Flood Users Exploit
Microsoft Windows - Kernel ANI File Parsing Crash
Microsoft Windows Kernel - '.ANI' File Parsing Crash
PunBB 2.0.10 - (Register Multiple Users) Denial Of Service
PunBB 2.0.10 - (Register Multiple Users) Denial of Service
Apple Mac OSX 10.4.x - Kernel shared_region_map_file_np() Memory Corruption
Apple Mac OSX 10.4.x Kernel - shared_region_map_file_np() Memory Corruption
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service
MailEnable Professional/Enterprise 2.37 - Denial Of Service
MailEnable Professional/Enterprise 2.37 - Denial of Service
Apple Mac OSX 10.4.x - Kernel i386_set_ldt() Integer Overflow (PoC)
Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial of Service
snircd 1.3.4 - (send_user_mode) Denial of Service
MPlayer - sdpplin_parse() Array Indexing Buffer Overflow (PoC)
Snircd 1.3.4 - 'send_user_mode' Denial of Service
MPlayer 1.0 rc2 - 'sdpplin_parse()' Array Indexing Buffer Overflow (PoC)
LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial Of Service)
LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial of Service)
ZoIPer 2.22 - Call-Info Remote Denial Of Service
ZoIPer 2.22 - Call-Info Remote Denial of Service
Dualis 20.4 - '.bin' Local Denial Of Service
Dualis 20.4 - '.bin' Local Denial of Service
Dolphin 2.0 - '.elf' Local Denial Of Service
Dolphin 2.0 - '.elf' Local Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server 1.10.3 (build 144) - Denial of Service
Red Hat Linux - stickiness of /tmp Exploit
RedHat Linux - Stickiness of /tmp Exploit
Apple Mac OSX < 10.6.7 - Kernel Panic Exploit
Apple Mac OSX < 10.6.7 - Kernel Panic
Red Hat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service
RedHat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service
Titan FTP Server 3.0 - 'LIST' Command Denial Of Service
Titan FTP Server 3.0 - 'LIST' Command Denial of Service
Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Service
Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial of Service
I Hear U 0.5.6 - Multiple Remote Denial Of Service Vulnerabilities
I Hear U 0.5.6 - Multiple Remote Denial of Service Vulnerabilities
Microsoft Windows Explorer - '.png' Image Local Denial Of Service
Microsoft Windows Explorer - '.png' Image Local Denial of Service
Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial Of Service
Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial of Service
MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service
MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial of Service
PHP 5.2.5 - Multiple GetText functions Denial Of Service Vulnerabilities
PHP 5.2.5 - Multiple GetText functions Denial of Service Vulnerabilities
LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial Of Service
LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial of Service
Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial Of Service
Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial of Service
Sami FTP Server 2.0.x - Multiple Commands Remote Denial Of Service Vulnerabilities
Sami FTP Server 2.0.x - Multiple Commands Remote Denial of Service Vulnerabilities
SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial Of Service
SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial of Service
RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial Of Service
RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial of Service
MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service
snircd 1.3.4 And ircu 2.10.12.12 - 'set_user_mode' Remote Denial of Service
MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial of Service
SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service / Memory Corruption Vulnerabilities
Microsoft Windows XP/Vista/2000/2003/2008 - Kernel Usermode Callback Privilege Escalation (1)
SLMail Pro 6.3.1.0 - Multiple Remote Denial of Service / Memory Corruption Vulnerabilities
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1)
SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial Of Service
SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service
Apple iCal 3.0.1 - 'ATTACH' Parameter Denial Of Service
Apple iCal 3.0.1 - 'ATTACH' Parameter Denial of Service
WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service
WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service
Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service
Computer Associates ARCserve Backup Discovery Service Remote - Denial of Service
Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service
Microsoft Excel 2007 - JavaScript Code Remote Denial of Service
GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service
GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial of Service
GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial Of Service
GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial of Service
SWAT 4 - Multiple Denial Of Service Vulnerabilities
SWAT 4 - Multiple Denial of Service Vulnerabilities
Unreal Tournament 3 - Denial Of Service / Memory Corruption
Unreal Tournament 3 - Denial of Service / Memory Corruption
Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities
Combat Evolved 1.0.7.0615 - Multiple Denial of Service Vulnerabilities
Noticeware Email Server 4.6 - NG LOGIN Messages Denial Of Service
Noticeware Email Server 4.6 - NG LOGIN Messages Denial of Service
Ruby 1.9 - REXML Remote Denial Of Service
Ruby 1.9 - REXML Remote Denial of Service
Red Hat 8/9 - Directory Server Crafted Search Pattern Denial of Service
RedHat 8/9 - Directory Server Crafted Search Pattern Denial of Service
MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service
MySQL 6.0.4 - Empty Binary String Literal Remote Denial of Service
Mass Downloader - Malformed Executable Denial Of Service
Mass Downloader - Malformed Executable Denial of Service
Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service
Zope 2.11.2 - PythonScript Multiple Remote Denial Of Service Vulnerabilities
Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service
Zope 2.11.2 - PythonScript Multiple Remote Denial of Service Vulnerabilities
GeSHi 1.0.x - XML Parsing Remote Denial Of Service
GeSHi 1.0.x - XML Parsing Remote Denial of Service
Symbian S60 - Malformed SMS/Mms Remote Denial Of Service
Symbian S60 - Malformed SMS/Mms Remote Denial of Service
InfraRecorder 0.53 - Memory Corruption (Denial Of Service)
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service
InfraRecorder 0.53 - Memory Corruption (Denial of Service)
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service
QNX RTOS 6.4 - Malformed ELF Binary File Local Denial Of Service
QNX RTOS 6.4 - Malformed ELF Binary File Local Denial of Service
Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial Of Service
PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial Of Service
Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service
PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service
Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial Of Service
Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service
MySQL 6.0.9 - XPath Expression Remote Denial Of Service
MySQL 6.0.9 - XPath Expression Remote Denial of Service
MPlayer - Malformed AAC File Handling Denial of Service
MPlayer - Malformed OGM File Handling Denial of Service
MPlayer - '.AAC' File Handling Denial of Service
MPlayer - '.OGM' File Handling Denial of Service
Mani's Admin Plugin - Remote Denial Of Service
Mani's Admin Plugin - Remote Denial of Service
cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial Of Service)
CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial Of Service
cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial of Service)
CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service
Git 1.6.3 - Parameter Processing Remote Denial Of Service
Git 1.6.3 - Parameter Processing Remote Denial of Service
GUPnP 0.12.7 - Message Handling Denial Of Service
GUPnP 0.12.7 - Message Handling Denial of Service
ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial Of Service
ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial of Service
FileCOPA FTP Server 5.01 - 'NOOP' Command Denial Of Service
FileCOPA FTP Server 5.01 - 'NOOP' Command Denial of Service
Snort 2.8.5 - Multiple Denial Of Service Vulnerabilities
Snort 2.8.5 - Multiple Denial of Service Vulnerabilities
lighttpd 1.4/1.5 - Slow Request Handling Remote Denial Of Service
lighttpd 1.4/1.5 - Slow Request Handling Remote Denial of Service
Skybox Security 6.3.x < 6.4.x - Multiple Denial Of Service Issue
Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Issue
Hybserv2 - ':help' Command Denial Of Service
Hybserv2 - ':help' Command Denial of Service
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service
Apple Safari 4.0.4 - Remote Denial Of Service
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 - Remote Denial of Service
FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial Of Service
FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial of Service
PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial Of Service
PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial of Service
Remote Help HTTP 0.0.7 - GET Request Format String Denial Of Service
Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service
netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial Of Service
netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial of Service
Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial Of Service
Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial Of Service
Xitami 5.0 - '/AUX' Request Remote Denial Of Service
Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial of Service
Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial of Service
Xitami 5.0 - '/AUX' Request Remote Denial of Service
Torque Game Engine - Multiple Denial Of Service Vulnerabilities
Torque Game Engine - Multiple Denial of Service Vulnerabilities
EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities
EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial of Service Vulnerabilities
Unreal Engine - 'ReceivedRawBunch()' Denial Of Service
Unreal Engine - 'ReceivedRawBunch()' Denial of Service
Chrome Engine 4 - Denial Of Service
Chrome Engine 4 - Denial of Service
Sagem Fast 3304-V1 - Denial Of Service
Sagem Fast 3304-V1 - Denial of Service
Sumatra PDF 1.1 - Denial Of Service
Sumatra PDF 1.1 - Denial of Service
Freeciv 2.2.1 - Multiple Remote Denial Of Service Vulnerabilities
Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial Of Service Vulnerabilities
Freeciv 2.2.1 - Multiple Remote Denial of Service Vulnerabilities
Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial of Service Vulnerabilities
Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities
Microsoft DirectX 8/9 DirectPlay - Multiple Denial of Service Vulnerabilities
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial Of Service
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service
Sniper Elite 1.0 - Null Pointer Dereference Denial Of Service
Sniper Elite 1.0 - Null Pointer Dereference Denial of Service
MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial Of Service
MySQL 5.1.48 - 'EXPLAIN' Denial Of Service
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service
MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial of Service
MySQL 5.1.48 - 'EXPLAIN' Denial of Service
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial of Service
Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial Of Service
Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service
Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service
Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service
Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial of Service
Oracle MySQL < 5.1.49 - 'DDL' Statements Denial of Service
GNU glibc - 'regcomp()' Stack Exhaustion Denial Of Service
GNU glibc - 'regcomp()' Stack Exhaustion Denial of Service
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial Of Service
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service
Microsoft Internet Explorer 11 - Denial Of Service
Microsoft Internet Explorer 11 - Denial of Service
Golden FTP Server 4.70 - Malformed Message Denial Of Service
Golden FTP Server 4.70 - Malformed Message Denial of Service
TP-Link TL-WR740N - Denial Of Service
PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial Of Service
TP-Link TL-WR740N - Denial of Service
PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial of Service
Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial Of Service
Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service
Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial Of Service
Air Contacts Lite - HTTP Packet Denial Of Service
Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial of Service
Air Contacts Lite - HTTP Packet Denial of Service
TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial Of Service)
TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial of Service)
Perl 5.10 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
Perl 5.10 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial Of Service
Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial of Service
Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial Of Service
Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial of Service
RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial Of Service
RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial of Service
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial Of Service
Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service
Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial of Service
Microsoft Host Integration Server 2004-2010 - Remote Denial of Service
Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service
Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial of Service
Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service
Titan FTP Server 8.40 - 'APPE' Command Remote Denial of Service
Apache APR - Hash Collision Denial Of Service
PHP PDORow Object - Remote Denial Of Service
Apache APR - Hash Collision Denial of Service
PHP PDORow Object - Remote Denial of Service
PHP 5.3.8 - Remote Denial Of Service
PHP 5.3.8 - Remote Denial of Service
Mercury MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerabilities
Mercury MR804 Router - Multiple HTTP Header Fields Denial of Service Vulnerabilities
Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service
Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial of Service
Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service
Universal Reader 1.16.740.0 - 'uread.exe' Denial of Service
Apache Sling - Denial Of Service
Apache Sling - Denial of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial of Service
Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (2)
Microsoft Windows - Kernel DeferWindowPos Use-After-Free (MS15-073)
Microsoft Windows - Kernel UserCommitDesktopMemory Use-After-Free (MS15-073)
Microsoft Windows - Kernel Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Microsoft Windows - Kernel HmgAllocateObjectAttr Use-After-Free (MS15-061)
Microsoft Windows - Kernel win32k!vSolidFillRect Buffer Overflow (MS15-061)
Microsoft Windows - Kernel SURFOBJ Null Pointer Dereference (MS15-061)
Microsoft Windows - Kernel Brush Object Use-After-Free (MS15-061)
Microsoft Windows - Kernel WindowStation Use-After-Free (MS15-061)
Microsoft Windows - Kernel Null Pointer Dereference with Window Station and Clipboard (MS15-061)
Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (1)
Microsoft Windows - Kernel FlashWindowEx Memory Corruption (MS15-097)
Microsoft Windows - Kernel bGetRealizedBrush Use-After-Free (MS15-097)
Microsoft Windows - Kernel Use-After-Free with Cursor Object (MS15-097)
Microsoft Windows - Kernel Use-After-Free with Printer Device Contexts (MS15-097)
Microsoft Windows - Kernel NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2)
Microsoft Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)
Microsoft Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)
Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Microsoft Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)
Microsoft Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)
Microsoft Windows Kernel - SURFOBJ Null Pointer Dereference (MS15-061)
Microsoft Windows Kernel - Brush Object Use-After-Free (MS15-061)
Microsoft Windows Kernel - WindowStation Use-After-Free (MS15-061)
Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)
Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1)
Microsoft Windows Kernel - FlashWindowEx Memory Corruption (MS15-097)
Microsoft Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)
Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097)
Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)
Microsoft Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Microsoft Windows - Kernel NtGdiBitBlt Buffer Overflow (MS15-097)
Microsoft Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)
MySQL / MariaDB - Geometry Query Denial Of Service
MySQL / MariaDB - Geometry Query Denial of Service
Apple Mac OSX - Kernel IOAccelMemoryInfoUserClient Use-After-Free
Apple Mac OSX Kernel - IOAccelMemoryInfoUserClient Use-After-Free
Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows Kernel - 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows Kernel - 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Blue Coat ProxySG 5.x - and Security Gateway OS Denial Of Service
Blue Coat ProxySG 5.x - and Security Gateway OS Denial of Service
Microsoft Windows - Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Microsoft Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Apple Mac OSX - Kernel no-more-senders Use-After-Free
Apple Mac OSX Kernel - no-more-senders Use-After-Free
Apple Mac OSX - Kernel IOAccelDisplayPipeUserClient2 Use-After-Free
Apple Mac OSX Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free
TFTPD32 / Tftpd64 - Denial Of Service
TFTPD32 / Tftpd64 - Denial of Service
Apple Mac OSX / iOS - Kernel IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free
Apple Mac OSX / iOS - Kernel iokit Registry Iterator Manipulation Double-Free
Apple Mac OSX / iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free
Apple Mac OSX / iOS Kernel - iokit Registry Iterator Manipulation Double-Free
Apple Mac OSX - Kernel Hypervisor Driver Use-After-Free
Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)
Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)
Apple Mac OSX - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort
Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort
Apple Mac OSX - Kernel AppleKeyStore Use-After-Free
Apple Mac OSX - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver
Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver
Apple Mac OSX Kernel - AppleKeyStore Use-After-Free
Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver
Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver
Microsoft Windows - Kernel Bitmap Use-After-Free
Microsoft Windows - Kernel NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Microsoft Windows Kernel - Bitmap Use-After-Free
Microsoft Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Microsoft Windows - Kernel DrawMenuBarTemp Wild-Write (MS16-039)
Microsoft Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)
Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Microsoft Windows Kernel - 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX - Kernel Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX - Kernel OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
Apple Mac OSX / iOS - Kernel UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
Apple Mac OSX - Kernel Stack Buffer Overflow in GeForce GPU Driver
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
Apple Mac OSX / iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
Apple Mac OSX Kernel - GeForce GPU Driver Stack Buffer Overflow
Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)
Microsoft Windows Kernel - 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)
Apple OS X - Kernel IOBluetoothFamily.kext Use-After-Free
Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
Linux Kernel 2.2.x / 2.4.x (Redhat) - 'ptrace/kmod' Privilege Escalation
Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation
XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0)
xtokkaetama 1.0b - Local Game Exploit (Red Hat 9.0)
XGalaga 2.0.34 (RedHat 9.0) - Local Game Exploit
xtokkaetama 1.0b (RedHat 9.0) - Local Game Exploit
hztty 2.0 - Privilege Escalation (Red Hat 9.0)
hztty 2.0 (RedHat 9.0) - Privilege Escalation
Redhat 6.2 /sbin/restore - Exploit
RedHat 6.2 /sbin/restore - Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
RedHat 6.2 Restore and Dump - Local Exploit (Perl)
Redhat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit
dump 0.4b15 (Redhat 6.2) - Exploit
RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit
dump 0.4b15 (RedHat 6.2) - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
xsoldier 0.96 (RedHat 6.2) - Exploit
Redhat 6.1 man - Local Exploit (egid 15)
RedHat 6.1 man - Local Exploit (egid 15)
Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows - Kernel Privilege Escalation (MS06-049)
Microsoft Windows Kernel - Privilege Escalation (MS06-049)
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Privilege Escalation
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation
Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Privilege Escalation (1)
Linux Kernel 2.x (RedHat) - 'sock_sendpage()' Ring0 Privilege Escalation (1)
(Linux Kernel 2.6.34-rc3) ReiserFS (Redhat / Ubuntu 9.10) - xattr Privilege Escalation
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - xattr Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - 'compat' Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation
Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)
Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)
Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Immunix OS 6.2/7.0 / Redhat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow
Immunix OS 6.2/7.0 / RedHat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow
Microsoft Windows - Kernel Intel x64 SYSRET (PoC)
Microsoft Windows Kernel - Intel x64 SYSRET (PoC)
Linux Kernel 3.7.6 (Redhat x86/x64) - 'MSR' Driver Privilege Escalation
Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation
Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation
Microsoft Windows XP/7 - Kernel 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows - Kernel 'win32k.sys' Privilege Escalation (MS14-058)
Microsoft Windows Kernel - 'win32k.sys' Privilege Escalation (MS14-058)
Apple OS X/iOS - Kernel IOSurface Use-After-Free
Apple OS X/iOS Kernel - IOSurface Use-After-Free
Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit)
Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Privilege Escalation (Metasploit)
Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal
Ruby 1.8.6/1.9 (WEBick Httpd 1.3.1) - Directory Traversal
mg-soft net Inspector 6.5.0.828 - Multiple Vulnerabilities
MG-SOFT Net Inspector 6.5.0.828 - Multiple Vulnerabilities
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit
Red Hat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
Red Hat Interchange 4.8.x - Arbitrary File Read
RedHat Interchange 4.8.x - Arbitrary File Read
Red Hat Apache 2.0.40 - Directory Index Default Configuration Error
RedHat Apache 2.0.40 - Directory Index Default Configuration Error
Foreman (Red Hat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit)
Foreman (RedHat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit)
Red Hat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities
RedHat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities
Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)
RedHat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation (Metasploit)
Katello (RedHat Satellite) - users/update_roles Missing Authorisation (Metasploit)
Red Hat Stronghold Web Server 2.3 - Cross-Site Scripting
RedHat Stronghold Web Server 2.3 - Cross-Site Scripting
Red Hat Piranha - Remote Security Bypass
RedHat Piranha - Remote Security Bypass
KISGB 5.1.1 - (Authenticate.php) Remote File Inclusion
KISGB 5.1.1 - 'Authenticate.php' Remote File Inclusion
Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion
Jshop Server 1.3 - 'fieldValidation.php' Remote File Inclusion
phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution
phpBP RC3 (2.204) - SQL Injection / Remote Code Execution
eXV2 Module MyAnnonces - (lid) SQL Injection
eXV2 Module eblog 1.2 - (blog_id) SQL Injection
eXV2 Module Viso 2.0.4.3 - (kid) SQL Injection
eXV2 Module WebChat 1.60 - (roomid) SQL Injection
eXV2 Module MyAnnonces - 'lid' Parameter SQL Injection
eXV2 Module eblog 1.2 - 'blog_id' Parameter SQL Injection
eXV2 Module Viso 2.0.4.3 - 'kid' Parameter SQL Injection
eXV2 Module WebChat 1.60 - 'roomid' Parameter SQL Injection
Fuzzylime CMS 3.01 - (admindir) Remote File Inclusion
Fuzzylime CMS 3.01 - 'admindir' Parameter Remote File Inclusion
Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion
Exero CMS 1.0.1 - 'theme' Parameter Multiple Local File Inclusion
Joomla! Component Acajoom (com_acajoom) - SQL Injection
Joomla! Component Acajoom 1.1.5 - SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
Joomla! Component joovideo 1.2.2 - 'id' SQL Injection
Joomla! Component Alberghi 2.1.3 - 'id' SQL Injection
Mambo Component 'com_accombo' 1.x - 'id' SQL Injection
Joomla! Component Restaurante 1.0 - 'id' SQL Injection
PEEL CMS - Admin Hash Extraction / Arbitrary File Upload
RunCMS Module section - (artid) SQL Injection
ASPapp Knowledge Base - SQL Injection
ASPapp Knowledge Base - 'CatId' Parameter SQL Injection
Joomla! Component joovideo 1.2.2 - 'id' Parameter SQL Injection
Joomla! Component Alberghi 2.1.3 - 'id' Parameter SQL Injection
Mambo Component Accombo 1.x - 'id' Parameter SQL Injection
Joomla! Component Restaurante 1.0 - 'id' Parameter SQL Injection
PEEL CMS 3.x - Admin Hash Extraction / Arbitrary File Upload
RunCMS Module section - 'artid' Parameter SQL Injection
ASPapp Knowledge Base - SQL Injection
RunCMS Module Photo 3.02 - 'cid' SQL Injection
D.E. Classifieds - 'cat_id' SQL Injection
RunCMS Module Photo 3.02 - 'cid' Parameter SQL Injection
D.E. Classifieds - 'cat_id' Parameter SQL Injection
PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection
PHP-Nuke Platinum 7.6.b.5 - 'dynamic_titles.php' SQL Injection
Joomla! Component rekry 1.0.0 - (op_id) SQL Injection
destar 0.2.2-5 - Arbitrary Add New User Exploit
Joomla! Component rekry 1.0.0 - 'op_id' Parameter SQL Injection
Destar 0.2.2-5 - Arbitrary Add New User Exploit
destar 0.2.2-5 - Arbitrary Add Admin
Destar 0.2.2-5 - Arbitrary Add Admin
BolinOS 4.6.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Security Vulnerabilities
Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection
BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting
Joomla! Component Alphacontent 2.5.8 - 'id' Parameter SQL Injection
TopperMod 1.0 - (mod.php) Local File Inclusion
TopperMod 1.0 - 'mod.php' Local File Inclusion
Joomla! Component MyAlbum 1.0 - (album) SQL Injection
Joomla! Component MyAlbum 1.0 - 'album' Parameter SQL Injection
Smoothflash - 'admin_view_image.php cid' SQL Injection
Smoothflash - 'cid' Parameter SQL Injection
JShop 1.x < 2.x - (page.php xPage) Local File Inclusion
WordPress Plugin Download - (dl_id) SQL Injection
PHPSpamManager 0.53b - (body.php) Remote File Disclosure
Woltlab Burning Board Addon JGS-Treffen - SQL Injection
Neat weblog 0.2 - 'articleId' SQL Injection
EasyNews 40tr - (SQL Injection / Cross-Site Scripting / Local File Inclusion) SQL Injection
FaScript FaPhoto 1.0 - (show.php id) SQL Injection
Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection
eggBlog 4.0 - Password Retrieve SQL Injection
Joomla! Component actualite 1.0 - 'id' SQL Injection
JShop 1.x < 2.x - 'xPage' Parameter Local File Inclusion
WordPress Plugin Download - 'dl_id' Parameter SQL Injection
PHPSpamManager 0.53b - 'body.php' Remote File Disclosure
Woltlab Burning Board Addon JGS-Treffen 2.0.2 - SQL Injection
Neat weblog 0.2 - 'articleId' Parameter SQL Injection
EasyNews 40tr - SQL Injection / Cross-Site Scripting / Local File Inclusion
FaScript FaPhoto 1.0 - 'show.php' SQL Injection
Mambo Component Ahsshop 1.51 - 'vara' Parameter SQL Injection
eggBlog 4.0 - SQL Injection
Joomla! Component actualite 1.0 - 'id' Parameter SQL Injection
PHPAddressBook 2.11 - (view.php id) SQL Injection
PHPAddressBook 2.11 - 'view.php' SQL Injection
Joomla! Component com_alphacontent - Blind SQL Injection
Joomla! Component Alphacontent 2.5.8 - Blind SQL Injection
Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection
Joomla! Component Event Booking 2.10.1 - SQL Injection
Nuked-klaN 1.3 - Multiple Cross-Site Scripting Vulnerabilities
JShop E-Commerce Suite - xSearch Cross-Site Scripting
JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting
JShop E-Commerce Suite 1.2 - product.php Cross-Site Scripting
Nuked-klaN 1.7 Sections Module - artid Parameter SQL Injection
Nuked-klaN 1.7 Sections Module - 'artid' Parameter SQL Injection
Nuked-klaN 1.7 Download Module - dl_id Parameter SQL Injection
Nuked-klaN 1.7 Links Module - link_id Parameter SQL Injection
Nuked-klaN 1.7 Download Module - 'dl_id' Parameter SQL Injection
Nuked-klaN 1.7 Links Module - 'link_id' Parameter SQL Injection
Nuked-klaN 1.7 - 'index.php' Cross-Site Scripting
Foreman (Red Hat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)
Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)
Eggblog 3.1 - admin/articles.php edit Parameter Cross-Site Scripting
Eggblog 3.1 - admin/comments.php edit Parameter Cross-Site Scripting
Eggblog 3.1 - admin/users.php add Parameter Cross-Site Scripting
Eggblog 3.1 - rss.php Cross-Site Scripting
Nuked-klaN 1.7.5 - File Parameter News Module Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/edittemplate_step2.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showfields.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showuser.php language Parameter Cross-Site Scripting
CS-Cart 4.3.10 - XML External Entity Injection
CoronaMatrix phpAddressBook 2.0 - 'Username' Cross-Site Scripting
Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting
Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting
Cacti 0.8.7 (RedHat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting
Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload
Mambo Component 'com_ahsshop' - SQL Injection
Mambo Component Ahsshop - SQL Injection
Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
Joomla 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation
Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation
WordPress Plugin XCloner 3.1.5 - Multiple Vulnerabilities
2016-11-17 05:01:21 +00:00
Offensive Security
3c006aac19
DB: 2016-11-13
2016-11-13 05:01:17 +00:00
Offensive Security
1f59ca27c2
DB: 2016-11-03
...
15 new exploits
Joomla! Component PBBooking 1.0.4_3 - Multiple Blind SQL Injection
Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection
Joomla! Component SimpleShop (com_SimpleShop) - SQL Injection
Joomla! Component 'com_SimpleShop' - SQL Injection
Joomla! Component Spielothek 1.6.9 - Multiple Blind SQL Injection
Joomla! Component 'com_spielothek' 1.6.9 - Multiple Blind SQL Injection
Joomla! Component CamelcityDB 2.2 - SQL Injection
Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection
Joomla! Component cgtestimonial 2.2 - Multiple Vulnerabilities
Joomla! Component 'com_cgtestimonial' 2.2 - Multiple Vulnerabilities
Joomla! Component com_neorecruit 1.4 - SQL Injection
Joomla! Component 'com_neorecruit' 1.4 - SQL Injection
Joomla! Component Teams - Multiple Blind SQL Injection
Joomla! Component 'com_teams' - Multiple Blind SQL Injection
Joomla! Component Yellowpages - SQL Injection
Joomla! Component 'com_yellowpages' - SQL Injection
Joomla! Component Amblog 1.0 - Multiple SQL Injections
Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections
Joomla! Component com_equipment - SQL Injection
Joomla! Component Jgrid 1.0 - Local File Inclusion
Joomla! Component OnGallery - SQL Injection
Joomla! Component 'com_equipment' - SQL Injection
Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion
Joomla! Component 'com_ongallery' - SQL Injection
Joomla! Component com_Fabrik - SQL Injection
Joomla! Component com_extcalendar - Blind SQL Injection
Joomla! Component 'com_Fabrik' - SQL Injection
Joomla! Component 'com_extcalendar' - Blind SQL Injection
Joomla! Component com_zina - SQL Injection
Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections
Joomla! Component 'com_zina' - SQL Injection
Joomla! Component 'com_biblioteca' 1.0 Beta - Multiple SQL Injections
Joomla! Component com_zoomportfolio - SQL Injection
Joomla! Component 'com_zoomportfolio' - SQL Injection
Joomla! Component com_remository - Arbitrary File Upload
Joomla! Component 'com_remository' - Arbitrary File Upload
Joomla! Component com_picsell - Local File Disclosure
Joomla! Component com_jefaqpro - Multiple Blind SQL Injection
Joomla! Component 'com_picsell' - Local File Disclosure
Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection
Joomla! Component iJoomla! magazine 3.0.1 - Remote File Inclusion
Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion
Joomla! Component Clantools 1.5 - Blind SQL Injection
Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection
Joomla! Component 'com_clantools' 1.5 - Blind SQL Injection
Joomla! Component 'com_clantools' 1.2.3 - Multiple Blind SQL Injection
Joomla! Component Gantry Framework 3.0.10 - Blind SQL Injection
Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection
Joomla! Component Aardvertiser 2.1 Free - Blind SQL Injection
Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection
Joomla! Component RSform! 1.0.5 - Multiple Vulnerabilities
Joomla! Component 'com_forme' 1.0.5 - Multiple Vulnerabilities
Joomla! Component com_jphone - Local File Inclusion
Joomla! Component 'com_jphone' - Local File Inclusion
Joomla! Component Mosets Tree 2.1.5 - Arbitrary File Upload
Joomla! Component 'com_mtree' 2.1.5 - Arbitrary File Upload
Joomla! Component com_jgen - SQL Injection
Joomla! Component 'com_jgen' - SQL Injection
Joomla! Component com_restaurantguide - Multiple Vulnerabilities
Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities
Joomla! Component com_elite_experts - SQL Injection
Joomla! Component 'com_elite_experts' - SQL Injection
Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection
Joomla! Component com_ezautos - SQL Injection
Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection
Joomla! Component 'com_ezautos' - SQL Injection
Joomla! Component je Guestbook 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities
Joomla! Component JE Job - SQL Injection
Joomla! Component JE Directory - SQL Injection
Joomla! Component 'com_jejob' - SQL Injection
Joomla! Component 'com_jedirectory' - SQL Injection
Joomla! Component Community Builder Enhenced (CBE) - Local File Inclusion / Remote Code Execution
Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution
Joomla! Component js Calendar 1.5.1 Joomla! - Multiple Vulnerabilities
Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities
Joomla! Component JE Ajax Event Calendar (com_jeajaxeventcalendar) - SQL Injection
Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection
Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload
Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload
Joomla! Component Flip Wall (com_flipwall) - SQL Injection
Joomla! Component Sponsor Wall (com_sponsorwall) - SQL Injection
Joomla! Component 'com_flipwall' - SQL Injection
Joomla! Component 'com_sponsorwall' - SQL Injection
sweetrice CMS 0.6.7 - Multiple Vulnerabilities
SweetRice 0.6.7 - Multiple Vulnerabilities
Joomla! Component ccInvoices (com_ccinvoices) - SQL Injection
Joomla! Component 'com_ccinvoices' - SQL Injection
Joomla! Component com_connect - Local File Inclusion
Joomla! Component DCNews com_dcnews - Local File Inclusion
Joomla! Component 'com_connect' - Local File Inclusion
Joomla! Component 'com_dcnews' - Local File Inclusion
Joomla! Component com_ckforms - Local File Inclusion
Joomla! Component com_clan - SQL Injection
Joomla! Component 'com_ckforms' - Local File Inclusion
Joomla! Component 'com_clan' - SQL Injection
Joomla! Component com_clanlist - SQL Injection
Joomla! Component 'com_clanlist' - SQL Injection
Joomla! Component ProDesk 1.5 - Local File Inclusion
Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion
Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection
Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection
Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection
Joomla! Component com_markt - SQL Injection
Joomla! Component com_img - Local File Inclusion
Joomla! Component 'btg_oglas' - HTML / Cross-Site Scripting Injection
Joomla! Component 'com_markt' - SQL Injection
Joomla! Component 'com_img' - Local File Inclusion
Joomla! Component com_jsupport - Cross-Site Scripting
Joomla! Component com_jsupport - SQL Injection
Joomla! Component 'com_jsupport' - Cross-Site Scripting
Joomla! Component 'com_jsupport' - SQL Injection
Joomla! Component ccBoard 1.2-RC - Multiple Vulnerabilities
Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities
Joomla! Component com_alfurqan15x - SQL Injection
Joomla! Component 'com_alfurqan15x' - SQL Injection
Joomla! Component Maian Media (com_maianmedia) - SQL Injection
Joomla! Component 'com_maianmedia' - SQL Injection
Joomla! Component Template Mosets Tree 2.1.6 - Overwrite Cross-Site Request Forgery
Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery
Joomla! Component com_jimtawl - Local File Inclusion
Joomla! Component 'com_jimtawl' - Local File Inclusion
Joomla! Component JE Auto 1.0 - SQL Injection
Joomla! Component 'com_jeauto' 1.0 - SQL Injection
Joomla! Component Billy Portfolio 1.1.2 - Blind SQL Injection
Joomla! Component 'com_billyportfolio' 1.1.2 - Blind SQL Injection
Joomla! Component JRadio (com_jradio) - Local File Inclusion
Joomla! Component 'com_jradio' - Local File Inclusion
Joomla! Component JE Auto (com_jeauto) - Local File Inclusion
Joomla! Component 'com_jeauto' - Local File Inclusion
Joomla! Component Jotloader 2.2.1 - Local File Inclusion
Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion
Joomla! Component com_xgallery 1.0 - Local File Inclusion
Joomla! Component 'com_xgallery' 1.0 - Local File Inclusion
Joomla! Component com_ponygallery - Remote File Inclusion
Joomla! Component com_adsmanager - Remote File Inclusion
Joomla! Component 'com_ponygallery' - Remote File Inclusion
Joomla! Component 'com_adsmanager' - Remote File Inclusion
Joomla! Component com_xmovie 1.0 - Local File Inclusion
Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion
Joomla! Component com_idoblog - SQL Injection
Joomla! Component 'com_idoblog' - SQL Injection
Joomla! Plugin Captcha 4.5.1 - Local File Disclosure
Joomla! Plugin 'Captcha' 4.5.1 - Local File Disclosure
Joomla! Component People 1.0.0 - SQL Injection
Joomla! Component 'com_people' 1.0.0 - SQL Injection
Joomla! Component People 1.0.0 - Local File Inclusion
Joomla! Component 'com_people' 1.0.0 - Local File Inclusion
Joomla! Component allCineVid 1.0.0 - Blind SQL Injection
Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection
Joomla! Component B2 Portfolio 1.0.0 - Multiple SQL Injections
Joomla! Component 'com_b2portfolio' 1.0.0 - Multiple SQL Injections
Joomla! Component XCloner (com_xcloner-backupandrestore) - Remote Command Execution
Joomla! Component 'com_xcloner-backupandrestore' - Remote Command Execution
Joomla! Component com_booklibrary - SQL Injection
Joomla! Component 'com_booklibrary' - SQL Injection
Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection
Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection
Joomla! Component JCE (com_jce) - Blind SQL Injection
Joomla! Component 'com_jce' - Blind SQL Injection
Joomla! Component com_versioning - SQL Injection
Joomla! Component com_hello - SQL Injection
Joomla! Component 'com_versioning' - SQL Injection
Joomla! Component 'com_hello' - SQL Injection
Joomla! Component com_question - SQL Injection
Joomla! Component 'com_question' - SQL Injection
Joomla! Component 1.0 jDownloads - Arbitrary File Upload
Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload
Joomla! Component com_jmsfileseller - Local File Inclusion
Joomla! Component 'com_jmsfileseller' - Local File Inclusion
Joomla! Component com_joomnik - SQL Injection
Joomla! Component 'com_joomnik' - SQL Injection
Joomla! Plugin Scriptegrator 1.5 - File Inclusion
Joomla! Component 'Scriptegrator' 1.5 - File Inclusion
Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion
Joomla! Component com_team - SQL Injection
Joomla! Component 'com_acooldebate' 1.0.3 - Local File Inclusion
Joomla! Component 'com_team' - SQL Injection
Joomla! Component Calc Builder - 'id' Blind SQL Injection
Joomla! Component 'com_calcbuilder' - 'id' Parameter Blind SQL Injection
Joomla! Component JoomlaXi - Persistent Cross-Site Scripting
Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting
Joomla! Component mdigg - SQL Injection
Joomla! Component 'mdigg' - SQL Injection
Joomla! Component Xmap 1.2.11 - Blind SQL Injection
Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection
Joomla! Component SOBI2 2.9.3.2 - Blind SQL Injections
Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections
Joomla! Component Appointment Booking Pro - Local File Inclusion
Joomla! Component 'com_rsappt_pro2' - Local File Inclusion
Joomla! Component JE K2 Story Submit - Local File Inclusion
Joomla! Component 'com_jesubmit' - Local File Inclusion
Joomla! Component mod_spo - SQL Injection
Joomla! Component 'mod_spo' - SQL Injection
Joomla! Component com_virtuemart 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)
Joomla! Component 'com_virtuemart' 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)
Joomla! Component com_obSuggest - Local File Inclusion
Joomla! Component 'com_obSuggest' - Local File Inclusion
Joomla! Component com_jdirectory - SQL Injection
Joomla! Component 'com_jdirectory' - SQL Injection
Joomla! Component TNR Enhanced Joomla! Search - SQL Injection
Joomla! Component 'com_esearch' - SQL Injection
Joomla! Component JoomTouch - Local File Inclusion
Joomla! Component 'com_joomtouch' - Local File Inclusion
Joomla! Extension JCE 2.0.10 - Multiple Vulnerabilities
Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities
Joomla! Component simple file lister module 1.0 - Directory Traversal
Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal
Joomla! Component YJ Contact us - Local File Inclusion
Joomla! Component 'com_yjcontactus' - Local File Inclusion
Joomla! Component Time Returns (com_timereturns) 2.0 - SQL Injection
Joomla! Component 'com_timereturns' 2.0 - SQL Injection
Joomla! Component Techfolio 1.0 - SQL Injection
Joomla! Component 'com_techfolio' 1.0 - SQL Injection
Joomla! Component JEEMA Sms 3.2 - Multiple Vulnerabilities
Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jeemasms' 3.2 - Multiple Vulnerabilities
Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities
Joomla! Component HM-Community com_hmcommunity - Multiple Vulnerabilities
Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities
Joomla! Component Alameda (com_alameda) 1.0 - SQL Injection
Joomla! Component 'com_alameda' 1.0 - SQL Injection
Joomla! Component Jobprofile (com_jobprofile) - SQL Injection
Joomla! Component 'com_jobprofile' - SQL Injection
Joomla! Component QContacts 1.0.6 - SQL Injection
Joomla! Component 'com_qcontacts' 1.0.6 - SQL Injection
Joomla! Component com_dshop - SQL Injection
Joomla! Component 'com_dshop' - SQL Injection
Joomla! Component Discussions (com_discussions) - SQL Injection
Joomla! Component 'com_discussions' - SQL Injection
Joomla! Component The Estate Agent (com_estateagent) - SQL Injection
Joomla! Component com_bearleague - SQL Injection
Joomla! Component 'com_estateagent' - SQL Injection
Joomla! Component 'com_bearleague' - SQL Injection
Joomla! Component com_ponygallery - SQL Injection
Joomla! Component 'com_ponygallery' - SQL Injection
Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal
Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal
Joomla! Component com_weblinks - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection
Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection
Joomla! Component com_dirfrm - Multiple SQL Injections
Joomla! Component 'com_dirfrm' - Multiple SQL Injections
Joomla! Component Spain - 'nv' Parameter SQL Injection
Joomla! Component 'com_spain' - 'nv' Parameter SQL Injection
Joomla! Component com_tax - 'eid' Parameter SQL Injection
Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection
Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection
Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection
Joomla! / Mambo Component com_trade - 'PID' Parameter Cross-Site Scripting
Joomla! / Mambo Component 'com_trade' - 'PID' Parameter Cross-Site Scripting
Joomla! Component com_jstore - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion
Joomla! Component Catalogue - SQL Injection / Local File Inclusion
Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion
Joomla! Component AutoArticles 3000 - 'id' Parameter SQL Injection
Joomla! Component 'com_a3000' - 'id' Parameter SQL Injection
Joomla! Component Store Directory - 'id' Parameter SQL Injection
Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection
Joomla! Component Annuaire - 'id' Parameter SQL Injection
Joomla! Component 'com_annuaire' - 'id' Parameter SQL Injection
Joomla! Component Jeformcr - 'id' Parameter SQL Injection
Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection
Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection
Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection
Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component Redirect 'com_redirect' 1.5.19 - Local File Inclusion
Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion
Joomla! Component Classified - SQL Injection
Joomla! Component 'com_classified' - SQL Injection
Joomla! Component com_frontenduseraccess - Local File Inclusion
Joomla! Component 'com_frontenduseraccess' - Local File Inclusion
Joomla! Component VirtueMart eCommerce 1.1.6 - SQL Injection
Joomla! Component 'com_virtuemart' 1.1.6 - SQL Injection
Joomla! Component com_clan_members - 'id' Parameter SQL Injection
Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection
Joomla! Component com_phocadownload - Local File Inclusion
Joomla! Component 'com_phocadownload' - Local File Inclusion
Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection
Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection
Joomla! Component com_maplocator - 'cid' Parameter SQL Injection
Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection
Joomla! Component com_shop - SQL Injection
Joomla! Component 'com_shop' - SQL Injection
Joomla! Component Virtual Money 'com_virtualmoney' 1.5 - SQL Injection
Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload
Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection
Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload
Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection
Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection
Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_voj - SQL Injection
Joomla! Component 'com_voj' - SQL Injection
Joomla! Component Foto - 'id_categoria' Parameter SQL Injection
Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection
Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection
Joomla! Component com_hospital - SQL Injection
Joomla! Component Controller - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection
Joomla! Component 'com_hospital' - SQL Injection
Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection
Joomla! Component com_resman - Cross-Site Scripting
Joomla! Component com_newssearch - SQL Injection
Joomla! Component 'com_newssearch' - SQL Injection
Joomla! Component Slideshow Gallery - 'id' Parameter SQL Injection
Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection
Joomla! Component com_community - 'userid' Parameter SQL Injection
Joomla! Component 'com_community' - 'userid' Parameter SQL Injection
Joomla! Component com_biitatemplateshop - 'groups' Parameter SQL Injection
Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection
Joomla! Component com_expedition - 'id' Parameter SQL Injection
Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection
Joomla! Component com_tree - 'key' Parameter SQL Injection
Joomla! Component com_br - 'state_id' Parameter SQL Injection
Joomla! Component com_shop - 'id' Parameter SQL Injection
Joomla! Component 'com_tree' - 'key' Parameter SQL Injection
Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection
Joomla! Component 'com_shop' - 'id' Parameter SQL Injection
Joomla! Component Sgicatalog 1.0 - 'id' Parameter SQL Injection
Joomla! Component 'com_sgicatalog' 1.0 - 'id' Parameter SQL Injection
Joomla! Extension com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component 'com_alfcontact' 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component Content - 'year' Parameter SQL Injection
Joomla! Component 'com_content' - 'year' Parameter SQL Injection
Joomla! Component com_tsonymf - 'idofitem' Parameter SQL Injection
Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection
Joomla! Component com_caproductprices - 'id' Parameter SQL Injection
Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection
Joomla! Component HD Video Share 1.3 - 'id' Parameter SQL Injection
Joomla! Component 'com_contushdvideoshare' 1.3 - 'id' Parameter SQL Injection
Joomla! Component com_br - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion
Joomla! Component Full 'com_full' - 'id' Parameter SQL Injection
Joomla! Component com_sanpham - Multiple SQL Injections
Joomla! Component com_xball - 'team_id' Parameter SQL Injection
Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion
Joomla! Component com_car - Multiple SQL Injections
Joomla! Component com_some - 'Controller' Parameter Local File Inclusion
Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion
Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_full' - 'id' Parameter SQL Injection
Joomla! Component 'com_sanpham' - Multiple SQL Injections
Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection
Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_car' - Multiple SQL Injections
Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_jesubmit - 'index.php' Arbitrary File Upload
Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload
Joomla! Component com_motor - 'cid' Parameter SQL Injection
Joomla! Component com_products - Multiple SQL Injections
Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection
Joomla! Component 'com_products' - Multiple SQL Injections
Joomla! Component com_visa - Local File Inclusion / SQL Injection
Joomla! Component com_firmy - 'Id' Parameter SQL Injection
Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection
Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection
Joomla! Component com_crhotels - 'catid' Parameter SQL Injection
Joomla! Component com_propertylab - 'id' Parameter SQL Injection
Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection
Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection
Joomla! Component com_bbs - Multiple SQL Injections
Joomla! Component 'com_bbs' - Multiple SQL Injections
Joomla! Component com_cmotour - 'id' Parameter SQL Injection
Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection
Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection
Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection
Joomla! Component Currency Converter - 'from' Parameter Cross-Site Scripting
Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting
Joomla! Component X-Shop - 'idd' Parameter SQL Injection
Joomla! Component Xcomp 'com_xcomp' - Local File Inclusion
Joomla! Component 'com_x-shop' - 'idd' Parameter SQL Injection
Joomla! Component 'com_xcomp' - Local File Inclusion
Joomla! Component com_xvs - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_xvs' - 'Controller' Parameter Local File Inclusion
Joomla! Component Machine - Multiple SQL Injections
Joomla! Component 'com_machine' - Multiple SQL Injections
Joomla! Component CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection
Joomla! Component Video Gallery - Local File Inclusion / SQL Injection
Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection
Joomla! Component 'com_videogallery' - Local File Inclusion / SQL Injection
Joomla! Component Alphacontent - 'limitstart' Parameter SQL Injection
Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload
Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection
Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload
Joomla! Component Simple SWFupload - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component Art Uploader - 'upload.php' Arbitrary File Upload
Joomla! Component DentroVideo - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload
PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition
MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow
Alienvault OSSIM/USM 5.3.1 - PHP Object Injection
Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting
Alienvault OSSIM/USM 5.3.1 - SQL Injection
Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056)
Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass
SunellSecurity NVR / Camera - Denial Of Service
Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit)
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' Privilege Escalation
Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution (Metasploit)
LifeSize Room 5.0.9 - Multiple Vulnerabilities
Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free
SweetRice 1.5.1 - Cross-Site Request Forgery
2016-11-03 05:01:18 +00:00
Offensive Security
18f707fb94
DB: 2016-11-01
...
24 new exploits
Serendipity 0.7-beta1 - SQL Injection (PoC)
S9Y Serendipity 0.7-beta1 - SQL Injection (PoC)
Serendipity 0.8beta4 - exit.php SQL Injection
S9Y Serendipity 0.8beta4 - exit.php SQL Injection
CBSms Mambo Module 1.0 - Remote File Inclusion
Pearl For Mambo 1.6 - Multiple Remote File Inclusion
Mambo Module CBSms 1.0 - Remote File Inclusion
Mambo Component Pearl 1.6 - Multiple Remote File Inclusion
galleria Mambo Module 1.0b - Remote File Inclusion
Mambo Module galleria 1.0b - Remote File Inclusion
SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion
com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion
Mambo Component SimpleBoard 1.1.0 - Remote File Inclusion
Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion
com_videodb Mambo Component 0.3en - Remote File Inclusion
SMF Forum Mambo Component 1.3.1.3 - Include
com_extcalendar Mambo Component 2.0 - Include
com_loudmouth Mambo Component 4.0j - Include
pc_cookbook Mambo Component 0.3 - Include
perForms Mambo Component 1.0 - Remote File Inclusion
com_hashcash Mambo Component 1.2.1 - Include
HTMLArea3 Mambo Module 1.5 - Remote File Inclusion
Sitemap Mambo Component 2.0.0 - Remote File Inclusion
pollxt Mambo Component 1.22.07 - Remote File Inclusion
MiniBB Mambo Component 1.5a - Remote File Inclusion
Mambo Component com_videodb 0.3en - Remote File Inclusion
Mambo Component SMF Forum 1.3.1.3 - Remote File Inclusion
Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion
Mambo Component com_loudmouth 4.0j - Remote File Inclusion
Mambo Component pc_cookbook 0.3 - Remote File Inclusion
Mambo Component perForms 1.0 - Remote File Inclusion
Mambo Component com_hashcash 1.2.1 - Remote File Inclusion
Mambo Module HTMLArea3 1.5 - Remote File Inclusion
Mambo Component Sitemap 2.0.0 - Remote File Inclusion
Mambo Component pollxt 1.22.07 - Remote File Inclusion
Mambo Component MiniBB 1.5a - Remote File Inclusion
MoSpray Mambo Component 18RC1 - Remote File Inclusion
Mambo Component MoSpray 18RC1 - Remote File Inclusion
Mam-Moodle Mambo Component alpha - Remote File Inclusion
Mambo Component Mam-Moodle alpha - Remote File Inclusion
multibanners Mambo Component 1.0.1 - Remote File Inclusion
Mambo Component multibanners 1.0.1 - Remote File Inclusion
PrinceClan Chess Mambo Com 0.8 - Remote File Inclusion
Mambo Component PrinceClan Chess 0.8 - Remote File Inclusion
a6mambohelpdesk Mambo Component 18RC1 - Include
Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion
Mambo Security Images Component 3.0.5 - Inclusion
Mambo MGM Component 0.95r2 - Remote File Inclusion
Mambo Colophon Component 1.2 - Remote File Inclusion
Mambo mambatStaff Component 3.1b - Remote File Inclusion
Mambo Component Security Images 3.0.5 - Inclusion
Mambo Component MGM 0.95r2 - Remote File Inclusion
Mambo Component 'com_colophon' 1.2 - Remote File Inclusion
Mambo Component mambatStaff 3.1b - Remote File Inclusion
Mambo User Home Pages Component 0.5 - Remote File Inclusion
Mambo Component User Home Pages 0.5 - Remote File Inclusion
Mambo Remository Component 3.25 - Remote File Inclusion
Mambo Component Remository 3.25 - Remote File Inclusion
Mambo mmp Component 1.2 - Remote File Inclusion
Mambo Component MMP 1.2 - Remote File Inclusion
Mambo Peoplebook Component 1.0 - Remote File Inclusion
Mambo Component Peoplebook 1.0 - Remote File Inclusion
Mambo CopperminePhotoGalery Component - Remote File Inclusion
Mambo Component CopperminePhotoGalery - Remote File Inclusion
Mambo mambelfish Component 1.1 - Remote File Inclusion
Mambo Component mambelfish 1.1 - Remote File Inclusion
Mambo phpShop Component 1.2 RC2b - File Inclusion
Mambo a6mambocredits Component 1.0.0 - File Inclusion
Mambo Component 'com_phpshop' 1.2 RC2b - File Inclusion
Mambo Component 'com_a6mambocredits' 1.0.0 - File Inclusion
Mambo MamboWiki Component 0.9.6 - Remote File Inclusion
Mambo Component MamboWiki 0.9.6 - Remote File Inclusion
Mambo cropimage Component 1.0 - Remote File Inclusion
Mambo Component cropimage 1.0 - Remote File Inclusion
Mambo com_lurm_constructor Component 0.6b - Include
Mambo Component com_lurm_constructor 0.6b - Remote File Inclusion
mambo com_babackup Component 1.1 - File Inclusion
Mambo Component com_babackup 1.1 - File Inclusion
Mambo com_serverstat Component 0.4.4 - File Inclusion
Mambo Component com_serverstat 0.4.4 - File Inclusion
Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Include
Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion
Mambo com_registration_detailed 4.1 - Remote File Inclusion
Mambo Component com_registration_detailed 4.1 - Remote File Inclusion
MambWeather Mambo Module 1.8.1 - Remote File Inclusion
Mambo Module MambWeather 1.8.1 - Remote File Inclusion
com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure
Mambo Component com_flyspray <= 1.0.1 - Remote File Disclosure
Serendipity 1.0.3 - 'comment.php' Local File Inclusion
S9Y Serendipity 1.0.3 - 'comment.php' Local File Inclusion
Hewlett-Packard FTP Print Server 2.4.5 - Buffer Overflow (PoC)
Hewlett-Packard (HP) FTP Print Server 2.4.5 - Buffer Overflow (PoC)
mambo Component nfnaddressbook 0.4 - Remote File Inclusion
Mambo Component nfnaddressbook 0.4 - Remote File Inclusion
Joomla! / Mambo Component SWmenuFree 4.0 - Remote File Inclusion
Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion
Irfanview 3.99 - '.ani' Local Buffer Overflow (1)
IrfanView 3.99 - '.ani' Local Buffer Overflow (1)
Irfanview 3.99 - '.ani' Local Buffer Overflow (2)
IrfanView 3.99 - '.ani' Local Buffer Overflow (2)
Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion
Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion
Joomla! / Mambo Component article 1.1 - Remote File Inclusion
Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion
Irfanview 4.00 - '.iff' Buffer Overflow
IrfanView 4.00 - '.iff' Buffer Overflow
Mambo com_yanc 1.4 Beta - 'id' SQL Injection
Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection
Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' SQL Injection
Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection
Irfanview 4.10 - '.fpx' Memory Corruption
IrfanView 4.10 - '.fpx' Memory Corruption
Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection
Mambo 'com_fq' - 'listid' Parameter SQL Injection
Mambo 'com_mamml' - 'listid' Parameter SQL Injection
Mambo Component Glossary 2.0 - 'catid' SQL Injection
Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection
Mambo Component 'com_fq' - 'listid' Parameter SQL Injection
Mambo Component 'com_mamml' - 'listid' Parameter SQL Injection
Mambo Component 'com_glossary' 2.0 - 'catid' SQL Injection
Mambo Component AkoGallery 2.5b - SQL Injection
Mambo Component Catalogshop 1.0b1 - SQL Injection
Mambo Component 'com_akogallery' 2.5b - SQL Injection
Mambo Component 'com_catalogshop' 1.0b1 - SQL Injection
Mambo Component Awesom 0.3.2 - (listid) SQL Injection
Mambo Component 'com_awesom' 0.3.2 - (listid) SQL Injection
Mambo Component Portfolio 1.0 - 'categoryId' SQL Injection
Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection
Mambo Component accombo 1.x - 'id' SQL Injection
Mambo Component 'com_accombo' 1.x - 'id' SQL Injection
Mambo Component ahsShop 1.51 - (vara) SQL Injection
Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection
Mambo Component Galleries 1.0 - (aid) SQL Injection
Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection
Mambo 4.6.4 - (Output.php) Remote File Inclusion
Mambo 4.6.4 - 'Output.php' Remote File Inclusion
Mambo Component Articles - (artid) Blind SQL Injection
Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection
Mambo Component n-gallery - Multiple SQL Injections
Mambo Component 'com_n-gallery' - Multiple SQL Injections
Irfanview 3.99 - IFF File Local Stack Buffer Overflow
IrfanView 3.99 - '.IFF' File Local Stack Buffer Overflow
Mambo Component n-form - (form_id) Blind SQL Injection
Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection
Mambo com_sim 0.8 - Blind SQL Injection
Mambo Component 'com_sim' 0.8 - Blind SQL Injection
Mambo Component com_hestar - SQL Injection
Mambo Component 'com_hestar' - SQL Injection
Mambo com_koesubmit 1.0.0 - Remote File Inclusion
Mambo Component com_koesubmit 1.0.0 - Remote File Inclusion
Joomla! / Mambo Component Tupinambis - SQL Injection
Joomla! / Mambo Component 'com_tupinambis' - SQL Injection
Joomla! / Mambo Component com_ezine 2.1 - Remote File Inclusion
Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion
Mambo Component Material Suche 1.0 - SQL Injection
Mambo Component 'com_materialsuche' 1.0 - SQL Injection
Mambo com_akogallery - SQL Injection
Mambo Component 'com_akogallery' - SQL Injection
Mambo Component com_acnews - [id] SQL Injection
Mambo Component 'com_acnews' - 'id' Parameter SQL Injection
Mambo Component com_mambads - SQL Injection
Mambo Component 'com_mambads' - SQL Injection
Rumba ftp Client 4.2 - PASV Buffer Overflow (SEH)
Rumba FTP Client 4.2 - PASV Buffer Overflow (SEH)
Serendipity 1.5.4 - Arbitrary File Upload
S9Y Serendipity 1.5.4 - Arbitrary File Upload
Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service
IrfanView 4.27 - 'JP2000.dll' plugin Denial of Service
Irfanview 4.28 - Multiple Denial of Service Vulnerabilities
IrfanView 4.28 - Multiple Denial of Service Vulnerabilities
Irfanview 4.28 - ICO With Transparent Colour Denial of Service & RDenial of Service
Irfanview 4.28 - ICO Without Transparent Colour Denial of Service & RDenial of Service
IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service
IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service
PCMan FTP Server Buffer Overflow - PUT Command (Metasploit)
PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit)
Mambo CMS 4.6.x - (4.6.5) SQL Injection
Mambo 4.6.x < 4.6.5 - SQL Injection
Mambo CMS 4.x - (Zorder) SQL Injection
Mambo 4.x - 'Zorder' SQL Injection
Irfanview - '.tiff' Image Processing Buffer Overflow
IrfanView - '.tiff' Image Processing Buffer Overflow
Irfanview FlashPix PlugIn - Double-Free
IrfanView FlashPix PlugIn - Double-Free
Irfanview FlashPix PlugIn - Decompression Heap Overflow
IrfanView FlashPix PlugIn - Decompression Heap Overflow
Serendipity 1.6 - Backend Cross-Site Scripting / SQL Injection
S9Y Serendipity 1.6 - (Backend) Cross-Site Scripting / SQL Injection
Irfanview 4.33 - Format PlugIn ECW Decompression Heap Overflow
IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow
Irfanview 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow
IrfanView 4.33 - Format PlugIn .TTF File Parsing Stack Based Overflow
Irfanview 4.33 - '.DJVU' Image Processing Heap Overflow
IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow
Irfanview JLS Formats PlugIn - Heap Overflow
IrfanView JLS Formats PlugIn - Heap Overflow
Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit)
IrfanView JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit)
Irfan Skiljan IrfanView32 3.0.7 - Image File Buffer Overflow
IrfanView32 3.0.7 - Image File Buffer Overflow
Joomla! Component Event Booking 2.10.1 - SQL Injection
Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection
Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla! Component 'com_videogallerylite' 1.0.9 - SQL Injection
Irfanview - '.RLE' Image Decompression Buffer Overflow
Irfanview - '.TIF' Image Decompression Buffer Overflow
IrfanView - '.RLE' Image Decompression Buffer Overflow
IrfanView - '.TIF' Image Decompression Buffer Overflow
Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution
IrfanView 4.33 - 'IMXCF.dll' Plugin Code Execution
Serendipity 0.x - exit.php HTTP Response Splitting
S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting
PCMan FTP Server 2.07 - PASS Command Buffer Overflow
PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow
PCMan FTP Server 2.07 - STOR Command Buffer Overflow
PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow
freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH)
freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow
Joomla! Component VirtueMart 2.0.22a - SQL Injection
Joomla! Component 'com_virtuemart' 2.0.22a - SQL Injection
phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion
Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusion
Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion
Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion
PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - 'STOR' Command Stack Overflow (Metasploit)
Irfanview 3.98 - '.ANI' Image File Denial of Service
IrfanView 3.98 - '.ANI' Image File Denial of Service
Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion
Mambo Component Reporter 1.0 - 'Reporter.sql.php' Remote File Inclusion
Mambo LMTG Myhomepage 1.2 Component - Multiple Remote File Inclusion
Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion
Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion
Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion
Mambo Display MOSBot Manager Component - MosConfig_absolute_path Remote File Inclusion
Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion
Mambo EstateAgent 1.0.2 Component - MosConfig_absolute_path Remote File Inclusion
Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion
Joomla! / Mambo Component Com_comprofiler 1.0 - class.php Remote File Inclusion
Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion
Hewlett-Packard 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery
Hewlett-Packard (HP) 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery
Mambo MostlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion
Mambo Module MOStlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion
Irfanview 3.99 - Multiple BMP Denial of Service Vulnerabilities
IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities
Joomla! / Mambo Component Mod_Forum - PHPBB_Root.php Remote File Inclusion
Joomla! / Mambo Component Mod_Forum - 'PHPBB_Root.php' Remote File Inclusion
Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting
Mambo Module MOStlyCE 2.4 - 'connector.php' Cross-Site Scripting
Mambo MOStlyCE Module 2.4 Image Manager Utility - Arbitrary File Upload
Mambo Module MOStlyCE 2.4 Image Manager Utility - Arbitrary File Upload
Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting
S9Y Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting
Joomla! Extension Komento 1.7.2 - Persistent Cross-Site Scripting
Joomla! Extension JV Comment 3.0.2 - (index.php id Parameter) SQL Injection
Joomla! Component 'com_komento' 1.7.2 - Persistent Cross-Site Scripting
Joomla! Component 'com_jvcomment' 3.0.2 - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection
Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection
Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection
Joomla! / Mambo Component com_filebase - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection
Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection
Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection
PCMan FTP Server 2.07 - ABOR Command Buffer Overflow
PCMan FTP Server 2.07 - CWD Command Buffer Overflow
PCMan FTP Server 2.07 - 'ABOR' Command Buffer Overflow
PCMan FTP Server 2.07 - 'CWD' Command Buffer Overflow
Joomla! Component JomSocial 2.6 - Code Execution
Joomla! Component 'com_community' 2.6 - Code Execution
Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection
Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities
S9Y Serendipity 1.7.5 - (Backend) Multiple Vulnerabilities
Joomla! / Mambo Component Joomlaearn Lms - 'cat' Parameter SQL Injection
Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection
Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection
Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection
Joomla! Component YouTube Gallery - SQL Injection
Joomla! Component 'com_youtubegallery' - SQL Injection
Joomla! Component Spider Form Maker 3.4 - SQL Injection
Joomla! Component 'com_formmaker' 3.4 - SQL Injection
Joomla! Component Spider Calendar 3.2.6 - SQL Injection
Joomla! Component 'com_spidercalendar' 3.2.6 - SQL Injection
Joomla! Component Spider Contacts 1.3.6 - (index.php contacts_id Parameter)SQL Injection
Joomla! Component 'com_spidercontacts' 1.3.6 - 'contacts_id' Parameter SQL Injection
Joomla! Component Face Gallery 1.0 - Multiple Vulnerabilities
Joomla! Component Mac Gallery 1.5 - Arbitrary File Download
Joomla! Component 'com_facegallery' 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_macgallery' 1.5 - Arbitrary File Download
Joomla! Component HD FLV Player < 2.1.0.1 - SQL Injection
Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - SQL Injection
Joomla! Component HD FLV Player < 2.1.0.1 - Arbitrary File Download
Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - Arbitrary File Download
Mambo - 'com_docman' 1.3.0 Component Multiple SQL Injection
Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection
Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
Mambo CMS 4.6.x - Multiple Cross-Site Scripting Vulnerabilities
Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities
Hewlett-Packard UCMDB - JMX-Console Authentication Bypass
Hewlett-Packard (HP) UCMDB - JMX-Console Authentication Bypass
PCMan FTP Server 2.0.7 - Buffer Overflow MKD Command
PCMan FTP Server 2.0.7 - 'MKD' Command Buffer Overflow
Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery
Mambo 4.6.5 - 'index.php' Cross-Site Request Forgery
Serendipity 1.5.1 - 'research_display.php' SQL Injection
S9Y Serendipity 1.5.1 - 'research_display.php' SQL Injection
Mambo CMS N-Skyrslur - Cross-Site Scripting
Mambo Component 'com_n-skyrslur' - Cross-Site Scripting
Mambo CMS N-Gallery Component - SQL Injection
Mambo CMS AHS Shop Component - SQL Injection
Mambo Component 'com_n-gallery' - SQL Injection
Mambo Component 'com_ahsshop' - SQL Injection
Mambo CMS N-Press Component - SQL Injection
Mambo Component 'com_n-press' - SQL Injection
Mambo CMS N-Frettir Component - SQL Injection
Mambo CMS N-Myndir Component - SQL Injection
Mambo Component 'com_n-frettir' - SQL Injection
Mambo Component 'com_n-myndir' - SQL Injection
Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting
S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting
Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting
S9Y Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting
Joomla! Component Simple Photo Gallery 1.0 - Arbitrary File Upload
Joomla! Component 'com_simplephotogallery' 1.0 - Arbitrary File Upload
Joomla! Component Simple Photo Gallery 1.0 - SQL Injection
Joomla! Component 'com_simplephotogallery' 1.0 - SQL Injection
Joomla! Plugin eCommerce-WD 1.2.5 - SQL Injection
Joomla! Component 'com_ecommercewd' 1.2.5 - SQL Injection
Joomla! Component Spider FAQ - SQL Injection
Joomla! Component 'com_spiderfaq' - SQL Injection
Joomla! Component Gallery WD - SQL Injection
Joomla! Component Contact Form Maker 1.0.1 - SQL Injection
Joomla! Component 'com_gallery_wd' - SQL Injection
Joomla! Component 'com_contactformmaker' 1.0.1 - SQL Injection
Joomla! Component Spider Random Article - SQL Injection
Joomla! Component 'com_rand' - SQL Injection
Joomla! Component SimpleImageUpload - Arbitrary File Upload
Joomla! Component 'com_simpleimageupload' - Arbitrary File Upload
Joomla! Component DOCman - Multiple Vulnerabilities
Joomla! Component 'com_docman' - Multiple Vulnerabilities
Joomla! Plugin Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities
Joomla! Component 'com_helpdeskpro' < 1.4.0 - Multiple Vulnerabilities
PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'PUT' Command Buffer Overflow
Joomla! Component Event Manager 2.1.4 - Multiple Vulnerabilities
Joomla! Component 'com_jem' 2.1.4 - Multiple Vulnerabilities
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
Joomla! Component 'com_memorix' - SQL Injection
Joomla! Component 'com_informations' - SQL Injection
PCMan FTP Server 2.0.7 - GET Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'GET' Command Buffer Overflow
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow
Joomla! Component Real Estate Manager 3.7 - SQL Injection
Joomla! Component 'com_realestatemanager' 3.7 - SQL Injection
Joomla! Extension Realtyna RPL 8.9.2 - Multiple SQL Injections
Joomla! Extension Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Joomla! Component 'com_rpl' 8.9.2 - Multiple SQL Injections
Joomla! Component 'com_rpl' 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Joomla! Component JNews (com_jnews) 8.5.1 - SQL Injection
Joomla! Component 'com_jnews' 8.5.1 - SQL Injection
Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting
S9Y Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting
Joomla! Component JVideoClip - 'uid' Parameter SQL Injection
Joomla! Component 'com_jvideoclip' - 'uid' Parameter SQL Injection
Joomla! Component Content History - SQL Injection / Remote Code Execution (Metasploit)
Joomla! Component 'com_contenthistory' - SQL Injection / Remote Code Execution (Metasploit)
Joomla! Component Maian15 - 'name' Parameter Arbitrary File Upload
Joomla! Component 'com_maian15' - 'name' Parameter Arbitrary File Upload
Joomla! Component Aclsfgpl - 'index.php' Arbitrary File Upload
Joomla! Component 'com_aclsfgpl' - 'index.php' Arbitrary File Upload
Joomla! Component Wire Immogest - 'index.php' SQL Injection
Joomla! Component 'com_wire_immogest' - 'index.php' SQL Injection
Joomla! Component Almond Classifieds - Arbitrary File Upload
Joomla! Component 'com_aclassfb' - Arbitrary File Upload
Joomla! Extension Sexy Polling - 'answer_id' Parameter SQL Injection
Joomla! Component 'com_sexypolling' - 'answer_id' Parameter SQL Injection
Joomla! 1.5 < 3.4.5 - Object Injection x-forwarded-for Header Remote Code Execution
Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution
Joomla! Plugin Projoom NovaSFH - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_novasfh' - 'upload.php' Arbitrary File Upload
Joomla! Component Inneradmission - 'index.php' SQL Injection
Joomla! Component 'com_inneradmission' - 'index.php' SQL Injection
Joomla! Extension Spider Video Player - 'theme' Parameter SQL Injection
Joomla! Component 'spidervideoplayer' - 'theme' Parameter SQL Injection
Joomla! Extension JSN Poweradmin 2.3.0 - Multiple Vulnerabilities
Joomla! Component 'com_poweradmin' 2.3.0 - Multiple Vulnerabilities
Joomla! Component Easy YouTube Gallery 1.0.2 - SQL Injection
Joomla! Component 'com_easy_youtube_gallery' 1.0.2 - SQL Injection
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow (Metasploit)
Joomla! Extension SecurityCheck 2.8.9 - Multiple Vulnerabilities
Joomla! Component 'SecurityCheck' 2.8.9 - Multiple Vulnerabilities
Joomla! Extension PayPlans (com_payplans) 3.3.6 - SQL Injection
Joomla! Component 'com_payplans' 3.3.6 - SQL Injection
Joomla! Component En Masse (com_enmasse) 5.1 < 6.4 - SQL Injection
Joomla! Component 'com_enmasse' 5.1 < 6.4 - SQL Injection
Joomla! Component BT Media (com_bt_media) - SQL Injection
Joomla! Component 'com_bt_media' - SQL Injection
Joomla! Component Publisher Pro (com_publisher) - SQL Injection
Joomla! Component 'com_publisher' - SQL Injection
Joomla! Component Guru Pro (com_guru) - SQL Injection
PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit)
Joomla! Component 'com_guru' - SQL Injection
PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)
Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097)
Microsoft Windows - GDI+ DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)
Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Microsoft Windows - GDI+ EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097)
Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
Microsoft Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
freeFTPd 1.0.8 - 'mkd' Command Denial Of Service
Micro Focus Rumba 9.4 - Local Denial Of Service
Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow
S9Y Serendipity 2.0.4 - Cross-Site Scripting
Rumba FTP Client 4.x - Stack buffer overflow (SEH)
Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
OS X/iOS Kernel - IOSurface Use-After-Free
OS X/iOS - mach_ports_register Multiple Memory Safety Issues
NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths Privilege Escalation
NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace
NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d
NVIDIA Driver - No Bounds Checking in Escape 0x7000194
NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x600000D
NVIDIA Driver - NvStreamKms Stack Buffer Overflow in PsSetCreateProcessNotifyRoutineEx Callback Privilege Escalation
NVIDIA Driver - Escape 0x100010b Missing Bounds Check
NVIDIA Driver - No Bounds Checking in Escape 0x7000170
NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027
NVIDIA Driver - Incorrect Bounds Check in Escape 0x70001b2
NVIDIA Driver - Missing Bounds Check in Escape 0x100009a
NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5
NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014
NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9
MacOS 10.12 - 'task_t' Privilege Escalation
PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
2016-11-01 05:01:18 +00:00
Offensive Security
d97b4f7c48
DB: 2016-10-28
2016-10-28 11:54:09 +00:00
Offensive Security
da85686a94
DB: 2016-10-28
...
6 new exploits
Real Server < 8.0.2 - Remote Exploit (Windows Platforms)
RealServer < 8.0.2 - Remote Exploit (Windows Platforms)
OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh)
OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident
CdRecord 2.0 - Mandrake Privilege Escalation
CDRTools CDRecord 2.0 - Mandrake Privilege Escalation
LeapFTP 2.7.x - Remote Buffer Overflow
LeapWare LeapFTP 2.7.x - Remote Buffer Overflow
GNU Cfengine 2.-2.0.3 - Remote Stack Overflow
GNU CFEngine 2.-2.0.3 - Remote Stack Overflow
IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP)
IPSwitch IMail LDAP Daemon - Remote Buffer Overflow
Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow
RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow
Traceroute - Privilege Escalation
LBL Traceroute - Privilege Escalation
Perl (Redhat 6.2) - Restore and Dump Local Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
HP-UX 11.00/10.20 - crontab Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 - locale Format String
HP-UX 11.00/10.20 crontab - Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 locale - Format String
Solaris - locale Format Strings (noexec stack) Exploit
Solaris locale - Format Strings (noexec stack) Exploit
glibc - locale bug mount Exploit
GLIBC locale - bug mount Exploit
Red Hat 6.2 xsoldier-0.96 - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
OpenBSD 2.6 / 2.7 ftpd - Remote Exploit
OpenBSD ftpd 2.6 / 2.7 - Remote Exploit
GLIBC - Locale Format Strings Exploit
GLIBC locale - Format Strings Exploit
IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit
SquirrelMail - chpasswd Buffer Overflow
SquirrelMail - 'chpasswd' Buffer Overflow
rlpr 2.04 - msg() Remote Format String
Rlpr 2.04 - msg() Remote Format String
Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit
IRIX - Multiple Buffer Overflows (LsD)
SGI IRIX - Multiple Buffer Overflows (LsD)
IRIX - /bin/login Local Buffer Overflow
SGI IRIX - /bin/login Local Buffer Overflow
Solaris 2.4 - passwd & yppasswd & nispasswd Overflows
Solaris 2.4 passwd / yppasswd / nispasswd - Overflows
BlackJumboDog - Remote Buffer Overflow
BlackJumboDog FTP Server - Remote Buffer Overflow
Ollydbg 1.10 - Format String
OllyDbg 1.10 - Format String
SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit)
SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit)
CDRecord - '$RSH' exec() SUID Shell Creation
CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation
MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
HP-UX 11.0/11.11 swxxx - Privilege Escalation
HP-UX 11.0/11.11 - swxxx Privilege Escalation
Zinf 2.2.1 - Local Buffer Overflow
Zinf Audio Player 2.2.1 - Local Buffer Overflow
ShixxNote 6.net - Remote Buffer Overflow
ShixxNOTE 6.net - Remote Buffer Overflow
MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
MailCarrier 2.51 - Remote Buffer Overflow
SLMail 5.5 - POP3 PASS Buffer Overflow
TABS MailCarrier 2.51 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow
eZshopper - 'loadpage.cgi' Directory Traversal
Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002)
Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support)
Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow
Knet 1.04c - Buffer Overflow Denial of Service
KNet Web Server 1.04c - Buffer Overflow Denial of Service
Einstein 1.01 - Local Password Disclosure (asm)
Einstein 1.01 - Local Password Disclosure (ASM)
RealPlayer 10 - '.smil' Local Buffer Overflow
RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow
phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)
phpBB 2.0.12 - Session Handling Authentication Bypass
UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection
xmlrpc.php Library 1.3.0 - Remote Command Execution (2)
xmlrpc.php Library 1.3.0 - Remote Command Execution (3)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3)
wMailServer 1.0 - Remote Denial of Service
SoftiaCom wMailServer 1.0 - Remote Denial of Service
ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)
Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit)
BusinessMail 4.60.00 - Remote Buffer Overflow
BusinessMail Server 4.60.00 - Remote Buffer Overflow
WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid)
Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid)
Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow
Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow
CA iGateway - (debug mode) Remote Buffer Overflow
CA iTechnology iGateway - (debug mode) Remote Buffer Overflow
Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
Zorum Forum 3.5 - (rollid) SQL Injection
Zorum Forum 3.5 - 'rollid' SQL Injection
SaphpLesson 2.0 - (forumid) SQL Injection
saPHP Lesson 2.0 - (forumid) SQL Injection
zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service
zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service
Zix Forum 1.12 - (layid) SQL Injection
Zix Forum 1.12 - 'layid' SQL Injection
QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow
QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow
INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion
Indexu 5.0.1 - (admin_template_path) Remote File Inclusion
SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion
SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion
Solaris 10 - sysinfo() Local Kernel Memory Disclosure
Solaris 10 sysinfo() - Local Kernel Memory Disclosure
SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion
ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion
WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC)
Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC)
Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow
Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion
ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion
Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl)
Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl)
PHPMyWebmin 1.0 - (window.php) Remote File Inclusion
phpMyWebmin 1.0 - (window.php) Remote File Inclusion
VideoDB 2.2.1 - (pdf.php) Remote File Inclusion
VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion
Microsoft Office 2003 - PPT Local Buffer Overflow (PoC)
Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)
Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 libnspr - Constructor Privilege Escalation
Solaris 10 (libnspr) - Constructor Privilege Escalation
Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service
Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit
BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC)
BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC)
AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow
DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit
KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit
Irokez CMS 0.7.1 - Multiple Remote File Inclusion
Irokez Blog 0.7.1 - Multiple Remote File Inclusion
PHP-update 2.7 - Multiple Vulnerabilities
PHP-Update 2.7 - Multiple Vulnerabilities
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
TFTPDWIN 0.4.2 - Remote Buffer Overflow
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit)
FdScript 1.3.2 - 'download.php' Remote File Disclosure
FD Script 1.3.2 - 'download.php' Remote File Disclosure
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass
SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass
ZebraFeeds 1.0 - (zf_path) Remote File Inclusion
ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion
MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable Professional 2.35 - Remote Buffer Overflow
MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow
Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2)
Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2)
3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl)
madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl)
Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service
ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service
NetVios Portal - 'page.asp' SQL Injection
NetVIOS Portal - 'page.asp' SQL Injection
Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow
Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow
Microsoft Windows GDI - Privilege Escalation (MS07-017) (1)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (1)
qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Microsoft Windows GDI - Privilege Escalation (MS07-017) (2)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (2)
Zomplog 3.8 - (force_download.php) Remote File Disclosure
Zomplog 3.8 - 'force_download.php' Remote File Disclosure
Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service
Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow
GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC)
Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003)
Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2)
Microsoft Windows GDI+ - ICO File Remote Denial of Service
Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service
Safari 3 for Windows Beta - Remote Command Execution (PoC)
Apple Safari 3 for Windows Beta - Remote Command Execution (PoC)
YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
Oracle 9i/10g Evil Views - Change Passwords Exploit
Oracle 9i/10g - Evil Views Change Passwords Exploit
Savant 3.1 - GET Request Remote Overflow (Universal)
Savant Web Server 3.1 - GET Request Remote Overflow (Universal)
Easy Chat Server 2.2 - Remote Denial of Service
EFS Easy Chat Server 2.2 - Remote Denial of Service
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite
Thomson SIP phone ST 2030 - Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service
MSN messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution
Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution
AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
MDPro 1.0.76 - SQL Injection
MD-Pro 1.0.76 - SQL Injection
ZZ FlashChat 3.1 - (help.php) Local File Inclusion
ZZ FlashChat 3.1 - 'help.php' Local File Inclusion
PHP-AGTC membership system 1.1a - Remote Add Admin
PHP-AGTC Membership System 1.1a - Remote Add Admin
Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion
badblue 2.72b - Multiple Vulnerabilities
BadBlue 2.72b - Multiple Vulnerabilities
SquirrelMail G/PGP Plugin - deletekey() Command Injection
SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection
hp software update client 3.0.8.4 - Multiple Vulnerabilities
HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities
Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow
Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow
QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)
QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC)
Gradman 0.1.3 - (agregar_info.php) Local File Inclusion
Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion
mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities
Mini File Host 1.2 - (upload.php language) Local File Inclusion
Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service
Mini File Host 1.2 - 'language' Parameter Local File Inclusion
Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service
Gradman 0.1.3 - (info.php tabla) Local File Inclusion
Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow
Gradman 0.1.3 - 'info.php' Local File Inclusion
Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion
Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow
Mini File Host 1.2.1 - (upload.php language) Local File Inclusion
Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion
Frimousse 0.0.2 - explorerdir.php Local Directory Traversal
360 Web Manager 3.0 - (IDFM) SQL Injection
bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal
360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection
bloofox 0.3 - SQL Injection / File Disclosure
Mooseguy Blog System 1.0 - (blog.php month) SQL Injection
Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection
IDM-OS 1.0 - (download.php Filename) File Disclosure
IDM-OS 1.0 - 'Filename' Parameter File Disclosure
MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit
aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection
MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit
aflog 1.01 - Cross-Site Scripting / SQL Injection
Easysitenetwork Recipe - 'categoryId' SQL Injection
Coppermine Photo Gallery 1.4.14 - SQL Injection
Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection
web wiz rich text editor 4.0 - Multiple Vulnerabilities
Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities
Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure
Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure
Joomla! Component Marketplace 1.1.1 - SQL Injection
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
ASPapp - 'links.asp CatId' SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
Quick TFTP Pro 2.1 - Remote SEH Overflow
Quick TFTP Server Pro 2.1 - Remote SEH Overflow
Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016)
Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC)
Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC)
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow
Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow
hp openview nnm 7.53 - Multiple Vulnerabilities
HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities
PHPKB 1.5 Knowledge Base - 'ID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021)
Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow
siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
ZeusCart 2.0 - (category_list.php) SQL Injection
ZeusCart 2.0 - 'category_list.php' SQL Injection
Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
Zomplog 3.8.2 - (force_download.php) File Disclosure
Zomplog 3.8.2 - 'force_download.php' File Disclosure
PHP AGTC-Membership System 1.1a - Arbitrary Add Admin
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
PHP Booking Calendar 10 d - SQL Injection
phpBookingCalendar 10 d - SQL Injection
SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Yuhhu 2008 SuperStar - (board) SQL Injection
Yuhhu 2008 SuperStar - 'board' SQL Injection
gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow
Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow
Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities
pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities
z-breaknews 2.0 - (single.php) SQL Injection
z-breaknews 2.0 - 'single.php' SQL Injection
Ultra Office - ActiveX Control Remote Buffer Overflow
Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow
Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC)
Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC)
phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - (page) SQL Injection
phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit
Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit
Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
opennms < 1.5.96 - Multiple Vulnerabilities
OpenNMS < 1.5.96 - Multiple Vulnerabilities
yerba sacphp 6.3 - Multiple Vulnerabilities
Yerba SACphp 6.3 - Multiple Vulnerabilities
Microsoft Windows GDI+ - PoC (MS08-052) (2)
Microsoft Windows - GDI+ PoC (MS08-052) (2)
zeeproperty - (adid) SQL Injection
zeeproperty - 'adid' SQL Injection
TUGzip 3.00 archiver - '.zip' Local Buffer Overflow
TugZip 3.00 Archiver - '.zip' Local Buffer Overflow
AJ ARTICLE - 'featured_article.php mode' SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
Article Publisher PRO 1.5 - Insecure Cookie Handling
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
YourFreeWorld Classifieds - (category) SQL Injection
YourFreeWorld Classifieds - 'category' SQL Injection
PG Roomate Finder Solution - (Authentication Bypass) SQL Injection
Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection
iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC)
Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)
ProFTPd with mod_mysql - Authentication Bypass
ProFTPd - 'mod_mysql' Authentication Bypass
ppim 1.0 - Multiple Vulnerabilities
pPIM 1.0 - Multiple Vulnerabilities
Orbit 2.8.4 - Long Hostname Remote Buffer Overflow
Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow
Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC)
bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Racer 0.5.3b5 - Remote Stack Buffer Overflow
Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow
Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution
Online Guestbook Pro - (display) Blind SQL Injection
Esoftpro Online Guestbook Pro - (display) Blind SQL Injection
tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ZaoCMS - (user_id) SQL Injection
ZaoCMS - 'user_id' SQL Injection
Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin
ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin
AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
WebBoard 2.90 Beta - Remote File Disclosure
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
ZeusCart 2.3 - (maincatid) SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs
otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs
Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC)
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
DD-WRT - (httpd service) Remote Command Execution
DD-WRT HTTPd Daemon/Service - Remote Command Execution
GLinks 2.1 - (cat) Blind SQL Injection
Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection
XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH)
Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH)
Payment Processor Script - 'shop.htm cid' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection
Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
BandCMS 0.10 - news.php Multiple SQL Injection
Rock Band CMS 0.10 - news.php Multiple SQL Injection
Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow
Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow
Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Eureka Mail Client 2.2q - PoC Buffer Overflow
Eureka Email Client 2.2q - PoC Buffer Overflow
Solaris 8.0 - LPD Command Execution (Metasploit)
Solaris 8.0 LPD - Command Execution (Metasploit)
Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow
BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow
Dopewars 1.5.12 Server - Denial of Service
Dopewars Server 1.5.12 - Denial of Service
Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution
Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution
HP Power Manager Administration - Universal Buffer Overflow
Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow
Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
HP Openview NNM 7.53 - Invalid DB Error Code
HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code
Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
Eureka Mail Client - Remote Buffer Overflow
Eureka Email Client - Remote Buffer Overflow
IDEAL Administration 2009 9.7 - Local Buffer Overflow
PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow
phpshop 0.8.1 - Multiple Vulnerabilities
phpShop 0.8.1 - Multiple Vulnerabilities
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
DigitalHive - Multiple Vulnerabilities
Digital Hive - Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Zabbix Server - Multiple Vulnerabilities
freekot - (Authentication Bypass) SQL Injection
Digiappz Freekot - (Authentication Bypass) SQL Injection
TFTP Daemon 1.9 - Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service
B2B Trading Marketplace - SQL Injection
SoftBiz B2B trading Marketplace Script - SQL Injection
Mini-stream - Windows XP SP2 and SP3 Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow
Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow
Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC
Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC)
Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
bild flirt system 2.0 - 'index.php' 'id' SQL Injection
Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection
SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
iOS Safari - Bad 'VML' Remote Denial of Service
iOS Safari - Remote Denial of Service
Apple iOS Safari - Bad 'VML' Remote Denial of Service
Apple iOS Safari - Remote Denial of Service
HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow
HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow
Adobe Reader - Escape From PDF
Adobe Reader - Escape From '.PDF'
TugZip 3.5 - '.ZIP' File Buffer Overflow
TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow
Joomla! Component jp_jobs - SQL Injection
Joomla! Component com_jp_jobs - SQL Injection
Joomla! Component QPersonel - SQL Injection
Joomla! Component com_QPersonel - SQL Injection
Bild Flirt 1.0 - SQL Injection
Bild Flirt System 1.0 - SQL Injection
Safari 4.0.5 - (531.22.7) Denial of Service
Apple Safari 4.0.5 - (531.22.7) Denial of Service
Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Safari 4.0.3 / 4.0.4 - Stack Exhaustion
Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion
724CMS Enterprise 4.59 - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections
724CMS 4.59 Enterprise - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections
Joomla! Component JE Job - Local File Inclusion
Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion
Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Joomla! Component com_jejob 1.0 - 'catid' SQL Injection
Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection
Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service
Office^2 iPhone - XLS Denial of Service
GoodiWare GoodReader iPhone - XLS Denial of Service
Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service
Office^2 iPhone - '.XLS' Denial of Service
GoodiWare GoodReader iPhone - '.XLS' Denial of Service
Yamamah (news) - SQL Injection / Source Code Disclosure
Yamamah - 'news' SQL Injection / Source Code Disclosure
Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan
UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan
k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
YPNinc JokeScript - (ypncat_id) SQL Injection
YPNinc JokeScript - 'ypncat_id' SQL Injection
YPNinc PHP Realty Script - (docID) SQL Injection
YPNinc PHP Realty Script - 'docID' SQL Injection
HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit
HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
Safari Browser 4.0.2 - Clickjacking
Apple Safari 4.0.2 - Clickjacking
Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7'
Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)
Apple iOS - pdf Jailbreak Exploit
Apple iOS - '.pdf' Jailbreak Exploit
HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking
Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking
Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution
AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit)
AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit)
DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow
FatPlayer 0.6b - '.wav' Buffer Overflow (SEH)
Fat Player 0.6b - '.wav' Buffer Overflow (SEH)
CubeCart 2.0.1 - SQL Injection
Brooky CubeCart 2.0.1 - SQL Injection
DATAC RealWin SCADA 1.06 - Buffer Overflow
DATAC RealWin SCADA Server 1.06 - Buffer Overflow
pilot cart 7.3 - Multiple Vulnerabilities
ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities
Mp3-Nator 2.0 - Buffer Overflow (SEH)
MP3-Nator 2.0 - Buffer Overflow (SEH)
Safari 5.02 - Stack Overflow Denial of Service
Apple Safari 5.02 - Stack Overflow Denial of Service
Microsoft Windows Task Scheduler - Privilege Escalation
Microsoft Windows - Task Scheduler Privilege Escalation
Pandora Fms 3.1 - Authentication Bypass
Pandora FMS 3.1 - Authentication Bypass
bugtracker.net 3.4.4 - Multiple Vulnerabilities
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
WMITools ActiveX - Remote Command Execution
Microsoft WMITools ActiveX - Remote Command Execution
VideoSpirit Pro 1.68 - Local Buffer Overflow
VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow
Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit)
Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit)
PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit)
PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit)
Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit)
Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit)
Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit)
Solaris sadmind - Command Execution (Metasploit)
Solaris Sadmind - Command Execution (Metasploit)
Sun Solaris - Telnet Remote Authentication Bypass (Metasploit)
Sun Solaris Telnet - Remote Authentication Bypass (Metasploit)
Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit)
Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit)
TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit)
Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit)
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit)
Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit)
Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit)
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit)
CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
IMail IMAP4D - Delete Overflow (Metasploit)
IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit)
Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit)
AOL Instant Messenger - goaway Overflow (Metasploit)
AOL Instant Messenger AIM - goaway Overflow (Metasploit)
Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit)
Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit)
Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit)
RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit)
RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit)
Adobe Shockwave - rcsL Memory Corruption (Metasploit)
Adobe Shockwave Player - rcsL Memory Corruption (Metasploit)
Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit)
WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
ACDSee - XPM File Section Buffer Overflow (Metasploit)
ACDSee - '.XPM' File Section Buffer Overflow (Metasploit)
HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit)
HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
Serv-U FTPD - MDTM Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit)
FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
SentinelLM - UDP Buffer Overflow (Metasploit)
Sentinel LM - UDP Buffer Overflow (Metasploit)
Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit)
Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit)
Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)
Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit)
Sambar 6 - Search Results Buffer Overflow (Metasploit)
Sambar Server 6 - Search Results Buffer Overflow (Metasploit)
IA WebMail 3.x - Buffer Overflow (Metasploit)
IA WebMail Server 3.x - Buffer Overflow (Metasploit)
Savant 3.1 Web Server - Overflow Exploit (Metasploit)
Savant Web Server 3.1 - Overflow Exploit (Metasploit)
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit)
Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit)
Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit)
PSOProxy 0.91 - Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit)
NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit)
NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)
MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
YPOPS 0.6 - Buffer Overflow (Metasploit)
YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit)
Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit)
Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit)
IMail LDAP Service - Buffer Overflow (Metasploit)
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit)
GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Poptop - Negative Read Overflow (Metasploit)
UoW IMAP server - LSUB Buffer Overflow (Metasploit)
PoPToP - Negative Read Overflow (Metasploit)
UoW IMAPd Server - LSUB Buffer Overflow (Metasploit)
DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit)
DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)
Samba (Linux/x86) - trans2open Overflow (Metasploit)
iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer - LoginExt PathName Overflow (Metasploit)
Samba (Linux x86) - trans2open Overflow (Metasploit)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit)
Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Safari - Archive Metadata Command Execution (Metasploit)
Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Apple Safari - Archive Metadata Command Execution (Metasploit)
iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit)
Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit)
Samba trans2open (*BSD/x86) - Overflow Exploit (Metasploit)
Samba (*BSD x86) - trans2open Overflow Exploit (Metasploit)
PHP XML-RPC - Arbitrary Code Execution (Metasploit)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit)
AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit)
HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit)
AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)
HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit)
TWiki Search Function - Arbitrary Command Execution (Metasploit)
TWiki - Search Function Arbitrary Command Execution (Metasploit)
Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit)
Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit)
Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit)
Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit)
7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities
HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit)
Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit)
manageengine support center plus 7.8 build 7801 - Directory Traversal
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit)
TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit)
Sports PHool 1.0 - Remote File Inclusion
SportsPHool 1.0 - Remote File Inclusion
Mini-stream 3.0.1.1 - Buffer Overflow (3)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3)
Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Zabbix 1.8.4 - (popup.php) SQL Injection
Zabbix 1.8.4 - 'popup.php' SQL Injection
CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit)
Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit)
Family Connections - less.php Remote Command Execution (Metasploit)
Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)
FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting
Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting
openemr 4 - Multiple Vulnerabilities
Safari - GdiDrawStream BSoD
OpenEMR 4 - Multiple Vulnerabilities
Apple Safari - GdiDrawStream BSoD
clip bucket 2.6 - Multiple Vulnerabilities
Clipbucket 2.6 - Multiple Vulnerabilities
Tube Ace(Adult PHP Tube Script) - SQL Injection
Tube Ace (Adult PHP Tube Script) - SQL Injection
Dolibarr CMS 3.2.0 < Alpha - File Inclusion
Dolibarr 3.2.0 < Alpha - File Inclusion
PBLang - Local File Inclusion
PBLang Bulletin Board System - Local File Inclusion
NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit)
Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities
Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities
Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit)
TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit)
Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit)
TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
samsung net-i ware 1.37 - Multiple Vulnerabilities
Samsung NET-i ware 1.37 - Multiple Vulnerabilities
iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
GIMP - script-fu Server Buffer Overflow (Metasploit)
GIMP script-fu - Server Buffer Overflow (Metasploit)
SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit)
Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit)
Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
UoW imapd 10.234/12.264 - Buffer Overflow
UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit)
UoW IMAPd Server 10.234/12.264 - Buffer Overflow
UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit)
RedHat 6.2 - Piranha Virtual Server Package Default Account and Password
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password
Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit)
Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit)
hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal
HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal
Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
RedHat 6 - glibc/locale Subsystem Format String
Solaris 2.6/7.0 - /locale Subsystem Format String
RedHat 6 GLIBC/locale - Subsystem Format String
Solaris 2.6/7.0 /locale - Subsystem Format String
Solaris 2.6/7.0 - 'eject' locale Subsystem Format String
Solaris 2.6/7.0 'eject' locale - Subsystem Format String
Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5)
Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5)
RedHat restore 0.4 b15 - Insecure Environment Variables
RedHat 0.4 b15 restore - Insecure Environment Variables
Viscosity OpenVPN Client (OSX) - Privilege Escalation
Viscosity - Privilege Escalation
Solaris 2.x/7.0/8 catman - Race Condition (1)
Solaris 2.x/7.0/8 catman - Race Condition (2)
Solaris 2.x/7.0/8 Catman - Race Condition (1)
Solaris 2.x/7.0/8 Catman - Race Condition (2)
sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
T-dah Webmail - Multiple Persistent Cross-Site Scripting
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting
Ntpd - Remote Buffer Overflow
NTPd - Remote Buffer Overflow
Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Solaris 2.x/7.0/8 lpd - Remote Command Execution
HP-UX 11.0 SWVerify - Buffer Overflow
Solaris 2.x/7.0/8 LPD - Remote Command Execution
HP-UX 11.0 - SWVerify Buffer Overflow
phusion WebServer 1.0 - Directory Traversal (1)
phusion WebServer 1.0 - Directory Traversal (2)
Phusion WebServer 1.0 - Directory Traversal (1)
Phusion WebServer 1.0 - Directory Traversal (2)
Progress 9.1 - sqlcpp Local Buffer Overflow
Progress Database 9.1 - sqlcpp Local Buffer Overflow
PsyBNC 2.3 - Oversized Passwords Denial of Service
psyBNC 2.3 - Oversized Passwords Denial of Service
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
Midicart - PHP Arbitrary File Upload
Midicart PHP - Arbitrary File Upload
otrs 3.1 - Persistent Cross-Site Scripting
OTRS 3.1 - Persistent Cross-Site Scripting
EType EServ 2.9x POP3 - Remote Denial of Service
EType EServ 2.9x - POP3 Remote Denial of Service
Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board 3.3.4 - Unserialize Regex Bypass
Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass
ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion
ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion
Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Kerio MailServer 5.6.3 - add_acl Module Overflow
Kerio MailServer 5.6.3 add_acl Module - Overflow
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting
IBM System Director - Remote System Level Exploit
IBM System Director Agent - Remote System Level Exploit
Tectia SSH - USERAUTH Change Request Password Reset (Metasploit)
(SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit)
Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit)
Oracle MySQL (Windows) - MOF Execution (Metasploit)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
IWConfig - Local ARGV Command Line Buffer Overflow (1)
IWConfig - Local ARGV Command Line Buffer Overflow (2)
IWConfig - Local ARGV Command Line Buffer Overflow (3)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3)
Novell File Reporter Agent - XML Parsing Remote Code Execution
Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Nagios - history.cgi Remote Command Execution
Nagios3 - history.cgi Remote Command Execution
phpshop 2.0 - SQL Injection
phpShop 2.0 - SQL Injection
Freesshd - Authentication Bypass (Metasploit)
FreeSSHD - Authentication Bypass (Metasploit)
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
SLMail 5.5 - POP3 PASS Remote Buffer Overflow
SLMail 5.5 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow
AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service
Microsoft Windows Light HTTPD 0.1 - Buffer Overflow
Light HTTPD 0.1 (Windows) - Buffer Overflow
MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Smail-3 - Multiple Remote and Local Vulnerabilities
Smail 3 - Multiple Remote and Local Vulnerabilities
Cisco Linksys E4200 Firmware - Multiple Vulnerabilities
Cisco Linksys E4200 - Multiple Vulnerabilities
Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow
Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow
Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection
NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection
NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection
NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection
NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting
SlimServe httpd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal
Quick TFTP Server 2.2 - Denial of Service
Quick TFTP Server Pro 2.2 - Denial of Service
aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
XMB 1.9.3 - u2u.php Cross-Site Scripting
XMB Forum 1.9.3 - u2u.php Cross-Site Scripting
PHPAlbum 0.2.3/4.1 - Local File Inclusion
PHP Photo Album 0.2.3/4.1 - Local File Inclusion
Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities
Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities
BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret)
NetBSD mail.local - Privilege Escalation (Metasploit)
NetBSD mail.local(8) - Privilege Escalation (Metasploit)
PCMAN FTP 2.07 - PASS Command Buffer Overflow
PCMan FTP Server 2.07 - PASS Command Buffer Overflow
PCMAN FTP 2.07 - STOR Command Buffer Overflow
PCMan FTP Server 2.07 - STOR Command Buffer Overflow
EImagePro - - subList.asp CatID Parameter SQL Injection
EImagePro - subList.asp CatID Parameter SQL Injection
OZJournals 1.2 - Vname Parameter Cross-Site Scripting
OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting
SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection
OZJournals 1.5 - Multiple Input Validation Vulnerabilities
Baby FTP server 1.24 - Denial of Service
PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit)
Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit)
Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit)
Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow
Festalon 0.5 - '.HES' Remote Heap Buffer Overflow
EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow
Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow
A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)
Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002)
Fish - Multiple Remote Buffer Overflow Vulnerabilities
FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service
Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service
Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting
Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting
LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection
Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection
Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection
Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection
Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service
Uebimiau 2.7.x - 'index.php' Cross-Site Scripting
Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting
Seagate BlackArmor - Root Exploit
Seagate BlackArmor NAS - Root Exploit
Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
PCMAN FTP 2.07 - ABOR Command Buffer Overflow
PCMAN FTP 2.07 - CWD Command Buffer Overflow
PCMan FTP Server 2.07 - ABOR Command Buffer Overflow
PCMan FTP Server 2.07 - CWD Command Buffer Overflow
HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access
HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access
amfphp 1.2 - browser/details class Parameter Cross-Site Scripting
amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting
PCMAN FTP 2.07 - Buffer Overflow
PCMan FTP Server 2.07 - Buffer Overflow
Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Novell Groupwise Messenger 2.0 - Client Buffer Overflow
Novell Groupwise Messenger 2.0 Client - Buffer Overflow
Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting
Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities
Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities
OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNms 1.5.x - HTTP Response Splitting
OpenNMS 1.5.x - HTTP Response Splitting
Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution
Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass
Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass
Pilot Group PG Roommate - SQL Injection
Pilot Group PG Roommate Finder Solution - SQL Injection
OpenSSL TLS Heartbeat Extension - Memory Disclosure
OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)
OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions)
Heartbleed OpenSSL - Information Leak Exploit (1)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1)
IBM Director 5.20 - CIM Server Privilege Escalation
IBM System Director Agent 5.20 - CIM Server Privilege Escalation
Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support)
Kolibri 2.0 - GET Request Stack Buffer Overflow
Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow
Easy Chat Server 3.1 - Stack Buffer Overflow
EFS Easy Chat Server 3.1 - Stack Buffer Overflow
Sphider 1.3.6 - Multiple Vulnerabilities
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
Kolibri WebServer 2.0 - GET Request SEH Exploit
Kolibri Web Server 2.0 - GET Request SEH Exploit
MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit)
Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)
VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit)
VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit)
Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
PPScript - 'shop.htm' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm' SQL Injection
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution
Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060)
Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload
WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload
Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit)
Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit)
Exim ESMTP 4.80 glibc gethostbyname - Denial of Service
Exim ESMTP 4.80 - glibc gethostbyname Denial of Service
Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection
Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection
alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
Publish-It - PUI Buffer Overflow (SEH)
Publish-It - '.PUI' Buffer Overflow (SEH)
WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin)
Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
abrt (Fedora 21) - Race Condition
Abrt (Fedora 21) - Race Condition
Webgate WESP SDK 1.2 - ChangePassword Stack Overflow
WebGate WESP SDK 1.2 - ChangePassword Stack Overflow
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Oracle - Outside-In DOCX File Parsing Memory Corruption
Oracle - Outside-In '.DOCX' File Parsing Memory Corruption
iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting
WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting
Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit
Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit)
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
MiniUPnP - Multiple Denial of Service Vulnerabilities
MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities
Kaseya Virtual System Administrator - Multiple Vulnerabilities (2)
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)
Safari - User-Assisted Applescript Exec Attack (Metasploit)
Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption
Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption
Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection
Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection
Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution
Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution
pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read
pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read
pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read
pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read
pdfium CPDF_Function::Call - Stack Based Buffer Overflow
pdfium - CPDF_Function::Call Stack Based Buffer Overflow
Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption
Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit)
Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass
MiCasa VeraLite - Remote Code Execution
MiCasaVerde VeraLite - Remote Code Execution
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service
GNU GTypist 2.9.5-2 - Local Buffer Overflow
uSQLite 1.0.0 - Denial Of Service
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation
Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation
CherryTree 0.36.9 - Memory Corruption (PoC)
2016-10-28 05:01:21 +00:00
Offensive Security
07fdc778ee
DB: 2016-10-21
...
24 new exploits
NetAuctionHelp 4.1 - search.asp SQL Injection
Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution
Microsoft Edge - Array.map Heap Overflow (MS16-119)
Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow
Microsoft Edge - Array.join Info Leak (MS16-119)
Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
HikVision Security Systems - Activex Buffer Overflow
Oracle Netbeans IDE 8.1 - Directory Traversal
MiCasa VeraLite - Remote Code Execution
Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection
Classifieds Rental Script - SQL Injection
SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service
SAP Adaptive Server Enterprise 16 - Denial of Service
Event Calendar PHP 1.5 - SQL Injection
SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution
SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal
SPIP 3.1.2 - Cross-Site Request Forgery
Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Info Leak (MS16-119)
Microsoft Edge - Spread Operator Stack Overflow (MS16-119)
Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)
OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)
2016-10-21 05:01:17 +00:00
Offensive Security
558ab1fc67
DB: 2016-10-18
...
24 new exploits
Entrepreneur Job Portal Script - SQL Injection
Entrepreneur Job Portal Script 2.06 - SQL Injection
NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation
HP Client - Automation Command Injection / Remote Code Execution
HP Client 9.1/9.0/8.1/7.9 - Command Injection
NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation
NO-IP DUC 4.1.1 - Unquoted Service Path Privilege Escalation
Wondershare PDFelement 5.2.9 - Unquoted Service Path Privilege Escalation
Firefox 49.0.1 - Denial of Service
Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation
NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation
Student Information System (SIS) 0.1 - Authentication Bypass
Web Based Alumni Tracking System 0.1 - SQL Injection
Simple Dynamic Web 0.1 - SQL Injection
Learning Management System 0.1 - Authentication Bypass
Fashion Shopping Cart 0.1 - SQL Injection
Health Record System 0.1 - Authentication Bypass
Windows x64 - WinExec() Shellcode (93 bytes)
Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation
PHP Telephone Directory - Multiple Vulnerabilities
Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting
PHP Image Database - Multiple Vulnerabilities
Simple Shopping Cart Application 0.1 - SQL Injection
PHP NEWS 1.3.0 - Cross-Site Request Forgery (Add Admin)
School Full CBT 0.1 - SQL Injection
PHP Business Directory - Multiple Vulnerabilities
Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes)
Ruby on Rails - Dynamic Render File Upload Remote Code Execution
Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)
2016-10-18 05:01:18 +00:00
Offensive Security
01eb066d9d
DB: 2016-10-13
...
11 new exploits
IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow
Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery
PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
Subversion 1.6.6 / 1.6.12 - Code Execution
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption
Categorizator 0.3.1 - SQL Injection
NetBilletterie 2.8 - Multiple Vulnerabilities
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
Android - Binder Generic ASLR Leak
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
2016-10-13 05:01:17 +00:00
Offensive Security
a3dbf3113e
DB: 2016-10-11
...
9 new exploits
ShoreTel Connect ONSITE - Blind SQL Injection
Leap Service - Unquoted Service Path Privilege Escalation
Wacom Consumer Service - Unquoted Service Path Privilege Escalation
Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation
Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation
Zend Studio IDE 13.5.1 - Insecure File Permissions Privilege Escalation
HP Client - Automation Command Injection / Remote Code Execution
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
2016-10-11 05:01:15 +00:00
Offensive Security
77681134f4
DB: 2016-10-05
...
3 new exploits
CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion
CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion
E-SMARTCART 1.0 - (Product_ID) SQL Injection
E-Smart Cart 1.0 - 'Product_ID' SQL Injection
E-SMART CART - 'productsofcat.asp' SQL Injection
E-Smart Cart - 'productsofcat.asp' SQL Injection
CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection
CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection
E-Smartcart - SQL Injection
E-Smart Cart - SQL Injection
CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection
CubeCart PHP 4.3.x - 'shipkey' SQL Injection
CS Cart 1.3.3 - (install.php) Cross-Site Scripting
CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting
dansie shopping cart 3.0.4 - Multiple Vulnerabilities
Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities
Sendmail 8.11.6 - Address Prescan Memory Corruption
Joomla! Component RSfiles (cid parameter) - SQL Injection
Joomla! Component RSfiles - (cid parameter) SQL Injection
Dovecot with Exim sender_address Parameter - Remote Command Execution
Dovecot with Exim - sender_address Parameter Remote Command Execution
Exim sender_address Parameter - Remote Code Execution
Exim - sender_address Parameter Remote Code Execution
PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation
PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation
Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections
Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections
E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities
E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities
MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow
MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow
WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection
WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection
Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion
Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion
eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting
eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting
WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting
WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting
WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting
WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting
WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection
WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection
AJ Classifieds 'listingid' Parameter - SQL Injection
AJ Classifieds - 'listingid' Parameter SQL Injection
PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Bind 9 DNS Server - Denial of Service
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC)
OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution
OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution
Disk Pulse Enterprise 9.0.34 - Buffer Overflow
2016-10-05 05:01:18 +00:00
Offensive Security
fa1b17f699
DB: 2016-09-30
...
1 new exploits
Microsoft Windows - RPC DCOM Remote Exploit (18 Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (48 Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (1)
Microsoft Windows - 'RPC DCOM' Remote Exploit (2)
Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal)
Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit
Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit
LimeWire 4.1.2 < 4.5.6 - Inappropriate Get Request Remote Exploit
LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit
PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow
PMSoftware Simple Web Server - GET Request Remote Buffer Overflow
CUPS Server 1.1 - (Get Request) Denial of Service
CUPS Server 1.1 - GET Request Denial of Service
BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service
BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service
TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC)
TFTPD32 2.81 - GET Request Format String Denial of Service (PoC)
Fenice Oms 1.10 - (long get request) Remote Buffer Overflow
Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow
Multi-Threaded TFTP 1.1 - (Long Get Request) Denial of Service
Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service
Essentia Web Server 2.15 - (GET Request) Remote Denial of Service
Essentia Web Server 2.15 - GET Request Remote Denial of Service
webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow
webdesproxy 0.0.1 - GET Request Remote Buffer Overflow
webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield)
webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (dnsname)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow
Netgear WGR614v9 - Wireless Router Get Request Denial of Service
Netgear WGR614v9 Wireless Router - GET Request Denial of Service
XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow (PoC)
XBMC 8.10 (Windows) - (GET Request) Remote Buffer Overflow
XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC)
XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow
httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow (SEH)
httpdx 0.5b - FTP Server (USER) Remote Buffer Overflow (SEH)
Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC)
Mereo 1.8.0 - (Get Request) Remote Denial of Service
Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC)
Mereo 1.8.0 - GET Request Remote Denial of Service
httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow (SEH)
httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH)
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
ARD-9808 DVR Card Security Camera - (GET Request) Remote Denial of Service
ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service
Kolibri+ WebServer 2 - (Get Request) Denial of Service
Kolibri+ WebServer 2 - GET Request Denial of Service
Kolibri+ WebServer 2 - (GET Request) Remote Overwrite (SEH)
Kolibri+ WebServer 2 - GET Request Remote Overwrite (SEH)
httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service
httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service
httpdx 1.4 - Get Request Buffer Overflow
httpdx 1.4 - GET Request Buffer Overflow
Httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC)
httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC)
HTTPDX - tolog() Function Format String (1)
httpdx - tolog() Function Format String (1)
HTTPDX - tolog() Function Format String (2)
httpdx - tolog() Function Format String (2)
HTTPDX - h_handlepeer() Function Buffer Overflow (Metasploit)
httpdx - h_handlepeer() Function Buffer Overflow (Metasploit)
glibc LD_AUDIT Arbitrary DSO - Load Privilege Escalation
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation
Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
httpdx 1.5.4 - Remote HTTP Server Denial of Service
httpdx 1.5.4 - HTTP Server Remote Denial of Service
Working Resources BadBlue 1.7.3 - Get Request Denial of Service
Working Resources BadBlue 1.7.3 - GET Request Denial of Service
KeepNote 0.7.8 - Command Execution
My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service
My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service
Snowblind Web Server 1.0/1.1 - (GET Request) Buffer Overflow
Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow
Proxomitron Proxy Server - Long Get Request Remote Denial of Service
Proxomitron Proxy Server - Long GET Request Remote Denial of Service
2016-09-30 05:01:16 +00:00
Offensive Security
f421077feb
DB: 2016-09-28
...
6 new exploits
UUCP Exploit - file creation/overwriting (symlinks)
UUCP Exploit - File Creation/Overwriting (symlinks) Exploit
Serv-U 3.x < 5.x - Privilege Escalation
Serv-U FTP Server 3.x < 5.x - Privilege Escalation
TiTan FTP Server - Long Command Heap Overflow (PoC)
Titan FTP Server - Long Command Heap Overflow (PoC)
Serv-U < 5.2 - Remote Denial of Service
Serv-U FTP Server < 5.2 - Remote Denial of Service
chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC)
Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
WS_FTP Server 5.03 - (RNFR) Buffer Overflow
Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow
TYPSoft FTP Server 1.11 - (RETR) Denial of Service
TYPSoft FTP Server 1.11 - 'RETR' Denial of Service
XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)
XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)
WinFtp Server 2.0.2 - (PASV) Remote Denial of Service
WinFTP Server 2.0.2 - (PASV) Remote Denial of Service
DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service
Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service
XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service
XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service
Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service
Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service
TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service
XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service
MiniWeb Http Server 0.8.x - Remote Denial of Service
MiniWeb HTTP Server 0.8.x - Remote Denial of Service
JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion
JAF CMS 4.0 RC2 - Multiple Remote File Inclusion
XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service
XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service
Belkin wireless G router + ADSL2 modem - Authentication Bypass
Belkin Wireless G router + ADSL2 modem - Authentication Bypass
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement
Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement
WinFTP 2.3.0 - (PASV mode) Remote Denial of Service
WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service
Titan FTP server 6.26 build 630 - Remote Denial of Service
Titan FTP Server 6.26 build 630 - Remote Denial of Service
Netgear WG102 - Leaks SNMP write Password with read access
Netgear WG102 - Leaks SNMP Write Password With Read Access
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Netgear embedded Linux for the SSL312 router - Denial of Service
Netgear SSL312 Router - Denial of Service
Belkin BullDog Plus UPS-Service - Buffer Overflow
Belkin BullDog Plus - UPS-Service Buffer Overflow
Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service
XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service
XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service
TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service
TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit
Firebird SQL - op_connect_request main listener shutdown
Firebird SQL - op_connect_request main listener shutdown Exploit
HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service
BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service
XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service
XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service
TYPSoft 1.10 - APPE DELE Denial of Service
TYPSoft FTP Server 1.10 - APPE DELE Denial of Service
WingFTP Server 3.2.4 - Cross-Site Request Forgery
Wing FTP Server 3.2.4 - Cross-Site Request Forgery
Quick Player 1.2 -Unicode BoF - bindshell
Quick Player 1.2 - Unicode Buffer Overflow (Bindshell)
UplusFtp Server 1.7.0.12 - Remote Buffer Overflow
UplusFTP Server 1.7.0.12 - Remote Buffer Overflow
Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe
Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow
iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC
iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC
TopDownloads MP3 Player 1.0 - '.m3u' crash
TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php
eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
uhttp Server - Directory Traversal
uhttp Server 0.1.0-alpha - Directory Traversal
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - RETR Command Denial of Service
SmallFTPd 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
SolarWinds 10.4.0.10 - TFTP Denial of Service
SolarWinds TFTP Server 10.4.0.10 - Denial of Service
e107 - Code Exec
e107 - Code Exection
HomeFTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service
TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE)
TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service
SolarWinds 10.4.0.13 - Denial of Service
SolarWinds TFTP Server 10.4.0.13 - Denial of Service
ISC-DHCPD - Denial of Service
ISC DHCPD - Denial of Service
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
deepin tftp server 1.25 - Directory Traversal
Deepin TFTP Server 1.25 - Directory Traversal
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit
JCMS 2010 - file download
JCMS 2010 - File Download Exploit
SolarFTP 2.0 - Multiple Commands Denial of Service
Solar FTP Server 2.0 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - RETR CMD Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
Xynph 1.0 - USER Denial of Service
Xynph FTP Server 1.0 - USER Denial of Service
XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service
Solar FTP 2.1 - Denial of Service
Solar FTP Server 2.1 - Denial of Service
Red Hat Linux - stickiness of /tmp
Red Hat Linux - stickiness of /tmp Exploit
home ftp server 1.12 - Directory Traversal
Home FTP Server 1.12 - Directory Traversal
NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)
RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit)
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
SmallFTPd 1.0.3 FTP Server - Denial of Service
SmallFTPd 1.0.3 - Denial of Service
PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit)
PCMan FTP Server Buffer Overflow - PUT Command (Metasploit)
Solar FTP 2.1.1 - PASV Buffer Overflow (PoC)
Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)
BisonFTP Server 3.5 - Remote Buffer Overflow
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow
Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit)
Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit)
BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
zFTP Server - 'cwd/stat' Remote Denial of Service
zFTPServer - 'cwd/stat' Remote Denial of Service
Serv-U FTP - Jail Break
Serv-U FTP Server - Jail Break
Typsoft FTP Server 1.10 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service
PeerBlock 1.1 - BSOD
PeerBlock 1.1 - BSOD Exploit
distinct tftp server 3.01 - Directory Traversal
Distinct TFTP Server 3.01 - Directory Traversal
PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection
PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
Berkeley Sendmail 5.58 - DEBUG
Berkeley Sendmail 5.58 - Debug exploit
SunView (SunOS 4.1.1) - selection_svc
Digital Ultrix 4.0/4.1 - /usr/bin/chroot
SunOS 4.1.1 - /usr/release/bin/makeinstall
SunOS 4.1.1 - /usr/release/bin/winstall
SunView (SunOS 4.1.1) - selection_svc Exploit
Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit
SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit
SunOS 4.1.1 - /usr/release/bin/winstall Exploit
SunOS 4.1.3 - kmem setgid /etc/crash
SunOS 4.1.3 - kmem setgid /etc/crash Exploit
IRIX 6.4 - pfdisplay.cgi
IRIX 6.4 - 'pfdisplay.cgi' Exploit
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit
FreePBX < 13.0.188 - Remote Command Execution (Metasploit)
HP JetAdmin 1.0.9 Rev. D - symlink
HP JetAdmin 1.0.9 Rev. D - symlink Exploit
Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
TP-Link Archer CR-700 - Cross-Site Scripting
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit
Cat Soft Serv-U 2.5 - Buffer Overflow
BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE
Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow
BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit
Linux Kernel 2.0 / 2.1 / 2.2 - autofs
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit
Debian 2.1 - httpd
S.u.S.E. 5.2 - gnuplot
Debian 2.1 - httpd Exploit
S.u.S.E. Linux 5.2 - gnuplot Exploit
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit
SGI IRIX 6.2 - /usr/lib/netaddpr
SGI IRIX 6.2 - /usr/lib/netaddpr Exploit
SGI IRIX 6.2 - day5notifier
SGI IRIX 6.2 - day5notifier Exploit
SGI IRIX 6.4 - datman/cdman
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.3 - cgi-bin webdist.cgi
SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit
SGI IRIX 6.4 - cgi-bin handler
SGI IRIX 6.4 - cgi-bin handler Exploit
SGI IRIX 6.4 - login
SGI IRIX 6.4 - login Exploit
IBM AIX 3.2.5 - IFS
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 3.2.5 - login(1)
IBM AIX 3.2.5 - login(1) Exploit
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2)
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit
GNU glibc 2.1/2.1.1 -6 - pt_chown
GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit
ProFTPd 1.2 pre6 - snprintf
ProFTPd 1.2 pre6 - snprintf Exploit
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit
S.u.S.E. Linux 6.1/6.2 - cwdtools
S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin'
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit
SCO Unixware 7.1 - 'pkg' commands
SCO Unixware 7.1 - 'pkg' command Exploit
Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service
Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service
Nortel Networks Optivity NETarchitect 2.0 - PATH
Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit
SGI IRIX 6.2 - midikeys/soundplayer
SGI IRIX 6.2 - midikeys/soundplayer Exploit
Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE
Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit
Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit
Microsoft Windows 95/98/NT 4.0 - autorun.inf
Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - setxconf
Corel Linux OS 1.0 - buildxconfig Exploit
Corel Linux OS 1.0 - setxconf Exploit
TP Link Gateway 3.12.4 - Multiple Vulnerabilities
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit
Cisco IOS 11.x/12.x - HTTP %%
Cisco IOS 11.x/12.x - HTTP %% Exploit
RedHat Linux 6.0/6.1/6.2 - pam_console
RedHat Linux 6.0/6.1/6.2 - pam_console Exploit
HP-UX 10.20/11.0 man - /tmp symlink
HP-UX 10.20/11.0 man - /tmp Symlink Exploit
IRIX 5.3/6.x - mail
IRIX 5.3/6.x - mail Exploit
TYPSoft 0.7 x - FTP Server Remote Denial of Service
TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service
Oracle Internet Directory 2.0.6 - oidldap
Oracle Internet Directory 2.0.6 - oidldap Exploit
CatSoft FTP Serv-U 2.5.x - Brute Force
Cat Soft Serv-U FTP Server 2.5.x - Brute Force
Small HTTP server 2.0 1 - Non-Existent File Denial of Service
Small HTTP Server 2.0 1 - Non-Existent File Denial of Service
NCSA httpd-campas 1.2 - sample script
NCSA httpd-campas 1.2 - sample script Exploit
Novell NetWare Web Server 2.x - convert.bas
Novell NetWare Web Server 2.x - convert.bas Exploit
Serv-U 2.4/2.5 - FTP Directory Traversal
Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal
Novell Netware Web Server 3.x - files.pl
Novell Netware Web Server 3.x - files.pl Exploit
guido frassetto sedum http server 2.0 - Directory Traversal
Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal
robin twombly a1 http server 1.0 - Directory Traversal
Robin Twombly A1 HTTP Server 1.0 - Directory Traversal
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit
michael lamont savant http server 2.1 - Directory Traversal
Michael Lamont Savant HTTP Server 2.1 - Directory Traversal
zeroo http server 1.5 - Directory Traversal (1)
zeroo http server 1.5 - Directory Traversal (2)
Zeroo HTTP Server 1.5 - Directory Traversal (1)
Zeroo HTTP Server 1.5 - Directory Traversal (2)
Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service
Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service
Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service
Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure
Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure
BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting
BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting
XLight FTP Server 1.x - Long Directory Request Remote Denial of Service
Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service
XLight FTP Server 1.52 - Remote Send File Request Denial of Service
Xlight FTP Server 1.52 - Remote Send File Request Denial of Service
gweb http server 0.5/0.6 - Directory Traversal
GWeb HTTP Server 0.5/0.6 - Directory Traversal
MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC)
MiniWeb HTTP Server (build 300) - Crash (PoC)
TP-Link Print Server TL PS110U - Sensitive Information Enumeration
TP-Link PS110U Print Server TL - Sensitive Information Enumeration
PCMan's FTP Server 2.0.7 - Buffer Overflow
PCMan FTP Server 2.0.7 - Buffer Overflow
PCMan's FTP Server 2.0 - Remote Buffer Overflow
PCMan FTP Server 2.0 - Remote Buffer Overflow
PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3-5 - ZendEngine ECalloc Integer Overflow
PHP 3 < 5 - ZendEngine ECalloc Integer Overflow
NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static Http Server 1.0 - Denial of Service
TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static HTTP Server 1.0 - Denial of Service
NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)
Netgear ReadyNAS - Perl Code Evaluation (Metasploit)
NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
Ipswitch 8.0 - WS_FTP Client Format String
Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String
NETGEAR WGR614 - Administration Interface Remote Denial of Service
Netgear WGR614 - Administration Interface Remote Denial of Service
Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities
Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities
Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow
Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow
Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit
Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit
NetMan 204 - Backdoor Account
NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Serv-U 11.1.0.3 - Denial of Service / Security Bypass
Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass
TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change
TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change
NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND9 - TKEY (PoC)
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND 9 - TKEY (PoC)
ISC BIND9 - TKEY Remote Denial of Service (PoC)
ISC BIND 9 - TKEY Remote Denial of Service (PoC)
NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Android (Stagefright) - Remote Code Execution
Android - 'Stagefright' Remote Code Execution
Microsoft Windows Media Center - MCL (MS15-100)
Microsoft Windows Media Center - MCL Exploit (MS15-100)
Android libstagefright - Integer Overflow Remote Code Execution
Android - libstagefright Integer Overflow Remote Code Execution
NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
pdfium IsFlagSet (v8 memory management) - SIGSEGV
pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit
NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities
Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities
XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service
NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service
Metaphor - Stagefright Exploit with ASLR Bypass
Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution
Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities
FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation
FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation
Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)
2016-09-28 11:55:43 +00:00
Offensive Security
102574cb3e
DB: 2016-09-24
...
5 new exploits
EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion
EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion
WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Adobe Acrobat Reader 7<9 - U3D Buffer Overflow
Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)
Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit)
Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Adobe Flash - Crash When Freeing Memory After AVC decoding
Adobe Flash - Video Decompression Memory Corruption
Linux - SELinux W+X Protection Bypass via AIO
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation
Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service
Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities
Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass
Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass
Microsoft Excel 95<2004 - Malformed Graphic File Code Execution
Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
Git-1.9.5 - ssh-agent.exe Buffer Overflow
Git 1.9.5 - ssh-agent.exe Buffer Overflow
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Skybox Platform <= 7.0.611 - Multiple Vulnerabilities
SOLIDserver <=5.0.4 - Local File Inclusion
SOLIDserver <= 5.0.4 - Local File Inclusion
WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities
WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
2016-09-24 05:05:07 +00:00
Offensive Security
12047d93f1
DB: 2016-09-23
...
9 new exploits
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
Matrimonial Website Script 1.0.2 - SQL Injection
Metasploit Web UI - Diagnostic Console Command Execution
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Exponent CMS 2.3.9 - Blind SQL Injection
JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)
phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion
phpWebSite 0.10.2 - 'PHPWS_SOURCE_DIR' Parameter Multiple Remote File Inclusion
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
Microix Timesheet Module - SQL Injection
Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities
Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities
2016-09-23 05:05:20 +00:00
Offensive Security
b8ebed3824
DB: 2016-09-22
...
6 new exploits
Setuid perl - PerlIO_Debug() Root owned file creation
Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
VideoCache 1.9.2 - vccleaner Root
VideoCache 1.9.2 - 'vccleaner' Privilege Escalation
UK One Media CMS - 'id' Error Based SQL Injection
UK One Media CMS - 'id' Error-Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection
Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Ultimate eShop - Error Based SQL Injection
Ultimate eShop - Error-Based SQL Injection
WordPress Plugin Multiple - timthumb.php Vulnerabilities
Multiple WordPress Plugins - timthumb.php File Upload
Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service
Slackware Linux 3.5 - /etc/group missing results in Root access
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service
Sudo 1.6.3 - Unclean Environment Variable Root Program Execution
Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass
Microweber 0.905 - Error Based SQL Injection
Microweber 0.905 - Error-Based SQL Injection
WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
2016-09-22 05:06:28 +00:00
Offensive Security
f1e68e0b1d
DB: 2016-09-15
...
3 new exploits
Android - getpidcon Usage binder Service Replacement Race Condition
PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure
Apache Mina 2.0.13 - Remote Command Execution
2016-09-15 05:07:49 +00:00
Offensive Security
0be1ea959a
DB: 2016-09-09
...
11 new exploits
Samba 3.0.4 - SWAT Authorization Buffer Overflow
Samba 3.0.4 SWAT - Authorisation Buffer Overflow
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)
HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)
HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)
WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)
WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC)
FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service
FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service
Multiple Applications - Local Credentials Disclosure
Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service
Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service
IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit
IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit
Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2)
Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2)
IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit
IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit
Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite
SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)
Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)
Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)
Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow
Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow
SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution
McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)
SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution
McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC)
MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow
MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow
NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit
NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit
HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow
BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow
Joomla Component JPad 1.0 - Post-Authentication SQL Injection
Joomla Component JPad 1.0 - Authenticated SQL Injection
CMS Made Simple 1.2.4 - (FileManager module) File Upload
CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication)
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)
freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow
freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow
vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit
vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit
Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service
Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service
Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit
Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service
Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service
AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection
AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection
AvailScript Jobs Portal Script - (Post-Authentication) File Upload
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service
Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement
Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)
Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service
Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service
freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC
LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection
LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection
freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC
AJ Auction Authentication - Bypass Exploit
AJ Auction - Authentication Bypass
Simple Directory Listing 2 - Cross-Site File Upload
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload
Mini File Host 1.x - Arbitrary PHP File Upload
Mini File Host 1.x - Arbitrary .PHP File Upload
Memberkit 1.0 - Remote PHP File Upload
Memberkit 1.0 - Remote Arbitrary .PHP File Upload
WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload
Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload
Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)
Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)
WikkiTikkiTavi 1.11 - Remote PHP File Upload
WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload
Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
zFeeder 1.6 - 'admin.php' Pre-Authentication
zFeeder 1.6 - 'admin.php' Unauthenticated
Addonics NAS Adapter - Post-Authentication Denial of Service
Addonics NAS Adapter - Authenticated Denial of Service
Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Hannon Hill Cascade Server - (Post-Authentication) Command Execution
Hannon Hill Cascade Server - (Authenticated) Command Execution
Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC)
XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)
Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service
Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service
Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure
MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC
Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal
Adobe JRun 4 - (logfile) Authenticated Directory Traversal
FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service
NetAccess IP3 - (Post-Authentication) (ping option) Command Injection
NetAccess IP3 - (Authenticated) (ping option) Command Injection
Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute
Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution
Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service
Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service
HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC)
Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC)
Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
uTorrent WebUI 0.370 - Authorization header Denial of Service
uTorrent WebUI 0.370 - Authorisation Header Denial of Service
Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)
Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting
Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass)
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)
dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)
dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)
UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow
Achievo 1.4.3 - Multiple Authorization Flaws
Achievo 1.4.3 - Multiple Authorisation Flaws
PHPMotion 1.62 - 'FCKeditor' File Upload
PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload
Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal
Home FTP Server 1.11.1.149 - Authenticated Directory Traversal
News Script PHP Pro - 'FCKeditor' File Upload
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload
Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow
Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow
Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion
Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion
HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow
MailEnable - Authorization Header Buffer Overflow
MailEnable - Authorisation Header Buffer Overflow
ColdFusion 8.0.1 - Arbitrary File Upload and Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution
ColdFusion 8.0.1 - Arbitrary File Upload / Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution
OpenX - banner-edit.php File Upload PHP Code Execution
OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution
Joomla 1.5.12 - tinybrowser File Upload Code Execution
Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution
N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit
N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit
If-CMS 2.07 - Pre-Authentication Local File Inclusion (1)
If-CMS 2.07 - Unauthenticated Local File Inclusion (1)
IPComp - encapsulation Pre-Authentication kernel memory Corruption
IPComp - encapsulation Unauthenticated kernel memory Corruption
SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit
SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass)
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass)
Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2)
If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)
DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit
DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit
TomatoCart 1.1 - Post-Authentication Local File Inclusion
TomatoCart 1.1 - Authenticated Local File Inclusion
BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass
BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass
QuiXplorer 2.3 - Bugtraq File Upload
QuiXplorer 2.3 - Bugtraq Arbitrary File Upload
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit)
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit)
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution
Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)
Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)
BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR
BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection
Dolibarr ERP & CRM 3 - Authenticated OS Command Injection
V-CMS - PHP File Upload and Execution
V-CMS - Arbitrary .PHP File Upload / Execution
WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection
WebCalendar 1.2.4 - Unauthenticated Remote Code Injection
appRain CMF - Arbitrary PHP File Upload
appRain CMF - Arbitrary .PHP File Upload
EGallery - PHP File Upload
EGallery - Arbitrary .PHP File Upload
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload
WebPageTest - Arbitrary PHP File Upload
WebPageTest - Arbitrary .PHP File Upload
XODA 0.4.5 - Arbitrary PHP File Upload
XODA 0.4.5 - Arbitrary .PHP File Upload
Elcom CMS 7.4.10 - Community Manager Insecure File Upload
Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection
Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow
Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1)
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2)
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit
qdPM 7.0 - Arbitrary PHP File Upload
qdPM 7.0 - Arbitrary .PHP File Upload
Oracle Database - Authentication Protocol Security Bypass
Oracle Database - Protocol Authentication Bypass
Mod_NTLM 0.x - Authorization Heap Overflow
Mod_NTLM 0.x - Authorisation Heap Overflow
Mod_NTLM 0.x - Authorization Format String
Mod_NTLM 0.x - Authorisation Format String
Geeklog 1.3.x - Authentication SQL Injection
Geeklog 1.3.x - Authenticated SQL Injection
NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution
MySQL - Remote Pre-Authentication User Enumeration
MySQL - Remote Unauthenticated User Enumeration
vbPortal 2.0 alpha 8.1 - Authentication SQL Injection
vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)
WordPress WP-Property Plugin - PHP File Upload
WordPress Asset-Manager Plugin - PHP File Upload
WordPress WP-Property Plugin - Arbitrary .PHP File Upload
WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload
Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution
Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution
RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service
RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun
Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun
Novell NCP - Pre-Authentication Remote Root Exploit
Novell NCP - Unauthenticated Remote Root Exploit
Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass
Polar Helpdesk 3.0 - Cookie Based Authentication Bypass
IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution
IRIS Citations Management Tool - (Authenticated) Remote Command Execution
Polycom HDX - Telnet Authorization Bypass (Metasploit)
Polycom HDX - Telnet Authentication Bypass (Metasploit)
OpenEMR - PHP File Upload
OpenEMR - Arbitrary .PHP File Upload
PolarPearCMS - PHP File Upload
PolarPearCMS - Arbitrary .PHP File Upload
Apache 2.0.x - mod_ssl Remote Denial of Service
Apache/mod_ssl 2.0.x - Remote Denial of Service
phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload
phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload
BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal
BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal
MoinMoin - twikidraw Action Traversal File Upload
MoinMoin - twikidraw Action Traversal Arbitrary File Upload
Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption
Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption
Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow
Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow
FlexWATCH 3.0 - AIndex.asp Authorization Bypass
FlexWATCH 3.0 - AIndex.asp Authentication Bypass
HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload
HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload
WordPress Curvo Themes - Cross-Site Request Forgery File Upload
WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload
PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass
PHPBB2 - Admin_Ug_Auth.php Administrative Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass
Castripper 2.50.70 - '.pls' DEP Exploit
Castripper 2.50.70 - '.pls' DEP Bypass Exploit
Google Urchin 5.7.3 - Report.cgi Authorization Bypass
Google Urchin 5.7.3 - Report.cgi Authentication Bypass
Adobe Flash - Method Calls Use-After-Free
Adobe Flash - Transform.colorTranform Getter Info Leak
RSA Authentication Agent for Web 5.3 - URI redirection
RSA Authentication Agent for Web 5.3 - URI Redirection
Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Zabbix 2.0 - 3.0.3 - SQL Injection
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution
Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure
LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload
Katello (Red Hat Satellite) - users/update_roles Missing Authorization
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation
Freepbx 13.0.x < 13.0.154 - Remote Command Execution
FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution
Jobberbase 2.0 - Multiple Vulnerabilities
Windows x86 - Bind Shell TCP Shellcode
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload
Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Moab < 7.2.9 - Authorization Bypass
Moab < 7.2.9 - Authentication Bypass
Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection
Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection
Drupal Core < 7.32 - Pre-Authentication SQL Injection
Drupal Core < 7.32 - Unauthenticated SQL Injection
Tincd - Post-Authentication Remote TCP Stack Buffer Overflow
Tincd - Authenticated Remote TCP Stack Buffer Overflow
PMB 4.1.3 - Post-Authentication SQL Injection
PMB 4.1.3 - Authenticated SQL Injection
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution
ManageEngine Multiple Products - Authenticated File Upload
ManageEngine Multiple Products - Authenticated Arbitrary File Upload
Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass)
Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass)
Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution
Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution
Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection
Symantec Web Gateway 5 - restore.php Authenticated Command Injection
JBoss Seam 2 - Arbitrary File Upload and Execution
JBoss Seam 2 - Arbitrary File Upload / Execution
Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit)
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution
JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass
JibberBook 2.3 - 'Login_form.php' Authentication Bypass
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
Zenoss 3.2.1 - Remote Post-Authentication Command Execution
Zenoss 3.2.1 - Remote Authenticated Command Execution
Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution
Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution
Magento CE < 1.9.0.1 - Authenticated Remote Code Execution
Netsweeper 4.0.9 - Arbitrary File Upload and Execution
Netsweeper 4.0.9 - Arbitrary File Upload / Execution
Netsweeper 4.0.8 - Arbitrary File Upload and Execution
Netsweeper 4.0.8 - Arbitrary File Upload / Execution
EasyITSP - 'customers_edit.php' Authentication Security Bypass
EasyITSP - 'customers_edit.php' Authentication Bypass
Wolf CMS - Arbitrary File Upload and Execution
Wolf CMS - Arbitrary File Upload / Execution
Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow
Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow
GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution
vBulletin 5.1.x - Pre-Authentication Remote Code Execution
vBulletin 5.1.x - Unauthenticated Remote Code Execution
WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass
WordPress WP to Twitter Plugin - Authorization Bypass
WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass
WordPress WP to Twitter Plugin - Authentication Bypass
Novell ServiceDesk - Authenticated File Upload
Novell ServiceDesk - Authenticated Arbitrary File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)
phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers
phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)
vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API
vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit)
phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution
phpMyAdmin 4.6.2 - Authenticated Remote Code Execution
vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
2016-09-09 05:09:09 +00:00
Offensive Security
2aa9d941de
DB: 2016-09-08
...
6 new exploits
Too many to list!
2016-09-08 05:08:29 +00:00
Offensive Security
d36011b4f9
DB: 2016-09-07
...
3 new exploits
Too many to list!
2016-09-07 05:09:19 +00:00
Offensive Security
5e2fc10125
DB: 2016-09-03
2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d
DB: 2016-09-03
...
14 new exploits
Too many to list!
2016-09-03 05:08:42 +00:00
Offensive Security
1f0c845486
DB: 2016-08-31
...
3 new exploits
Too many to list!
2016-08-31 05:07:37 +00:00
Offensive Security
760d823bc8
DB: 2016-08-30
...
18 new exploits
Too many to list!
2016-08-30 05:08:40 +00:00
Offensive Security
4011b4f053
DB: 2016-08-27
2016-08-27 05:08:40 +00:00
Offensive Security
4c43b1da2b
DB: 2016-08-25
2016-08-25 05:07:18 +00:00
Offensive Security
24a0e1921a
DB: 2016-08-16
2016-08-16 20:39:41 +00:00
Offensive Security
dac3d3dad6
DB: 2016-08-08
...
2 new exploits
VMWare OVF Tools - Format String (1)
VMware OVF Tools - Format String (1)
VMWare OVF Tools - Format String (2)
VMware OVF Tools - Format String (2)
VMWare - Setuid vmware-mount Unsafe popen(3)
VMware - Setuid vmware-mount Unsafe popen(3)
Drupal Module Coder < 7.x-1.3 / 7.x-2.6 - Remote Code Execution Exploit (SA-CONTRIB-2016-039)
VMware Virtual Machine Communication Interface (VMCI) vmci.sys - Proof of Concept
VMWare - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)
VMware - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)
ntop 2.3 <= 2.5 - Multiple Vulnerabilities
ntop/nbox 2.3 <= 2.5 - Multiple Vulnerabilities
NUUO NVRmini 2 3.0.8 - ShellShock Remote Code Execution
NUUO NVRmini 2 3.0.8 - (ShellShock) Remote Code Execution
2016-08-08 05:05:38 +00:00
Offensive Security
75085bf1d7
DB: 2016-08-03
...
7 new exploits
Real Server 7/8/9 - Remote Root Exploit (Windows & Linux)
Real Server 7/8/9 - Remote Root Exploit (Windows / Linux)
Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit
Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit
BSD & Linux - umount Local Root Exploit
BSD & Linux umount - Local Root Exploit
BSD & Linux - lpr Command Local Root Exploit
BSD & Linux lpr - Local Root Exploit
Battlefield 1942 <= 1.6.19 + Vietnam 1.2 - Broadcast Client Crash
Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash
PHP 4.3.9 & phpBB 2.x - unserialize() Remote Exploit (compiled)
PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled)
Soldier of Fortune 2 <= 1.03 - 'cl_guid' Server Crash
Soldier of Fortune 2 1.03 - 'cl_guid' Server Crash
Download Center Lite (DCL) <= 1.5 - Remote File Inclusion
Download Center Lite (DCL) 1.5 - Remote File Inclusion
Linux Mandrake 10.2 - cdrdao Local Root Exploit (unfixed)
cdrdao (Mandrake 10.2) - Local Root Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit
MyBulletinBoard (MyBB) 1.00 RC4 - SQL Injection Exploit
e107 <= 0.617 - XSS Remote Cookie Disclosure Exploit
e107 0.617 - XSS Remote Cookie Disclosure Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
MyBulletinBoard (MyBB) 1.00 RC4 SQL Injection Exploit
F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit
F-Secure Internet Gatekeeper for Linux < 2.15.484 (and Gateway < 2.16) - Local Root Exploit
MyBulletinBoard (MyBB) <= 1.03 - Multiple SQL Injection Exploit
MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injection Exploit
MyBulletinBoard (MyBB) <= 1.03 - (misc.php COMMA) SQL Injection
MyBulletinBoard (MyBB) 1.03 - (misc.php COMMA) SQL Injection
MyBulletinBoard (MyBB) <= 1.04 - (misc.php COMMA) SQL Injection (2)
MyBulletinBoard (MyBB) 1.04 - (misc.php COMMA) SQL Injection (2)
Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities
Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities
MyBulletinBoard (MyBB) <= 1.1.3 - (usercp.php) Create Admin Exploit
MyBulletinBoard (MyBB) 1.1.3 - (usercp.php) Create Admin Exploit
DZCP (deV!L_z Clanportal) <= 1.34 - (id) SQL Injection Exploit
DZCP (deV!L_z Clanportal) 1.34 - (id) SQL Injection Exploit
Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit
Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit (1)
MyBulletinBoard (MyBB) <= 1.1.5 - (CLIENT-IP) SQL Injection Exploit
MyBulletinBoard (MyBB) 1.1.5 - (CLIENT-IP) SQL Injection Exploit
PHP Live! <= 3.2.1 - (help.php) Remote Inclusion
PHP Live! 3.2.1 - (help.php) Remote Inclusion
Les Visiteurs (Visitors) <= 2.0 - (config.inc.php) File Include
Les Visiteurs (Visitors) 2.0 - (config.inc.php) File Include
Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include
Electronic Engineering Tool (EE TOOL) 0.4.1 File Include
DZCP (deV!L_z Clanportal) <= 1.3.6 - Arbitrary File Upload
DZCP (deV!L_z Clanportal) 1.3.6 - Arbitrary File Upload
Tucows Client Code Suite (CSS) <= 1.2.1015 File Include
Tucows Client Code Suite (CSS) 1.2.1015 File Include
KDE 3.5 - (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit
KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit
DZCP (deV!L_z Clanportal) <= 1.4.5 - Remote File Disclosure
DZCP (deV!L_z Clanportal) 1.4.5 - Remote File Disclosure
McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit
McAfee VirusScan for Mac (Virex) 7.7 - Local Root Exploit
WEBO (Web Organizer) <= 1.0 - (baseDir) Remote File Inclusion
WEBO (Web Organizer) 1.0 - (baseDir) Remote File Inclusion
Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution
Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution
Katalog Plyt Audio (pl) <= 1.0 - SQL Injection Exploit
Katalog Plyt Audio (pl) 1.0 - SQL Injection Exploit
study planner (studiewijzer) <= 0.15 - Remote File Inclusion
study planner (studiewijzer) 0.15 - Remote File Inclusion
MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit
MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution Exploit
MyBulletinBoard (MyBB) <= 1.2.2 - (CLIENT-IP) SQL Injection Exploit
MyBulletinBoard (MyBB) 1.2.2 - (CLIENT-IP) SQL Injection Exploit
MyBulletinBoard (MyBB) <= 1.2.5 calendar.php Blind SQL Injection Exploit
MyBulletinBoard (MyBB) 1.2.5 calendar.php Blind SQL Injection Exploit
Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution (2)
Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)
LAN Management System (LMS) <= 1.9.6 - Remote File Inclusion Exploit
LAN Management System (LMS) 1.9.6 - Remote File Inclusion Exploit
Ripe Website Manager (CMS) <= 0.8.9 - Remote File Inclusion
Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion
Simple PHP Blog (sphpblog) <= 0.5.1 - Multiple Vulnerabilities
Simple PHP Blog (sphpblog) 0.5.1 - Multiple Vulnerabilities
TaskFreak! <= 0.6.1 - SQL Injection
TaskFreak! 0.6.1 - SQL Injection
MyBulletinBoard (MyBB) <= 1.2.10 - Remote Code Execution Exploit
mybulletinboard (mybb) <= 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution Exploit
mybulletinboard (mybb) 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit
MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit
PHP Live! <= 3.2.2 - (questid) SQL Injection (1)
PHP Live! 3.2.2 - (questid) SQL Injection (1)
Web Group Communication Center (WGCC) <= 1.0.3 - SQL Injection
Web Group Communication Center (WGCC) 1.0.3 - SQL Injection
C6 Messenger ActiveX Remote Download & Execute Exploit
C6 Messenger ActiveX - Remote Download & Execute Exploit
eLineStudio Site Composer (ESC) <= 2.6 - Multiple Vulnerabilities
eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities
Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit
Simple PHP Blog (SPHPBlog) 0.5.1 Code Execution Exploit
MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit (2)
MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit (2)
DZCP (deV!L_z Clanportal) <= 1.4.9.6 - Blind SQL Injection Exploit
DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection Exploit
Amaya Web Editor XML and HTML parser Vulnerabilities
Amaya Web Editor - XML and HTML parser Vulnerabilities
CMS WEBjump! Multiple SQL Injection
CMS WEBjump! - Multiple SQL Injection
RQms (Rash) <= 1.2.2 - Multiple SQL Injection
RQms (Rash) 1.2.2 - Multiple SQL Injection
Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit
Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit
Apple Safari & Quicktime Denial of Service
Apple Safari & Quicktime - Denial of Service
AudioPLUS 2.00.215 - (.lst & .m3u) Local Buffer Overflow (SEH)
AudioPLUS 2.00.215 - (.lst / .m3u) Local Buffer Overflow (SEH)
PHP Live! <= 3.2.2 - (questid) SQL Injection (2)
PHP Live! 3.2.2 - (questid) SQL Injection (2)
TwonkyMedia Server 4.4.17 & <= 5.0.65 - XSS
TwonkyMedia Server 4.4.17 / 5.0.65 - XSS
Adobe Shockwave 11.5.1.601 Player Multiple Code Execution
Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution
NAS Uploader 1.0 & 1.5 - Remote File Upload
NAS Uploader 1.0 / 1.5 - Remote File Upload
PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit)
PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)
Nuked KLan 1.7.7 & <= SP4 DoS
Nuked KLan 1.7.7 & SP4 DoS
Aqua Real 1.0 & 2.0 - Local Crash PoC
Aqua Real 1.0 / 2.0 - Local Crash PoC
FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting (XSS)
FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting
Ipswitch IMAIL 11.01 reversible encryption + weak ACL
Ipswitch IMAIL 11.01 - reversible encryption + weak ACL
justVisual 2.0 - (index.php) <= LFI
justVisual 2.0 - (index.php) LFI
Simple Machines Forum (SMF) <= 1.1.8 - (avatar) Remote PHP File Execute PoC
Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute PoC
SafeSHOP 1.5.6 - Cross-Site Scripting & Multiple Cross-Site Request Forgery
SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery
McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting (XSS)
McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting
Local Glibc shared library (.so) <= 2.11.1 Exploit
Local Glibc shared library (.so) 2.11.1 Exploit
Safari 4.0.3 & 4.0.4 - Stack Exhaustion
Safari 4.0.3 / 4.0.4 - Stack Exhaustion
Apache Axis2 administration console - Cross-Site Scripting (XSS) (Authenticated)
Apache Axis2 administration console - (Authenticated) Cross-Site Scripting
CubeCart PHP (shipkey parameter) <= 4.3.x - SQL Injection
CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection
Joomla Health & Fitness Stats Persistent XSS
Joomla Health & Fitness Stats - Persistent XSS
PunBB 1.3.4 & Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit
PunBB 1.3.4 / Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit
MyIT CRM - Multiple Cross-Site Scripting (XSS)
MyIT CRM - Multiple Cross-Site Scripting
Adobe Dreamweaver CS5 <= 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)
Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)
Avast! <= 5.0.594 - license files DLL Hijacking Exploit (mfc90loc.dll)
Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit
BlogBird Platform Multiple XSS Vulnerabilities
BlogBird Platform - Multiple XSS Vulnerabilities
Joomla Component (btg_oglas) HTML & XSS Injection
Joomla Component (btg_oglas) - HTML / XSS Injection
Lotus CMS Fraise 3.0 - LFI & Remote Code Execution Exploit
Lotus CMS Fraise 3.0 - LFI / Remote Code Execution Exploit
Novell ZenWorks 10 & 11 - TFTPD Remote Code Execution
Novell ZenWorks 10 / 11 - TFTPD Remote Code Execution
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (3)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3)
CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow
CA BrightStor ARCserve for Laptops & Desktops LGServer - Multiple Commands Buffer Overflow
SmarterMail 7.3 & 7.4 - Multiple Vulnerabilities
SmarterMail 7.3 / 7.4 - Multiple Vulnerabilities
OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit
OpenSLP 1.2.1 / < 1647 trunk - Denial of Service Exploit
ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0Day)
ScadaTEC ModbusTagServer & ScadaPhone - (.zip) Buffer Overflow Exploit (0Day)
MARINET CMS (room.php) <= Blind SQL
MARINET CMS (room.php) Blind SQL
phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection (Metasploit)
phpMyAdmin 3.3.x / 3.4.x - Local File Inclusion via XXE Injection (Metasploit)
ContaoCMS (aka TYPOlight) <= 2.11 - CSRF (Delete Admin & Delete Article)
ContaoCMS (aka TYPOlight) 2.11 - CSRF (Delete Admin / Delete Article)
Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 - Remote Buffer Overflow
Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Simple PHP Agenda 2.2.8 - CSRF (Add Admin & Add Event)
Simple PHP Agenda 2.2.8 - CSRF (Add Admin / Add Event)
SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption
SumatraPDF 2.0.1 - (.chm / .mobi) Memory Corruption
Dolibarr ERP & CRM 3 Post-Auth OS Command Injection
Dolibarr ERP & CRM OS Command Injection
Dolibarr ERP & CRM 3 - Post-Auth OS Command Injection
Dolibarr ERP & CRM - OS Command Injection
Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1)
Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2)
Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1)
Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2)
sflog! <= 1.00 - Multiple Vulnerabilities
sflog! 1.00 - Multiple Vulnerabilities
Inter7 vpopmail (vchkpw) <= 3.4.11 - Buffer Overflow
Inter7 vpopmail (vchkpw) 3.4.11 - Buffer Overflow
White Label CMS 1.5 - CSRF & Persistent XSS
White Label CMS 1.5 - CSRF / Persistent XSS
AIX 3.x/4.x & Windows 95/98/2000/NT 4 & SunOS 5 gethostbyname() - Buffer Overflow
AIX 3.x/4.x / Windows 95/98/2000/NT 4 / SunOS 5 gethostbyname() - Buffer Overflow
gdb (GNU debugger) <= 7.5.1NULL Pointer Dereference
gdb (GNU debugger) 7.5.1NULL Pointer Dereference
Adam Webb NukeJokes 1.7/2.0 Module Multiple Parameter XSS
Adam Webb NukeJokes 1.7/2.0 - Module Multiple Parameter XSS
Polycom HDX Telnet Authorization Bypass (Metasploit)
Polycom HDX - Telnet Authorization Bypass (Metasploit)
Joomla! <= 3.0.2 - (highlight.php) PHP Object Injection
Joomla! 3.0.2 - (highlight.php) PHP Object Injection
Joomla! <= 3.0.3 (remember.php) - PHP Object Injection
Joomla! 3.0.3 (remember.php) - PHP Object Injection
Active Auction House Default.ASP Multiple SQL Injection
Active Auction House - Default.ASP Multiple SQL Injection
Aenovo Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Alisveristr E-commerce Login Multiple SQL Injection
Alisveristr E-commerce Login - Multiple SQL Injection
Cline Communications Multiple SQL Injection
Cline Communications - Multiple SQL Injection
Andy Mack 35mm Slide Gallery 6.0 popup.php Multiple Parameter XSS
Andy Mack 35mm Slide Gallery 6.0 - popup.php Multiple Parameter XSS
Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow
Apple Safari 6.0.1 for iOS 6.0 / OS X 10.7/8 - Heap Buffer Overflow
AIOCP 1.3.x cp_forum_view.php Multiple Parameter XSS
AIOCP 1.3.x - cp_forum_view.php Multiple Parameter XSS
AIOCP 1.3.x cp_news.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection
AIOCP 1.3.x cp_newsletter.php Multiple Parameter SQL Injection
AIOCP 1.3.x cp_links.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection
AIOCP 1.3.x cp_show_ec_products.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection
20/20 Applications Data Shed 1.0 listings.asp Multiple Parameter SQL Injection
20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection
ClickContact Default.ASP Multiple SQL Injection
ClickContact - Default.ASP Multiple SQL Injection
Onpub CMS 1.4 & 1.5 - Multiple SQL Injection
Onpub CMS 1.4 / 1.5 - Multiple SQL Injection
Apache + PHP < 5.3.12 & < 5.4.2 - cgi-bin Remote Code Execution Exploit
Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit
Apache + PHP < 5.3.12 & < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
ClientExec 3.0 Index.php Multiple Cross-Site Scripting Vulnerabilities
ClientExec 3.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities
AbleDesign MyCalendar 2.20.3 Index.php Multiple Cross-Site Scripting Vulnerabilities
AbleDesign MyCalendar 2.20.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities
AlstraSoft Affiliate Network Pro 8.0 merchants/index.php Multiple Parameter XSS
AlstraSoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter XSS
File(1) <= 4.13 Command File_PrintF Integer Underflow
File(1) 4.13 Command File_PrintF Integer Underflow
ACDSee 9.0 Photo Manager Multiple BMP Denial of Service Vulnerabilities
ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities
Ahhp Portal Page.php Multiple Remote File Inclusion
Ahhp Portal - Page.php Multiple Remote File Inclusion
Apple QuickTime 7.1.5 Information Disclosure and Multiple Code Execution Vulnerabilities
Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities
OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities
OpenBase 10.0.x - Buffer Overflow / Remote Command Execution
AIDA Web Frame.HTML Multiple Unauthorized Access Vulnerabilities
AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities
Absolute News Manager .NET 5.1 xlaabsolutenm.aspx Multiple Parameter SQL Injection
Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple Parameter SQL Injection
Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution and Security Vulnerabilities
Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution / Security Vulnerabilities
Apple iPhone and iPod Touch < 2.0 - Multiple Remote Vulnerabilities
Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities
HPSystem Management Homepage (SMH) <= 2.1.12 - 'message.php' Cross-Site Scripting
HPSystem Management Homepage (SMH) 2.1.12 - 'message.php' Cross-Site Scripting
Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit 'alert()' Function Remote Denial of Service
Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service
3Com Wireless 8760 Dual-Radio 11a/b/g PoE Multiple Security Vulnerabilities
3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Security Vulnerabilities
AlmondSoft Multiple Classifieds Products index.php replid Parameter SQL Injection
AlmondSoft Multiple Classifieds Products index.php Multiple Parameter XSS
AlmondSoft Multiple Classifieds Products - index.php replid Parameter SQL Injection
AlmondSoft Multiple Classifieds Products - index.php Multiple Parameter XSS
Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation (1)
Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Local Privilege Escalation (1)
CMS Source Multiple Input Validation Vulnerabilities
CMS Source - Multiple Input Validation Vulnerabilities
123 Flash Chat = Multiple Security Vulnerabilities
123 Flash Chat - Multiple Security Vulnerabilities
Pimcore 3.0 & 2.3.0 CMS - SQL Injection
Pimcore 3.0 / 2.3.0 CMS - SQL Injection
Apple Mac OS X 10.6.5 And iOS 4.3.3 Mail Denial of Service
Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service
CmyDocument Multiple Cross-Site Scripting Vulnerabilities
CmyDocument - Multiple Cross-Site Scripting Vulnerabilities
OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS)
OTRS < 3.1.x / < 3.2.x / < 3.3.x - Stored Cross-Site Scripting
OYO File Manager 1.1 (iOS & Android) - Multiple Vulnerabilities
OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities
Airdroid iOS_ Android & Win 3.1.3 - Persistent
Airdroid iOS / Android / Win 3.1.3 - Persistent
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit
Air Drive Plus Multiple Input Vallidation Vulnerabilities
Air Drive Plus - Multiple Input Vallidation Vulnerabilities
Collabtive Multiple Security Vulnerabilities
Collabtive - Multiple Security Vulnerabilities
Open Upload 0.4.2 - (Add Admin) CSRF
Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service
Wireshark 2.0.0 to 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service
Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - WSP Dissector Denial of Service
Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - RLC Dissector Denial of Service
2016-08-03 05:06:13 +00:00
Offensive Security
d1e88dd6d0
DB: 2016-07-30
2016-07-30 07:05:01 +00:00
Offensive Security
ec03ab428f
DB: 2016-07-21
...
10 new exploits
Microsoft Internet Explorer <= XP SP2 - HTML Help Control Local Zone Bypass
Microsoft Internet Explorer XP SP2 - HTML Help Control Local Zone Bypass
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
Simplog <= 0.9.3 - (tid) Remote SQL Injection Exploit
Simplog 0.9.3 - (tid) SQL Injection
Skulltag <= 0.96f - (Version String) Remote Format String PoC
OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit
Skulltag 0.96f - (Version String) Remote Format String PoC
OpenTTD 0.4.7 - Multiple Vulnerabilities
Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC)
Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities
Apple Mac OS X Safari <= 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC
Apple Mac OS X Safari 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC
Aardvark Topsites PHP <= 4.2.2 - (path) Remote File Inclusion
phpMyAgenda <= 3.0 Final (rootagenda) Remote Include
Aardvark Topsites PHP <= 4.2.2 - (lostpw.php) Remote Include Exploit
Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion
phpMyAgenda 3.0 Final - (rootagenda) Remote Include
Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion
X7 Chat <= 2.0 - (help_file) Remote Commands Execution Exploit
X7 Chat 2.0 - (help_file) Remote Command Execution
Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit
Auction 1.3m - (phpbb_root_path) Remote File Inclusion
acFTP FTP Server <= 1.4 - (USER) Remote Buffer Overflow PoC
Quake 3 Engine 1.32b R_RemapShader() Remote Client BoF Exploit
acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow PoC
Quake 3 Engine 1.32b - R_RemapShader() Remote Client BoF Exploit
AWStats <= 6.5 - (migrate) Remote Shell Command Injection Exploit
AWStats 6.5 - (migrate) Remote Shell Command Injection
acFTP FTP Server <= 1.4 - (USER) Remote Denial of Service Exploit
acFTP FTP Server 1.4 - (USER) Remote Denial of Service
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities
Jetbox CMS <= 2.1 - (relative_script_path) Remote File Inclusion Exploit
ACal <= 2.2.6 - (day.php) Remote File Inclusion
EQdkp <= 1.3.0 - (dbal.php) Remote File Inclusion
PHP-Fusion 6.00.306 - Multiple Vulnerabilities
Jetbox CMS 2.1 - (relative_script_path) Remote File Inclusion
ACal 2.2.6 - (day.php) Remote File Inclusion
EQdkp 1.3.0 - (dbal.php) Remote File Inclusion
Microsoft Internet Explorer <= 6.0.2900 SP2 - (CSS Attribute) Denial of Service
Microsoft Internet Explorer 6.0.2900 SP2 - (CSS Attribute) Denial of Service
Unclassified NewsBoard <= 1.6.1 patch 1 - Arbitrary Local Inclusion Exploit
Unclassified NewsBoard 1.6.1 patch 1 - Local File Inclusion
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (1)
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (2)
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (3)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (1)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (2)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (3)
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (4)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (4)
Linux Kernel <= 2.6.17.4 - (proc) Local Root Exploit
Linux Kernel <= 2.6.17.4 - 'proc' Local Root Exploit
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 x86_64) - System Call Emulation Exploit
\o - Local File Inclusion (1st)
Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)
PulseAudio setuid (Ubuntu 9.04 & Slackware 12.2.0) - Local Privilege Escalation
PulseAudio setuid (Ubuntu 9.04 / Slackware 12.2.0) - Local Privilege Escalation
Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
Linux Kernel <= 2.2.18 (RH 7.0/6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1)
Linux Kernel <= 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1)
Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)
Django CMS 3.3.0 - (Editor Snippet) Persistent XSS
Drupal RESTWS Module 7.x - Remote PHP Code Execution (Metasploit)
Linux/x86 - execve /bin/sh Shellcode (19 bytes)
Wowza Streaming Engine 4.5.0 - Local Privilege Escalation
Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation
Wowza Streaming Engine 4.5.0 - Add Advanced Admin CSRF
Wowza Streaming Engine 4.5.0 - Multiple XSS
OpenSSHD <= 7.2p2 - Username Enumeration
WordPress Video Player Plugin 1.5.16 - SQL Injection
2016-07-21 05:06:28 +00:00
Offensive Security
965b4bba8f
DB: 2016-07-20
...
4 new exploits
Microsoft Internet Explorer Object Tag Exploit (MS03-020)
Microsoft Internet Explorer - Object Tag Exploit (MS03-020)
ICQ Pro 2003a Password Bypass Exploit (ca1-icq.asm)
ICQ Pro 2003a - Password Bypass Exploit (ca1-icq.asm)
Cisco IOS IPv4 Packets Denial of Service Exploit
Cisco IOS - IPv4 Packets Denial of Service Exploit
Cisco IOS (using hping) Remote Denial of Service Exploit
Cisco IOS - (using hping) Remote Denial of Service Exploit
Microsoft Windows SQL Server Denial of Service Remote Exploit (MS03-031)
Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031)
Microsoft Windows RPC DCOM Remote Exploit (18 Targets)
Microsoft Windows RPC - DCOM Remote Exploit (18 Targets)
man-db 2.4.1 open_cat_stream() Local uid=man Exploit
man-db 2.4.1 - open_cat_stream() Local uid=man Exploit
Cisco IOS 12.x/11.x HTTP Remote Integer Overflow Exploit
Cisco IOS 12.x/11.x - HTTP Remote Integer Overflow Exploit
DameWare Mini Remote Control Server SYSTEM Exploit
DameWare Mini Remote Control Server - SYSTEM Exploit
Microsoft Internet Explorer Object Data Remote Exploit (M03-032)
Microsoft Internet Explorer - Object Data Remote Exploit (M03-032)
eMule/xMule/LMule OP_SERVERMESSAGE Format String Exploit
eMule/xMule/LMule - OP_SERVERMESSAGE Format String Exploit
Microsoft WordPerfect Document Converter Exploit (MS03-036)
Microsoft WordPerfect Document Converter - Exploit (MS03-036)
Roger Wilco 1.x Client Data Buffer Overflow Exploit
Roger Wilco 1.x - Client Data Buffer Overflow Exploit
Solaris Sadmind Default Configuration Remote Root Exploit
Solaris Sadmind - Default Configuration Remote Root Exploit
Microsoft Windows Messenger Service Denial of Service Exploit (MS03-043)
Microsoft Windows Messenger Service - Denial of Service Exploit (MS03-043)
Microsoft Exchange 2000 XEXCH50 Heap Overflow PoC (MS03-046)
Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046)
Microsoft Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)
Microsoft Frontpage Server Extensions - fp30reg.dll Exploit (MS03-051)
Microsoft Windows Workstation Service WKSSVC Remote Exploit (MS03-049)
Microsoft Windows Workstation Service - WKSSVC Remote Exploit (MS03-049)
Microsoft Windows XP Workstation Service Remote Exploit (MS03-049)
Microsoft Windows XP Workstation Service - Remote Exploit (MS03-049)
Microsoft Windows Messenger Service Remote Exploit FR (MS03-043)
Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043)
GateKeeper Pro 4.7 Web proxy Remote Buffer Overflow Exploit
GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow Exploit
Eudora 6.0.3 Attachment Spoofing Exploit (windows)
Foxmail 5.0 PunyLib.dll Remote Stack Overflow Exploit
Eudora 6.0.3 - Attachment Spoofing Exploit (Windows)
Foxmail 5.0 - PunyLib.dll Remote Stack Overflow Exploit
eSignal 7.6 STREAMQUOTE Remote Buffer Overflow Exploit
eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow Exploit
OpenBSD 2.6 - / 2.7ftpd Remote Exploit
OpenBSD 2.6 / 2.7ftpd - Remote Exploit
Redhat 6.1 - / 6.2 TTY Flood Users Exploit
Redhat 6.1 / 6.2 - TTY Flood Users Exploit
Solaris 2.6 - / 7 / 8 Lock Users Out of mailx Exploit
Solaris 2.6 / 7 / 8 - Lock Users Out of mailx Exploit
Solaris 2.5 - / 2.5.1 getgrnam() Local Overflow Exploit
Solaris 2.5 / 2.5.1 - getgrnam() Local Overflow Exploit
Solaris 7 - / 8-beta arp Local Overflow Exploit
Solaris 7 / 8-beta - arp Local Overflow Exploit
Solaris 2.6 - / 2.7 /usr/bin/write Local Overflow Exploit
Solaris 2.6 / 2.7 - /usr/bin/write Local Overflow Exploit
Cisco Multiple Products Automated Exploit Tool
Cisco Multiple Products - Automated Exploit Tool
Microsoft Internet Explorer (11 bytes) Denial of Service Exploit
Microsoft Internet Explorer - Denial of Service Exploit (11 bytes)
PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit
PHP <= 4.3.7/5.0.0RC3 - memory_limit Remote Exploit
VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid) (updated)
VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid)
GoodTech Telnet Server < 5.0.7 - Remote BoF Exploit (updated)
GoodTech Telnet Server < 5.0.7 - Remote BoF Exploit (2)
WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2nd updated)
WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1st)
WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2)
WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1)
Maxwebportal <= 1.36 password.asp Change Password Exploit (3 - perl)
Maxwebportal <= 1.36 password.asp Change Password Exploit (2 - php)
Maxwebportal <= 1.36 password.asp Change Password Exploit (1 - html)
Maxwebportal <= 1.36 password.asp Change Password Exploit (3) (perl)
Maxwebportal <= 1.36 password.asp Change Password Exploit (2) (php)
Maxwebportal <= 1.36 password.asp Change Password Exploit (1) (html)
ProRat Server <= 1.9 - (Fix-2) Buffer Overflow Crash Exploit
ProRat Server <= 1.9 (Fix-2) - Buffer Overflow Crash Exploit
Microsoft Windows DTC Remote Exploit (PoC) (MS05-051) (updated)
Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2)
phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (updated)
phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (2)
Microsoft Windows - ACLs Local Privilege Escalation Exploit (Updated)
Microsoft Windows - ACLs Local Privilege Escalation Exploit (2)
HPE <= 1.0 - (HPEinc) Remote File Include Vulnerabilities (updated)
HPE <= 1.0 - (HPEinc) Remote File Include Vulnerabilities (2)
phpBB Journals System Mod 1.0.2 [RC2] - Remote File Include Exploit
phpBB Journals System Mod 1.0.2 RC2 - Remote File Include Exploit
Mozilla Firefox <= 1.5.0.7/ 2.0 - (createRange) Remote DoS Exploit
Mozilla Firefox <= 1.5.0.7/2.0 - (createRange) Remote DoS Exploit
BrowseDialog Class (ccrpbds6.dll) Multiple Methods DoS Exploit
BrowseDialog Class - (ccrpbds6.dll) Multiple Methods DoS Exploit
Asterisk <= 1.2.15 - / 1.4.0 pre-auth Remote Denial of Service Exploit
Asterisk <= 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Exploit
PHP < 4.4.5 - / 5.2.1 php_binary Session Deserialization Information Leak
PHP < 4.4.5 - / 5.2.1 WDDX Session Deserialization Information Leak
PHP < 4.4.5 - / 5.2.1 - php_binary Session Deserialization Information Leak
PHP < 4.4.5 - / 5.2.1 - WDDX Session Deserialization Information Leak
PHP <= 4.4.6 - / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit
PHP <= 4.4.6 / 5.2.1 - array_user_key_compare() ZVAL dtor Local Exploit
PHP <= 4.4.6 - / 5.2.1 ext/gd Already Freed Resources Usage Exploit
PHP <= 4.4.6 / 5.2.1 - ext/gd Already Freed Resources Usage Exploit
Asterisk <= 1.2.16 - / 1.4.1 SIP INVITE Remote Denial of Service Exploit
Asterisk <= 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service Exploit
PHP < 4.4.5 - / 5.2.1 _SESSION unset() Local Exploit
PHP < 4.4.5 - / 5.2.1 _SESSION Deserialization Overwrite Exploit
PHP < 4.4.5 - / 5.2.1 - _SESSION unset() Local Exploit
PHP < 4.4.5 - / 5.2.1 - _SESSION Deserialization Overwrite Exploit
PHP 4.4.5 - / 4.4.6 session_decode() Double Free Exploit PoC
PHP 4.4.5 / 4.4.6 - session_decode() Double Free Exploit PoC
XOOPS Module MyAds Bug Fix <= 2.04jp (index.php) SQL Injection Exploit
XOOPS Module MyAds Bug Fix <= 2.04jp - (index.php) SQL Injection Exploit
Kaqoo Auction (install_root) Multiple Remote File Include Vulnerabilities
Kaqoo Auction - (install_root) Multiple Remote File Include Vulnerabilities
Asterisk < 1.2.22 - / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service
Asterisk < 1.2.22 / 1.4.8 / 2.2.1 - chan_skinny Remote Denial of Service
Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities
Weblogicnet - (files_dir) Multiple Remote File Inclusion Vulnerabilities
PHP <= 4.4.7 - / 5.2.3 MySQL/MySQLi Safe Mode Bypass
PHP <= 4.4.7 / 5.2.3 - MySQL/MySQLi Safe Mode Bypass
EB Design Pty Ltd (EBCRYPT.DLL 2.0) Multiple Remote Vulnerabilites
EB Design Pty Ltd - (EBCRYPT.DLL 2.0) Multiple Remote Vulnerabilites
Lama Software (14.12.2007) Multiple Remote File Inclusion Vulnerabilities
Lama Software 14.12.2007 - Multiple Remote File Inclusion Vulnerabilities
sCssBoard (pwnpack) Multiple Versions Remote Exploit
sCssBoard - (pwnpack) Multiple Versions Remote Exploit
Data Dynamics ActiveBar (Actbar3.ocx 3.2) Multiple Insecure Methods
Data Dynamics ActiveBar (Actbar3.ocx 3.2) - Multiple Insecure Methods
Shader TV (Beta) Multiple Remote SQL Injection Vulnerabilities
Shader TV (Beta) - Multiple Remote SQL Injection Vulnerabilities
Keller Web Admin CMS 0.94 Pro Local File Inclusion
Keller Web Admin CMS 0.94 Pro - Local File Inclusion
Keller Web Admin CMS 0.94 Pro Local File Inclusion (1st)
\o - Local File Inclusion (1st)
HRS Multi (picture_pic_bv.asp key) Blind SQL Injection Exploit
HRS Multi - (picture_pic_bv.asp key) Blind SQL Injection Exploit
Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities
Kasra CMS - (index.php) Multiple SQL Injection Vulnerabilities
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - < UDEV 1.4.1 Local Privilege Escalation Exploit (1)
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Local Privilege Escalation Exploit (1)
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel <= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Mac OS X - Java applet Remote Deserialization Remote PoC (Updated)
Mac OS X - Java applet Remote Deserialization Remote PoC (2)
ZaoCMS (user_updated.php) Remote Change Password Exploit
ZaoCMS - (user_updated.php) Remote Change Password Exploit
eZoneScripts Hotornot2 Script (Admin Bypass) Multiple Remote Vulnerabilities
eZoneScripts Hotornot2 Script - (Admin Bypass) Multiple Remote Vulnerabilities
phpdirectorysource (XSS/SQL) Multiple Vulnerabilities
phpdirectorysource - (XSS/SQL) Multiple Vulnerabilities
Million-Dollar Pixel Ads Platinum (SQL/XSS) Multiple Vulnerabilities
Million-Dollar Pixel Ads Platinum - (SQL/XSS) Multiple Vulnerabilities
garagesalesjunkie (SQL/XSS) Multiple Vulnerabilities
garagesalesjunkie - (SQL/XSS) Multiple Vulnerabilities
Miniweb 2.0 Module Publisher (bSQL-XSS) Multiple Vulnerabilities
Miniweb 2.0 Module Publisher - (bSQL/XSS) Multiple Vulnerabilities
PHP Script Forum Hoster (Topic Delete/XSS) Multiple Vulnerabilities
PHP Script Forum Hoster - (Topic Delete/XSS) Multiple Vulnerabilities
Linux Kernel 2.x - sock_sendpage() Local Root Exploit (Android)
Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (Android)
GDivX Zenith Player AviFixer Class (fix.dll 1.0.0.1) Buffer Overflow PoC
GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow PoC
Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC)
Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - 'sock_sendpage()' Local Root (PPC)
phpMySite (XSS/SQLi) Multiple Vulnerabilities
phpMySite - (XSS/SQLi) Multiple Vulnerabilities
(Tod Miller's) Sudo/SudoEdit 1.6.x / 1.7.x (<= 1.6.9p21 / <= 1.7.2p4) - Local Root Exploit
(Tod Miller's) Sudo/SudoEdit <= 1.6.9p21 / <= 1.7.2p4 - Local Root Exploit
Preisschlacht Multi Liveshop System SQL Injection (seite&aid) index.php
Preisschlacht Multi Liveshop System - SQL Injection (seite&aid) index.php
quality point 1.0 newsfeed (SQL/XSS) Multiple Vulnerabilities
quality point 1.0 newsfeed - (SQL/XSS) Multiple Vulnerabilities
Open Web Analytics 1.2.3 multi file include
Open Web Analytics 1.2.3 - multi file include
Scratcher (SQL/XSS) Multiple Remote
Scratcher - (SQL/XSS) Multiple Remote
phpscripte24 Live Shopping Multi Portal System SQL Injection Exploit
phpscripte24 Live Shopping Multi Portal System - SQL Injection Exploit
e-webtech (fixed_page.asp) SQL Injection
e-webtech - (fixed_page.asp) SQL Injection
parlic Design (SQL/XSS/HTML) Multiple Vulnerabilities
parlic Design - (SQL/XSS/HTML) Multiple Vulnerabilities
MileHigh Creative (SQL/XSS/HTML Injection) Multiple Vulnerabilities
MileHigh Creative - (SQL/XSS/HTML Injection) Multiple Vulnerabilities
CMScout (XSS/HTML Injection) Multiple Vulnerabilities
CMScout - (XSS/HTML Injection) Multiple Vulnerabilities
k-search (SQL/XSS) Multiple Vulnerabilities
k-search - (SQL/XSS) Multiple Vulnerabilities
GuestBook Script PHP (XSS/HTML Injection) Multiple Vulnerabilities
GuestBook Script PHP - (XSS/HTML Injection) Multiple Vulnerabilities
Max's Guestbook (HTML Injection/XSS) Multiple Vulnerabilities
Max's Guestbook - (HTML Injection/XSS) Multiple Vulnerabilities
Joomla Component (com_jefaqpro) Multiple Blind SQL Injection Vulnerabilities
Joomla Component (com_jefaqpro) - Multiple Blind SQL Injection Vulnerabilities
Joomla Component (com_restaurantguide) Multiple Vulnerabilities
Joomla Component - (com_restaurantguide) Multiple Vulnerabilities
TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities
TradeMC E-Ticaret - (SQL/XSS) Multiple Vulnerabilities
Projekt Shop (details.php) Multiple SQL Injection Vulnerabilities
Projekt Shop - (details.php) Multiple SQL Injection Vulnerabilities
CakePHP <= 1.3.5 - / 1.2.8 unserialize()
CakePHP <= 1.3.5 / 1.2.8 - unserialize()
Rae Media Real Estate Multi Agent SQL Injection
Rae Media Real Estate Multi Agent - SQL Injection
Solaris ypupdated Command Execution
Solaris - ypupdated Command Execution
CakePHP <= 1.3.5 - / 1.2.8 Cache Corruption Exploit
CakePHP <= 1.3.5 / 1.2.8 - Cache Corruption Exploit
Joomla HM-Community (com_hmcommunity) Multiple Vulnerabilities
Joomla HM-Community - (com_hmcommunity) Multiple Vulnerabilities
Siemens SIMATIC WinCC Flexible (Runtime) Multiple Vulnerabilities
Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities
CyberLink Multiple Products File Project Handling Stack Buffer Overflow PoC
CyberLink Multiple Products - File Project Handling Stack Buffer Overflow PoC
Ruby on Rails ActionPack Inline ERB Code Execution
Ruby on Rails ActionPack Inline ERB - Code Execution
HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 RPC.YPUpdated Command Execution (1)
HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 RPC.YPUpdated Command Execution (2)
HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 - RPC.YPUpdated Command Execution (1)
HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 - RPC.YPUpdated Command Execution (2)
ASTPP VoIP Billing (4cf207a) Multiple Vulnerabilities
ASTPP VoIP Billing (4cf207a) - Multiple Vulnerabilities
Drummond Miles A1Stats 1.0 a1disp2.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 a1disp3.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 a1disp4.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp4.cgi Traversal Arbitrary File Read
Symantec Norton Personal Firewall 2002/ Kaspersky Labs Anti-Hacker 1.0/BlackIce Server Protection 3.5/BlackICE Defender 2.9 - Auto Block DoS Weakness
Symantec Norton Personal Firewall 2002/Kaspersky Labs Anti-Hacker 1.0/BlackIce Server Protection 3.5/BlackICE Defender 2.9 - Auto Block DoS Weakness
Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities
Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities
Microsoft URLScan 2.5/ RSA Security SecurID 5.0 Configuration Enumeration Weakness
Microsoft URLScan 2.5/RSA Security SecurID 5.0 - Configuration Enumeration Weakness
WinSyslog Interactive Syslog Server 4.21/ long Message Remote Denial of Service
WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service
VocalTec VGW120/ VGW480 Telephony Gateway Remote H.225 - Denial of Service
VocalTec VGW120/VGW480 Telephony Gateway Remote H.225 - Denial of Service
Web Wiz Multiple Products SQL Injection
Web Wiz Multiple Products - SQL Injection
RealNetworks Multiple Products Multiple Buffer Overflow Vulnerabilities
RealNetworks Multiple Products - Multiple Buffer Overflow Vulnerabilities
Geodesic Solutions Multiple Products index.php b Parameter SQL Injection
Geodesic Solutions Multiple Products - index.php b Parameter SQL Injection
HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload
Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service
Linux Kernel <= 2.6.17.7 - NFS and EXT3 Combination Remote Denial of Service
Apache HTTP Server (<= 1.3.35 / <= 2.0.58 / <= 2.2.2) - Arbitrary HTTP Request Headers Security Weakness
Apache HTTP Server <= 1.3.35 / <= 2.0.58 / <= 2.2.2 - Arbitrary HTTP Request Headers Security Weakness
Symantec Multiple Products SymEvent Driver Local Denial of Service
Symantec Multiple Products - SymEvent Driver Local Denial of Service
FreeBSD 5.x I386_Set_LDT() Multiple Local Denial of Service Vulnerabilities
FreeBSD 5.x I386_Set_LDT() - Multiple Local Denial of Service Vulnerabilities
Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit
Apache + PHP < 5.3.12 & < 5.4.2 - cgi-bin Remote Code Execution Exploit
Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner)
Apache + PHP < 5.3.12 & < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
PHP Multi User Randomizer 2006.09.13 Configure_Plugin.TPL.php Cross-Site Scripting
PHP Multi User Randomizer 2006.09.13 - Configure_Plugin.TPL.php Cross-Site Scripting
Symantec Multiple Products SPBBCDrv Driver Local Denial of Service
Symantec Multiple Products - SPBBCDrv Driver Local Denial of Service
Exponent CMS 0.96.5/ 0.96.6 magpie_debug.php url Parameter XSS
Exponent CMS 0.96.5/ 0.96.6 magpie_slashbox.php rss_url Parameter XSS
Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing
Exponent CMS 0.96.5/0.96.6 - magpie_debug.php url Parameter XSS
Exponent CMS 0.96.5/0.96.6 - magpie_slashbox.php rss_url Parameter XSS
Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing
Simple OS CMS 0.1c_beta 'login.php' SQL Injection
Simple OS CMS 0.1c_beta - 'login.php' SQL Injection
WebcamXP 3.72.440/4.05.280 beta /pocketpc camnum Variable Arbitrary Memory Disclosure
WebcamXP 3.72.440/4.05.280 beta /show_gallery_pic id Variable Arbitrary Memory Disclosure
WebcamXP 3.72.440/4.05.280 beta - /pocketpc camnum Variable Arbitrary Memory Disclosure
WebcamXP 3.72.440/4.05.280 beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure
Adobe Flash Player 8/ 9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution
Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution
IBM Maximo 4.1/ 5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities
IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities
Symantec Multiple Products Client Proxy ActiveX (CLIproxy.dll) Remote Overflow
Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow
Blog Ink (Blink) Multiple SQL Injection Vulnerabilities
Blog Ink (Blink) - Multiple SQL Injection Vulnerabilities
PHP Scripts Now Multiple Products bios.php rank Parameter XSS
PHP Scripts Now Multiple Products bios.php rank Parameter SQL Injection
PHP Scripts Now Multiple Products - bios.php rank Parameter XSS
PHP Scripts Now Multiple Products - bios.php rank Parameter SQL Injection
cformsII 11.5/ 13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities
cformsII 11.5/13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities
Native Instruments Multiple Products DLL Loading Arbitrary Code Execution
Native Instruments Multiple Products - DLL Loading Arbitrary Code Execution
PHP 5.x (< 5.6.2) - Bypass disable_functions Exploit (Shellshock)
PHP < 5.6.2 - Bypass disable_functions Exploit (Shellshock)
PHP 5.x (< 5.3.6) 'Zip' Extension - 'zip_fread()' Function Denial of Service
PHP 5.x (< 5.3.6) OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak DoS
PHP 5.x (< 5.3.6) OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak DoS
PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Function Denial of Service
PHP < 5.3.6 OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak DoS
PHP < 5.3.6 OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak DoS
ManageEngine Multiple Products Authenticated File Upload
ManageEngine Multiple Products - Authenticated File Upload
BlueSoft Multiple Products Multiple SQL Injection Vulnerabilities
BlueSoft Multiple Products - Multiple SQL Injection Vulnerabilities
Ay Computer Multiple Products Multiple SQL Injection Vulnerabilities
Ay Computer Multiple Products - Multiple SQL Injection Vulnerabilities
net4visions Multiple Products 'dir' parameters Multiple Cross Site Scripting Vulnerabilities
net4visions Multiple Products - 'dir' parameters Multiple Cross Site Scripting Vulnerabilities
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Privilege Escalation (Access /etc/shadow)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Privilege Escalation (Access /etc/shadow)
Webify Multiple Products Multiple HTML Injection and Local File Include Vulnerabilities
Webify Multiple Products - Multiple HTML Injection and Local File Include Vulnerabilities
AirLive Multiple Products OS Command Injection
AirLive Multiple Products - OS Command Injection
Sciretech Multiple Products Multiple SQL Injection Vulnerabilities
Sciretech Multiple Products - Multiple SQL Injection Vulnerabilities
AlienVault Open Source SIEM (OSSIM) Multiple Cross Site Scripting Vulnerabilities
AlienVault Open Source SIEM (OSSIM) - Multiple Cross Site Scripting Vulnerabilities
Windows x86 - URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode (394 bytes)
Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes)
Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution
Riverbed SteelCentral NetProfiler/NetExpress - Remote Code Execution
Linux/x86-64 - Syscall Persistent Bind Shell + (Multi-terminal) + Password + Daemon (83_ 148_ 177 bytes)
Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Exploit
NewsP Free News Script 1.4.7 - User Credentials Disclosure
newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure
2016-07-20 05:02:55 +00:00
Offensive Security
0a9242663c
DB: 2016-07-16
...
2 new exploits
BSD Passive Connection Shellcode
BSD - Passive Connection Shellcode
FreeBSD i386/AMD64 Execve /bin/sh - Anti-Debugging
FreeBSD i386/AMD64 - Execve /bin/sh (Anti-Debugging)
freebsd/x86 rev connect_ recv_ jmp_ return results (90 bytes)
freebsd/x86 - rev connect_ recv_ jmp_ return results (90 bytes)
freebsd/x86 portbind 4883 with auth shellcode
freebsd/x86 - portbind 4883 with auth shellcode
freebsd/x86 - execve /bin/sh (23 bytes) (2)
freebsd/x86 - execve /bin/sh (2) (23 bytes)
freebsd/x86 chown 0:0 _ chmod 6755 & execve /tmp/sh (44 bytes)
freebsd/x86 - chown 0:0 _ chmod 6755 & execve /tmp/sh (44 bytes)
Windows xp/sp1 generate portbind payload
Windows XP SP1 - portbind payload (Generator)
Linux/x86 - shellcode generator / null free
Alphanumeric Shellcode Encoder Decoder
Utility for generating HTTP/1.x requests for shellcodes
Multi-Format Shellcode Encoding Tool - Beta 2.0 (w32)
Linux/x86 - shellcode null free (Generator)
Alphanumeric Shellcode Encoder/Decoder
HTTP/1.x requests for shellcodes (Generator) (18+ bytes / 26+ bytes)
Multi-Format Shellcode Encoding Tool - Beta 2.0 (Win32) (Generator)
Cisco IOS Connectback Shellcode 1.0
Cisco IOS Bind Shellcode 1.0
Cisco IOS Tiny Shellcode 1.0
Cisco IOS Shellcode And Exploitation Techniques (BlackHat)
Cisco IOS - Connectback Shellcode
Cisco IOS - Bind Shellcode 1.0 (116 bytes)
Cisco IOS - Tiny Shellcode
Cisco IOS - Shellcode And Exploitation Techniques (BlackHat)
Linux/mips - (Linksys WRT54G/GL) port bind shellcode (276 bytes)
Linux/mips - (Linksys WRT54G/GL) execve shellcode (60 bytes)
Linux/mips - execve /bin/sh (56 bytes)
Linux/ppc - execve /bin/sh (60 bytes)
Linux/ppc - read & exec shellcode (32 bytes)
Linux/ppc - connect back execve /bin/sh (240 bytes)
Linux/ppc - execve /bin/sh (112 bytes)
Linux/MIPS (Linksys WRT54G/GL) - port bind shellcode (276 bytes)
Linux/MIPS (Linksys WRT54G/GL) - execve shellcode (60 bytes)
Linux/MIPS - execve /bin/sh (56 bytes)
Linux/PPC - execve /bin/sh (60 bytes)
Linux/PPC - read & exec shellcode (32 bytes)
Linux/PPC - connect back execve /bin/sh (240 bytes)
Linux/PPC - execve /bin/sh (112 bytes)
Linux/x86 - listens for shellcode on tcp/5555 and jumps to it
Linux/x86 - listens for shellcode on tcp/5555 and jumps to it (83 bytes)
Linux/x86-64 - setuid(0) + execve(/bin/sh) (49 bytes)
Linux/x86_64 - setuid(0) + execve(/bin/sh) (49 bytes)
Linux/x86 - File unlinker (18 bytes + file path length)
Linux/x86 - Perl script execution (99 bytes + script length)
Linux/x86 - file reader (65 bytes + pathname)
Linux/x86 - File unlinker (18+ bytes)
Linux/x86 - Perl script execution (99+ bytes)
Linux/x86 - file reader (65+ bytes)
Linux x86 shellcode obfuscator
Linux/x86 - shellcode obfuscator
Linux/86 setreuid(geteuid_ geteuid) + execve(/bin/sh) shellcode
Linux/x86 - setreuid(geteuid_ geteuid) + execve(/bin/sh) shellcode
Linux/x86 - rm -rf / attempts to block the process from being stopped
Linux/x86 - rm -rf / attempts to block the process from being stopped (132 bytes)
Linux/x86 - HTTP/1.x GET_ Downloads and execve() (111 bytes+)
Linux/x86 - executes command after setreuid (9 + 40 bytes + cmd)
Linux/x86 - HTTP/1.x GET_ Downloads and execve() (111+ bytes)
Linux/x86 - executes command after setreuid (49+ bytes)
Linux/x86 - HTTP/1.x GET_ Downloads and JMP - (68 bytes+)
Linux/x86 - HTTP/1.x GET_ Downloads and JMP - (68+ bytes)
Linux/x86 - examples of long-term payloads hide-wait-change (.s)
Linux/x86 - examples of long-term payloads hide-wait-change 187 bytes+
Linux/x86 - examples of long-term payloads hide-wait-change (.s) (187+ bytes)
Linux/x86 - examples of long-term payloads hide-wait-change (187+ bytes)
Linux - chroot()/execve() code
Linux - chroot()/execve() code (80 bytes)
Linux/x86-64 - bindshell port:4444 shellcode (132 bytes)
Linux/x86-64 - execve(/bin/sh) (33 bytes)
Linux/PPC/x86 execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (99 bytes)
OS-X/PPC/x86 execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (121 bytes)
Linux/x86 - unix/SPARC irix/mips execve /bin/sh irx.mips (141 bytes)
Linux/x86 - unix/SPARC execve /bin/sh (80 bytes)
Linux/x86 - bsd/x86 execve /bin/sh (38 bytes)
netbsd/x86 kill all processes shellcode (23 bytes)
netbsd/x86 callback shellcode (port 6666) (83 bytes)
netbsd/x86 setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (29 bytes)
netbsd/x86 setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (30 bytes)
netbsd/x86 execve /bin/sh (68 bytes)
openbsd/x86 execve(/bin/sh) (23 bytes)
openbsd/x86 portbind port 6969 (148 bytes)
openbsd/x86 add user w00w00 (112 bytes)
OS-X/ppc sync()_ reboot() (32 bytes)
OS-X/PPC execve(/bin/sh)_ exit() (72 bytes)
OS-X/PPC Add user r00t (219 bytes)
OS-X/PPC execve /bin/sh (72 bytes)
OS-X/PPC add inetd backdoor (222 bytes)
OS-X/PPC reboot (28 bytes)
OS-X/PPC setuid(0) + execve /bin/sh (88 bytes)
OS-X/PPC create /tmp/suid (122 bytes)
OS-X/PPC simple write() (75 bytes)
OS-X/PPC execve /usr/X11R6/bin/xterm (141 bytes)
sco/x86 execve(_/bin/sh__ ..._ NULL); (43 bytes)
Solaris/sparc download and execute (278 bytes)
Solaris/sparc executes command after setreuid (92 bytes + cmd)
Solaris/sparc connect-back (with XNOR encoded session) (600 bytes)
Solaris/sparc setreuid/execve (56 bytes)
Solaris/sparc portbind (port 6666) (240 bytes)
Solaris/SPARC execve /bin/sh (52 bytes)
Solaris/SPARC portbind port 6789 (228 bytes)
Solaris/SPARC connect-back (204 bytes)
Solaris/SPARC portbinding shellcode
Solaris/x86 portbind/tcp shellcode generator
Solaris/x86 setuid(0)_ execve(//bin/sh); exit(0) NULL Free (39 bytes)
Solaris/x86 setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) (59 bytes)
Solaris/x86 execve /bin/sh toupper evasion (84 bytes)
Solaris/x86 add services and execve inetd (201 bytes)
Linux/x86_64 - bindshell port:4444 shellcode (132 bytes)
Linux/x86_64 - execve(/bin/sh) (33 bytes)
Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (99 bytes)
OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (121 bytes)
Linux/x86 & unix/SPARC & irix/mips - execve /bin/sh irx.mips (141 bytes)
Linux/x86 & unix/SPARC - execve /bin/sh (80 bytes)
Linux/x86 & bsd/x86 - execve /bin/sh (38 bytes)
netbsd/x86 - kill all processes shellcode (23 bytes)
netbsd/x86 - callback shellcode (port 6666) (83 bytes)
netbsd/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (29 bytes)
netbsd/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (30 bytes)
netbsd/x86 - execve /bin/sh (68 bytes)
openbsd/x86 - execve(/bin/sh) (23 bytes)
openbsd/x86 - portbind port 6969 (148 bytes)
openbsd/x86 - add user w00w00 (112 bytes)
OS-X/ppc - sync()_ reboot() (32 bytes)
OS-X/PPC - execve(/bin/sh)_ exit() (72 bytes)
OS-X/PPC - Add user r00t (219 bytes)
OS-X/PPC - execve /bin/sh (72 bytes)
OS-X/PPC - add inetd backdoor (222 bytes)
OS-X/PPC - reboot (28 bytes)
OS-X/PPC - setuid(0) + execve /bin/sh (88 bytes)
OS-X/PPC - create /tmp/suid (122 bytes)
OS-X/PPC - simple write() (75 bytes)
OS-X/PPC - execve /usr/X11R6/bin/xterm (141 bytes)
sco/x86 - execve(_/bin/sh__ ..._ NULL); (43 bytes)
Solaris/SPARC - download and execute (278 bytes)
Solaris/SPARC - executes command after setreuid (92+ bytes)
Solaris/SPARC - connect-back (with XNOR encoded session) (600 bytes)
Solaris/SPARC - setreuid/execve (56 bytes)
Solaris/SPARC - portbind (port 6666) (240 bytes)
Solaris/SPARC - execve /bin/sh (52 bytes)
Solaris/SPARC - portbind port 6789 (228 bytes)
Solaris/SPARC - connect-back (204 bytes)
Solaris/SPARC - portbinding shellcode
Solaris/x86 - portbind/tcp shellcode (Generator)
Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) NULL Free (39 bytes)
Solaris/x86 - setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) (59 bytes)
Solaris/x86 - execve /bin/sh toupper evasion (84 bytes)
Solaris/x86 - add services and execve inetd (201 bytes)
Win32/XP SP2 (En) - cmd.exe (23 bytes)
Win32/XP SP2 (EN) - cmd.exe (23 bytes)
Win32 SEH omelet shellcode 0.1
Win32 -SEH omelet shellcode
Win32 PEB!NtGlobalFlags shellcode (14 bytes)
Win32 - PEB!NtGlobalFlags shellcode (14 bytes)
Win32 PEB Kernel32.dll ImageBase Finder Alphanumeric (67 bytes)
Win32 PEB Kernel32.dll ImageBase Finder (Ascii Printable) (49 bytes)
Win32 connectback_ receive_ save and execute shellcode
Win32 Download and Execute Shellcode Generator (browsers edition)
Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric (67 bytes)
Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) (49 bytes)
Win32 - connectback_ receive_ save and execute shellcode
Win32 - Download and Execute Shellcode (Generator) (Browsers Edition) (275+ bytes)
Win32 IsDebuggerPresent ShellCode (NT/XP) (39 bytes)
Win32 (NT/XP) - IsDebuggerPresent ShellCode (39 bytes)
Win32 - Download & Exec Shellcode (226 bytes+)
Win32 - Download & Exec Shellcode (226+ bytes)
Windows 9x/NT/2000/XP Reverse Generic Shellcode without Loader (249 bytes)
Windows 9x/NT/2000/XP PEB method (29 bytes)
Windows 9x/NT/2000/XP PEB method (31 bytes)
Windows 9x/NT/2000/XP PEB method (35 bytes)
Windows 9x/NT/2000/XP - Reverse Generic Shellcode without Loader (249 bytes)
Windows 9x/NT/2000/XP - PEB method (29 bytes)
Windows 9x/NT/2000/XP - PEB method (31 bytes)
Windows 9x/NT/2000/XP - PEB method (35 bytes)
Windows/XP download and exec source
Windows XP - download and exec source
Microsoft Windows - (DCOM RPC2) Universal Shellcode
Windows - (DCOM RPC2) Universal Shellcode
Linux - setuid(0) & execve(_/sbin/poweroff -f_)
Linux - setuid(0) & execve(_/sbin/poweroff -f_) (47 bytes)
Win xp sp2 PEB ISbeingdebugged shellcode
Windows XP SP2 - PEB ISbeingdebugged shellcode
Win32 XP SP3 ShellExecuteA shellcode
Win32 XP SP3 - ShellExecuteA shellcode
Win32 XP SP3 addFirewallRule
freebsd/x86 portbind shellcode (167 bytes)
Win32 XP SP3 - addFirewallRule
freebsd/x86 - portbind shellcode (167 bytes)
Win32/XP SP2 (En + Ar) - cmd.exe (23 bytes)
Win32/XP SP2 (EN + AR) - cmd.exe (23 bytes)
Windows XP Pro Sp2 English _Message-Box_ Shellcode
Windows XP Pro Sp2 English _Wordpad_ Shellcode
Windows XP Pro SP2 English - _Message-Box_ Shellcode Null-Free (16 bytes)
Windows XP Pro SP2 English - _Wordpad_ Shellcode Null Free (12 bytes)
Linux x86 - polymorphic shellcode ip6tables -F (71 bytes)
Linux x86 - ip6tables -F (47 bytes)
Linux/x86 - polymorphic shellcode ip6tables -F (71 bytes)
Linux/x86 - ip6tables -F (47 bytes)
Linux x86 - /bin/sh (8 bytes)
Linux x86 - execve /bin/sh (21 bytes)
Linux/x86 - /bin/sh (8 bytes)
Linux/x86 - execve /bin/sh (21 bytes)
Linux x86 - disabled modsecurity (64 bytes)
Linux/x86 - disabled modsecurity (64 bytes)
Win32 Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)
Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)
Win32/XP SP3 (Ru) - WinExec+ExitProcess cmd shellcode (12 bytes)
Shellcode - Win32 MessageBox (Metasploit)
JITed egg-hunter stage-0 shellcode Adjusted universal for XP/Vista/Windows 7
Linux x86 - nc -lvve/bin/sh -p13377 shellcode
Win32/XP SP3 (RU) - WinExec+ExitProcess cmd shellcode (12 bytes)
Win32 - MessageBox (Metasploit)
Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 shellcode Adjusted universal
Linux/x86 - nc -lvve/bin/sh -p13377 shellcode
Linux write() & exit(0) shellcode genearator with customizable text
Linux x86 - polymorphic forkbombe - (30 bytes)
Linux x86 forkbombe
Linux - write() & exit(0) shellcode genearator with customizable text
Linux/x86 - polymorphic forkbombe - (30 bytes)
Linux/x86 - forkbomb
Linux/x86_64 execve(_/bin/sh_); shellcode (30 bytes)
Linux/x86_64 - execve(_/bin/sh_); shellcode (30 bytes)
Linux x86 - execve(_/bin/bash___-p__NULL) (33 bytes)
Linux x86 - polymorphic execve(_/bin/bash___-p__NULL) (57 bytes)
Linux/x86 - execve(_/bin/bash___-p__NULL) (33 bytes)
Linux/x86 - polymorphic execve(_/bin/bash___-p__NULL) (57 bytes)
Linux x86 - execve(_/usr/bin/wget__ _aaaa_); (42 bytes)
Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); (42 bytes)
Windows 7 Pro SP1 64 Fr (Beep) Shellcode (39 bytes)
Windows 7 Pro SP1 64 FR - (Beep) Shellcode (39 bytes)
change mode 0777 of _/etc/shadow_ with sys_chmod syscall
Linux/x86 - kill all running process
change mode 0777 of _/etc/passwd_ with sys_chmod syscall
Linux x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) shellcode (45 bytes)
Linux x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) shellcode (39 bytes)
Windows 7 x64 (cmd) Shellcode (61 bytes)
Linux x86 - unlink _/etc/shadow_ shellcode (33 bytes)
Linux x86 - hard / unclean reboot (29 bytes)
Linux x86 - hard / unclean reboot (33 bytes)
change mode 0777 of _/etc/shadow_ with sys_chmod syscall (39 bytes)
Linux/x86 - kill all running process (11 bytes)
change mode 0777 of _/etc/passwd_ with sys_chmod syscall (39 bytes)
Linux/x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) shellcode (45 bytes)
Linux/x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) shellcode (39 bytes)
Windows 7 x64 - cmd Shellcode (61 bytes)
Linux/x86 - unlink _/etc/shadow_ shellcode (33 bytes)
Linux/x86 - hard / unclean reboot (29 bytes)
Linux/x86 - hard / unclean reboot (33 bytes)
Linux - chown root:root /bin/sh x86 shellcode (48 bytes)
Linux/x86 - chown root:root /bin/sh shellcode (48 bytes)
Linux x86 - netcat connect back port 8080 (76 bytes)
Linux/x86 - netcat connect back port 8080 (76 bytes)
Allwin MessageBoxA Shellcode
Windows - MessageBoxA Shellcode
Linux/x86-64 - Disable ASLR Security (143 bytes)
Linux/x86_64 - Disable ASLR Security (143 bytes)
Polymorphic Bindport 31337 with setreuid (0_0) linux/x86
Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) (131 bytes)
Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) (63 bytes)
Linux/x86_64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) (63 bytes)
Linux/x86-64 - Add root user with password (390 bytes)
Linux/x86_64 - Add root user with password (390 bytes)
ShellCode WinXP SP3 SPA URLDownloadToFileA + CreateProcessA + ExitProcess
Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess (176+ bytes)
Polymorphic /bin/sh x86 linux shellcode
Linux/x86 - Polymorphic /bin/sh shellcode (116 bytes)
Linux/ARM chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)
Linux x86 - bind shell port 64533 (97 bytes)
Linux/x86 - bind shell port 64533 (97 bytes)
125 bind port to 6778 XOR encoded polymorphic linux shellcode
Linux - 125 bind port to 6778 XOR encoded polymorphic
ARM Polymorphic - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Shellcode Generator
ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL) Shellcode (Generator)
Win32 - Write-to-file Shellcode
Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes)
Linux/x86_64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes)
Linux x86 - netcat bindshell port 8080 (75 bytes)
Linux/x86 - netcat bindshell port 8080 (75 bytes)
Linux x86 - /bin/sh Null-Free Polymorphic Shellcode (46 bytes)
Linux/x86 - /bin/sh Null-Free Polymorphic Shellcode (46 bytes)
Shellcode Checksum Routine
Shellcode Checksum Routine (18 bytes)
Win32/XP SP3 (Tr) - Add Admin Account Shellcode (127 bytes)
Win32/XP SP3 (TR) - Add Admin Account Shellcode (127 bytes)
Windows Mobile 6.5 TR (WinCE 5.2) MessageBox Shellcode (ARM)
Windows Mobile 6.5 TR (WinCE 5.2) - MessageBox Shellcode (ARM)
Windows Mobile 6.5 TR Phone Call Shellcode
Windows Mobile 6.5 TR - Phone Call Shellcode
Win32/xp pro sp3 (EN) 32-bit - add new local administrator (113 bytes)
Win32/XP Pro SP3 (EN) 32-bit - add new local administrator (113 bytes)
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address
ARM - Bindshell port 0x1337
ARM - Bind Connect UDP Port 68
ARM - Loader Port 0x1337
ARM - ifconfig eth0 and Assign Address
w32 speaking shellcode
Win32 - speaking shellcode
BSD x86 connect back Shellcode (81 bytes)
BSD x86 portbind + fork shellcode (111 bytes)
bds/x86 - connect back Shellcode (81 bytes)
bds/x86 - portbind + fork shellcode (111 bytes)
OS-X/Intel reverse_tcp shell x86_64 (131 bytes)
OS-X/Intel - reverse_tcp shell x86_64 (131 bytes)
Allwin WinExec add new local administrator + ExitProcess Shellcode
Windows - WinExec add new local administrator + ExitProcess Shellcode (279 bytes)
Linux x86 - ASLR deactivation (83 bytes)
Linux/x86 - ASLR deactivation (83 bytes)
Linux/x86-32 - ConnectBack with SSL connection (422 bytes)
Linux/x86_32 - ConnectBack with SSL connection (422 bytes)
SuperH (sh4) Add root user with password
SuperH (sh4) - Add root user with password (143 bytes)
Linux x86 egghunt shellcode
Linux/x86 - egghunt shellcode (29 bytes)
OSX - Universal ROP shellcode
OS-X - Universal ROP shellcode
52 byte Linux MIPS execve
Linux/MIPS - execve (52 bytes)
MIPS Linux XOR Shellcode Encoder (60 bytes)
Linux/MIPS - XOR Shellcode Encoder (60 bytes)
Linux/x86-64 - execve(/bin/sh) (52 bytes)
Linux/x86_64 - execve(/bin/sh) (52 bytes)
Linux/x86 - Search For php/html Writable Files and Add Your Code
Linux/x86 - Search For php/html Writable Files and Add Your Code (380+ bytes)
Linux x86_64 - add user with passwd (189 bytes)
Linux/x86_64 - add user with passwd (189 bytes)
Linux x86 - chmod 666 /etc/passwd & /etc/shadow (57 bytes)
Linux/x86 - chmod 666 /etc/passwd & /etc/shadow (57 bytes)
ntop 1.x - -i Local Format String
ntop 1.x - i Local Format String
(Raspberry Pi) Linux/ARM - reverse_shell (tcp_10.1.1.2_0x1337)
(Raspberry Pi) Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) (30 bytes)
(Raspberry Pi) Linux/ARM - chmod(_/etc/shadow__ 0777) (41 bytes)
Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) (72 bytes)
Linux/ARM (Raspberry Pi) - execve(_/bin/sh__ [0]_ [0 vars]) (30 bytes)
Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) (41 bytes)
Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode
Windows - URLDownloadToFile + WinExec + ExitProcess Shellcode
MIPS Little Endian Shellcode
MIPS Little Endian - Shellcode
Media Player Classic 6.4.9 - - FLI File Remote Buffer Overflow
Media Player Classic 6.4.9 - FLI File Remote Buffer Overflow
Linux x86 - Socket Re-use Shellcode (50 bytes)
Linux/x86 - Socket Re-use Shellcode (50 bytes)
Linux x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh
Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh (378 bytes)
Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash
Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash (521 bytes)
Mouse Media Script 1.6 - - Stored XSS
Mouse Media Script 1.6 - Stored XSS
Linux x86 - rmdir (37 bytes)
Linux/x86 - rmdir (37 bytes)
Linux x64 - Bind TCP port shellcode (81 bytes_ 96 with password)
Linux/x64 - Bind TCP port shellcode (81 bytes / 96 bytes with password)
Linux x64 - Reverse TCP connect (77 to 85 bytes_ 90 to 98 with password)
Linux/x64 - Reverse TCP connect (77 to 85 bytes / 90 to 98 bytes with password)
Windows x86 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 Bytes)
Windows x64 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 Bytes)
Windows x86 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)
Windows x64 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)
Linux MIPS - execve (36 bytes)
Linux/MIPS - execve (36 bytes)
Win x86-64 - Download & execute (Generator)
Windows XP x86-64 - Download & execute (Generator)
Linux x86 - Egg-hunter (20 bytes)
Linux x86 - Typewriter Shellcode Generator
Linux/x86 - Egg-hunter (20 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - execve _/bin/sh_ - shellcode (35 bytes)
Linux/x86 - execve _/bin/sh_ shellcode (35 bytes)
Linux custom execve-shellcode Encoder/Decoder
Linux - custom execve-shellcode Encoder/Decoder
Linux x86 - Execve /bin/sh Shellcode Via Push (21 bytes)
Linux x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes)
Linux/x86 - Execve /bin/sh Shellcode Via Push (21 bytes)
Linux/x86_64 - Execve /bin/sh Shellcode Via Push (23 bytes)
Linux x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)
Linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)
Linux/x86 - execve /bin/sh shellcode (21 bytes) (2)
Linux/x86 - execve /bin/sh shellcode (2) (21 bytes)
Linux - execve(/bin/sh) (30 bytes)
Linux/x86_64 - execve(/bin/sh) (30 bytes)
Linux 64 bit - Encoded execve shellcode
Linux 64bit - Encoded execve shellcode
Linux x86 /bin/sh ROT7 Encoded Shellcode
Linux/x86 - /bin/sh ROT7 Encoded Shellcode
Win32/xp[TR] sp3 - MessageBox (24 bytes)
Win32/XP SP3 (TR) - MessageBox (24 bytes)
Linux x86 - Egg Hunter Shellcode (19 bytes)
Linux/x86 - Egg Hunter Shellcode (19 bytes)
Windows x86 - user32!MessageBox _Hello World!_ (199 Bytes Null-Free)
Windows x86 - user32!MessageBox _Hello World!_ Null-Free (199 bytes)
Linux x86 - /bin/sh ROL/ROR Encoded Shellcode
Linux/x86 - /bin/sh ROL/ROR Encoded Shellcode
OS X x64 /bin/sh Shellcode - NULL Byte Free (34 bytes)
OS-X x64 - /bin/sh Shellcode - NULL Byte Free (34 bytes)
Mainframe/System Z Bind Shell
Mainframe/System Z - Bind Shell
Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL)
Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) (75 bytes)
OS X x64 - tcp bind shellcode_ NULL byte free (144 bytes)
OS-X x64 - tcp bind shellcode_ NULL byte free (144 bytes)
Linux x86_64 - /bin/sh
Linux/x86_64 - /bin/sh
Linux x86_64 - execve Shellcode (22 bytes)
Linux/x86_64 - execve Shellcode (22 bytes)
Linux x86_64 - Bindshell with Password (92 bytes)
Linux/x86_64 - Bindshell with Password (92 bytes)
Linux x64 - egghunter (24 bytes)
Linux/x64 - egghunter (24 bytes)
Linux x86_64 - Polymorphic execve Shellcode (31 bytes)
Linux/x86_64 - Polymorphic execve Shellcode (31 bytes)
Windows XP-10 - Null-Free WinExec Shellcode (Python)
Windows XP<10 - Null-Free WinExec Shellcode (Python)
x64 Linux Bind TCP Port Shellcode
Linux/x64 - Bind TCP Port Shellcode (103 bytes)
x86_64 Linux bind TCP port shellcode
Linux/x86_64 - bind TCP port shellcode (103 bytes)
Linux/x86 - execve _/bin/sh_ - shellcode 24 byte
Linux/x86 - execve _/bin/sh_ shellcode (24 bytes)
Linux x86_64 - Egghunter (18 bytes)
Linux x86 - Egg-hunter (13 bytes)
Linux/x86_64 - Egghunter (18 bytes)
Linux/x86 - Egg-hunter (13 bytes)
WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection
WordPress Booking Calendar Contact Form Plugin <= 1.1.23 - Unauthenticated SQL injection
x86_64 Linux xor/not/div Encoded execve Shellcode
Linux/x86_64 - xor/not/div Encoded execve Shellcode (54 bytes)
WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection
WordPress Booking Calendar Contact Form Plugin <= 1.1.23 - Shortcode SQL Injection
Linux x86/x86_64 reverse_tcp Shellcode
Linux/x86/x86_64 - reverse_tcp Shellcode
Linux x86/x86_64 tcp_bind Shellcode
Linux x86/x86_64 Read etc/passwd Shellcode
Linux/x86/x86_64 - tcp_bind Shellcode
Linux/x86/x86_64 - Read etc/passwd Shellcode
WordPress Booking Calendar Contact Form <=1.1.24 - Multiple Vulnerabilities
WordPress Booking Calendar Contact Form <= 1.1.24 - Multiple Vulnerabilities
x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version (1)
Linux/x86_64 - shell_reverse_tcp with Password - Polymorphic Version (1) (122 bytes)
x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version (2)
Linux x86 Download & Execute Shellcode
Linux x86_64 - Polymorphic Execve-Stack (47 bytes)
Linux/x86_64 - shell_reverse_tcp with Password - Polymorphic Version (2) (135 bytes)
Linux/x86 - Download & Execute Shellcode
Linux/x86_64 - Polymorphic Execve-Stack (47 bytes)
Linux x86_64 - Reverse Shell Shellcode
Linux/x86_64 - Reverse Shell Shellcode
Linux/x86_x64 - execve(/bin/sh) (26 bytes)
Linux/x86_64 - execve(/bin/sh) (26 bytes)
Linux/x86_x64 - execve(/bin/sh) (25 bytes)
Linux/x86_x64 - execve(/bin/bash) (33 bytes)
Linux/x86_64 - execve(/bin/sh) (25 bytes)
Linux/x86_64 - execve(/bin/bash) (33 bytes)
Linux/x86_64 - bindshell (PORT: 5600) (81 bytes)
Linux/x86_64 - bindshell (Pori: 5600) (81 bytes)
Windows x86 URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode
Windows x86 - URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode
Linux x86 Reverse TCP Shellcode (ipv6)
Linux x86 Shellcode - Bind TCP Port 1472 (ipv6)
Linux/x86 - Reverse TCP Shellcode (IPv6)
Linux/x86 - Bind TCP Port 1472 (IPv6) (1250 bytes)
Linux x64 - Bind Shell Shellcode Generator
Linux/x64 - Bind Shell Shellcode (Generator)
Windows Null-Free Shellcode - Primitive Keylogger to File (431 (0x01AF) bytes)
Windows - Null-Free Shellcode Primitive Keylogger to File (431 (0x01AF) bytes)
.Net Framework Execute Native x86 Shellcode
.Net Framework - Execute Native x86 Shellcode
Linux x86_64 Shellcode - Bind TCP Port 1472 (ipv6)
Linux/x86_64 - Bind TCP Port 1472 (IPv6)
Linux x86_64 Shellcode - Reverse TCP (ipv6)
Linux/x86_64 - Reverse TCP (IPv6)
Windows - Null-Free Shellcode - Functional Keylogger to File (601 (0x0259) bytes)
Windows - Null-Free Shellcode Functional Keylogger to File (601 (0x0259) bytes)
Linux x86_64 Shellcode Null-Free Reverse TCP Shell
Linux/x86_64 - Null-Free Reverse TCP Shell
Linux x86_64 Information Stealer Shellcode
Linux/x86_64 - Information Stealer Shellcode
Linux x86 - TCP Bind Shell Port 4444 (656 bytes)
Linux/x86 - TCP Bind Shell Port 4444 (656 bytes)
Linux x86_64 XOR Encode execve Shellcode
Linux/x86_64 - XOR Encode execve Shellcode
Linux/Windows/BSD x86_64 execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode
Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Windows x86 WinExec(_cmd.exe__0) Shellcode
Linux x86 - /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
Windows x86 - WinExec(_cmd.exe__0) Shellcode
Linux/x86 - /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
Windows x86 system(_systeminfo_) Shellcode
Windows x86 - system(_systeminfo_) Shellcode
Windows x86 ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode
Windows x86 - ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode
Linux x86 /bin/sh Shellcode + ASLR Bruteforce
Linux/x86 - /bin/sh Shellcode + ASLR Bruteforce
Linux x86_64 /etc/passwd File Sender Shellcode
Linux/x86_64 - /etc/passwd File Sender Shellcode
Linux x86 - TCP Bind Shell Port 4444 (98 bytes)
Linux/x86 - TCP Bind Shell Port 4444 (98 bytes)
Linux x86 - TCP Reverse Shellcode (75 bytes)
Linux/x86 - TCP Reverse Shellcode (75 bytes)
Linux x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password (172 bytes)
Linux/x86_64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password (172 bytes)
Linux x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10
Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10
Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure
2016-07-16 05:06:26 +00:00
Offensive Security
13e9ec719b
DB: 2016-07-14
...
17 new exploits
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (2)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (3)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (4)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (5)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (6)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (7)
Adobe Flash Player 22.0.0.192 - DefineBitsJPEG2 Memory Corruption
Adobe Flash Player 22.0.0.192 - DefineSprite Memory Corruption
Adobe Flash Player 22.0.0.192 - TAG Memory Corruption
Adobe Flash Player 22.0.0.192 - SceneAndFrameData Memory Corruption
Windows x86 URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode
GSX Analyzer 10.12 and 11 - Main.swf Hardcoded Superadmin Credentials
MS16-032 Secondary Logon Handle Privilege Escalation
Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution
Apache Archiva 1.3.9 - Multiple CSRF Vulnerabilities
Linux x86 Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10
2016-07-14 05:05:01 +00:00
Offensive Security
fc4bc08825
DB: 2016-07-12
...
15 new exploits
Apache HTTPd - Arbitrary Long HTTP Headers DoS
Apache HTTPd - Arbitrary Long HTTP Headers DoS (Perl)
Apache HTTPd - Arbitrary Long HTTP Headers DoS
Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)
Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Exploit (C) (1)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) (c code)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (1)
Webhints <= 1.03 - Remote Command Execution Exploit (c code) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (3)
Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (1)
Webhints <= 1.03 - Remote Command Execution Exploit (C) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (3)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl Code)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C Code)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C)
SimpleBBS <= 1.1 - Remote Commands Execution Exploit (c code)
SimpleBBS <= 1.1 - Remote Commands Execution Exploit (C)
Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code)
Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C)
aFAQ 1.0 (faqDsp.asp catcode) Remote SQL Injection Vulnerability
aFAQ 1.0 - (faqDsp.asp catcode) Remote SQL Injection Vulnerability
Apple CFNetwork HTTP Response Denial of Service Exploit (rb code)
Apple CFNetwork - HTTP Response Denial of Service Exploit (RB)
PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability
PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion Vulnerability
WebPortal CMS <= 0.7.4 (code) Remote Code Execution Vulnerability
WebPortal CMS <= 0.7.4 - (code) Remote Code Execution Vulnerability
emergecolab 1.0 (sitecode) Local File Inclusion Vulnerability
emergecolab 1.0 - (sitecode) Local File Inclusion Vulnerability
Simple Machines Forums (BBCode) Cookie Stealing Vulnerability
Simple Machines Forums - (BBCode) Cookie Stealing Vulnerability
Movie PHP Script 2.0 (init.php anticode) Code Execution Vulnerability
Movie PHP Script 2.0 - (init.php anticode) Code Execution Vulnerability
Kjtechforce mailman b1 (code) SQL Injection Delete Row Vulnerability
Kjtechforce mailman b1 - (code) SQL Injection Delete Row Vulnerability
WordPress Activity Log Plugin 2.3.1 - Persistent XSS
IPS Community Suite 4.1.12.3 - PHP Code Injection
Adobe Flash - ATF Processing Overflow
Adobe Flash - JXR Processing Double Free
Adobe Flash - LMZA Property Decoding Heap Corruption
Adobe Flash - ATF Image Packing Overflow
Tiki Wiki 15.1 - Unauthenticated File Upload Vulnerability (msf)
Ho' Detector (Promiscuous mode detector shellcode) (56 bytes)
Ho' Detector - Promiscuous mode detector shellcode (56 bytes)
MS16-016 mrxdav.sys WebDav Local Privilege Escalation
Ruby on Rails ActionPack Inline ERB Code Execution
Lan Messenger sending PM Buffer Overflow (UNICODE) - Overwrite SEH
Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH
Tiki Wiki CMS 15.0 - Arbitrary File Download
Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass
WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS
Device42 WAN Emulator 2.3 Traceroute Command Injection
Device42 WAN Emulator 2.3 Ping Command Injection
Device42 WAN Emulator 2.3 - Traceroute Command Injection
Device42 WAN Emulator 2.3 - Ping Command Injection
Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash
Dell KACE K1000 File Upload
Dell KACE K1000 - File Upload
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection
Valve Steam 3.42.16.13 - Local Privilege Escalation
Beauty Parlour & SPA Saloon Management System - Blind SQL Injection
Clinic Management System - Blind SQL Injection
Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes
2016-07-12 05:05:04 +00:00
Offensive Security
76bc268c80
DB: 2016-07-11
2016-07-11 05:06:57 +00:00
Offensive Security
c9a818eb76
DB: 2016-07-10
2016-07-10 05:03:45 +00:00
Offensive Security
f74a7dfb7e
DB: 2016-06-30
...
13 new exploits
Symantec Antivirus - Multiple Remote Memory Corruption Unpacking RAR
Symantec Antivirus - Remote Stack Buffer Overflow in dec2lha Library
Symantec Antivirus - Heap Overflow Modifying MIME Messages
Symantec Antivirus - Integer Overflow in TNEF Decoder
Symantec Antivirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink
Symantec Antivirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow
Windows 7 SP1 x86 - Privilege Escalation (MS16-014)
Lenovo ThinkPad - System Management Mode Arbitrary Code Execution Exploit
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
WordPress Ultimate Membership Pro Plugin 3.3 - SQL Injection
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
Ubiquiti Administration Portal - CSRF to Remote Command Execution
Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion
2016-06-30 05:05:39 +00:00
Offensive Security
3739831fb2
DB: 2016-06-24
...
16 new exploits
Banner Exchange Script 1.0 - (targetid) Blind SQL Injection Vulnerability
PHP 5.3.3 - ibase_gen_id() off-by-one Overflow Vulnerability
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address
G Data TotalCare 2011 - NtOpenKey Race Condition Vulnerability
ImpressPages CMS 3.8 - Stored XSS Vulnerability
Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability
Linux Netcat Reverse Shell - 32bit - 77 bytes
PrestaShop 1.4.4.1 modules/mondialrelay/kit_mondialrelay/RechercheDetailPointRelais_ajax.php Multiple Parameter XSS
PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS
Getsimple CMS 3.3.10 - Arbitrary File Upload
op5 v7.1.9 Configuration Command Execution
op5 7.1.9 - Configuration Command Execution
Alibaba Clone B2B Script - Arbitrary File Disclosure
XuezhuLi FileSharing - Directory Traversal
XuezhuLi FileSharing - (Add User) CSRF
FinderView - Multiple Vulnerabilities
2016-06-24 05:06:19 +00:00
Offensive Security
2815f48e25
DB: 2016-06-17
...
12 new exploits
Linux x86_64 - Reverse Shell Shellcode
Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal
Solarwinds Virtualization Manager - Privilege Escalation
Blat 3.2.14 - Stack Overflow
Linux/x86 - Bindshell with Configurable Port - 87 bytes
Linux x86_64 Shellcode Null-Free Reverse TCP Shell
Linux x86 TCP Bind Shell Port 4444 (656 bytes)
Tiki-Wiki CMS Calendar 14.2_ 12.5 LTS_ 9.11 LTS_ and 6.15 - Remote Code Execution
Linux/Windows/BSD x86_64 execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode
ATCOM PBX IP01_ IP08 _ IP4G_ IP2G4A - Authentication Bypass
Roxy Fileman 1.4.4 - Arbitrary File Upload
SlimCMS 0.1 - CSRF (Change Admin Password)
2016-06-17 05:05:00 +00:00
Offensive Security
076ef173f9
DB: 2016-06-11
...
23 new exploits
Poison Ivy 2.1.x C2 Buffer Overflow (msf)
Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation
Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
Mobiketa 1.0 - CSRF Add Admin Exploit
miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query
phpMyFAQ 2.9.0 - Stored XSS
Windows x86 system(_systeminfo_) Shellcode
Armadito Antimalware - Backdoor/Bypass
Riot Games League of Legends - Insecure File Permissions Privilege Escalation
IPFire proxy.cgi RCE
IPFire Bash Environment Variable Injection (Shellshock)
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Android - /system/bin/sdcard Stack Buffer Overflow
OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext
OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl
OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine
OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver
2016-06-11 05:06:22 +00:00
Offensive Security
4bc4dc0218
DB: 2016-06-10
...
1 new exploits
Microsoft Word (Win/Mac) - Crash PoC
2016-06-10 05:06:43 +00:00
Offensive Security
2dba371921
DB: 2016-06-03
...
4 new exploits
Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit
Linux Kernel < 2.6.36-rc4-git2 - x86_64 ia32syscall Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit
Linux Kernel < 2.6.36-rc4-git2 (x86_64) - ia32syscall Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - compat Local Root Exploit
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1)
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1)
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86-64) - sock_diag_handlers[] Local Root
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root
Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit
Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit
Linux Kernel <= 3.7.6 (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel <= 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation
Systrace 1.x (64-Bit) - Aware Linux Kernel Privilege Escalation Vulnerability
Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation Vulnerability
Linux Kernel 2.6.x - (64 bit) Personality Handling Local Denial of Service Vulnerability
Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service Vulnerability
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - ptrace/sysret Local Privilege Escalation
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2)
Joomla SecurityCheck Extension 2.8.9 - Multiple Vulnerabilities
Liferay CE < 6.2 CE GA6 - Stored XSS
Relay Ajax Directory Manager relayb01-071706_ 1.5.1_ 1.5.3 - Unauthenticated File Upload
Websockify (C Implementation) 0.8.0 - Buffer Overflow
2016-06-03 05:02:50 +00:00
Offensive Security
3a855523ef
DB: 2016-06-02
...
2 new exploits
GeekLog 2.x ImageImageMagick.php Remote File Inclusion Vulnerability
GeekLog 2.x - ImageImageMagick.php Remote File Inclusion Vulnerability
ImageMagick 6.x PNM Image Decoding Remote Buffer Overflow Vulnerability
ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow Vulnerability
ImageMagick 6.x SGI Image File Remote Heap Buffer Overflow Vulnerability
ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow Vulnerability
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities
ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)
ImageMagick Delegate Arbitrary Command Execution
ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
Wireshark - erf_meta_read_tag SIGSEGV
2016-06-02 05:03:04 +00:00
Offensive Security
22d168d0bc
DB: 2016-05-31
...
3 new exploits
MySQL 5.5.45 - procedure analyse Function Denial of Service
Open Source Real Estate Script 3.6.0 - SQL Injection
Linux x86_64 XOR Encode execve Shellcode
2016-05-31 05:03:26 +00:00
Offensive Security
2e7bce9702
DB: 2016-05-27
...
9 new exploits
Real Estate Portal 4.1 - Multiple Vulnerabilities
EduSec 4.2.5 - SQL Injection
Micro Focus Rumba+ 9.4 - Multiple Stack Buffer Overflow Vulnerabilities
HP Data Protector A.09.00 - Arbitrary Command Execution
Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow
Graphite2 - GlyphCache::Loader Heap-Based Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread
Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads
2016-05-27 05:03:14 +00:00
Offensive Security
6dc4d46521
DB: 2016-05-18
...
16 new exploits
Meteocontrol WEB’log - Admin Password Disclosure
Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow
Adobe Flash - JXR Processing Out-of-Bounds Read
Adobe Flash - Out-of-Bounds Read when Placing Object
Adobe Flash - Overflow in Processing Raw 565 Textures
Adobe Flash - Heap Overflow in ATF Processing (Image Reading)
Adobe Flash - MP4 File Stack Corruption
Adobe Flash - Type Confusion in FileReference Constructor
Adobe Flash - addProperty Use-After-Free
Adobe Flash - SetNative Use-After-Free
Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
SAP xMII 15.0 - Directory Traversal
2016-05-18 05:02:15 +00:00
Offensive Security