exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	4aa75d9fe9	DB: 2017-05-02 5 new exploits MySQL <= 5.6.35 / <= 5.7.17 - Integer Overflow HideMyAss Pro VPN Client for OS X 2.2.7.0 - Privilege Escalation HideMyAss Pro VPN Client for macOS 3.x - Privilege Escalation Alerton Webtalk 2.5 / 3.3 - Multiple Vulnerabilities Tuleap Project Wiki 8.3 <= 9.6.99.86 - Command Injection	2017-05-02 05:01:18 +00:00
Offensive Security	aabd4b35b3	DB: 2017-04-14 12 new exploits Microsoft Windows Kernel win32k.sys - Multiple Bugs in the NtGdiGetDIBitsInternal System Call Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disclosure PonyOS 3.0 - tty ioctl() Local Kernel Exploit PonyOS 3.0 - TTY 'ioctl()' Local Kernel Exploit Solaris 7 - 11 (x86 & SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation Solaris 7 < 11 (x86 / SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation GNS3 Mac OS-X 1.5.2 - 'ubridge' Privilege Escalation PonyOS 4.0 - 'fluttershy' LD_LIBRARY_PATH Local Kernel Exploit Adobe Creative Cloud Desktop Application <= 4.0.0.185 - Privilege Escalation Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak) Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage Exploit Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution Linux/x86-64 - execve(_/bin/sh_) Shellcode (31 bytes) Coppermine Gallery < 1.5.44 - Directory Traversal Weaknesses SedSystems D3 Decimator - Multiple Vulnerabilities agorum core Pro 7.8.1.4-251 - Cross-Site Request Forgery agorum core Pro 7.8.1.4-251 - Persistent Cross-Site Scripting Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit)	2017-04-14 05:01:15 +00:00
Offensive Security	893d590404	DB: 2017-02-02 12 new exploits PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP 5.2.0 (Windows x86) - 'PHP_win32sti' Local Buffer Overflow Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (1) PHP 5.3.0 - getopt() Denial of Service PHP 5.3.0 - 'getopt()' Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (2) PHP 4.3.x/5.0 - openlog() Buffer Overflow PHP 4.3.x/5.0 - 'openlog()' Buffer Overflow Google Android - 'cfp_ropp_new_key_reenc' and 'cfp_ropp_new_key' RKP Memory Corruption Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation Apple WebKit - 'HTMLFormElement::reset()' Use-After Free Google Chrome - 'HTMLKeygenElement::shadowSelect()' Type Confusion Apple WebKit - 'HTMLKeygenElement' Type Confusion Apple WebKit - Type Confusion in RenderBox with Accessibility Enabled Google Android - RKP Information Disclosure via s2-remapping Physical Ranges QNAP NVR/NAS - Buffer Overflow Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Privilege Escalation (1) Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) UDEV < 1.4.1 - Privilege Escalation (1) Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Privilege Escalation (2) Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) UDEV < 1.4.1 - Privilege Escalation (2) PHP 5.2.9 (Windows x86) - Local Safemod Bypass Exploit PHP 5.2.9 (Windows x86) - Local Safemod Bypass Linux udev - Netlink Privilege Escalation (Metasploit) Linux Kernel UDEV < 1.4.1 - Netlink Privilege Escalation (Metasploit) Google Android - RKP EL1 Code Loading Bypass Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes) Syntax Desktop 2.7 - (synTarget) Local File Inclusion Syntax Desktop 2.7 - 'synTarget' Parameter Local File Inclusion Joomla! Component JTAG Calendar 6.2.4 - 'search' Parameter SQL Injection LogoStore - 'query' Parameter SQL Injection	2017-02-02 05:01:18 +00:00
Offensive Security	763b417a35	DB: 2017-01-25 6 new exploits Mozilla Firefox 1.5 - (history.dat) Looping (PoC) Mozilla Firefox 1.5 - 'history.dat' Looping (PoC) Microsoft Internet Explorer 6 - (script action handlers) 'mshtml.dll' Denial of Service Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1) Microsoft Internet Explorer 6 - Script Action Handlers 'mshtml.dll' Denial of Service Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (1) Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2) Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (2) Apple Mac OSX Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service (PoC) Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC) acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow (PoC) acFTP FTP Server 1.4 - 'USER' Remote Buffer Overflow (PoC) 0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash (PoC) 0verkill 0.16 - ASCII-ART Game Remote Integer Overflow Crash (PoC) Clam AntiVirus 0.88.4 - (rebuildpe) Remote Heap Overflow (PoC) Asterisk 1.0.12 / 1.2.12.1 - (chan_skinny) Remote Heap Overflow (PoC) Clam AntiVirus 0.88.4 - 'rebuildpe' Remote Heap Overflow (PoC) Asterisk 1.0.12 / 1.2.12.1 - 'chan_skinny' Remote Heap Overflow (PoC) AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow (PoC) AT-TFTP 1.9 - 'Long Filename' Remote Buffer Overflow (PoC) LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service LeadTools ISIS Control - 'ltisi14E.ocx 14.5.0.44' Remote Denial of Service Microsoft Visual FoxPro 6.0 - (FPOLE.OCX 6.0.8450.0) - Remote (PoC) Microsoft Visual FoxPro 6.0 - FPOLE.OCX 6.0.8450.0 Remote (PoC) Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote Buffer Overflow (PoC) Castle Rock Computing SNMPc < 7.1.1 - 'Community' Remote Buffer Overflow (PoC) BitDefender - (module pdf.xmd) Infinite Loop Denial of Service (PoC) BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC) ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow (PoC) ClamAV < 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC) Amaya Web Browser 10.0.1/10.1-pre5 - (html tag) Buffer Overflow (PoC) Amaya Web Browser 10.0.1/10.1-pre5 - HTML Tag Buffer Overflow (PoC) Amaya Web Editor - XML and HTML parser Vulnerabilities Amaya Web Editor 11.0 - XML and HTML parser Vulnerabilities Elecard AVC HD PLAYER - '.m3u' / '.xpl' Local Stack Overflow (PoC) RealVNC 4.1.2 - (vncviewer.exe) RFB Protocol Remote Code Execution (PoC) Elecard AVC HD player - '.m3u' / '.xpl' Local Stack Overflow (PoC) RealVNC 4.1.2 - 'vncviewer.exe' RFB Protocol Remote Code Execution (PoC) Apple Mac OSX xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow (PoC) Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC) Apple Mac OSX xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service (PoC) Apple Mac OSX xnu 1228.x - (vfssysctl) Local Kernel Denial of Service (PoC) Apple Mac OSX xnu 1228.3.13 - 'Profil' Kernel Memory Leak/Denial of Service (PoC) Apple Mac OSX xnu 1228.x - 'vfssysctl' Local Kernel Denial of Service (PoC) AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack Buffer Overflow PoC (SEH) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow PoC (SEH) eEye Retina WiFi Security Scanner 1.0 - (.rws Parsing) Buffer Overflow (PoC) AwingSoft Web3D Player - (WindsPly.ocx) Remote Buffer Overflow (PoC) eEye Retina WiFi Security Scanner 1.0 - '.rws Parsing' Buffer Overflow (PoC) AwingSoft Web3D Player - 'WindsPly.ocx' Remote Buffer Overflow (PoC) Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) Apple Safari 4.0.2 - WebKit Parsing of Floating Point Numbers Buffer Overflow (PoC) Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit) Cerberus FTP 3.0.1 - 'ALLO' Remote Overflow Denial of Service (Metasploit) Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - (PoC) Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - Denial of Service (PoC) Spider Solitaire - Denial of Service (PoC) Ofilter Player - (skin.ini) Local Crash (PoC) Ofilter Player - 'skin.ini' Local Crash (PoC) NPlayer - (.dat Skin) Local Heap Overflow (PoC) NPlayer - '.dat Skin' Local Heap Overflow (PoC) MediaMonkey Player - Local Denial of Service MediaMonkey 3.2.0 - Local Denial of Service Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Apple Safari 4.0.5 - Object Tag 'JavaScriptCore.dll' Denial of Service (Crash) RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow (PoC) RPM Select/Elite 5.0 - '.xml config parsing' Unicode Buffer Overflow (PoC) EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote Denial of Service (IE) EDraw Flowchart ActiveX Control 2.3 - 'EDImage.ocx' Remote Denial of Service (IE) Apple Safari 4.0.5 - (531.22.7) Denial of Service Apple Safari 4.0.5 (531.22.7) - Denial of Service Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service Savy Soda Documents - Mobile Office Suite '.XLS' Denial of Service Corel WordPerfect Office X5 15.0.0.357 - (wpd) Buffer Overflow (PoC) Corel Presentations X5 15.0.0.357 - (shw) Buffer Preoccupation (PoC) Corel WordPerfect Office X5 15.0.0.357 - 'wpd' Buffer Overflow (PoC) Corel Presentations X5 15.0.0.357 - 'shw' Buffer Preoccupation (PoC) Barcodewiz BarCode ActiveX 3.29 - (PoC) Barcodewiz BarCode ActiveX 3.29 - Denial of Service (PoC) LeadTools 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation Denial of Service LeadTools 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation Denial of Service LeadTools 11.5.0.9 - 'ltisi11n.ocx' DriverName() Access Violation Denial of Service LeadTools 11.5.0.9 - 'ltlst11n.ocx' Insert() Access Violation Denial of Service LeadTools 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation Denial of Service LeadTools 11.5.0.9 - 'ltdlg11n.ocx' Bitmap Access Violation Denial of Service MediaMonkey 3.2.4.1304 - 'mp3' Buffer Overflow (PoC) MediaMonkey 3.2.4.1304 - '.mp3' Buffer Overflow (PoC) Flash Player - (Flash6.ocx) AllowScriptAccess Denial of Service (PoC) Flash Player - 'Flash6.ocx' AllowScriptAccess Denial of Service (PoC) Microsoft IIS 7.5 (Windows 7) - FTPSVC UNAUTH'D Remote Denial of Service (PoC) Microsoft IIS 7.5 (Windows 7) - FTPSVC Unauthorized Remote Denial of Service (PoC) Avira AntiVir QUA file - (avcenter.exe) Local Crash (PoC) Avira AntiVir - '.QUA' File 'avcenter.exe' Local Crash (PoC) SlimPDF Reader - (PoC) SlimPDF Reader - Denial of Service (PoC) VideoLAN VLC Media Player 1.1.11 - (libav) 'libavcodec_plugin.dll' Denial of Service VideoLAN VLC Media Player 1.1.11 - libav 'libavcodec_plugin.dll' Denial of Service PHP Hash Table Collision - (PoC) PHP Hash Table Collision - Denial of Service (PoC) EdrawSoft Office Viewer Component ActiveX 5.6 - (officeviewermme.ocx) Buffer Overflow (PoC) EdrawSoft Office Viewer Component ActiveX 5.6 - 'officeviewermme.ocx' Buffer Overflow (PoC) PowerNet Twin Client 8.9 - (RFSync 1.0.0.1) Crash (PoC) PowerNet Twin Client 8.9 - 'RFSync 1.0.0.1' Crash (PoC) Spytech NetVizor 6.1 - (services.exe) Denial of Service Spytech NetVizor 6.1 - 'services.exe' Denial of Service Microsoft Windows Help program - (WinHlp32.exe) Crash (PoC) Microsoft Windows Help program - 'WinHlp32.exe' Crash (PoC) Easy DVD Player 3.5.1 - (libav) 'libavcodec_plugin.dll' Denial of Service Easy DVD Player 3.5.1 - libav 'libavcodec_plugin.dll' Denial of Service TeraCopy 2.3 - (default.mo) Language File Integer Overflow TeraCopy 2.3 - 'default.mo' Language File Integer Overflow Samba < 3.6.2 (x86) - (PoC) Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow (PoC) Acoustica Pianissimo 1.0 Build 12 - 'Registration ID' Buffer Overflow (PoC) WHMCS 5.12 - 'cart.php' Denial of Service WHMCompleteSolution (WHMCS) 5.12 - 'cart.php' Denial of Service BSD chpass - (pw_error(3)) Privilege Escalation BSD chpass - 'pw_error(3)' Privilege Escalation Solaris 2.6/7/8/9 (sparc) - (ld.so.1) Privilege Escalation Solaris 2.6/7/8/9 (sparc) - 'ld.so.1' Privilege Escalation Tru64 UNIX 5.0 - (Rev. 910) rdist NLSPATH Buffer Overflow Tru64 UNIX 5.0 - (Rev. 910) edauth NLSPATH Buffer Overflow Tru64 UNIX 5.0 (Rev. 910) - rdist NLSPATH Buffer Overflow Tru64 UNIX 5.0 (Rev. 910) - edauth NLSPATH Buffer Overflow Kerio WebSTAR 5.4.2 (OSX) - (libucache.dylib) Privilege Escalation Kerio WebSTAR 5.4.2 (OSX) - 'libucache.dylib' Privilege Escalation Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Privilege Escalation Apache 1.3.33/1.3.34 (Ubuntu / Debian) - CGI TTY Privilege Escalation East Wind Software - (advdaudio.ocx 1.5.1.1) Local Buffer Overflow East Wind Software - 'advdaudio.ocx 1.5.1.1' Local Buffer Overflow Total Video Player 1.31 - (DefaultSkin.ini) Local Stack Overflow Total Video Player 1.31 - 'DefaultSkin.ini' Local Stack Overflow Mp3-Nator 2.0 - (ListData.dat) Universal Buffer Overflow (SEH) Mp3-Nator 2.0 - 'ListData.dat' Universal Buffer Overflow (SEH) Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Privilege Escalation Adobe 9.x Related Service - 'getPlus_HelperSvc.exe' Privilege Escalation Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (1) Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2) Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3) Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (1) Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (2) Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (3) Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (1) Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer Exploit (SEH) (1) Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (2) Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer Exploit (SEH) (2) Spider Solitaire - (PoC) EDraw Flowchart ActiveX Control 2.3 - (.edd parsing) Remote Buffer Overflow (PoC) EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Remote Buffer Overflow (PoC) Gesytec ElonFmt ActiveX 1.1.14 - (ElonFmt.ocx) pid Item Buffer Overflow (SEH) Gesytec ElonFmt ActiveX 1.1.14 - 'ElonFmt.ocx' pid Item Buffer Overflow (SEH) SopCast 3.4.7 - (Diagnose.exe) Improper Permissions SopCast 3.4.7 - 'Diagnose.exe' Improper Permissions ACE Stream Media 2.1 - (acestream://) Format String (PoC) ACE Stream Media 2.1 - 'acestream://' Format String (PoC) Total Video Player 1.3.1 - (Settings.ini) Buffer Overflow (SEH) (Metasploit) Total Video Player 1.3.1 - 'Settings.ini' Buffer Overflow (SEH) (Metasploit) RedStar 2.0 Desktop - (World-writeable rc.sysinit) Privilege Escalation RedStar 3.0 Desktop - (Software Manager swmng.app) Privilege Escalation RedStar 2.0 Desktop - 'World-writeable rc.sysinit' Privilege Escalation RedStar 3.0 Desktop - 'Software Manager swmng.app' Privilege Escalation MASM321 11 Quick Editor - (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH Bypass) MASM321 11 Quick Editor - '.qeditor' 4.0g - .qse SEH Based Buffer Overflow (ASLR & SAFESEH Bypass) ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Service Path Privilege Escalation ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation Microsoft Remote Desktop Client for Mac 8.0.36 - Remote Code Execution Solaris 2.6/7/8 - (TTYPROMPT in.telnet) Remote Authentication Bypass Solaris 2.6/7/8 - 'TTYPROMPT in.telnet' Remote Authentication Bypass BIND 8.2.x - (TSIG) Stack Overflow (1) BIND 8.2.x - (TSIG) Stack Overflow (2) BIND 8.2.x - (TSIG) Stack Overflow (3) BIND 8.2.x - (TSIG) Stack Overflow (4) BIND 8.2.x - 'TSIG' Stack Overflow (1) BIND 8.2.x - 'TSIG' Stack Overflow (2) BIND 8.2.x - 'TSIG' Stack Overflow (3) BIND 8.2.x - 'TSIG' Stack Overflow (4) Microsoft IIS 5.0 - (500-100.asp) Server Name Spoof Exploit Microsoft IIS 5.0 - '500-100.asp' Server Name Spoof Exploit phpBB 2.0.13 - (admin_styles.php) Remote Command Execution e107 <= 0.6172 - (resetcore.php) SQL Injection phpBB 2.0.13 - 'admin_styles.php' Remote Command Execution e107 <= 0.6172 - 'resetcore.php' SQL Injection Apple Mac OSX Safari Browser - (Safe File) Remote Code Execution (Metasploit) Apple Mac OSX Safari Browser - 'Safe File' Remote Code Execution (Metasploit) Darwin Streaming Server 4.1.2 - (parse_xml.cgi) Code Execution Darwin Streaming Server 4.1.2 - 'parse_xml.cgi' Code Execution Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (1) Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (1) CesarFTP 0.99g - (MKD) Remote Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Remote Buffer Overflow (Metasploit) Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (2) Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (2) AIM Triton 1.0.4 - (SipXtapi) Remote Buffer Overflow (PoC) AIM Triton 1.0.4 - 'SipXtapi' Remote Buffer Overflow (PoC) Microsoft Internet Explorer - (MDAC) Remote Code Execution (MS06-014) (Metasploit) (2) Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (3) Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2) Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (3) IBM Director < 5.10 - (Redirect.bat) Directory Traversal IBM Director < 5.10 - 'Redirect.bat' Directory Traversal Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl) Microsoft Internet Explorer - 'VML' Remote Buffer Overflow (SP2) (Perl) Omni-NFS Server 5.2 - (nfsd.exe) Remote Stack Overflow (Metasploit) Omni-NFS Server 5.2 - 'nfsd.exe' Remote Stack Overflow (Metasploit) Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - 'Long Filename' Remote Buffer Overflow CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (1) CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (2) CA BrightStor ARCserve - 'msgeng.exe' Remote Heap Overflow (1) CA BrightStor ARCserve - 'msgeng.exe' Remote Heap Overflow (2) Mozilla Firefox 2.0.0.1 - (location.hostname) Cross-Domain Mozilla Firefox 2.0.0.1 - 'location.hostname' Cross-Domain 3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl) 3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode Exploit (Perl) CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Remote Code Exploit Aircrack-NG 0.7 - (Specially Crafted 802.11 Packets) Remote Buffer Overflow Aircrack-NG 0.7 - 'Specially Crafted 802.11 Packets' Remote Buffer Overflow eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote Buffer Overflow eCentrex VOIP Client module - 'uacomx.ocx 2.0.1' Remote Buffer Overflow Microsoft Visual Studio 6.0 - (PDWizard.ocx) Remote Command Execution Microsoft Visual Studio 6.0 - 'PDWizard.ocx' Remote Command Execution MySpace Uploader - (MySpaceUploader.ocx 1.0.0.4) Buffer Overflow MySpace Uploader - 'MySpaceUploader.ocx 1.0.0.4' Buffer Overflow Philips VOIP841 'Firmware 1.0.4.800' - Multiple Vulnerabilities Philips VOIP841 Firmware 1.0.4.800 - Multiple Vulnerabilities Linksys WRT54G (Firmware 1.00.9) - Security Bypass Vulnerabilities (1) Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (1) Black Ice Software Annotation Plugin - (BiAnno.ocx) Buffer Overflow (2) Black Ice Software Annotation Plugin - 'BiAnno.ocx' Buffer Overflow (2) Linksys WRT54G (Firmware 1.00.9) - Security Bypass Vulnerabilities (2) Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (2) Microsoft Access - (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit Microsoft Access - 'Snapview.ocx 10.0.5529.0' ActiveX Remote Exploit Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows XP) Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows Vista) Amaya Web Browser 11 (Windows XP) - bdo tag Remote Stack Overflow Amaya Web Browser 11 (Windows Vista) - bdo tag Remote Stack Overflow Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (1) Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (2) Steamcast - HTTP Request Remote Buffer Overflow (SEH) (1) Steamcast - HTTP Request Remote Buffer Overflow (SEH) (2) 32bit FTP (09.04.24) - (CWD Response) Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - (CWD Response) Universal Overwrite (SEH) 32bit FTP - (PASV) Reply Client Remote Overflow (Metasploit) 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler Buffer Overflow (Metasploit) Apple iTunes 8.1.1 - 'ITMS' Multiple Protocol Handler Buffer Overflow (Metasploit) Apple iTunes 8.1.1.10 (Windows) - (itms/itcp) Remote Buffer Overflow Apple iTunes 8.1.1.10 (Windows) - 'itms/itcp' Remote Buffer Overflow THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download THOMSON TG585n 7.4.3.2 - 'user.ini' Arbitrary Download Adobe Flash and Reader - (PoC) Adobe Flash and Reader - Live Malware (PoC) Microsoft Internet Explorer - (VML) Fill Method Code Execution (MS06-055) (Metasploit) Microsoft Internet Explorer - 'VML' Fill Method Code Execution (MS06-055) (Metasploit) WinZip FileView - (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow (Metasploit) WinZip FileView - 'WZFILEVIEW.FileViewCtrl.61' ActiveX Buffer Overflow (Metasploit) CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Command Buffer Overflow (Metasploit) UltraVNC 1.0.2 Client - (vncviewer.exe) Buffer Overflow (Metasploit) UltraVNC 1.0.2 Client - 'vncviewer.exe' Buffer Overflow (Metasploit) Audio File Library 0.2.6 - (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Audio File Library 0.2.6 - libaudiofile 'msadpcm.c' .WAV File Processing Buffer Overflow Linksys WRT54GC 1.5.7 - (Firmware) 'administration.cgi' Access Validation Linksys WRT54GC 1.5.7 Firmware - 'administration.cgi' Access Validation Cisco WebEx - 'nativeMessaging' Arbitrary Remote Command Execution Mozilla Firefox < 50.0.2 - nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution (Metasploit) Aztek Forum 4.0 - (myadmin.php) Database Dumper Exploit Aztek Forum 4.0 - 'myadmin.php' Database Dumper Exploit E-Cart 1.1 - (index.cgi) Remote Command Execution E-Cart 1.1 - 'index.cgi' Remote Command Execution UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection ASPNuke 0.80 - (article.asp) SQL Injection ASPNuke 0.80 - (comment_post.asp) SQL Injection UBBCentral UBB.Threads < 6.5.2 Beta - 'mailthread.php' SQL Injection ASPNuke 0.80 - 'article.asp' SQL Injection ASPNuke 0.80 - 'comment_post.asp' SQL Injection w-Agora 4.2.0 - (quicklist.php) Remote Code Execution w-Agora 4.2.0 - 'quicklist.php' Remote Code Execution Cyphor 0.19 - (show.php id) SQL Injection Cyphor 0.19 - 'show.php id' SQL Injection eFiction 2.0 - (Fake .gif) Arbitrary File Upload eFiction 2.0 - 'Fake .gif' Arbitrary File Upload CuteNews 1.4.1 - (categories.mdu) Remote Command Execution CuteNews 1.4.1 - 'categories.mdu' Remote Command Execution FlatCMS 1.01 - (file_editor.php) Remote Command Execution FlatCMS 1.01 - 'file_editor.php' Remote Command Execution FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Arbitrary File Upload FCKEditor 2.0 <= 2.2 - 'FileManager connector.php' Arbitrary File Upload FlySpray 0.9.7 - (install-0.9.7.php) Remote Commands Execution Exploit FlySpray 0.9.7 - 'install-0.9.7.php' Remote Commands Execution Exploit GeekLog 1.x - (error.log) Remote Commands Execution Exploit (gpc = Off) GeekLog 1.x - 'error.log' (gpc = Off) Remote Commands Execution Exploit phpWebSite 0.10.0-full - (topics.php) SQL Injection phpWebSite 0.10.0-full - 'topics.php' SQL Injection iGENUS WebMail 2.0.2 - (config_inc.php) Remote Code Execution iGENUS WebMail 2.0.2 - 'config_inc.php' Remote Code Execution TotalECommerce 1.0 - (index.asp id) SQL Injection TotalECommerce 1.0 - 'index.asp id' SQL Injection CilemNews System 1.1 - (yazdir.asp haber_id) SQL Injection CilemNews System 1.1 - 'yazdir.asp haber_id' SQL Injection ShoutLIVE 1.1.0 - (savesettings.php) Remote Code Execution ShoutLIVE 1.1.0 - 'savesettings.php' Remote Code Execution FreeWPS 2.11 - (images.php) Remote Code Execution FreeWPS 2.11 - 'images.php' Remote Code Execution phpBookingCalendar 1.0c - (details_view.php) SQL Injection phpBookingCalendar 1.0c - 'details_view.php' SQL Injection Aztek Forum 4.00 - (myadmin.php) User Privilege Escalation Aztek Forum 4.00 - 'myadmin.php' User Privilege Escalation Claroline 1.7.4 - (scormExport.inc.php) Remote Code Execution Claroline 1.7.4 - 'scormExport.inc.php' Remote Code Execution Sire 2.0 - (lire.php) Remote File Inclusion / Arbitrary File Upload Sire 2.0 - 'lire.php' Remote File Inclusion / Arbitrary File Upload Sphider 1.3 - (configset.php) Arbitrary Remote File Inclusion Sphider 1.3 - 'configset.php' Arbitrary Remote File Inclusion Censtore 7.3.x - (censtore.cgi) Remote Command Execution quizz 1.01 - (quizz.pl) Remote Command Execution Censtore 7.3.x - 'censtore.cgi' Remote Command Execution quizz 1.01 - 'quizz.pl' Remote Command Execution SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution SysInfo 1.21 - 'sysinfo.cgi' Remote Command Execution FlexBB 0.5.5 - (/inc/start.php _COOKIE) SQL Bypass Exploit FlexBB 0.5.5 - '/inc/start.php _COOKIE' SQL Bypass Exploit ASPSitem 1.83 - (Haberler.asp) SQL Injection ASPSitem 1.83 - 'Haberler.asp' SQL Injection FlexBB 0.5.5 - (function/showprofile.php) SQL Injection BK Forum 4.0 - (member.asp) SQL Injection FlexBB 0.5.5 - 'function/showprofile.php' SQL Injection BK Forum 4.0 - 'member.asp' SQL Injection Fast Click 1.1.3 / 2.3.8 - (show.php) Remote File Inclusion Fast Click 1.1.3 / 2.3.8 - 'show.php' Remote File Inclusion HiveMail 1.3 - (addressbook.add.php) Remote Code Execution VP-ASP 6.00 - (shopcurrency.asp) SQL Injection HiveMail 1.3 - 'addressbook.add.php' Remote Code Execution VP-ASP 6.00 - 'shopcurrency.asp' SQL Injection Dokeos Lms 1.6.4 - (authldap.php) Remote File Inclusion Claroline E-Learning 1.75 - (ldap.inc.php) Remote File Inclusion Dokeos Lms 1.6.4 - 'authldap.php' Remote File Inclusion Claroline E-Learning 1.75 - 'ldap.inc.php' Remote File Inclusion Squirrelcart 2.2.0 - (cart_content.php) Remote File Inclusion Squirrelcart 2.2.0 - 'cart_content.php' Remote File Inclusion Woltlab Burning Board 2.3.5 - (links.php) SQL Injection Woltlab Burning Board 2.3.5 - 'links.php' SQL Injection open-medium.CMS 0.25 - (404.php) Remote File Inclusion Back-End CMS 0.7.2.2 - (BE_config.php) Remote File Inclusion open-medium.CMS 0.25 - '404.php' Remote File Inclusion Back-End CMS 0.7.2.2 - 'BE_config.php' Remote File Inclusion DoceboLms 2.0.5 - (help.php) Remote File Inclusion DoceboLms 2.0.5 - 'help.php' Remote File Inclusion PrideForum 1.0 - (forum.asp) SQL Injection PrideForum 1.0 - 'forum.asp' SQL Injection Bytehoard 2.1 - (server.php) Remote File Inclusion Bytehoard 2.1 - 'server.php' Remote File Inclusion Igloo 0.1.9 - (Wiki.php) Remote File Inclusion Igloo 0.1.9 - 'Wiki.php' Remote File Inclusion Informium 0.12.0 - (common-menu.php) Remote File Inclusion Informium 0.12.0 - 'common-menu.php' Remote File Inclusion DotClear 1.2.4 - (prepend.php) Arbitrary Remote File Inclusion DotClear 1.2.4 - 'prepend.php' Arbitrary Remote File Inclusion Wikiwig 4.1 - (wk_lang.php) Remote File Inclusion myNewsletter 1.1.2 - (adminLogin.asp) Login Bypass Wikiwig 4.1 - 'wk_lang.php' Remote File Inclusion myNewsletter 1.1.2 - 'adminLogin.asp' Login Bypass Xtreme/Ditto News 1.0 - (post.php) Remote File Inclusion Back-End CMS 0.7.2.1 - (jpcache.php) Remote File Inclusion Xtreme/Ditto News 1.0 - 'post.php' Remote File Inclusion Back-End CMS 0.7.2.1 - 'jpcache.php' Remote File Inclusion aWebNews 1.5 - (visview.php) Remote File Inclusion aWebNews 1.5 - 'visview.php' Remote File Inclusion PHP Blue Dragon CMS 2.9.1 - (template.php) File Inclusion PHP Blue Dragon CMS 2.9.1 - 'template.php' File Inclusion DreamAccount 3.1 - (auth.api.php) Remote File Inclusion DreamAccount 3.1 - 'auth.api.php' Remote File Inclusion RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Inclusion RsGallery2 <= 1.11.2 - 'rsgallery.html.php' File Inclusion Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion Randshop 1.1.1 - (header.inc.php) Remote File Inclusion Plume CMS 1.1.3 - 'dbinstall.php' Remote File Inclusion Randshop 1.1.1 - 'header.inc.php' Remote File Inclusion SQuery 4.5 - (gore.php) Remote File Inclusion SQuery 4.5 - 'gore.php' Remote File Inclusion FlushCMS 1.0.0-pre2 - (class.rich.php) Remote File Inclusion FlushCMS 1.0.0-pre2 - 'class.rich.php' Remote File Inclusion Etomite CMS 0.6.1 - (rfiles.php) Remote Command Execution Etomite CMS 0.6.1 - 'rfiles.php' Remote Command Execution TSEP 0.942 - (copyright.php) Remote File Inclusion TSEP 0.942 - 'copyright.php' Remote File Inclusion WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion WoW Roster 1.70 - '/lib/phpBB.php' Remote File Inclusion TSEP 0.942 - (colorswitch.php) Remote File Inclusion TSEP 0.942 - 'colorswitch.php' Remote File Inclusion SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote File Inclusion SQLiteWebAdmin 0.1 - 'tpl.inc.php' Remote File Inclusion PHPCodeCabinet 0.5 - (Core.php) Remote File Inclusion PHPCodeCabinet 0.5 - 'Core.php' Remote File Inclusion See-Commerce 1.0.625 - (owimg.php3) Remote File Inclusion See-Commerce 1.0.625 - 'owimg.php3' Remote File Inclusion PHPMyRing 4.2.0 - (view_com.php) SQL Injection PHPMyRing 4.2.0 - 'view_com.php' SQL Injection VWar 1.50 R14 - (online.php) SQL Injection VWar 1.50 R14 - 'online.php' SQL Injection Wheatblog 1.1 - (session.php) Remote File Inclusion Wheatblog 1.1 - 'session.php' Remote File Inclusion PHPay 2.02 - (nu_mail.inc.php) Remote mail() Injection PHPay 2.02 - 'nu_mail.inc.php' Remote mail() Injection WEBInsta CMS 0.3.1 - (users.php) Remote File Inclusion WEBInsta CMS 0.3.1 - 'users.php' Remote File Inclusion WTcom 0.2.4-alpha - (torrents.php) SQL Injection WTcom 0.2.4-alpha - 'torrents.php' SQL Injection PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote File Inclusion PHlyMail Lite 3.4.4 - 'mod.listmail.php' Remote File Inclusion LBlog 1.05 - (comments.asp) SQL Injection LBlog 1.05 - 'comments.asp' SQL Injection PHlyMail Lite 3.4.4 - (folderprops.php) Remote File Inclusion (2) Empire CMS 3.7 - (checklevel.php) Remote File Inclusion PHlyMail Lite 3.4.4 - 'folderprops.php' Remote File Inclusion (2) Empire CMS 3.7 - 'checklevel.php' Remote File Inclusion VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion VistaBB 2.x - 'functions_mod_user.php' Remote File Inclusion PHPCOIN 1.2.3 - (session_set.php) Remote File Inclusion PHPCOIN 1.2.3 - 'session_set.php' Remote File Inclusion FlashChat 4.5.7 - (aedating4CMS.php) Remote File Inclusion FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion Beautifier 0.1 - (Core.php) Remote File Inclusion Beautifier 0.1 - 'Core.php' Remote File Inclusion Q-Shop 3.5 - (browse.asp) SQL Injection Q-Shop 3.5 - 'browse.asp' SQL Injection Charon Cart 3.0 - (Review.asp) SQL Injection CMtextS 1.0 - (users_logins/admin.txt) Credentials Disclosure Charon Cart 3.0 - 'Review.asp' SQL Injection CMtextS 1.0 - 'users_logins/admin.txt' Credentials Disclosure PHPartenaire 1.0 - (dix.php3) Remote File Inclusion PHPartenaire 1.0 - 'dix.php3' Remote File Inclusion ProgSys 0.156 - (RR.php) Remote File Inclusion ProgSys 0.156 - 'RR.php' Remote File Inclusion xweblog 2.1 - (kategori.asp) SQL Injection xweblog 2.1 - 'kategori.asp' SQL Injection Web-News 1.6.3 - (template.php) Remote File Inclusion Web-News 1.6.3 - 'template.php' Remote File Inclusion Advaced-Clan-Script 3.4 - (mcf.php) Remote File Inclusion Advaced-Clan-Script 3.4 - 'mcf.php' Remote File Inclusion SyntaxCMS 1.3 - (0004_init_urls.php) Remote File Inclusion Polaring 0.04.03 - (general.php) Remote File Inclusion SyntaxCMS 1.3 - '0004_init_urls.php' Remote File Inclusion Polaring 0.04.03 - 'general.php' Remote File Inclusion BrudaNews 1.1 - (admin/index.php) Remote File Inclusion BrudaGB 1.1 - (admin/index.php) Remote File Inclusion faceStones personal 2.0.42 - (fs_form_links.php) File Inclusion BrudaNews 1.1 - 'admin/index.php' Remote File Inclusion BrudaGB 1.1 - 'admin/index.php' Remote File Inclusion faceStones personal 2.0.42 - 'fs_form_links.php' File Inclusion Kietu? <= 4.0.0b2 - (hit.php) Remote File Inclusion Newswriter SW 1.42 - (editfunc.inc.php) File Inclusion Kietu? <= 4.0.0b2 - 'hit.php' Remote File Inclusion Newswriter SW 1.42 - 'editfunc.inc.php' File Inclusion Newswriter SW 1.4.2 - (main.inc.php) Remote File Inclusion PPA Gallery 1.0 - (functions.inc.php) Remote File Inclusion Newswriter SW 1.4.2 - 'main.inc.php' Remote File Inclusion PPA Gallery 1.0 - 'functions.inc.php' Remote File Inclusion phpMyWebmin 1.0 - (window.php) Remote File Inclusion PHPSecurePages 0.28b - (secure.php) Remote File Inclusion phpMyWebmin 1.0 - 'window.php' Remote File Inclusion PHPSecurePages 0.28b - 'secure.php' Remote File Inclusion PHP Krazy Image Hosting 0.7a - (display.php) SQL Injection UBB.Threads 6.5.1.1 - (doeditconfig.php) Code Execution PHP Krazy Image Hosting 0.7a - 'display.php' SQL Injection UBB.Threads 6.5.1.1 - 'doeditconfig.php' Code Execution VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion VAMP Webmail 2.0beta1 - 'yesno.phtml' Remote File Inclusion BBaCE 3.5 - (includes/functions.php) Remote File Inclusion BBaCE 3.5 - 'includes/functions.php' Remote File Inclusion Klinza Professional CMS 5.0.1 - (show_hlp.php) File Inclusion Klinza Professional CMS 5.0.1 - 'show_hlp.php' File Inclusion PHPGreetz 0.99 - (footer.php) Remote File Inclusion PHPGreetz 0.99 - 'footer.php' Remote File Inclusion phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion phpBB Security Suite Mod 1.0.0 - 'logger_engine.php' Remote File Inclusion Cahier de texte 2.0 - (lire.php) SQL Injection Cahier de texte 2.0 - 'lire.php' SQL Injection PHPPC 1.03 RC1 - (/lib/functions.inc.php) Remote File Inclusion docmint 2.0 - (engine/require.php) Remote File Inclusion PHPPC 1.03 RC1 - '/lib/functions.inc.php' Remote File Inclusion docmint 2.0 - 'engine/require.php' Remote File Inclusion phpMyAgenda 3.1 - (templates/header.php3) Local File Inclusion TribunaLibre 3.12 Beta - (ftag.php) Remote File Inclusion phpMyAgenda 3.1 - 'templates/header.php3' Local File Inclusion TribunaLibre 3.12 Beta - 'ftag.php' Remote File Inclusion compteur 2.0 - (param_editor.php) Remote File Inclusion compteur 2.0 - 'param_editor.php' Remote File Inclusion Foafgen 0.3 - (redir.php) Local Source Disclosure Foafgen 0.3 - 'redir.php' Local Source Disclosure Exhibit Engine 1.5 RC 4 - (photo_comment.php) File Inclusion Claroline 1.8.0 rc1 - (import.lib.php) Remote File Inclusion PHPLibrary 1.5.3 - (grid3.lib.php) Remote File Inclusion Jinzora 2.1 - (media.php) Remote File Inclusion ae2 - (standart.inc.php) Remote File Inclusion n@board 3.1.9e - (naboard_pnr.php) Remote File Inclusion CommunityPortals 1.0 - (import-archive.php) File Inclusion PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exhibit Engine 1.5 RC 4 - 'photo_comment.php' File Inclusion Claroline 1.8.0 rc1 - 'import.lib.php' Remote File Inclusion PHPLibrary 1.5.3 - 'grid3.lib.php' Remote File Inclusion Jinzora 2.1 - 'media.php' Remote File Inclusion ae2 - 'standart.inc.php' Remote File Inclusion n@board 3.1.9e - 'naboard_pnr.php' Remote File Inclusion CommunityPortals 1.0 - 'import-archive.php' File Inclusion PHP News Reader 2.6.4 - 'phpBB.inc.php' Remote File Inclusion Minichat 6.0 - (ftag.php) Remote File Inclusion Minichat 6.0 - 'ftag.php' Remote File Inclusion PHPMyConferences 8.0.2 - (menu.inc.php) File Inclusion PHPMyConferences 8.0.2 - 'menu.inc.php' File Inclusion maluinfo 206.2.38 - (bb_usage_stats.php) Remote File Inclusion phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Genepi 1.6 - (genepi.php) Remote File Inclusion Cdsagenda 4.2.9 - (SendAlertEmail.php) File Inclusion maluinfo 206.2.38 - 'bb_usage_stats.php' Remote File Inclusion phpBB PlusXL 2.0_272 - 'constants.php' Remote File Inclusion Genepi 1.6 - 'genepi.php' Remote File Inclusion Cdsagenda 4.2.9 - 'SendAlertEmail.php' File Inclusion phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion phpBB lat2cyr Mod 1.0.1 - 'lat2cyr.php' Remote File Inclusion phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion YaBBSM 3.0.0 - (Offline.php) Remote File Inclusion phpBB Security 1.0.1 - 'PHP_security.php' Remote File Inclusion YaBBSM 3.0.0 - 'Offline.php' Remote File Inclusion IncCMS Core 1.0.0 - (settings.php) Remote File Inclusion Jinzora 2.6 - (extras/mt.php) Remote File Inclusion CyberBrau 0.9.4 - (forum/track.php) Remote File Inclusion IncCMS Core 1.0.0 - 'settings.php' Remote File Inclusion Jinzora 2.6 - 'extras/mt.php' Remote File Inclusion CyberBrau 0.9.4 - 'forum/track.php' Remote File Inclusion NuralStorm Webmail 0.98b - (process.php) Remote File Inclusion NuralStorm Webmail 0.98b - 'process.php' Remote File Inclusion Def-Blog 1.0.3 - (comadd.php) SQL Injection Def-Blog 1.0.3 - 'comadd.php' SQL Injection PHPMyManga 0.8.1 - (template.php) Multiple File Inclusion PHPMyManga 0.8.1 - 'template.php' Multiple File Inclusion WSN Forum 1.3.4 - (prestart.php) Remote Code Execution WSN Forum 1.3.4 - 'prestart.php' Remote Code Execution PHPPowerCards 2.10 - (txt.inc.php) Remote Code Execution PHP AMX 0.90 - (plugins/main.php) Remote File Inclusion PHPPowerCards 2.10 - 'txt.inc.php' Remote Code Execution PHP AMX 0.90 - 'plugins/main.php' Remote File Inclusion YapBB 1.2 Beta2 - (yapbb_session.php) Remote File Inclusion LoCal Calendar 1.1 - (lcUser.php) Remote File Inclusion EPNadmin 0.7 - (constantes.inc.php) Remote File Inclusion PH Pexplorer 0.24 - (explorer_load_lang.php) Local File Inclusion YapBB 1.2 Beta2 - 'yapbb_session.php' Remote File Inclusion LoCal Calendar 1.1 - 'lcUser.php' Remote File Inclusion EPNadmin 0.7 - 'constantes.inc.php' Remote File Inclusion PH Pexplorer 0.24 - 'explorer_load_lang.php' Local File Inclusion Lou Portail 1.4.1 - (admin_module.php) Remote File Inclusion WGCC 0.5.6b - (quiz.php) SQL Injection Lou Portail 1.4.1 - 'admin_module.php' Remote File Inclusion WGCC 0.5.6b - 'quiz.php' SQL Injection CASTOR 1.1.1 - (lib/rs.php) Remote File Inclusion CASTOR 1.1.1 - 'lib/rs.php' Remote File Inclusion Net_DNS 0.3 - (DNS/RR.php) Remote File Inclusion Net_DNS 0.3 - 'DNS/RR.php' Remote File Inclusion SourceForge 1.0.4 - (database.php) Remote File Inclusion SourceForge 1.0.4 - 'database.php' Remote File Inclusion Jaws 0.5.2 - (include/JawsDB.php) Remote File Inclusion JumbaCMS 0.0.1 - (includes/functions.php) Remote File Inclusion InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Inclusion Ascended Guestbook 1.0.0 - (embedded.php) File Inclusion Jaws 0.5.2 - 'include/JawsDB.php' Remote File Inclusion JumbaCMS 0.0.1 - 'includes/functions.php' Remote File Inclusion InteliEditor 1.2.x - 'lib.editor.inc.php' Remote File Inclusion Ascended Guestbook 1.0.0 - 'embedded.php' File Inclusion UeberProject 1.0 - (login/secure.php) Remote File Inclusion UeberProject 1.0 - 'login/secure.php' Remote File Inclusion TextPattern 1.19 - (publish.php) Remote File Inclusion TextPattern 1.19 - 'publish.php' Remote File Inclusion ask_rave 0.9 PR - (end.php footfile) Remote File Inclusion ask_rave 0.9 PR - 'end.php footfile' Remote File Inclusion PHP League 0.82 - (classement.php) SQL Injection PHP League 0.82 - 'classement.php' SQL Injection PHPMyDesk 1.0 Beta - (viewticket.php) Local File Inclusion PHPMyDesk 1.0 Beta - 'viewticket.php' Local File Inclusion mp3SDS 3.0 - (Core/core.inc.php) Remote File Inclusion mp3SDS 3.0 - 'Core/core.inc.php' Remote File Inclusion MiraksGalerie 2.62 - (pcltar.lib.php) Remote File Inclusion Free Image Hosting 1.0 - (forgot_pass.php) File Inclusion Free File Hosting 1.1 - (forgot_pass.php) File Inclusion MiraksGalerie 2.62 - 'pcltar.lib.php' Remote File Inclusion Free Image Hosting 1.0 - 'forgot_pass.php' File Inclusion Free File Hosting 1.1 - 'forgot_pass.php' File Inclusion MySource CMS 2.16.2 - (init_mysource.php) Remote File Inclusion MySource CMS 2.16.2 - 'init_mysource.php' Remote File Inclusion Faq Administrator 2.1 - (faq_reply.php) Remote File Inclusion PHPMyRing 4.2.1 - (cherche.php) SQL Injection Faq Administrator 2.1 - 'faq_reply.php' Remote File Inclusion PHPMyRing 4.2.1 - 'cherche.php' SQL Injection PwsPHP 1.1 - (themes/fin.php) Remote File Inclusion T.G.S. CMS 0.1.7 - (logout.php) SQL Injection PwsPHP 1.1 - 'themes/fin.php' Remote File Inclusion T.G.S. CMS 0.1.7 - 'logout.php' SQL Injection Innovate Portal 2.0 - (acp.php) Remote Code Execution Innovate Portal 2.0 - 'acp.php' Remote Code Execution Lithium CMS 4.04c - (classes/index.php) Local File Inclusion Article System 0.6 - (volume.php) Remote File Inclusion Lithium CMS 4.04c - 'classes/index.php' Local File Inclusion Article System 0.6 - 'volume.php' Remote File Inclusion Ultimate PHP Board 2.0 - (header_simple.php) File Inclusion Ultimate PHP Board 2.0 - 'header_simple.php' File Inclusion iWare Pro 5.0.4 - (chat_panel.php) Remote Code Execution PHPAdventure 1.1 - (ad_main.php) Remote File Inclusion iWare Pro 5.0.4 - 'chat_panel.php' Remote Code Execution PHPAdventure 1.1 - 'ad_main.php' Remote File Inclusion IrayoBlog 0.2.4 - (inc/irayofuncs.php) Remote File Inclusion IrayoBlog 0.2.4 - 'inc/irayofuncs.php' Remote File Inclusion AspPired2Poll 1.0 - (MoreInfo.asp) SQL Injection MyAlbum 3.02 - (language.inc.php) Remote File Inclusion PHPManta 1.0.2 - (view-sourcecode.php) Local File Inclusion EncapsCMS 0.3.6 - (core/core.php) Remote File Inclusion AspPired2Poll 1.0 - 'MoreInfo.asp' SQL Injection MyAlbum 3.02 - 'language.inc.php' Remote File Inclusion PHPManta 1.0.2 - 'view-sourcecode.php' Local File Inclusion EncapsCMS 0.3.6 - 'core/core.php' Remote File Inclusion NuCommunity 1.0 - (cl_CatListing.asp) SQL Injection NuRems 1.0 - (propertysdetails.asp) SQL Injection NuStore 1.0 - (Products.asp) SQL Injection NuSchool 1.0 - (CampusNewsDetails.asp) SQL Injection NuCommunity 1.0 - 'cl_CatListing.asp' SQL Injection NuRems 1.0 - 'propertysdetails.asp' SQL Injection NuStore 1.0 - 'Products.asp' SQL Injection NuSchool 1.0 - 'CampusNewsDetails.asp' SQL Injection Munch Pro 1.0 - (switch.asp) SQL Injection Munch Pro 1.0 - 'switch.asp' SQL Injection UStore 1.0 - (detail.asp) SQL Injection USupport 1.0 - (detail.asp) SQL Injection UPublisher 1.0 - (viewarticle.asp) SQL Injection UStore 1.0 - 'detail.asp' SQL Injection USupport 1.0 - 'detail.asp' SQL Injection UPublisher 1.0 - 'viewarticle.asp' SQL Injection Quick.Cart 2.0 - (actions_client/gallery.php) Local File Inclusion Online Event Registration 2.0 - (save_profile.asp) Pass Change Exploit Quick.Cart 2.0 - 'actions_client/gallery.php' Local File Inclusion Online Event Registration 2.0 - 'save_profile.asp' Pass Change Exploit Property Pro 1.0 - (vir_Login.asp) Remote Login Bypass Property Pro 1.0 - 'vir_Login.asp' Remote Login Bypass PHPPeanuts 1.3 Beta - (Inspect.php) Remote File Inclusion PHPPeanuts 1.3 Beta - 'Inspect.php' Remote File Inclusion NetVIOS 2.0 - (page.asp) SQL Injection NetVIOS 2.0 - 'page.asp' SQL Injection Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion Etomite CMS 0.6.1.2 - 'manager/index.php' Local File Inclusion miniCWB 1.0.0 - (contact.php) Local File Inclusion miniCWB 1.0.0 - 'contact.php' Local File Inclusion Powies MatchMaker 4.05 - (matchdetail.php) SQL Injection mxBB Module calsnails 1.06 - (mx_common.php) File Inclusion Powies MatchMaker 4.05 - 'matchdetail.php' SQL Injection mxBB Module calsnails 1.06 - 'mx_common.php' File Inclusion Dicshunary 0.1a - (check_status.php) Remote File Inclusion Dicshunary 0.1a - 'check_status.php' Remote File Inclusion PHPWebThings 1.5.2 - (editor.php) Remote File Inclusion PHPWebThings 1.5.2 - 'editor.php' Remote File Inclusion ASPNuke 0.80 - (register.asp) SQL Injection ASPNuke 0.80 - 'register.asp' SQL Injection Photo Cart 3.9 - (adminprint.php) Remote File Inclusion e-Ark 1.0 - (src/ark_inc.php) Remote File Inclusion Photo Cart 3.9 - 'adminprint.php' Remote File Inclusion e-Ark 1.0 - 'src/ark_inc.php' Remote File Inclusion fipsGallery 1.5 - (index1.asp) SQL Injection fipsForum 2.6 - (default2.asp) SQL Injection fipsGallery 1.5 - 'index1.asp' SQL Injection fipsForum 2.6 - 'default2.asp' SQL Injection JiRos FAQ Manager 1.0 - (index.asp) SQL Injection HSRS 1.0 - (addcode.php) Remote File Inclusion OWLLib 1.0 - (OWLMemoryProperty.php) Remote File Inclusion JiRos FAQ Manager 1.0 - 'index.asp' SQL Injection HSRS 1.0 - 'addcode.php' Remote File Inclusion OWLLib 1.0 - 'OWLMemoryProperty.php' Remote File Inclusion Basic Forum 1.1 - (edit.asp) SQL Injection Basic Forum 1.1 - 'edit.asp' SQL Injection Exhibit Engine 1.22 - (styles.php) Remote File Inclusion Exhibit Engine 1.22 - 'styles.php' Remote File Inclusion SimpleBlog 2.3 - (admin/edit.asp) SQL Injection SimpleBlog 2.3 - 'admin/edit.asp' SQL Injection P-News 2.0 - (user.txt) Remote Password Disclosure P-News 2.0 - 'user.txt' Remote Password Disclosure b2evolution 1.8.5 < 1.9b - (import-mt.php) Remote File Inclusion b2evolution 1.8.5 < 1.9b - 'import-mt.php' Remote File Inclusion LDU 8.x - (polls.php) SQL Injection LDU 8.x - 'polls.php' SQL Injection ContentServ 4.x - (admin/FileServer.php) File Disclosure ContentServ 4.x - 'admin/FileServer.php' File Disclosure PHP Upload Center 2.0 - (activate.php) File Inclusion PHP Upload Center 2.0 - 'activate.php' File Inclusion QuickCart 2.0 - (categories.php) Local File Inclusion QuickCart 2.0 - 'categories.php' Local File Inclusion ThinkEdit 1.9.2 - (render.php) Remote File Inclusion ThinkEdit 1.9.2 - 'render.php' Remote File Inclusion TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution TorrentFlux 2.2 - 'downloaddetails.php' Local File Disclosure TorrentFlux 2.2 - 'maketorrent.php' Remote Command Execution HR Assist 1.05 - (vdateUsr.asp) Remote Login Bypass PHPAlbum 0.4.1 Beta 6 - (language.php) Local File Inclusion HR Assist 1.05 - 'vdateUsr.asp' Remote Login Bypass PHPAlbum 0.4.1 Beta 6 - 'language.php' Local File Inclusion Barman 0.0.1r3 - (Interface.php) Remote File Inclusion Barman 0.0.1r3 - 'Interface.php' Remote File Inclusion Blog:CMS 4.1.3 - (NP_UserSharing.php) Remote File Inclusion Blog:CMS 4.1.3 - 'NP_UserSharing.php' Remote File Inclusion PHPMyCMS 0.3 - (basic.inc.php) Remote File Inclusion yaplap 0.6.1b - (ldap.php) Remote File Inclusion PHPMyCMS 0.3 - 'basic.inc.php' Remote File Inclusion yaplap 0.6.1b - 'ldap.php' Remote File Inclusion Azucar CMS 1.3 - (admin/index_sitios.php) File Inclusion Azucar CMS 1.3 - 'admin/index_sitios.php' File Inclusion RateMe 1.3.2 - (main.inc.php) Remote File Inclusion RateMe 1.3.2 - 'main.inc.php' Remote File Inclusion Paristemi 0.8.3b - (buycd.php) Remote File Inclusion Paristemi 0.8.3b - 'buycd.php' Remote File Inclusion cwmVote 1.0 - (archive.php) Remote File Inclusion cwmCounter 5.1.1 - (statistic.php) Remote File Inclusion cwmVote 1.0 - 'archive.php' Remote File Inclusion cwmCounter 5.1.1 - 'statistic.php' Remote File Inclusion TextSend 1.5 - (config/sender.php) Remote File Inclusion TextSend 1.5 - 'config/sender.php' Remote File Inclusion PHP/Mysql Site Builder 0.0.2 - (htm2PHP.php) File Disclosure Newxooper-PHP 0.9.1 - (mapage.php) Remote File Inclusion PHP/Mysql Site Builder 0.0.2 - 'htm2PHP.php' File Disclosure Newxooper-PHP 0.9.1 - 'mapage.php' Remote File Inclusion inertianews 0.02b - (inertianews_main.php) Remote File Inclusion inertianews 0.02b - 'inertianews_main.php' Remote File Inclusion EternalMart Guestbook 1.10 - (admin/auth.php) Remote File Inclusion EternalMart Guestbook 1.10 - 'admin/auth.php' Remote File Inclusion b2 Blog 0.5 - (b2verifauth.php) Remote File Inclusion b2 Blog 0.5 - 'b2verifauth.php' Remote File Inclusion Enthrallweb ePhotos 1.0 - (subLevel2.asp) SQL Injection Enthrallweb ePhotos 1.0 - 'subLevel2.asp' SQL Injection Enthrallweb eCars 1.0 - (types.asp) SQL Injection Enthrallweb emates 1.0 - (newsdetail.asp) SQL Injection Enthrallweb eCars 1.0 - 'types.asp' SQL Injection Enthrallweb emates 1.0 - 'newsdetail.asp' SQL Injection Enthrallweb eCoupons 1.0 - (myprofile.asp) Remote Pass Change Exploit Enthrallweb eCoupons 1.0 - 'myprofile.asp' Remote Pass Change Exploit File Upload Manager 1.0.6 - (detail.asp) SQL Injection File Upload Manager 1.0.6 - 'detail.asp' SQL Injection Ultimate PHP Board 2.0b1 - (chat/login.php) Code Execution Pagetool CMS 1.07 - (pt_upload.php) Remote File Inclusion Ultimate PHP Board 2.0b1 - 'chat/login.php' Code Execution Pagetool CMS 1.07 - 'pt_upload.php' Remote File Inclusion HLStats 1.34 - (hlstats.php) SQL Injection HLStats 1.34 - 'hlstats.php' SQL Injection eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities MTCMS 2.0 - (admin/admin_settings.php) Remote File Inclusion eNdonesia 8.4 - 'mod.php/friend.php/admin.php' Multiple Vulnerabilities MTCMS 2.0 - 'admin/admin_settings.php' Remote File Inclusion Okul Merkezi Portal 1.0 - (ataturk.php) Remote File Inclusion Okul Merkezi Portal 1.0 - 'ataturk.php' Remote File Inclusion PHP-Update 2.7 - (admin/uploads.php) Remote Code Execution Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Bubla 1.0.0rc2 - (bu/process.php) Remote File Inclusion PHP-Update 2.7 - 'admin/uploads.php' Remote Code Execution Yrch 1.0 - 'plug.inc.php path Variable' Remote File Inclusion Bubla 1.0.0rc2 - 'bu/process.php' Remote File Inclusion aFAQ 1.0 - (faqDsp.asp catcode) SQL Injection aFAQ 1.0 - 'faqDsp.asp catcode' SQL Injection x-news 1.1 - (users.txt) Remote Password Disclosure Voodoo chat 1.0RC1b - (users.dat) Password Disclosure x-news 1.1 - 'users.txt' Remote Password Disclosure Voodoo chat 1.0RC1b - 'users.dat' Password Disclosure SoftArtisans SAFileUp 5.0.14 - (viewsrc.asp) Script Source Disclosure FreeStyle Wiki 3.6.2 - (user.dat) Password Disclosure SoftArtisans SAFileUp 5.0.14 - 'viewsrc.asp' Script Source Disclosure FreeStyle Wiki 3.6.2 - 'user.dat' Password Disclosure P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure P-News 1.16 / 1.17 - 'user.dat' Remote Password Disclosure RBlog 1.0 - (admin.mdb) Remote Password Disclosure RBlog 1.0 - 'admin.mdb' Remote Password Disclosure AutoDealer 2.0 - (detail.asp iPro) SQL Injection WWWBoard 2.0 - (passwd.txt) Remote Password Disclosure AutoDealer 2.0 - 'detail.asp iPro' SQL Injection WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure TaskTracker 1.5 - (Customize.asp) Remote Add Administrator Exploit TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator Exploit VerliAdmin 0.3 - (language.php) Local File Inclusion VerliAdmin 0.3 - 'language.php' Local File Inclusion Aratix 0.2.2b11 - (inc/init.inc.php) Remote File Inclusion Aratix 0.2.2b11 - 'inc/init.inc.php' Remote File Inclusion iG Calendar 1.0 - (user.php id Variable) SQL Injection iG Calendar 1.0 - 'user.php id Variable' SQL Injection LunarPoll 1.0 - (show.php PollDir) Remote File Inclusion TLM CMS 1.1 - (i-accueil.php chemin) Remote File Inclusion Mint Haber Sistemi 2.7 - (duyuru.asp id) SQL Injection LunarPoll 1.0 - 'show.php PollDir' Remote File Inclusion TLM CMS 1.1 - 'i-accueil.php chemin' Remote File Inclusion Mint Haber Sistemi 2.7 - 'duyuru.asp id' SQL Injection KGB 1.9 - (sesskglogadmin.php) Local File Inclusion KGB 1.9 - 'sesskglogadmin.php' Local File Inclusion MGB 0.5.4.5 - (email.php id Variable) SQL Injection MGB 0.5.4.5 - 'email.php id Variable' SQL Injection PHPMyphorum 1.5a - (mep/frame.php) Remote File Inclusion PHPMyphorum 1.5a - 'mep/frame.php' Remote File Inclusion Oreon 1.2.3 RC4 - (lang/index.php) Remote File Inclusion ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion Oreon 1.2.3 RC4 - 'lang/index.php' Remote File Inclusion ComVironment 4.0 - 'grab_globals.lib.php' Remote File Inclusion PHPSherpa - (include/config.inc.php) Remote File Inclusion Bradabra 2.0.5 - (include/includes.php) Remote File Inclusion Neon Labs Website 3.2 - (nl.php g_strRootDir) Remote File Inclusion PHPSherpa - 'include/config.inc.php' Remote File Inclusion Bradabra 2.0.5 - 'include/includes.php' Remote File Inclusion Neon Labs Website 3.2 - 'nl.php g_strRootDir' Remote File Inclusion MySpeach 2.1b - (up.php) Remote File Inclusion WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Inclusion Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Inclusion MySpeach 2.1b - 'up.php' Remote File Inclusion WebChat 0.77 - 'defines.php WEBCHATPATH' Remote File Inclusion Mafia Scum Tools 2.0.0 - 'index.php gen' Remote File Inclusion Upload Service 1.0 - (top.php maindir) Remote File Inclusion Upload Service 1.0 - 'top.php maindir' Remote File Inclusion Vote-Pro 4.0 - (poll_frame.php poll_id) Remote Code Execution BBClone 0.31 - (selectlang.php) Remote File Inclusion Vote-Pro 4.0 - 'poll_frame.php poll_id' Remote Code Execution BBClone 0.31 - 'selectlang.php' Remote File Inclusion RPW 1.0.2 - (config.php sql_language) Remote File Inclusion ASP EDGE 1.2b - (user.asp) SQL Injection ASP NEWS 3.0 - (news_detail.asp) SQL Injection RPW 1.0.2 - 'config.php sql_language' Remote File Inclusion ASP EDGE 1.2b - 'user.asp' SQL Injection ASP NEWS 3.0 - 'news_detail.asp' SQL Injection GPS CMS 1.2 - (print.asp) SQL Injection GPS CMS 1.2 - 'print.asp' SQL Injection Virtual Path 1.0 - (vp/configure.php) Remote File Inclusion MyPHPcommander 2.0 - (package.php) Remote File Inclusion AINS 0.02b - (ains_main.php ains_path) Remote File Inclusion Virtual Path 1.0 - 'vp/configure.php' Remote File Inclusion MyPHPcommander 2.0 - 'package.php' Remote File Inclusion AINS 0.02b - 'ains_main.php ains_path' Remote File Inclusion nsGalPHP - (includes/config.inc.php racineTBS) Remote File Inclusion nsGalPHP - 'includes/config.inc.php racineTBS' Remote File Inclusion PHPMyReports 3.0.11 - (lib_head.php) Remote File Inclusion PHPMyReports 3.0.11 - 'lib_head.php' Remote File Inclusion xNews 1.3 - (xNews.php) SQL Injection xNews 1.3 - 'xNews.php' SQL Injection Webfwlog 0.92 - (debug.php) Remote File Disclosure Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion Webfwlog 0.92 - 'debug.php' Remote File Disclosure Galeria Zdjec 3.0 - 'zd_numer.php' Local File Inclusion MyNews 4.2.2 - (themefunc.php) Remote File Inclusion MyNews 4.2.2 - 'themefunc.php' Remote File Inclusion SIPS 0.3.1 - (box.inc.php) Remote File Inclusion SIPS 0.3.1 - 'box.inc.php' Remote File Inclusion Epistemon 1.0 - (common.php inc_path) Remote File Inclusion WebBuilder 2.0 - (StageLoader.php) Remote File Inclusion Epistemon 1.0 - 'common.php inc_path' Remote File Inclusion WebBuilder 2.0 - 'StageLoader.php' Remote File Inclusion Flipper Poll 1.1.0 - (poll.php root_path) Remote File Inclusion Flipper Poll 1.1.0 - 'poll.php root_path' Remote File Inclusion Photo Galerie Standard 1.1 - (view.php) SQL Injection Woltlab Burning Board Lite 1.0.2pl3e - (pms.php) SQL Injection KDPics 1.11 - (exif.php lib_path) Remote File Inclusion Flip 2.01 final - (previewtheme.php inc_path) Remote File Inclusion Photo Galerie Standard 1.1 - 'view.php' SQL Injection Woltlab Burning Board Lite 1.0.2pl3e - 'pms.php' SQL Injection KDPics 1.11 - 'exif.php lib_path' Remote File Inclusion Flip 2.01 final - 'previewtheme.php inc_path' Remote File Inclusion SMA-DB 0.3.9 - (settings.php) Remote File Inclusion SMA-DB 0.3.9 - 'settings.php' Remote File Inclusion LightRO CMS 1.0 - (inhalt.php) Remote File Inclusion LightRO CMS 1.0 - 'inhalt.php' Remote File Inclusion AgerMenu 0.01 - (top.inc.php rootdir) Remote File Inclusion WebMatic 2.6 - (index_album.php) Remote File Inclusion AgerMenu 0.01 - 'top.inc.php rootdir' Remote File Inclusion WebMatic 2.6 - 'index_album.php' Remote File Inclusion LightRO CMS 1.0 - (index.php projectid) SQL Injection LightRO CMS 1.0 - 'index.php projectid' SQL Injection LushiWarPlaner 1.0 - (register.php) SQL Injection LushiWarPlaner 1.0 - 'register.php' SQL Injection philboard 1.14 - (philboard_forum.asp) SQL Injection philboard 1.14 - 'philboard_forum.asp' SQL Injection Xaran CMS 2.0 - (xarancms_haupt.php) SQL Injection PHPCC 4.2 Beta - (nickpage.php npid) SQL Injection Xaran CMS 2.0 - 'xarancms_haupt.php' SQL Injection PHPCC 4.2 Beta - 'nickpage.php npid' SQL Injection PollMentor 2.0 - (pollmentorres.asp id) SQL Injection PollMentor 2.0 - 'pollmentorres.asp id' SQL Injection nabopoll 1.2 - (survey.inc.php path) Remote File Inclusion nabopoll 1.2 - 'survey.inc.php path' Remote File Inclusion Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection Snitz Forums 2000 3.1 SR4 - 'pop_profile.asp' SQL Injection Xpression News 1.0.1 - (archives.php) Remote File Disclosure Xpression News 1.0.1 - 'archives.php' Remote File Disclosure Ultimate Fun Book 1.02 - (function.php) Remote File Inclusion NukeSentinel 2.5.05 - (nsbypass.php) Blind SQL Injection NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Ultimate Fun Book 1.02 - 'function.php' Remote File Inclusion NukeSentinel 2.5.05 - 'nsbypass.php' Blind SQL Injection NukeSentinel 2.5.05 - 'nukesentinel.php' File Disclosure Nabopoll 1.2 - (result.php surv) Blind SQL Injection Nabopoll 1.2 - 'result.php surv' Blind SQL Injection FlashGameScript 1.5.4 - (index.php func) Remote File Inclusion FlashGameScript 1.5.4 - 'index.php func' Remote File Inclusion FCRing 1.31 - (fcring.php s_fuss) Remote File Inclusion Sinapis 2.2 Gastebuch - (sinagb.php fuss) Remote File Inclusion Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Inclusion FCRing 1.31 - 'fcring.php s_fuss' Remote File Inclusion Sinapis 2.2 Gastebuch - 'sinagb.php fuss' Remote File Inclusion Sinapis Forum 2.2 - 'sinapis.php fuss' Remote File Inclusion CS-Gallery 2.0 - (index.php album) Remote File Inclusion CS-Gallery 2.0 - 'index.php album' Remote File Inclusion PHP-MIP 0.1 - (top.php laypath) Remote File Inclusion STWC-Counter 3.4.0 - (downloadcounter.php) Remote File Inclusion Admin Phorum 3.3.1a - (del.php include_path) Remote File Inclusion vBulletin 3.6.4 - (inlinemod.php postids) SQL Injection Angel Lms 7.1 - (default.asp id) SQL Injection PHP-MIP 0.1 - 'top.php laypath' Remote File Inclusion STWC-Counter 3.4.0 - 'downloadcounter.php' Remote File Inclusion Admin Phorum 3.3.1a - 'del.php include_path' Remote File Inclusion vBulletin 3.6.4 - 'inlinemod.php postids' SQL Injection Angel Lms 7.1 - 'default.asp id' SQL Injection News-Letterman 1.1 - (eintrag.php sqllog) Remote File Inclusion News-Letterman 1.1 - 'eintrag.php sqllog' Remote File Inclusion AJ Dating 1.0 - (view_profile.php) SQL Injection AJ Dating 1.0 - 'view_profile.php' SQL Injection AJ Forum 1.0 - (topic_title.php) SQL Injection AJ Forum 1.0 - 'topic_title.php' SQL Injection Flat Chat 2.0 - (include online.txt) Remote Code Execution netForo! 0.1 - (down.php file_to_download) Remote File Disclosure Flat Chat 2.0 - 'include online.txt' Remote Code Execution netForo! 0.1 - 'down.php file_to_download' Remote File Disclosure Magic CMS 4.2.747 - (mysave.php) Remote File Inclusion Magic CMS 4.2.747 - 'mysave.php' Remote File Inclusion HC Newssystem 1.0-1.4 - (index.php ID) SQL Injection HC Newssystem 1.0-1.4 - 'index.php ID' SQL Injection Top Auction 1.0 - (viewcat.php) SQL Injection Top Auction 1.0 - 'viewcat.php' SQL Injection X-ice News System 1.0 - (devami.asp id) SQL Injection JGBBS 3.0beta1 - (search.asp author) SQL Injection X-ice News System 1.0 - 'devami.asp id' SQL Injection JGBBS 3.0beta1 - 'search.asp author' SQL Injection Woltlab Burning Board 2.x - (usergroups.php) SQL Injection Woltlab Burning Board 2.x - 'usergroups.php' SQL Injection Absolute Image Gallery 2.0 - (gallery.asp categoryId) SQL Injection Absolute Image Gallery 2.0 - 'gallery.asp categoryId' SQL Injection Creative Files 1.2 - (kommentare.php) SQL Injection Particle Blogger 1.2.0 - (post.php postid) SQL Injection Creative Files 1.2 - 'kommentare.php' SQL Injection Particle Blogger 1.2.0 - 'post.php postid' SQL Injection PHP-Stats 0.1.9.1b - (PHP-stats-options.php) Admin 2 exec() eExploit MPM Chat 2.5 - (view.php logi) Local File Inclusion PHP-Stats 0.1.9.1b - 'PHP-stats-options.php' Admin 2 exec() eExploit MPM Chat 2.5 - 'view.php logi' Local File Inclusion ScriptMagix Jokes 2.0 - (index.php catid) SQL Injection ScriptMagix Recipes 2.0 - (index.php catid) SQL Injection ScriptMagix Jokes 2.0 - 'index.php catid' SQL Injection ScriptMagix Recipes 2.0 - 'index.php catid' SQL Injection ScriptMagix Lyrics 2.0 - (index.php recid) SQL Injection ScriptMagix Lyrics 2.0 - 'index.php recid' SQL Injection PHP-Nuke Module htmltonuke 2.0alpha - (htmltonuke.php) Remote File Inclusion PHPRaid < 3.0.7 - (rss.php PHPraid_dir) Remote File Inclusion Monster Top List 1.4.2 - (functions.php root_path) Remote File Inclusion PHP-Nuke Module htmltonuke 2.0alpha - 'htmltonuke.php' Remote File Inclusion PHPRaid < 3.0.7 - 'rss.php PHPraid_dir' Remote File Inclusion Monster Top List 1.4.2 - 'functions.php root_path' Remote File Inclusion Digital Eye CMS 0.1.1b - (module.php) Remote File Inclusion Digital Eye CMS 0.1.1b - 'module.php' Remote File Inclusion ActiveBuyandSell 6.2 - (buyersend.asp catid) SQL Injection Active Auction Pro 7.1 - (default.asp catid) SQL Injection ActiveBuyandSell 6.2 - 'buyersend.asp catid' SQL Injection Active Auction Pro 7.1 - 'default.asp catid' SQL Injection Net-Side.net CMS - (index.php cms) Remote File Inclusion Net-Side.net CMS - 'index.php cms' Remote File Inclusion XOOPS module Articles 1.02 - (print.php id) SQL Injection XOOPS module Articles 1.02 - 'print.php id' SQL Injection XOOPS module Articles 1.03 - (index.php cat_id) SQL Injection XOOPS module Articles 1.03 - 'index.php cat_id' SQL Injection XOOPS Module Friendfinder 3.3 - (view.php id) SQL Injection MangoBery CMS 0.5.5 - (quotes.php) Remote File Inclusion XOOPS Module Friendfinder 3.3 - 'view.php id' SQL Injection MangoBery CMS 0.5.5 - 'quotes.php' Remote File Inclusion sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion sBLOG 0.7.3 Beta - 'inc/lang.php' Local File Inclusion Picture-Engine 1.2.0 - (wall.php cat) SQL Injection Picture-Engine 1.2.0 - 'wall.php cat' SQL Injection JSBoard 2.0.10 - (login.php table) Local File Inclusion JSBoard 2.0.10 - 'login.php table' Local File Inclusion XOOPS Module eCal 2.24 - (display.php) SQL Injection BT-sondage 1.12 - (gestion_sondage.php) Remote File Inclusion XOOPS Module eCal 2.24 - 'display.php' SQL Injection BT-sondage 1.12 - 'gestion_sondage.php' Remote File Inclusion XOOPS Module debaser 0.92 - (genre.php) Blind SQL Injection XOOPS Module debaser 0.92 - 'genre.php' Blind SQL Injection XOOPS Module Zmagazine 1.0 - (print.php) SQL Injection XOOPS Module Zmagazine 1.0 - 'print.php' SQL Injection XOOPS Module Rha7 Downloads 1.0 - (visit.php) SQL Injection XOOPS Module Rha7 Downloads 1.0 - 'visit.php' SQL Injection WebSPELL 4.01.02 - (picture.php) File Disclosure Beryo 2.0 - (downloadpic.php chemin) Remote File Disclosure cattaDoc 2.21 - (download2.php fn1) Remote File Disclosure WebSPELL 4.01.02 - 'picture.php' File Disclosure Beryo 2.0 - 'downloadpic.php chemin' Remote File Disclosure cattaDoc 2.21 - 'download2.php fn1' Remote File Disclosure Scorp Book 1.0 - (smilies.php config) Remote File Inclusion Scorp Book 1.0 - 'smilies.php config' Remote File Inclusion WitShare 0.9 - (index.php menu) Local File Inclusion WitShare 0.9 - 'index.php menu' Local File Inclusion Pathos CMS 0.92-2 - (warn.php) Remote File Inclusion Pathos CMS 0.92-2 - 'warn.php' Remote File Inclusion PHPGalleryScript 1.0 - (init.gallery.php include_class) Remote File Inclusion PHPGalleryScript 1.0 - 'init.gallery.php include_class' Remote File Inclusion Expow 0.8 - (autoindex.php cfg_file) Remote File Inclusion Request It 1.0b - (index.php id) Remote File Inclusion Chatness 2.5.3 - (options.php/save.php) Remote Code Execution Expow 0.8 - 'autoindex.php cfg_file' Remote File Inclusion Request It 1.0b - 'index.php id' Remote File Inclusion Chatness 2.5.3 - 'options.php/save.php' Remote Code Execution Pixaria Gallery 1.x - (class.Smarty.php) Remote File Inclusion Pixaria Gallery 1.x - 'class.Smarty.php' Remote File Inclusion CNStats 2.9 - (who_r.php bj) Remote File Inclusion NMDeluxe 1.0.1 - (footer.php template) Local File Inclusion CNStats 2.9 - 'who_r.php bj' Remote File Inclusion NMDeluxe 1.0.1 - 'footer.php template' Local File Inclusion openMairie 1.10 - (scr/soustab.php) Local File Inclusion openMairie 1.10 - 'scr/soustab.php' Local File Inclusion Anthologia 0.5.2 - (index.php ads_file) Remote File Inclusion Anthologia 0.5.2 - 'index.php ads_file' Remote File Inclusion Joomla! Component JoomlaPack 1.0.4a2 RE - (CAltInstaller.php) Remote File Inclusion Joomla! Component JoomlaPack 1.0.4a2 RE - 'CAltInstaller.php' Remote File Inclusion ShoutPro 1.5.2 - (shout.php) Remote Code Injection ShoutPro 1.5.2 - 'shout.php' Remote Code Injection AimStats 3.2 - (process.php update) Remote Code Execution AimStats 3.2 - 'process.php update' Remote Code Execution CreaDirectory 1.2 - (error.asp id) SQL Injection CreaDirectory 1.2 - 'error.asp id' SQL Injection JChit counter 1.0.0 - (imgsrv.php ac) Remote File Disclosure JChit counter 1.0.0 - 'imgsrv.php ac' Remote File Disclosure Joomla! 1.5.0 Beta - (pcltar.php) Remote File Inclusion Pagode 0.5.8 - (navigator_ok.php asolute) Remote File Disclosure Joomla! 1.5.0 Beta - 'pcltar.php' Remote File Inclusion Pagode 0.5.8 - 'navigator_ok.php asolute' Remote File Disclosure wavewoo 0.1.1 - (loading.php path_include) Remote File Inclusion JulmaCMS 1.4 - (file.php) Remote File Disclosure Ext 1.0 - (feed-proxy.php feed) Remote File Disclosure PHPBandManager 0.8 - (index.php pg) Remote File Inclusion PHPOracleView - (include_all.inc.php page_dir) Remote File Inclusion wavewoo 0.1.1 - 'loading.php path_include' Remote File Inclusion JulmaCMS 1.4 - 'file.php' Remote File Disclosure Ext 1.0 - 'feed-proxy.php feed' Remote File Disclosure PHPBandManager 0.8 - 'index.php pg' Remote File Inclusion PHPOracleView - 'include_all.inc.php page_dir' Remote File Inclusion EsForum 3.0 - (forum.php idsalon) SQL Injection EsForum 3.0 - 'forum.php idsalon' SQL Injection Imageview 5.3 - (fileview.php album) Local File Inclusion The Merchant 2.2.0 - (index.php show) Remote File Inclusion psipuss 1.0 - (editusers.php) Remote Change Admin Password Imageview 5.3 - 'fileview.php album' Local File Inclusion The Merchant 2.2.0 - 'index.php show' Remote File Inclusion psipuss 1.0 - 'editusers.php' Remote Change Admin Password Sendcard 3.4.1 - (sendcard.php form) Local File Inclusion Sendcard 3.4.1 - 'sendcard.php form' Local File Inclusion PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure PStruh-CZ 1.3/1.5 - 'download.asp' File Disclosure Open Translation Engine (OTE) 0.7.8 - (header.php ote_home) Remote File Inclusion Open Translation Engine (OTE) 0.7.8 - 'header.php ote_home' Remote File Inclusion Censura 1.15.04 - (censura.php vendorid) SQL Injection E-GADS! 2.2.6 - (common.php locale) Remote File Inclusion Versado CMS 1.07 - (ajax_listado.php urlModulo) Remote File Inclusion workbench 0.11 - (header.php path) Remote File Inclusion Censura 1.15.04 - 'censura.php vendorid' SQL Injection E-GADS! 2.2.6 - 'common.php locale' Remote File Inclusion Versado CMS 1.07 - 'ajax_listado.php urlModulo' Remote File Inclusion workbench 0.11 - 'header.php path' Remote File Inclusion PHPtree 1.3 - (cms2.php s_dir) Remote File Inclusion NoAh 0.9 pre 1.2 - (mfa_theme.php) Remote File Inclusion PHPtree 1.3 - 'cms2.php s_dir' Remote File Inclusion NoAh 0.9 pre 1.2 - 'mfa_theme.php' Remote File Inclusion ACGVAnnu 1.3 - (acgv.php rubrik) Local File Inclusion ACGVAnnu 1.3 - 'acgv.php rubrik' Local File Inclusion LaVague 0.3 - (printbar.php views_path) Remote File Inclusion LaVague 0.3 - 'printbar.php views_path' Remote File Inclusion Miplex2 - (SmartyFU.class.php) Remote File Inclusion Miplex2 - 'SmartyFU.class.php' Remote File Inclusion SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection TutorialCMS 1.00 - (search.php search) SQL Injection SimpleNews 1.0.0 FINAL - 'print.php news_id' SQL Injection TutorialCMS 1.00 - 'search.php search' SQL Injection maGAZIn 2.0 - (PHPThumb.php src) Remote File Disclosure R2K Gallery 1.7 - (galeria.php lang2) Local File Inclusion maGAZIn 2.0 - 'PHPThumb.php src' Remote File Disclosure R2K Gallery 1.7 - 'galeria.php lang2' Local File Inclusion PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion iG Shop 1.4 - (page.php) SQL Injection PHP FirstPost 0.1 - 'block.php Include' Remote File Inclusion iG Shop 1.4 - 'page.php' SQL Injection Beacon 0.2.0 - (splash.lang.php) Remote File Inclusion Beacon 0.2.0 - 'splash.lang.php' Remote File Inclusion BlogMe 3.0 - (archshow.asp var) SQL Injection BlogMe 3.0 - 'archshow.asp var' SQL Injection NagiosQL 2005 2.00 - (prepend_adm.php) Remote File Inclusion Feindt Computerservice News 2.0 - (newsadmin.php action) Remote File Inclusion NagiosQL 2005 2.00 - 'prepend_adm.php' Remote File Inclusion Feindt Computerservice News 2.0 - 'newsadmin.php action' Remote File Inclusion FAQEngine 4.16.03 - (question.php questionref) SQL Injection FAQEngine 4.16.03 - 'question.php questionref' SQL Injection Libstats 1.0.3 - (template_csv.php) Remote File Inclusion MolyX BOARD 2.5.0 - (index.php lang) Local File Inclusion Libstats 1.0.3 - 'template_csv.php' Remote File Inclusion MolyX BOARD 2.5.0 - 'index.php lang' Local File Inclusion Dokeos 1.8.0 - (my_progress.php course) SQL Injection Dokeos 1.6.5 - (courseLog.php scormcontopen) SQL Injection Dokeos 1.8.0 - 'my_progress.php course' SQL Injection Dokeos 1.6.5 - 'courseLog.php scormcontopen' SQL Injection Webavis 0.1.1 - (class.php root) Remote File Inclusion Webavis 0.1.1 - 'class.php root' Remote File Inclusion My Little Forum 1.7 - (user.php id) SQL Injection My Little Forum 1.7 - 'user.php id' SQL Injection TROforum 0.1 - (admin.php site_url) Remote File Inclusion TROforum 0.1 - 'admin.php site_url' Remote File Inclusion Fundanemt 2.2.0 - (spellcheck.php) Remote Code Execution Fundanemt 2.2.0 - 'spellcheck.php' Remote Code Execution Madirish Webmail 2.0 - (addressbook.php) Remote File Inclusion Madirish Webmail 2.0 - 'addressbook.php' Remote File Inclusion Fuzzylime Forum 1.0 - (low.php topic) SQL Injection Fuzzylime Forum 1.0 - 'low.php topic' SQL Injection Sitellite CMS 4.2.12 - (559668.php) Remote File Inclusion PHP::HTML 0.6.4 - (PHPhtml.php) Remote File Inclusion PHPMyInventory 2.8 - (global.inc.php) Remote File Inclusion Sitellite CMS 4.2.12 - '559668.php' Remote File Inclusion PHP::HTML 0.6.4 - 'PHPhtml.php' Remote File Inclusion PHPMyInventory 2.8 - 'global.inc.php' Remote File Inclusion MiniBill 1.2.5 - (run_billing.php) Remote File Inclusion MiniBill 1.2.5 - 'run_billing.php' Remote File Inclusion LiveCMS 3.4 - (categoria.php cid) SQL Injection LiveCMS 3.4 - 'categoria.php cid' SQL Injection SerWeb 0.9.4 - (load_lang.php) Remote File Inclusion Powl 0.94 - (htmledit.php) Remote File Inclusion SerWeb 0.9.4 - 'load_lang.php' Remote File Inclusion Powl 0.94 - 'htmledit.php' Remote File Inclusion Pharmacy System 2.0 - (index.php ID) SQL Injection Pharmacy System 2.0 - 'index.php ID' SQL Injection b1gbb 2.24.0 - (footer.inc.php tfooter) Remote File Inclusion b1gbb 2.24.0 - 'footer.inc.php tfooter' Remote File Inclusion SiteDepth CMS 3.44 - (ShowImage.php name) File Disclosure DreamLog 0.5 - (upload.php) Arbitrary File Upload SiteDepth CMS 3.44 - 'ShowImage.php name' File Disclosure DreamLog 0.5 - 'upload.php' Arbitrary File Upload PHPSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion EVA-Web 1.1 <= 2.2 - 'index.php3' Remote File Inclusion WebChat 0.78 - (login.php rid) SQL Injection Buddy Zone 1.5 - (view_sub_cat.php cat_id) SQL Injection WebChat 0.78 - 'login.php rid' SQL Injection Buddy Zone 1.5 - 'view_sub_cat.php cat_id' SQL Injection TotalCalendar 2.402 - (view_event.php) SQL Injection XCMS 1.1 - (Galerie.php) Local File Inclusion TotalCalendar 2.402 - 'view_event.php' SQL Injection XCMS 1.1 - 'Galerie.php' Local File Inclusion phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection phpEventCalendar 0.2.3 - 'eventdisplay.php' SQL Injection AV Arcade 2.1b - (index.php id) SQL Injection PHPDirector 0.21 - (videos.php id) SQL Injection vbzoom 1.x - (forum.php MainID) SQL Injection AV Arcade 2.1b - 'index.php id' SQL Injection PHPDirector 0.21 - 'videos.php id' SQL Injection vbzoom 1.x - 'forum.php MainID' SQL Injection Girlserv ads 1.5 - (details_news.php) SQL Injection Girlserv ads 1.5 - 'details_news.php' SQL Injection AsteriDex 3.0 - (callboth.php) Remote Code Execution AsteriDex 3.0 - 'callboth.php' Remote Code Execution vBulletin Mod RPG Inferno 2.4 - (inferno.php) SQL Injection OpenLD 1.2.2 - (index.php id) SQL Injection FlashBB 1.1.8 - (sendmsg.php) Remote File Inclusion vBulletin Mod RPG Inferno 2.4 - 'inferno.php' SQL Injection OpenLD 1.2.2 - 'index.php id' SQL Injection FlashBB 1.1.8 - 'sendmsg.php' Remote File Inclusion PsNews 1.1 - (show.php newspath) Local File Inclusion PsNews 1.1 - 'show.php newspath' Local File Inclusion QuickEStore 8.2 - (insertorder.cfm) SQL Injection QuickEStore 8.2 - 'insertorder.cfm' SQL Injection phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion phpBB Module SupaNav 1.0.0 - 'link_main.php' Remote File Inclusion Blog System 1.x - (index.php news_id) SQL Injection Blog System 1.x - 'index.php news_id' SQL Injection Confixx Pro 3.3.1 - (saveserver.php) Remote File Inclusion Confixx Pro 3.3.1 - 'saveserver.php' Remote File Inclusion SimpleBlog 3.0 - (comments_get.asp id) SQL Injection SimpleBlog 3.0 - 'comments_get.asp id' SQL Injection paBugs 2.0 Beta 3 - (main.php cid) SQL Injection paBugs 2.0 Beta 3 - 'main.php cid' SQL Injection YNP Portal System 2.2.0 - (showpage.cgi p) Remote File Disclosure YNP Portal System 2.2.0 - 'showpage.cgi p' Remote File Disclosure FishCart 3.2 RC2 - (fc_example.php) Remote File Inclusion Ncaster 1.7.2 - (archive.php) Remote File Inclusion FishCart 3.2 RC2 - 'fc_example.php' Remote File Inclusion Ncaster 1.7.2 - 'archive.php' Remote File Inclusion Pixlie 1.7 - (pixlie.php root) Remote File Disclosure Pixlie 1.7 - 'pixlie.php root' Remote File Disclosure Squirrelcart 1.x.x - (cart.php) Remote File Inclusion Squirrelcart 1.x.x - 'cart.php' Remote File Inclusion SomeryC 0.2.4 - (include.php skindir) Remote File Inclusion SomeryC 0.2.4 - 'include.php skindir' Remote File Inclusion Micro CMS 3.5 - (revert-content.php) SQL Injection Micro CMS 3.5 - 'revert-content.php' SQL Injection DL PayCart 1.01 - (viewitem.php ItemID) Blind SQL Injection VWar 1.5.0 R15 - (mvcw.php) Remote File Inclusion DL PayCart 1.01 - 'viewitem.php ItemID' Blind SQL Injection VWar 1.5.0 R15 - 'mvcw.php' Remote File Inclusion xGB 2.0 - (xGB.php) Remote Security Bypass xGB 2.0 - 'xGB.php' Remote Security Bypass PHPNS 1.1 - (shownews.php id) SQL Injection PHPNS 1.1 - 'shownews.php id' SQL Injection Ourspace 2.0.9 - (uploadmedia.cgi) Arbitrary File Upload Ourspace 2.0.9 - 'uploadmedia.cgi' Arbitrary File Upload Yvora CMS 1.0 - (error_view.php ID) SQL Injection Yvora CMS 1.0 - 'error_view.php ID' SQL Injection PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion AnyInventory 2.0 - (Environment.php) Remote File Inclusion PHPOF 20040226 - 'DB_adodb.class.php' Remote File Inclusion AnyInventory 2.0 - 'Environment.php' Remote File Inclusion Webace-Linkscript 1.3 SE - (start.php) SQL Injection RW::Download 2.0.3 lite - (index.php dlid) SQL Injection Webace-Linkscript 1.3 SE - 'start.php' SQL Injection RW::Download 2.0.3 lite - 'index.php dlid' SQL Injection Sisfo Kampus 2006 - (blanko.preview.php) Local File Disclosure Sisfo Kampus 2006 - 'blanko.preview.php' Local File Disclosure PHPress 0.2.0 - (adisplay.php lang) Local File Inclusion PHPress 0.2.0 - 'adisplay.php lang' Local File Inclusion Ajax File Browser 3b - (settings.inc.php approot) Remote File Inclusion Ajax File Browser 3b - 'settings.inc.php approot' Remote File Inclusion JBlog 1.0 - (index.php id) SQL Injection JBlog 1.0 - 'index.php id' SQL Injection neuron news 1.0 - (index.php q) Local File Inclusion neuron news 1.0 - 'index.php q' Local File Inclusion Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion Wordsmith 1.1b - 'config.inc.php _path' Remote File Inclusion helplink 0.1.0 - (show.php) Remote File Inclusion helplink 0.1.0 - 'show.php' Remote File Inclusion Novus 1.0 - (notas.asp nota_id) SQL Injection Novus 1.0 - 'notas.asp nota_id' SQL Injection lustig.cms Beta 2.5 - (forum.php view) Remote File Inclusion lustig.cms Beta 2.5 - 'forum.php view' Remote File Inclusion Ossigeno CMS 2.2a3 - (footer.php) Remote File Inclusion Ossigeno CMS 2.2a3 - 'footer.php' Remote File Inclusion Picturesolution 2.1 - (config.php path) Remote File Inclusion Picturesolution 2.1 - 'config.php path' Remote File Inclusion xKiosk 3.0.1i - (xkurl.php PEARPATH) Remote File Inclusion xKiosk 3.0.1i - 'xkurl.php PEARPATH' Remote File Inclusion LimeSurvey 1.52 - (language.php) Remote File Inclusion LimeSurvey 1.52 - 'language.php' Remote File Inclusion emagiC CMS.Net 4.0 - (emc.asp) SQL Injection FireConfig 0.5 - (dl.php) Remote File Disclosure emagiC CMS.Net 4.0 - 'emc.asp' SQL Injection FireConfig 0.5 - 'dl.php' Remote File Disclosure Ax Developer CMS 0.1.1 - (index.php module) Local File Inclusion GuppY 4.6.3 - (includes.inc selskin) Remote File Inclusion Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion scWiki 1.0 Beta 2 - (common.php pathdot) Remote File Inclusion Ax Developer CMS 0.1.1 - 'index.php module' Local File Inclusion GuppY 4.6.3 - 'includes.inc selskin' Remote File Inclusion Quick and Dirty Blog (qdblog) 0.4 - 'categories.php' Local File Inclusion scWiki 1.0 Beta 2 - 'common.php pathdot' Remote File Inclusion Content Injector 1.52 - (index.php cat) SQL Injection Content Injector 1.52 - 'index.php cat' SQL Injection Amber Script 1.0 - (show_content.php id) Local File Inclusion Amber Script 1.0 - 'show_content.php id' Local File Inclusion project alumni 1.0.9 - (index.php act) Local File Inclusion project alumni 1.0.9 - 'index.php act' Local File Inclusion Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure Web-MeetMe 3.0.3 - 'play.php' Remote File Disclosure KML share 1.1 - (region.php layer) Remote File Disclosure KML share 1.1 - 'region.php layer' Remote File Disclosure EZContents 1.4.5 - (index.php link) Remote File Disclosure EZContents 1.4.5 - 'index.php link' Remote File Disclosure PolDoc CMS 0.96 - (download_file.php) File Disclosure PolDoc CMS 0.96 - 'download_file.php' File Disclosure xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure xml2owl 0.1.1 - 'filedownload.php' Remote File Disclosure Wallpaper Site 1.0.09 - (category.php) SQL Injection Wallpaper Site 1.0.09 - 'category.php' SQL Injection PHP ZLink 0.3 - (go.php) SQL Injection PHP ZLink 0.3 - 'go.php' SQL Injection ThemeSiteScript 1.0 - (index.php loadadminpage) Remote File Inclusion ThemeSiteScript 1.0 - 'index.php loadadminpage' Remote File Inclusion ZenPhoto 1.1.3 - (rss.php albumnr) SQL Injection ZenPhoto 1.1.3 - 'rss.php albumnr' SQL Injection Docebo 3.5.0.3 - (lib.regset.php) Command Execution Docebo 3.5.0.3 - 'lib.regset.php' Command Execution Docebo 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection Docebo 3.5.0.3 - 'lib.regset.php/non-blind' SQL Injection Quinsonnas Mail Checker 1.55 - (footer.php) Remote File Inclusion Quinsonnas Mail Checker 1.55 - 'footer.php' Remote File Inclusion PHPMesFilms 1.0 - (index.php id) SQL Injection PHPMesFilms 1.0 - 'index.php id' SQL Injection CuteNews 1.4.6 - (ip ban) Cross-Site Scripting / Command Execution (Administrator Required) CuteNews 1.4.6 - 'ip ban' Authorized Cross-Site Scripting / Command Execution GNUBoard 4.31.03 - (08.12.29) Local File Inclusion GNUBoard 4.31.03 (08.12.29) - Local File Inclusion Gazelle CMS - 'template' Local File Inclusion Gazelle CMS 1.0 - 'template' Local File Inclusion Social Engine - (category_id) SQL Injection SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection Social Engine 3.06 - 'category_id' Parameter SQL Injection SmartSiteCMS 1.0 - Blind SQL Injection Star Articles 6.0 - (admin.manage) Remote Contents Change Star Articles 6.0 - Remote Contents Change PLE CMS 1.0 Beta 4.2 - (login.php school) Blind SQL Injection PLE CMS 1.0 Beta 4.2 - Blind SQL Injection GNUBoard 4.31.04 - (09.01.30) Multiple Local+Remote Vulnerabilities GNUBoard 4.31.04 (09.01.30) - Multiple Local+Remote Vulnerabilities eVision CMS 2.0 - (field) SQL Injection eVision CMS 2.0 - SQL Injection phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection phpBLASTER 1.0 RC1 - Blind SQL Injection phpslash 0.8.1.1 - Remote Code Execution PHPSlash 0.8.1.1 - Remote Code Execution WEBalbum 2.4b - (photo.php id) Blind SQL Injection WEBalbum 2.4b - 'photo.php id' Blind SQL Injection PHPbbBook 1.3 - (bbcode.php l) Local File Inclusion PHPbbBook 1.3 - 'bbcode.php l' Local File Inclusion IF-CMS 2.0 - (frame.php id) Blind SQL Injection IF-CMS 2.0 - 'frame.php id' Blind SQL Injection ZeroBoardXE 1.1.5 - (09.01.22) Cross-Site Scripting ZeroBoardXE 1.1.5 (09.01.22) - Cross-Site Scripting Gaeste 1.6 - (gastbuch.php) Remote File Disclosure Gaeste 1.6 - 'gastbuch.php' Remote File Disclosure Bloggeruniverse 2.0 Beta - (editcomments.php id) SQL Injection Den Dating 9.01 - (searchmatch.php) SQL Injection Bloggeruniverse 2.0 Beta - 'editcomments.php id' SQL Injection Den Dating 9.01 - 'searchmatch.php' SQL Injection PHP Krazy Image Host Script 1.01 - (viewer.php id) SQL Injection PHP Krazy Image Host Script 1.01 - 'viewer.php id' SQL Injection phpBB 3 - (autopost bot mod 0.1.3) Remote File Inclusion i-dreams Mailer 1.2 Final - (admin.dat) File Disclosure i-dreams GB 5.4 Final - (admin.dat) File Disclosure phpBB 3 - 'autopost bot mod 0.1.3' Remote File Inclusion i-dreams Mailer 1.2 Final - 'admin.dat' File Disclosure i-dreams GB 5.4 Final - 'admin.dat' File Disclosure Osmodia Bulletin Board 1.x - (admin.txt) File Disclosure Osmodia Bulletin Board 1.x - 'admin.txt' File Disclosure Supernews 1.5 - (valor.php noticia) SQL Injection X-BLC 0.2.0 - (get_read.php section) SQL Injection Supernews 1.5 - 'valor.php noticia' SQL Injection X-BLC 0.2.0 - 'get_read.php section' SQL Injection SurfMyTV Script 1.0 - (view.php id) SQL Injection SurfMyTV Script 1.0 - 'view.php id' SQL Injection WeBid 0.7.3 RC9 - (upldgallery.php) Arbitrary File Upload WeBid 0.7.3 RC9 - 'upldgallery.php' Arbitrary File Upload vsp stats processor 0.45 - (gamestat.php gameID) SQL Injection vsp stats processor 0.45 - 'gamestat.php gameID' SQL Injection Back-End CMS 5.0 - (main.asp id) SQL Injection Back-End CMS 5.0 - 'main.asp id' SQL Injection GuestCal 2.1 - (index.php lang) Local File Inclusion GuestCal 2.1 - 'index.php lang' Local File Inclusion W2B Restaurant 1.2 - (conf.inc) Config File Disclosure W2B Restaurant 1.2 - 'conf.inc' Config File Disclosure NetHoteles 3.0 - (ficha.php) SQL Injection eLitius 1.0 - (manage-admin.php) Add Admin/Change Password Exploit NetHoteles 3.0 - 'ficha.php' SQL Injection eLitius 1.0 - 'manage-admin.php' Add Admin/Change Password Exploit Dokeos Lms 1.8.5 - (whoisonline.php) PHP Code Injection Dokeos Lms 1.8.5 - 'whoisonline.php' PHP Code Injection Flatchat 3.0 - (pmscript.php with) Local File Inclusion Flatchat 3.0 - 'pmscript.php with' Local File Inclusion VisionLms 1.0 - (changePW.php) Remote Password Change Exploit VisionLms 1.0 - 'changePW.php' Remote Password Change Exploit eLitius 1.0 - (banner-details.php id) SQL Injection ProjectCMS 1.0b - (index.php sn) SQL Injection eLitius 1.0 - 'banner-details.php id' SQL Injection ProjectCMS 1.0b - 'index.php sn' SQL Injection pecio CMS 1.1.5 - (index.php language) Local File Inclusion pecio CMS 1.1.5 - 'index.php language' Local File Inclusion Uguestbook 1.0b - (Guestbook.mdb) Arbitrary Database Disclosure Uguestbook 1.0b - 'Guestbook.mdb' Arbitrary Database Disclosure beLive 0.2.3 - (arch.php arch) Local File Inclusion beLive 0.2.3 - 'arch.php arch' Local File Inclusion PHPenpals 1.1 - (mail.php ID) SQL Injection PHPenpals 1.1 - 'mail.php ID' SQL Injection MaxCMS 2.0 - (inc/ajax.asp) SQL Injection MaxCMS 2.0 - 'inc/ajax.asp' SQL Injection Realty Web-Base 1.0 - (list_list.php id) SQL Injection Realty Web-Base 1.0 - 'list_list.php id' SQL Injection vBulletin vbBux/vbPlaza 2.x - (vbplaza.php) Blind SQL Injection vBulletin vbBux/vbPlaza 2.x - 'vbplaza.php' Blind SQL Injection ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin ShaadiClone 2.0 - 'addAdminmembercode.php' Add Admin ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection ecsportal rel 6.5 - 'article_view_photo.php id' SQL Injection Supernews 2.6 - (index.php noticia) SQL Injection Supernews 2.6 - 'index.php noticia' SQL Injection Movie PHP Script 2.0 - (init.php anticode) Code Execution Movie PHP Script 2.0 - 'init.php anticode' Code Execution VT-Auth 1.0 - (zHk8dEes3.txt) File Disclosure VT-Auth 1.0 - 'zHk8dEes3.txt' File Disclosure PHPWebThings 1.5.2 - (help.php module) Local File Inclusion PHPWebThings 1.5.2 - 'help.php module' Local File Inclusion DB Top Sites 1.0 - (index.php u) Local File Inclusion DB Top Sites 1.0 - 'index.php u' Local File Inclusion PHPCollegeExchange 0.1.5c - (listing_view.php itemnr) SQL Injection PHPCollegeExchange 0.1.5c - 'listing_view.php itemnr' SQL Injection XOOPS 2.3.3 - (.htaccess) Remote File Disclosure PHPFK 7.03 - (page_bottom.php) Local File Inclusion XOOPS 2.3.3 - '.htaccess' Remote File Disclosure PHPFK 7.03 - 'page_bottom.php' Local File Inclusion Glossword 1.8.11 - (index.php x) Local File Inclusion Glossword 1.8.11 - 'index.php x' Local File Inclusion LightOpenCMS 0.1 - (smarty.php cwd) Local File Inclusion LightOpenCMS 0.1 - 'smarty.php cwd' Local File Inclusion Messages Library 2.0 - (cat.php CatID) SQL Injection Messages Library 2.0 - 'cat.php CatID' SQL Injection PHP-Sugar 0.80 - (index.php t) Local File Inclusion PHP-Sugar 0.80 - 'index.php t' Local File Inclusion Universe CMS 1.0.6 - (vnews.php id) SQL Injection Universe CMS 1.0.6 - 'vnews.php id' SQL Injection Phenotype CMS 2.8 - (login.php user) Blind SQL Injection Phenotype CMS 2.8 - 'login.php user' Blind SQL Injection webLeague 2.2.0 - (install.php) Remote Change Password Exploit webLeague 2.2.0 - 'install.php' Remote Change Password Exploit VS PANEL 7.5.5 - (results.php Cat_ID) SQL Injection VS PANEL 7.5.5 - 'results.php Cat_ID' SQL Injection WebVision 2.1 - (news.php n) SQL Injection WebVision 2.1 - 'news.php n' SQL Injection Silentum Guestbook 2.0.2 - (silentum_Guestbook.php) SQL Injection Silentum Guestbook 2.0.2 - 'silentum_Guestbook.php' SQL Injection Basilic 1.5.13 - (index.php idAuthor) SQL Injection Basilic 1.5.13 - 'index.php idAuthor' SQL Injection ProjectButler 1.5.0 - (pda_projects.php offset) Remote File Inclusion ProjectButler 1.5.0 - 'pda_projects.php offset' Remote File Inclusion Netpet CMS 1.9 - (confirm.php language) Local File Inclusion Netpet CMS 1.9 - 'confirm.php language' Local File Inclusion simplePHPWeb 0.2 - (files.php) Authentication Bypass simplePHPWeb 0.2 - 'files.php' Authentication Bypass Discloser 0.0.4-rc2 - (index.php more) SQL Injection Discloser 0.0.4-rc2 - 'index.php more' SQL Injection elgg 1.5 - (/_css/js.php) Local File Inclusion elgg 1.5 - '/_css/js.php' Local File Inclusion In-portal 4.3.1 - (index.php env) Local File Inclusion In-portal 4.3.1 - 'index.php env' Local File Inclusion E CMS 1.0 - (index.php s) SQL Injection E CMS 1.0 - 'index.php s' SQL Injection New5starRating 1.0 - (rating.php) SQL Injection New5starRating 1.0 - 'rating.php' SQL Injection Moa Gallery 1.2.0 - (index.php action) SQL Injection Moa Gallery 1.2.0 - 'index.php action' SQL Injection PAD Site Scripts 3.6 - (list.php string) SQL Injection PAD Site Scripts 3.6 - 'list.php string' SQL Injection PHPSANE 0.5.0 - (save.php) Remote File Inclusion PHPSANE 0.5.0 - 'save.php' Remote File Inclusion Modern Script 5.0 - (index.php s) SQL Injection Re-Script 0.99 Beta - (listings.php op) SQL Injection Modern Script 5.0 - 'index.php s' SQL Injection Re-Script 0.99 Beta - 'listings.php op' SQL Injection KingCMS 0.6.0 - (menu.php) Remote File Inclusion KingCMS 0.6.0 - 'menu.php' Remote File Inclusion Ve-EDIT 0.1.4 - (debug_PHP.php) Local File Inclusion Ve-EDIT 0.1.4 - 'debug_PHP.php' Local File Inclusion OBOphiX 2.7.0 - (fonctions_racine.php) Remote File Inclusion OBOphiX 2.7.0 - 'fonctions_racine.php' Remote File Inclusion PHPNagios 1.2.0 - (menu.php) Local File Inclusion PHPNagios 1.2.0 - 'menu.php' Local File Inclusion An image Gallery 1.0 - (navigation.php) Local Directory Traversal An image Gallery 1.0 - 'navigation.php' Local Directory Traversal Image voting 1.0 - (index.php show) SQL Injection Image voting 1.0 - 'index.php show' SQL Injection Aurora CMS 1.0.2 - (install.plugin.php) Remote File Inclusion Aurora CMS 1.0.2 - 'install.plugin.php' Remote File Inclusion efront 3.5.4 - (database.php path) Remote File Inclusion efront 3.5.4 - 'database.php path' Remote File Inclusion OpenSiteAdmin 0.9.7b - (pageHeader.php path) Remote File Inclusion OpenSiteAdmin 0.9.7b - 'pageHeader.php path' Remote File Inclusion ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection ActiveBuyandSell 6.2 - 'buyersend.asp catid' Blind SQL Injection V.H.S. Booking - (hotel_habitaciones.php HotelID) SQL Injection V.H.S. Booking - 'hotel_habitaciones.php HotelID' SQL Injection Datenator 0.3.0 - (event.php id) SQL Injection Datenator 0.3.0 - 'event.php id' SQL Injection XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection XlentCMS 1.0.4 - 'downloads.php?cat' SQL Injection Rezervi 3.0.2 - (mail.inc.php) Remote File Inclusion Rezervi 3.0.2 - 'mail.inc.php' Remote File Inclusion LightOpenCMS 0.1 - (smarty.php) Remote File Inclusion LightOpenCMS 0.1 - 'smarty.php' Remote File Inclusion ULoki Community Forum 2.1 - (usercp.php) Cross-Site Scripting ULoki Community Forum 2.1 - 'usercp.php' Cross-Site Scripting PHPCOIN 1.2.1 - (mod.php) SQL Injection PHPCOIN 1.2.1 - 'mod.php' SQL Injection PHPCOIN 1.2.1 - (mod.php) Local File Inclusion PHPCOIN 1.2.1 - 'mod.php' Local File Inclusion Anantasoft Gazelle CMS - Cross-Site Request Forgery Gazelle CMS - Cross-Site Request Forgery SiteX CMS 0.7.4 Beta - (/photo.php) SQL Injection SiteX CMS 0.7.4 Beta - '/photo.php' SQL Injection FCKEditor Core - (FileManager test.html) Arbitrary File Upload (1) FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (1) WHMCS control (WHMCompleteSolution) - SQL Injection WHMCompleteSolution (WHMCS) control (WHMCompleteSolution) - SQL Injection WHMCS Control 2 - 'announcements.php' SQL Injection WHMCompleteSolution (WHMCS) Control 2 - 'announcements.php' SQL Injection tekno.Portal 0.1b - (makale.php id) SQL Injection tekno.Portal 0.1b - 'makale.php id' SQL Injection Heaven Soft CMS 4.7 - (photogallery_open.php) SQL Injection Heaven Soft CMS 4.7 - 'photogallery_open.php' SQL Injection Multi Vendor Mall - (itemdetail.php & shop.php) SQL Injection Multi Vendor Mall - 'itemdetail.php & shop.php' SQL Injection PPhlogger 2.2.5 - (trace.php) Remote Command Execution PPhlogger 2.2.5 - 'trace.php' Remote Command Execution Eyeland Studio Inc. - (game.php) SQL Injection Eyeland Studio Inc. - 'game.php' SQL Injection PHPDirector 0.30 - (videos.php) SQL Injection PHPDirector 0.30 - 'videos.php' SQL Injection PHPaaCMS 0.3.1 - (show.php?id=) SQL Injection PHPaaCMS 0.3.1 - 'show.php?id=' SQL Injection BS Business Directory - (articlesdetails.php) SQL Injection (PoC) BS Classifieds Ads - (articlesdetails.php) SQL Injection (PoC) BS Events Directory - (articlesdetails.php) SQL Injection (PoC) BS Business Directory - 'articlesdetails.php' SQL Injection (PoC) BS Classifieds Ads - 'articlesdetails.php' SQL Injection (PoC) BS Events Directory - 'articlesdetails.php' SQL Injection (PoC) Mayasan Portal 2.0 - (makaledetay.asp) SQL Injection Mayasan Portal 2.0 - (haberdetay.asp) SQL Injection Mayasan Portal 2.0 - 'makaledetay.asp' SQL Injection Mayasan Portal 2.0 - 'haberdetay.asp' SQL Injection PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection PhotoPost PHP 4.6.5 - 'ecard.php' SQL Injection sNews 1.7 - (index.php?category) SQL Injection sNews 1.7 - 'index.php?category' SQL Injection Ananta Gazelle CMS - Multiple Vulnerabilities Gazelle CMS - Multiple Vulnerabilities CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure CF Image Hosting Script 1.3 - 'settings.cdb' Information Disclosure mBlogger 1.0.04 - (viewpost.php) SQL Injection mBlogger 1.0.04 - 'viewpost.php' SQL Injection mBlogger 1.0.04 - (addcomment.php) Persistent Cross-Site Scripting mBlogger 1.0.04 - 'addcomment.php' Persistent Cross-Site Scripting Chipmunk Board 1.3 - (index.php?forumID) SQL Injection Chipmunk Board 1.3 - 'index.php?forumID' SQL Injection SmarterMail 7.x - (7.2.3925) LDAP Injection SmarterMail 7.x (7.2.3925) - LDAP Injection xWeblog 2.2 - (oku.asp?makale_id) SQL Injection xWeblog 2.2 - (arsiv.asp tarih) SQL Injection xWeblog 2.2 - 'oku.asp?makale_id' SQL Injection xWeblog 2.2 - 'arsiv.asp tarih' SQL Injection FCKEditor Core 2.x 2.4.3 - (FileManager upload.php) Arbitrary File Upload FCKEditor Core 2.x 2.4.3 - 'FileManager upload.php' Arbitrary File Upload WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion WebRCSdiff 0.9 - 'viewver.php' Remote File Inclusion Ananda Real Estate 3.4 - (list.asp) Multiple SQL Injection Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injection SquareCMS 0.3.1 - (post.php) SQL Injection SquareCMS 0.3.1 - 'post.php' SQL Injection PHP-AddressBook 6.2.4 - (group.php) SQL Injection PHP-AddressBook 6.2.4 - 'group.php' SQL Injection Ignition 1.3 - (page.php) Local File Inclusion Ignition 1.3 - 'page.php' Local File Inclusion AWBS 2.9.2 - (cart.php) Blind SQL Injection AWBS 2.9.2 - 'cart.php' Blind SQL Injection Woltlab Burning Board 2.3.6 Addon - (hilfsmittel.php) SQL Injection Woltlab Burning Board 2.3.6 Addon - 'hilfsmittel.php' SQL Injection WordPress Plugin PHP Speedy 0.5.2 - (admin_container.php) Remote Code Execution WordPress Plugin PHP Speedy 0.5.2 - 'admin_container.php' Remote Code Execution ilchClan 1.0.5 - (regist.php) SQL Injection ilchClan 1.0.5 - 'regist.php' SQL Injection OrangeHRM 2.6.3 - (PluginController.php) Local File Inclusion OrangeHRM 2.6.3 - 'PluginController.php' Local File Inclusion Traidnt UP 2.0 - (view.php) SQL Injection Traidnt UP 2.0 - 'view.php' SQL Injection osCommerce 2.3.1 - (banner_manager.php) Arbitrary File Upload osCommerce 2.3.1 - 'banner_manager.php' Arbitrary File Upload Extcalendar 2.0b2 - (cal_search.php) SQL Injection Extcalendar 2.0b2 - 'cal_search.php' SQL Injection WeBid 1.0.2 - (converter.php) Remote Code Execution WeBid 1.0.2 - 'converter.php' Remote Code Execution FCKEditor Core - (FileManager test.html) Arbitrary File Upload (2) FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (2) MyBB Advanced Forum Signatures - (afsignatures-2.0.4) SQL Injection MyBB Advanced Forum Signatures - 'afsignatures-2.0.4' SQL Injection Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion Ruubikcms 1.1.0 - '/extra/image.php' Local File Inclusion Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection Dolphin 7.0.7 - 'member_menu_queries.php' Remote PHP Code Injection WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - (cart.php) Local File Disclosure WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - 'cart.php' Local File Disclosure CMSmini 0.2.2 - Local File Inclusion CMS mini 0.2.2 - Local File Inclusion WHMCS 3.x.x - (clientarea.php) Local File Disclosure ZenPhoto 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution PHPMyFAQ 2.7.0 - (ajax_create_folder.php) Remote Code Execution aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution WHMCompleteSolution (WHMCS) 3.x.x - 'clientarea.php' Local File Disclosure ZenPhoto 1.4.1.4 - 'ajax_create_folder.php' Remote Code Execution PHPMyFAQ 2.7.0 - 'ajax_create_folder.php' Remote Code Execution aidiCMS 3.55 - 'ajax_create_folder.php' Remote Code Execution WordPress Plugin Zingiri 2.2.3 - (ajax_save_name.php) Remote Code Execution Support Incident Tracker 3.65 - (translate.php) Remote Code Execution WordPress Plugin Zingiri 2.2.3 - 'ajax_save_name.php' Remote Code Execution Support Incident Tracker 3.65 - 'translate.php' Remote Code Execution FreeWebShop 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution FreeWebShop 2.2.9 R2 - 'ajax_save_name.php' Remote Code Execution Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Log1 CMS 2.0 - 'ajax_create_folder.php' Remote Code Execution PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) (Metasploit) PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (2) (Metasploit) Tiki Wiki CMS Groupware 8.2 - (snarf_ajax.php) Remote PHP Code Injection Tiki Wiki CMS Groupware 8.2 - 'snarf_ajax.php' Remote PHP Code Injection Mnews 1.1 - (view.php) SQL Injection Mnews 1.1 - 'view.php' SQL Injection appRain CMF 0.1.5 - (Uploadify.php) Unrestricted Arbitrary File Upload appRain CMF 0.1.5 - 'Uploadify.php' Unrestricted Arbitrary File Upload BASE 1.4.5 - (base_qry_main.php t_view) SQL Injection BASE 1.4.5 - 'base_qry_main.php t_view' SQL Injection Ananta Gazelle CMS - Update Statement SQL Injection Gazelle CMS 1.0 - Update Statement SQL Injection PHPFox 3.0.1 - (ajax.php) Remote Command Execution PHPFox 3.0.1 - 'ajax.php' Remote Command Execution OpenConf 4.11 - (author/edit.php) Blind SQL Injection OpenConf 4.11 - 'author/edit.php' Blind SQL Injection NewsAdd 1.0 - (lerNoticia.php id) SQL Injection Supernews 2.6.1 - (noticias.php cat) SQL Injection NewsAdd 1.0 - 'lerNoticia.php id' SQL Injection Supernews 2.6.1 - 'noticias.php cat' SQL Injection SN News 1.2 - (visualiza.php) SQL Injection SN News 1.2 - 'visualiza.php' SQL Injection PHPNet 1.8 - (ler.php) SQL Injection PHPNet 1.8 - 'ler.php' SQL Injection X-Cart Gold 4.5 - (products_map.php symb Parameter) Cross-Site Scripting X-Cart Gold 4.5 - 'products_map.php symb Parameter' Cross-Site Scripting Dell SonicWALL Scrutinizer 9.0.1 - (statusFilter.php q Parameter) SQL Injection Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php q Parameter' SQL Injection Symantec Web Gateway 5.0.2 - (blocked.php id Parameter) Blind SQL Injection Symantec Web Gateway 5.0.2 - 'blocked.php id Parameter' Blind SQL Injection Symantec Web Gateway 5.0.3.18 - (deptUploads_data.php groupid Parameter) Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid Parameter' Blind SQL Injection YourArcadeScript 2.4 - (index.php id Parameter) SQL Injection YourArcadeScript 2.4 - 'index.php id Parameter' SQL Injection vlinks 2.0.3 - (site.php id Parameter) SQL Injection vlinks 2.0.3 - 'site.php id Parameter' SQL Injection Blog Mod 0.1.9 - (index.php month Parameter) SQL Injection Blog Mod 0.1.9 - 'index.php month Parameter' SQL Injection MyBB Profile Albums Plugin 0.9 - (albums.php album Parameter) SQL Injection MyBB Profile Albums Plugin 0.9 - 'albums.php album Parameter' SQL Injection YeaLink IP Phone SIP-TxxP firmware 9.70.0.100 - Multiple Vulnerabilities YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 - Multiple Vulnerabilities Linksys WRT54GL (Firmware 4.30.15 build 2) - Multiple Vulnerabilities Linksys WRT54GL Firmware 4.30.15 build 2 - Multiple Vulnerabilities NConf 1.3 - (detail.php detail_admin_items.php id Parameter) SQL Injection NConf 1.3 - 'detail.php detail_admin_items.php id Parameter' SQL Injection DataLife Engine 9.7 - (preview.php) PHP Code Injection DataLife Engine 9.7 - 'preview.php' PHP Code Injection AdaptCMS 2.0.4 - (config.php question Parameter) SQL Injection AdaptCMS 2.0.4 - 'config.php question Parameter' SQL Injection CubeCart 5.2.0 - (cubecart.class.php) PHP Object Injection CubeCart 5.2.0 - 'cubecart.class.php' PHP Object Injection Piwigo 2.4.6 - (install.php) Arbitrary File Read/Delete Piwigo 2.4.6 - 'install.php' Arbitrary File Read/Delete OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload OpenEMR 4.1.1 - 'ofc_upload_image.php' Arbitrary File Upload PHPMyRecipes 1.2.2 - (viewrecipe.php r_id Parameter) SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php r_id Parameter' SQL Injection MTP Image Gallery 1.0 - (edit_photos.php title Parameter) Cross-Site Scripting MTP Image Gallery 1.0 - 'edit_photos.php title Parameter' Cross-Site Scripting WordPress Plugin Count Per Day 3.2.5 - (counter.php) Cross-Site Scripting WordPress Plugin Count Per Day 3.2.5 - 'counter.php' Cross-Site Scripting AWS Xms 2.5 - (importer.php what Parameter) Directory Traversal Pollen CMS 0.6 - (index.php p Parameter) Local File Disclosure AWS Xms 2.5 - 'importer.php what Parameter' Directory Traversal Pollen CMS 0.6 - 'index.php p Parameter' Local File Disclosure WHMCS Group Pay Plugin 1.5 - (grouppay.php hash Parameter) SQL Injection WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php hash Parameter' SQL Injection WHMCS 4.x - (invoicefunctions.php id Parameter) SQL Injection WHMCS 4.x - 'invoicefunctions.php id Parameter' SQL Injection AVE.CMS 2.09 - (index.php module Parameter) Blind SQL Injection AVE.CMS 2.09 - 'index.php module Parameter' Blind SQL Injection RadioCMS 2.2 - (menager.php playlist_id Parameter) SQL Injection RadioCMS 2.2 - 'menager.php playlist_id Parameter' SQL Injection NEXTWEB - (i)Site 'login.asp' SQL Injection NEXTWEB (i)Site - 'login.asp' SQL Injection Ruubikcms 1.1.1 - (tinybrowser.php folder Parameter) Directory Traversal Ruubikcms 1.1.1 - 'tinybrowser.php folder Parameter' Directory Traversal Simple PHP Agenda 2.2.8 - (edit_event.php eventid Parameter) SQL Injection Simple PHP Agenda 2.2.8 - 'edit_event.php eventid Parameter' SQL Injection Top Games Script 1.2 - (play.php gid Parameter) SQL Injection Top Games Script 1.2 - 'play.php gid Parameter' SQL Injection Elemata CMS RC3.0 - (global.php id Parameter) SQL Injection Elemata CMS RC3.0 - 'global.php id Parameter' SQL Injection PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution PHP-Charts 1.0 - 'index.php type Parameter' Remote Code Execution PHPSlash 0.8.1 - article.php SQL Injection PHPSlash 0.8.1 - 'article.php' SQL Injection Telmanik CMS Press 1.01b - (pages.php page_name Parameter) SQL Injection Telmanik CMS Press 1.01b - 'pages.php page_name Parameter' SQL Injection glFusion 1.3.0 - (search.php cat_id Parameter) SQL Injection glFusion 1.3.0 - 'search.php cat_id Parameter' SQL Injection Vtiger CRM 5.4.0 - (index.php onlyforuser Parameter) SQL Injection Vtiger CRM 5.4.0 - 'index.php onlyforuser Parameter' SQL Injection XAMPP 1.8.1 - (lang.php WriteIntoLocalDisk method) Local Write Access XAMPP 1.8.1 - 'lang.php WriteIntoLocalDisk method' Local Write Access WHMCS 5.2.7 - SQL Injection WHMCompleteSolution (WHMCS) 5.2.7 - SQL Injection PHPList 2.10.2 - 'index.php' Cross-Site Scripting phpList 2.10.2 - 'index.php' Cross-Site Scripting Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage Parameter) SQL Injection Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php sondage Parameter' SQL Injection WHMCS 5.2.8 - SQL Injection WHMCompleteSolution (WHMCS) 5.2.8 - SQL Injection Vanilla Forums 2.0 < 2.0.18.5 - (class.utilitycontroller.php) PHP Object Injection Vanilla Forums 2.0 < 2.0.18.5 - 'class.utilitycontroller.php' PHP Object Injection Project'Or RIA 3.4.0 - (objectDetail.php objectId Parameter) SQL Injection Project'Or RIA 3.4.0 - 'objectDetail.php objectId Parameter' SQL Injection Chamilo Lms 1.9.6 - (profile.php password0 Parameter) SQL Injection Dokeos 2.2 RC2 - (index.php language Parameter) SQL Injection Chamilo Lms 1.9.6 - 'profile.php password0 Parameter' SQL Injection Dokeos 2.2 RC2 - 'index.php language Parameter' SQL Injection WHMCS 4.x / 5.x - Multiple Web Vulnerabilities WHMCompleteSolution (WHMCS) 4.x / 5.x - Multiple Web Vulnerabilities SiteBar 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution SiteBar 3.3.8 - 'translator.php' upd cmd Action edit Variable Arbitrary PHP Code Execution osCommerce 2.3.3.4 - (geo_zones.php zID Parameter) SQL Injection osCommerce 2.3.3.4 - 'geo_zones.php zID Parameter' SQL Injection Concrete5 5.6.2.1 - (index.php cID Parameter) SQL Injection Concrete5 5.6.2.1 - 'index.php cID Parameter' SQL Injection D-Link DIR-615 Hardware vE4 Firmware v5.10 - Cross-Site Request Forgery D-Link DIR-615 Hardware vE4 Firmware 5.10 - Cross-Site Request Forgery WordPress Plugin AdRotate 3.9.4 - (clicktracker.php track Parameter) SQL Injection WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php track Parameter' SQL Injection Chipmunk Blog - members.php membername Parameter Cross-Site Scripting Chipmunk Blog - comments.php membername Parameter Cross-Site Scripting Chipmunk Blog - photos.php membername Parameter Cross-Site Scripting Chipmunk Blog - archive.php membername Parameter Cross-Site Scripting Chipmunk Blog - cat.php membername Parameter Cross-Site Scripting Chipmunk Blog - 'members.php' Cross-Site Scripting Chipmunk Blog - 'comments.php' Cross-Site Scripting Chipmunk Blog - 'photos.php' Cross-Site Scripting Chipmunk Blog - 'archive.php' Cross-Site Scripting Chipmunk Blog - 'cat.php' Cross-Site Scripting webERP 4.11.3 - (SalesInquiry.php SortBy Parameter) SQL Injection webERP 4.11.3 - 'SalesInquiry.php SortBy Parameter' SQL Injection ownCloud 4.0.x/4.5.x - (upload.php Filename Parameter) Remote Code Execution ownCloud 4.0.x/4.5.x - 'upload.php Filename Parameter' Remote Code Execution InterWorx Control Panel 5.0.13 build 574 - (xhr.php i Parameter) SQL Injection InterWorx Control Panel 5.0.13 build 574 - 'xhr.php i Parameter' SQL Injection kitForm CRM Extension 0.43 - (sorter.php sorter_value Parameter) SQL Injection kitForm CRM Extension 0.43 - 'sorter.php sorter_value Parameter' SQL Injection dompdf 0.6.0 - (dompdf.php read Parameter) Arbitrary File Read dompdf 0.6.0 - 'dompdf.php read Parameter' Arbitrary File Read ArticleFR 11.06.2014 - (data.php) Privilege Escalation ArticleFR 11.06.2014 - 'data.php' Privilege Escalation vBulletin 4.0.x < 4.1.2 - (search.php cat Parameter) SQL Injection vBulletin 4.0.x < 4.1.2 - 'search.php cat Parameter' SQL Injection Bacula-Web 5.2.10 - (joblogs.php jobid Parameter) SQL Injection Bacula-Web 5.2.10 - 'joblogs.php jobid Parameter' SQL Injection net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion net2ftp 0.98 (stable) - 'admin1.template.php' Local File Inclusion / Remote File Inclusion Piwigo 2.6.0 - (picture.php rate Parameter) SQL Injection Piwigo 2.6.0 - 'picture.php rate Parameter' SQL Injection PHPMyRecipes 1.2.2 - (dosearch.php words_exact Parameter) SQL Injection PHPMyRecipes 1.2.2 - 'dosearch.php words_exact Parameter' SQL Injection Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection PHPMyRecipes 1.2.2 - (browse.php category Parameter) SQL Injection PHPMyRecipes 1.2.2 - 'browse.php category Parameter' SQL Injection u5CMS 3.9.3 - (deletefile.php) Arbitrary File Deletion u5CMS 3.9.3 - 'deletefile.php' Arbitrary File Deletion WordPress Plugin Freshmail 1.5.8 - (shortcode.php) SQL Injection WordPress Plugin Freshmail 1.5.8 - 'shortcode.php' SQL Injection CreateVision CreateVision CMS - 'id' Parameter SQL Injection CreateVision CMS - 'id' Parameter SQL Injection PHPCollab 2.5 - (deletetopics.php) SQL Injection PHPCollab 2.5 - 'deletetopics.php' SQL Injection Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Acuity CMS 2.6.2 - '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution WHMCS - 'boleto_bb.php' SQL Injection WHMCompleteSolution (WHMCS) - 'boleto_bb.php' SQL Injection PHPList 2.10.9 - 'Sajax.php' PHP Code Injection phpList 2.10.9 - 'Sajax.php' PHP Code Injection WHMCompleteSolution - (WHMCS) 5.0 'KnowledgeBase.php' search Parameter Cross-Site Scripting WHMCompleteSolution (WHMCS) 5.0 - 'KnowledgeBase.php' search Parameter Cross-Site Scripting FCKEditor Core - (Editor 'spellchecker.php') Cross-Site Scripting FCKEditor Core - 'Editor 'spellchecker.php'' Cross-Site Scripting PHPList 2.10.18 - 'index.php' SQL Injection phpList 2.10.18 - 'index.php' SQL Injection WHMCS 4.5.2 - 'googlecheckout.php' SQL Injection WHMCompleteSolution (WHMCS) 4.5.2 - 'googlecheckout.php' SQL Injection SolarWinds Orion IP Address Manager - (IPAM) 'search.aspx' Cross-Site Scripting SolarWinds Orion IP Address Manager (IPAM) - 'search.aspx' Cross-Site Scripting PHP gettext 1.0.12 - (gettext.php) Unauthenticated Code Execution PHP gettext 1.0.12 - 'gettext.php' Unauthenticated Code Execution WHMCS Addon VMPanel 2.7.4 - SQL Injection WHMCompleteSolution (WHMCS) Addon VMPanel 2.7.4 - SQL Injection WD My Cloud Mirror 2.11.153 - Authentication Bypass / Remote Code Execution MyBB < 1.8.3 (with PHP 5.6 < 5.6.11) - Remote Code Execution	2017-01-25 05:01:18 +00:00
Offensive Security	18d8085c6d	DB: 2016-12-18 13 new exploits Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055) Orthanc DICOM Server 1.1.0 - Memory Corruption Microsoft Internet Explorer 9 - MSHTML CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 - IEFRAME CMarkup::RemovePointerPos Use-After-Free (MS13-055) OsiriX DICOM Viewer 8.0.1 - Memory Corruption ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow DCMTK 3.6.0 storescp - Stack Buffer Overflow Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service Microsoft Internet Explorer 9 IEFRAME - CMarkupPointer::MoveToGap Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CView::EnsureSize Use-After-Free (MS13-021) Nagios < 4.2.4 - Privilege Escalation iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking Use-After-Free Alienvault OSSIM - SQL Injection / Remote Code Execution (Metasploit) Alienvault Open Source SIEM (OSSIM) - SQL Injection / Remote Code Execution (Metasploit) Alienvault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution Alienvault Open Source SIEM (OSSIM) < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution Alienvault OSSIM - av-centerd Command Injection (Metasploit) Alienvault Open Source SIEM (OSSIM) - av-centerd Command Injection (Metasploit) Horos 2.1.0 Web Portal - Directory Traversal Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes) Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities Alienvault Open Source SIEM (OSSIM) 3.1 - Multiple Security Vulnerabilities Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault OSSIM 4.1.2 - Multiple SQL Injections Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities Alienvault Open Source SIEM (OSSIM) 4.1 - Multiple SQL Vulnerabilities Alienvault 4.3.1 - Unauthenticated SQL Injection Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting Alienvault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit) Alienvault Open Source SIEM (OSSIM) 4.6.1 - Authenticated SQL Injection (Metasploit) Alienvault OSSIM 4.3 - Cross-Site Request Forgery Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery WHMCS Addon VMPanel 2.7.4 - SQL Injection WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery	2016-12-18 05:01:16 +00:00
Offensive Security	c27aa131c8	DB: 2016-11-15 5 new exploits MyServer 0.8.11 - (204 No Content) error Remote Denial of Service MyServer 0.8.11 - '204 No Content' error Remote Denial of Service Microsoft Internet Explorer 11 MSHTML - CMapElement::Notify Use-After-Free (MS15-009) Microsoft Internet Explorer 9-11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 9<11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104) MySQL 4.0.17 - UDF Dynamic Library Exploit MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (1) MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Privilege Escalation MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (2) Solaris 8 / 9 - (/usr/ucb/ps) Local Information Leak Exploit Solaris 8 / 9 - '/usr/ucb/ps' Local Information Leak Exploit Solaris 10 (libnspr) - Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (1) Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (2) Solaris 10 (libnspr) - Constructor Privilege Escalation Solaris 10 libnspr - 'Constructor' Arbitrary File Creation Privilege Escalation (3) IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug IBM AIX 5.6/6.1 - '_LIB_INIT_DBG' Arbitrary File Overwrite via Libc Debug Apple MacOS 10.12 - 'task_t' Privilege Escalation Apple macOS 10.12 - 'task_t' Privilege Escalation Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation Solaris 8/9 ps - Environment Variable Information Leak Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation Linux Kernel 4.4 (Ubuntu 16.04) - BPF Local Privilege Escalation (Metasploit) Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - /bin/login Buffer Overflow Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Buffer Overflow Oracle 9i / 10g (extproc) - Local+Remote Command Execution Oracle 9i / 10g (extproc) - Local / Remote Command Execution Solaris/SPARC 2.5.1/2.6/7/8 - Derived 'login' Buffer Overflow Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 8<11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit) MiniNuke 1.8.2 - (news.asp hid) SQL Injection MiniNuke 1.8.2 - 'hid' Parameter SQL Injection MiniNuke 1.8.2b - (pages.asp) SQL Injection MiniNuke 1.8.2b - 'pages.asp' SQL Injection MiniNuke 2.x - (create an admin) SQL Injection MiniNuke 2.x - SQL Injection (Add Admin) Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit Nukedit CMS 4.9.6 - Unauthorized Admin Add Portail Web PHP 2.5.1 - (includes.php) Remote File Inclusion Portail Web PHP 2.5.1 - 'includes.php' Remote File Inclusion CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion Mambo Module Weather - 'absolute_path' Remote File Inclusion CodeBreak 1.1.2 - 'codebreak.php' Remote File Inclusion Mambo Module Weather - 'absolute_path' Parameter Remote File Inclusion mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion mxBB Module MX Shotcast 1.0 RC2 - 'getinfo1.php' Remote File Inclusion RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion RicarGBooK 1.2.1 - 'lang' Parameter Local File Inclusion BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection BlogPHP 2 - 'id' Parameter Cross-Site Scripting / SQL Injection MultiCart 2.0 - (productdetails.php) SQL Injection PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection PHP-Nuke Module Siir - 'id' SQL Injection MultiCart 2.0 - 'productdetails.php' SQL Injection PHP-Nuke Modules Manuales 0.1 - 'cid' Parameter SQL Injection PHP-Nuke Module Siir - 'id' Parameter SQL Injection OSSIM 0.9.9rc5 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection OSSIM 0.9.9rc5 - Cross-Site Scripting / SQL Injection PHP-Nuke Module NukeC 2.1 - 'id_catg' Parameter SQL Injection PHPProfiles 4.5.2 Beta - (body_comm.inc.php) Remote File Inclusion PHPProfiles 4.5.2 Beta - 'body_comm.inc.php' Remote File Inclusion PHPUserBase 1.3b - (unverified.inc.php) Local File Inclusion PHPUserBase 1.3b - (unverified.inc.php) Remote File Inclusion PHPUserBase 1.3b - 'unverified.inc.php' Local File Inclusion PHPUserBase 1.3b - 'unverified.inc.php' Remote File Inclusion PHP-Nuke Module Kose_Yazilari - (artid) SQL Injection MiniNuke 2.1 - (members.asp uid) SQL Injection PHP-Nuke Module Kose_Yazilari - 'artid' Parameter SQL Injection MiniNuke 2.1 - 'uid' Parameter SQL Injection Nukedit 4.9.x - Remote Create Admin Exploit WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities Mambo Component SimpleBoard 1.0.3 - 'catid' SQL Injection Nukedit 4.9.x - Remote Create Admin WordPress Plugin Sniplets 1.1.2 - Remote File Inclusion / Cross-Site Scripting / Remote Code Execution Mambo Component SimpleBoard 1.0.3 - 'catid' Parameter SQL Injection GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion Koobi Pro 5.7 - (categ) SQL Injection GROUP-E 1.6.41 - 'head_auth.php' Remote File Inclusion Dream4 Koobi Pro 5.7 - 'categ' Parameter SQL Injection barryvan compo manager 0.5pre-1 - Remote File Inclusion PHP-Nuke My_eGallery 2.7.9 - SQL Injection Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure Koobi CMS 4.3.0 < 4.2.3 - (categ) SQL Injection Barryvan Compo Manager 0.3 - Remote File Inclusion PHP-Nuke Module My_eGallery 2.7.9 - SQL Injection Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure Dream4 Koobi CMS 4.3.0 < 4.2.3 - 'categ' Parameter SQL Injection Koobi Pro 6.25 - links SQL Injection Koobi Pro 6.25 - shop SQL Injection Koobi Pro 6.25 - gallery SQL Injection Koobi Pro 6.25 - showimages SQL Injection Koobi 4.4/5.4 - gallery SQL Injection Dream4 Koobi Pro 6.25 Links - 'categ' Parameter SQL Injection Dream4 Koobi Pro 6.25 Shop - 'categ' Parameter SQL Injection Dream4 Koobi Pro 6.25 Gallery - 'galid' Parameter SQL Injection Dream4 Koobi Pro 6.25 Showimages - 'galid' Parameter SQL Injection Dream4 Koobi 4.4/5.4 - gallery SQL Injection Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections Koobi Pro 6.25 - poll SQL Injection Dream4 Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections Dream4 Koobi Pro 6.25 Poll - 'poll_id' Parameter SQL Injection Podcast Generator 1.2 - GLOBALS[] Multiple Vulnerabilities Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities DBHCMS Web Content Management System 1.1.4 - Remote File Inclusion DBHcms 1.1.4 - Remote File Inclusion Koobi Pro 6.1 - Gallery (img_id) Dream4 Koobi Pro 6.1 Gallery - 'img_id' Parameter SQL Injection dbhcms 1.1.4 - Persistent Cross-Site Scripting DBHcms 1.1.4 - Persistent Cross-Site Scripting DBHcms 1.1.4 (dbhcms_user and SearchString) - SQL Injection DBHcms 1.1.4 - 'dbhcms_user/SearchString' Parameter SQL Injection podcast generator 1.3 - Multiple Vulnerabilities Podcast Generator 1.3 - Multiple Vulnerabilities PHP Download Manager 1.1.x - files.php SQL Injection PHP Download Manager 1.1.x - 'files.php' SQL Injection Koobi 5.0 - BBCode URL Tag Script Injection Dream4 Koobi 5.0 - BBCode URL Tag Script Injection Koobi Pro 5.6 - showtopic Module toid Parameter Cross-Site Scripting Koobi Pro 5.6 - showtopic Module toid Parameter SQL Injection Dream4 Koobi Pro 5.6 - 'showtopic' Parameter SQL Injection Portail Web PHP 2.5.1 - config/conf-activation.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - menu/item.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - modules/conf_modules.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - system/login.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - 'conf-activation.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'item.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'conf_modules.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'login.php' Remote File Inclusion Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting Barryvan Compo Manager 0.3 - 'main.php' Remote File Inclusion Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion Boonex Dolphin 7.3.2 - Authentication Bypass / Remote Code Execution	2016-11-15 05:01:20 +00:00
Offensive Security	c76e893f94	DB: 2016-11-02 12 new exploits KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow Apple iOS 4.0.3 - DPAP Server Denial of Service KarjaSoft Sami FTP Server 2.02 - USER Overflow (Metasploit) KarjaSoft Sami FTP Server 2.0.2 - USER Remote Buffer Overflow (Metasploit) Freefloat FTP Server - (LIST command) Buffer Overflow Freefloat FTP Server - 'LIST' Command Buffer Overflow Freefloat FTP Server 1.00 - MKD Buffer Overflow Freefloat FTP Server - MKD Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - 'MKD' Buffer Overflow Freefloat FTP Server - 'MKD' Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - REST & PASV Buffer Overflow Freefloat FTP Server 1.0 - 'REST' / 'PASV' Buffer Overflow Freefloat FTP Server - REST Buffer Overflow (Metasploit) Freefloat FTP Server - 'REST' Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - ACCL Buffer Overflow Freefloat FTP Server 1.0 - 'ACCL' Buffer Overflow Nagios Plugin check_ups - Local Buffer Overflow (PoC) Nagios Plugins check_ups - Local Buffer Overflow (PoC) Joomla! Component KISS Advertiser - Remote File / Bypass Upload Joomla! Component 'com_ksadvertiser' - Remote File / Bypass Upload Joomla! Component OS Property 2.0.2 - Unrestricted Arbitrary File Upload Joomla! Component 'com_osproperty' 2.0.2 - Unrestricted Arbitrary File Upload Joomla! Component com_niceajaxpoll 1.3.0 - SQL Injection Joomla! Component 'com_niceajaxpoll' 1.3.0 - SQL Injection Joomla! Extension Movm Extension (com_movm) - SQL Injection Joomla! Component 'com_movm' - SQL Injection Joomla! Component joomgalaxy 1.2.0.4 - Multiple Vulnerabilities Joomla! Component 'com_joomgalaxy' 1.2.0.4 - Multiple Vulnerabilities Joomla! Component En Masse 1.2.0.4 - SQL Injection Joomla! Component 'com_enmasse' 1.2.0.4 - SQL Injection Joomla! Component FireBoard (com_fireboard) - SQL Injection Joomla! Component 'com_fireboard' - SQL Injection Joomla! Component Spider Calendar Lite (com_spidercalendar) - SQL Injection Joomla! Component 'com_spidercalendar' - SQL Injection Joomla! Component RokModule - 'index.php module Parameter' Blind SQL Injection Joomla! Component 'com_rokmodule' - 'module' Parameter Blind SQL Injection Joomla! Component iCagenda - (id Parameter) Multiple Vulnerabilities Joomla! Component 'com_icagenda' - 'id' Parameter Multiple Vulnerabilities Joomla! Component FreeStyle Support com_fss 1.9.1.1447 - SQL Injection Joomla! Component Tags - 'index.php tag Parameter' SQL Injection Joomla! Component 'com_fss' 1.9.1.1447 - SQL Injection Joomla! Component 'com_tag' - 'tag' Parameter SQL Injection Joomla! Plugin Commedia - 'index.php task Parameter' SQL Injection Joomla! Component Kunena - 'index.php search Parameter' SQL Injection Joomla! Component 'com_commedia' - 'task' Parameter SQL Injection Joomla! Component 'com_kunena' - 'search' Parameter SQL Injection Freefloat FTP Server - PUT Command Buffer Overflow Freefloat FTP Server - 'PUT' Command Buffer Overflow Joomla! Component Spider Catalog - 'index.php Product_ID Parameter' SQL Injection Joomla! Component 'com_spidercatalog' - 'Product_ID' Parameter SQL Injection Free Float FTP Server - USER Command Buffer Overflow Freefloat FTP Server - 'USER' Command Buffer Overflow Joomla! Component JooProperty 1.13.0 - Multiple Vulnerabilities Joomla! Component 'com_jooproperty' 1.13.0 - Multiple Vulnerabilities Joomla! Component Spider Calendar - 'index.php date Parameter' Blind SQL Injection Joomla! Component 'com_spidercalendar' - 'date' Parameter Blind SQL Injection Joomla! Component com_collector - Arbitrary File Upload Joomla! Component 'com_collector' - Arbitrary File Upload Freefloat FTP 1.0 - Raw Commands Buffer Overflow Freefloat FTP Server 1.0 - 'Raw' Commands Buffer Overflow Joomla! 3.0.2 - (highlight.php) PHP Object Injection Joomla! 3.0.2 - 'highlight.php' PHP Object Injection Joomla! Component RSfiles - (cid parameter) SQL Injection Joomla! Component 'com_rsfiles' - 'cid' Parameter SQL Injection Joomla! Component CiviCRM 4.2.2 - Remote Code Injection Joomla! Component 'com_civicrm' 4.2.2 - Remote Code Injection Freefloat FTP 1.0 - DEP Bypass with ROP Freefloat FTP Server 1.0 - DEP Bypass with ROP Joomla! 3.0.3 - (remember.php) PHP Object Injection Joomla! 3.0.3 - 'remember.php' PHP Object Injection Joomla! Extension DJ Classifieds 2.0 - Blind SQL Injection Joomla! Component 'dj-classifieds' 2.0 - Blind SQL Injection Joomla! Component S5 Clan Roster com_s5clanroster - 'index.php id Parameter' SQL Injection Joomla! Component 'com_s5clanroster' - 'id' Parameter SQL Injection Joomla! Component Sectionex 2.5.96 - SQL Injection Joomla! Component 'com_sectionex' 2.5.96 - SQL Injection Joomla! Component redSHOP 1.2 - SQL Injection Joomla! Component 'com_redshop' 1.2 - SQL Injection Joomla! Component Media Manager - Arbitrary File Upload (Metasploit) Joomla! Component 'com_media' - Arbitrary File Upload (Metasploit) Apple iOS Mobile Safari - Memory Exhaustion Remote Denial of Service check_dhcp - Nagios Plugins 2.0.1 - Arbitrary Option File Read Nagios Plugins check_dhcp 2.0.1 - Arbitrary Option File Read check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Nagios Plugins check_dhcp 2.0.2 - Arbitrary Option File Read Race Condition Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation Joomla! Component IDoEditor - 'image.php' Arbitrary File Upload Joomla! Component jFancy - 'script.php' Arbitrary File Upload Joomla! Component 'IDoEditor' - 'image.php' Arbitrary File Upload Joomla! Component 'mod_jfancy' - 'script.php' Arbitrary File Upload Joomla! Component hwdVideoShare - 'flash_upload.php' Arbitrary File Upload Joomla! Component 'com_hwdvideoshare' - 'flash_upload.php' Arbitrary File Upload Joomla! Component Maian Media - 'uploadhandler.php' Arbitrary File Upload Joomla! Component JCal Pro Calendar - SQL Injection Joomla! Component 'com_maianmedia' - 'uploadhandler.php' Arbitrary File Upload Joomla! Component 'com_jcalpro' - SQL Injection Joomla! Component com_szallasok - 'id' Parameter SQL Injection Joomla! Component 'com_szallasok' - 'id' Parameter SQL Injection Joomla! Module Language Switcher 2.5.x - Multiple Cross-Site Scripting Vulnerabilities My Little Forum 2.3.7 - Multiple Vulnerabilities Joomla! Component com_hello - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_hello' - 'Controller' Parameter Local File Inclusion Joomla! Component Odudeprofile - 'profession' Parameter SQL Injection Joomla! Component 'com_odudeprofile' - 'profession' Parameter SQL Injection Joomla! Component com_photo - Multiple SQL Injections Joomla! Component 'com_photo' - Multiple SQL Injections Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities Joomla! Component 'com_civicrm' - Multiple Arbitrary File Upload Vulnerabilities Joomla! Component Komento - 'cid' Parameter SQL Injection Joomla! Component 'Komento' - 'cid' Parameter SQL Injection Joomla! Component com_quiz - SQL Injection Joomla! Component 'com_quiz' - SQL Injection Joomla! Component com_parcoauto - 'idVeicolo' Parameter SQL Injection Joomla! Component 'com_parcoauto' - 'idVeicolo' Parameter SQL Injection Joomla! Component ZT Autolinks - 'Controller' Parameter Local File Inclusion Joomla! Component Bit - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_ztautolink' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_bit' - 'Controller' Parameter Local File Inclusion Joomla! Component Incapsula - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_incapsula' - Multiple Cross-Site Scripting Vulnerabilities Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation Apple Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit) Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit) Joomla! Component RokDownloads - Arbitrary File Upload Joomla! Component 'com_rokdownloads' - Arbitrary File Upload Apple Intel HD 3000 Graphics driver 10.0.0 - Privilege Escalation Apple Intel HD 3000 Graphics Driver 10.0.0 - Privilege Escalation MyLittleForum 2.3.5 - PHP Command Injection My Little Forum 2.3.5 - PHP Command Injection Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free OS X/iOS Kernel - IOSurface Use-After-Free OS X/iOS - mach_ports_register Multiple Memory Safety Issues Apple OS X - Kernel IOBluetoothFamily.kext Use-After-Free Apple OS X/iOS - Kernel IOSurface Use-After-Free Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues MacOS 10.12 - 'task_t' Privilege Escalation Apple MacOS 10.12 - 'task_t' Privilege Escalation Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow School Registration and Fee System - Authentication Bypass Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow Freefloat FTP Server 1.0 - 'HOST' Command Buffer Overflow KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (SEH) Freefloat FTP Server 1.0 - 'RENAME' Command Buffer Overflow MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation	2016-11-02 05:01:19 +00:00
Offensive Security	18f707fb94	DB: 2016-11-01 24 new exploits Serendipity 0.7-beta1 - SQL Injection (PoC) S9Y Serendipity 0.7-beta1 - SQL Injection (PoC) Serendipity 0.8beta4 - exit.php SQL Injection S9Y Serendipity 0.8beta4 - exit.php SQL Injection CBSms Mambo Module 1.0 - Remote File Inclusion Pearl For Mambo 1.6 - Multiple Remote File Inclusion Mambo Module CBSms 1.0 - Remote File Inclusion Mambo Component Pearl 1.6 - Multiple Remote File Inclusion galleria Mambo Module 1.0b - Remote File Inclusion Mambo Module galleria 1.0b - Remote File Inclusion SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion Mambo Component SimpleBoard 1.1.0 - Remote File Inclusion Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion com_videodb Mambo Component 0.3en - Remote File Inclusion SMF Forum Mambo Component 1.3.1.3 - Include com_extcalendar Mambo Component 2.0 - Include com_loudmouth Mambo Component 4.0j - Include pc_cookbook Mambo Component 0.3 - Include perForms Mambo Component 1.0 - Remote File Inclusion com_hashcash Mambo Component 1.2.1 - Include HTMLArea3 Mambo Module 1.5 - Remote File Inclusion Sitemap Mambo Component 2.0.0 - Remote File Inclusion pollxt Mambo Component 1.22.07 - Remote File Inclusion MiniBB Mambo Component 1.5a - Remote File Inclusion Mambo Component com_videodb 0.3en - Remote File Inclusion Mambo Component SMF Forum 1.3.1.3 - Remote File Inclusion Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion Mambo Component com_loudmouth 4.0j - Remote File Inclusion Mambo Component pc_cookbook 0.3 - Remote File Inclusion Mambo Component perForms 1.0 - Remote File Inclusion Mambo Component com_hashcash 1.2.1 - Remote File Inclusion Mambo Module HTMLArea3 1.5 - Remote File Inclusion Mambo Component Sitemap 2.0.0 - Remote File Inclusion Mambo Component pollxt 1.22.07 - Remote File Inclusion Mambo Component MiniBB 1.5a - Remote File Inclusion MoSpray Mambo Component 18RC1 - Remote File Inclusion Mambo Component MoSpray 18RC1 - Remote File Inclusion Mam-Moodle Mambo Component alpha - Remote File Inclusion Mambo Component Mam-Moodle alpha - Remote File Inclusion multibanners Mambo Component 1.0.1 - Remote File Inclusion Mambo Component multibanners 1.0.1 - Remote File Inclusion PrinceClan Chess Mambo Com 0.8 - Remote File Inclusion Mambo Component PrinceClan Chess 0.8 - Remote File Inclusion a6mambohelpdesk Mambo Component 18RC1 - Include Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion Mambo Security Images Component 3.0.5 - Inclusion Mambo MGM Component 0.95r2 - Remote File Inclusion Mambo Colophon Component 1.2 - Remote File Inclusion Mambo mambatStaff Component 3.1b - Remote File Inclusion Mambo Component Security Images 3.0.5 - Inclusion Mambo Component MGM 0.95r2 - Remote File Inclusion Mambo Component 'com_colophon' 1.2 - Remote File Inclusion Mambo Component mambatStaff 3.1b - Remote File Inclusion Mambo User Home Pages Component 0.5 - Remote File Inclusion Mambo Component User Home Pages 0.5 - Remote File Inclusion Mambo Remository Component 3.25 - Remote File Inclusion Mambo Component Remository 3.25 - Remote File Inclusion Mambo mmp Component 1.2 - Remote File Inclusion Mambo Component MMP 1.2 - Remote File Inclusion Mambo Peoplebook Component 1.0 - Remote File Inclusion Mambo Component Peoplebook 1.0 - Remote File Inclusion Mambo CopperminePhotoGalery Component - Remote File Inclusion Mambo Component CopperminePhotoGalery - Remote File Inclusion Mambo mambelfish Component 1.1 - Remote File Inclusion Mambo Component mambelfish 1.1 - Remote File Inclusion Mambo phpShop Component 1.2 RC2b - File Inclusion Mambo a6mambocredits Component 1.0.0 - File Inclusion Mambo Component 'com_phpshop' 1.2 RC2b - File Inclusion Mambo Component 'com_a6mambocredits' 1.0.0 - File Inclusion Mambo MamboWiki Component 0.9.6 - Remote File Inclusion Mambo Component MamboWiki 0.9.6 - Remote File Inclusion Mambo cropimage Component 1.0 - Remote File Inclusion Mambo Component cropimage 1.0 - Remote File Inclusion Mambo com_lurm_constructor Component 0.6b - Include Mambo Component com_lurm_constructor 0.6b - Remote File Inclusion mambo com_babackup Component 1.1 - File Inclusion Mambo Component com_babackup 1.1 - File Inclusion Mambo com_serverstat Component 0.4.4 - File Inclusion Mambo Component com_serverstat 0.4.4 - File Inclusion Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Include Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion Mambo com_registration_detailed 4.1 - Remote File Inclusion Mambo Component com_registration_detailed 4.1 - Remote File Inclusion MambWeather Mambo Module 1.8.1 - Remote File Inclusion Mambo Module MambWeather 1.8.1 - Remote File Inclusion com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure Mambo Component com_flyspray <= 1.0.1 - Remote File Disclosure Serendipity 1.0.3 - 'comment.php' Local File Inclusion S9Y Serendipity 1.0.3 - 'comment.php' Local File Inclusion Hewlett-Packard FTP Print Server 2.4.5 - Buffer Overflow (PoC) Hewlett-Packard (HP) FTP Print Server 2.4.5 - Buffer Overflow (PoC) mambo Component nfnaddressbook 0.4 - Remote File Inclusion Mambo Component nfnaddressbook 0.4 - Remote File Inclusion Joomla! / Mambo Component SWmenuFree 4.0 - Remote File Inclusion Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion Irfanview 3.99 - '.ani' Local Buffer Overflow (1) IrfanView 3.99 - '.ani' Local Buffer Overflow (1) Irfanview 3.99 - '.ani' Local Buffer Overflow (2) IrfanView 3.99 - '.ani' Local Buffer Overflow (2) Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion Joomla! / Mambo Component article 1.1 - Remote File Inclusion Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion Irfanview 4.00 - '.iff' Buffer Overflow IrfanView 4.00 - '.iff' Buffer Overflow Mambo com_yanc 1.4 Beta - 'id' SQL Injection Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' SQL Injection Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection Irfanview 4.10 - '.fpx' Memory Corruption IrfanView 4.10 - '.fpx' Memory Corruption Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection Mambo 'com_fq' - 'listid' Parameter SQL Injection Mambo 'com_mamml' - 'listid' Parameter SQL Injection Mambo Component Glossary 2.0 - 'catid' SQL Injection Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection Mambo Component 'com_fq' - 'listid' Parameter SQL Injection Mambo Component 'com_mamml' - 'listid' Parameter SQL Injection Mambo Component 'com_glossary' 2.0 - 'catid' SQL Injection Mambo Component AkoGallery 2.5b - SQL Injection Mambo Component Catalogshop 1.0b1 - SQL Injection Mambo Component 'com_akogallery' 2.5b - SQL Injection Mambo Component 'com_catalogshop' 1.0b1 - SQL Injection Mambo Component Awesom 0.3.2 - (listid) SQL Injection Mambo Component 'com_awesom' 0.3.2 - (listid) SQL Injection Mambo Component Portfolio 1.0 - 'categoryId' SQL Injection Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection Mambo Component accombo 1.x - 'id' SQL Injection Mambo Component 'com_accombo' 1.x - 'id' SQL Injection Mambo Component ahsShop 1.51 - (vara) SQL Injection Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection Mambo Component Galleries 1.0 - (aid) SQL Injection Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection Mambo 4.6.4 - (Output.php) Remote File Inclusion Mambo 4.6.4 - 'Output.php' Remote File Inclusion Mambo Component Articles - (artid) Blind SQL Injection Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection Mambo Component n-gallery - Multiple SQL Injections Mambo Component 'com_n-gallery' - Multiple SQL Injections Irfanview 3.99 - IFF File Local Stack Buffer Overflow IrfanView 3.99 - '.IFF' File Local Stack Buffer Overflow Mambo Component n-form - (form_id) Blind SQL Injection Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection Mambo com_sim 0.8 - Blind SQL Injection Mambo Component 'com_sim' 0.8 - Blind SQL Injection Mambo Component com_hestar - SQL Injection Mambo Component 'com_hestar' - SQL Injection Mambo com_koesubmit 1.0.0 - Remote File Inclusion Mambo Component com_koesubmit 1.0.0 - Remote File Inclusion Joomla! / Mambo Component Tupinambis - SQL Injection Joomla! / Mambo Component 'com_tupinambis' - SQL Injection Joomla! / Mambo Component com_ezine 2.1 - Remote File Inclusion Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion Mambo Component Material Suche 1.0 - SQL Injection Mambo Component 'com_materialsuche' 1.0 - SQL Injection Mambo com_akogallery - SQL Injection Mambo Component 'com_akogallery' - SQL Injection Mambo Component com_acnews - [id] SQL Injection Mambo Component 'com_acnews' - 'id' Parameter SQL Injection Mambo Component com_mambads - SQL Injection Mambo Component 'com_mambads' - SQL Injection Rumba ftp Client 4.2 - PASV Buffer Overflow (SEH) Rumba FTP Client 4.2 - PASV Buffer Overflow (SEH) Serendipity 1.5.4 - Arbitrary File Upload S9Y Serendipity 1.5.4 - Arbitrary File Upload Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service IrfanView 4.27 - 'JP2000.dll' plugin Denial of Service Irfanview 4.28 - Multiple Denial of Service Vulnerabilities IrfanView 4.28 - Multiple Denial of Service Vulnerabilities Irfanview 4.28 - ICO With Transparent Colour Denial of Service & RDenial of Service Irfanview 4.28 - ICO Without Transparent Colour Denial of Service & RDenial of Service IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit) Mambo CMS 4.6.x - (4.6.5) SQL Injection Mambo 4.6.x < 4.6.5 - SQL Injection Mambo CMS 4.x - (Zorder) SQL Injection Mambo 4.x - 'Zorder' SQL Injection Irfanview - '.tiff' Image Processing Buffer Overflow IrfanView - '.tiff' Image Processing Buffer Overflow Irfanview FlashPix PlugIn - Double-Free IrfanView FlashPix PlugIn - Double-Free Irfanview FlashPix PlugIn - Decompression Heap Overflow IrfanView FlashPix PlugIn - Decompression Heap Overflow Serendipity 1.6 - Backend Cross-Site Scripting / SQL Injection S9Y Serendipity 1.6 - (Backend) Cross-Site Scripting / SQL Injection Irfanview 4.33 - Format PlugIn ECW Decompression Heap Overflow IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow Irfanview 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow IrfanView 4.33 - Format PlugIn .TTF File Parsing Stack Based Overflow Irfanview 4.33 - '.DJVU' Image Processing Heap Overflow IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow Irfanview JLS Formats PlugIn - Heap Overflow IrfanView JLS Formats PlugIn - Heap Overflow Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit) IrfanView JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit) Irfan Skiljan IrfanView32 3.0.7 - Image File Buffer Overflow IrfanView32 3.0.7 - Image File Buffer Overflow Joomla! Component Event Booking 2.10.1 - SQL Injection Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla! Component 'com_videogallerylite' 1.0.9 - SQL Injection Irfanview - '.RLE' Image Decompression Buffer Overflow Irfanview - '.TIF' Image Decompression Buffer Overflow IrfanView - '.RLE' Image Decompression Buffer Overflow IrfanView - '.TIF' Image Decompression Buffer Overflow Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution IrfanView 4.33 - 'IMXCF.dll' Plugin Code Execution Serendipity 0.x - exit.php HTTP Response Splitting S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting PCMan FTP Server 2.07 - PASS Command Buffer Overflow PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow PCMan FTP Server 2.07 - STOR Command Buffer Overflow PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH) freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow Joomla! Component VirtueMart 2.0.22a - SQL Injection Joomla! Component 'com_virtuemart' 2.0.22a - SQL Injection phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusion Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit) PCMan FTP Server 2.07 - 'STOR' Command Stack Overflow (Metasploit) Irfanview 3.98 - '.ANI' Image File Denial of Service IrfanView 3.98 - '.ANI' Image File Denial of Service Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion Mambo Component Reporter 1.0 - 'Reporter.sql.php' Remote File Inclusion Mambo LMTG Myhomepage 1.2 Component - Multiple Remote File Inclusion Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion Mambo Display MOSBot Manager Component - MosConfig_absolute_path Remote File Inclusion Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion Mambo EstateAgent 1.0.2 Component - MosConfig_absolute_path Remote File Inclusion Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion Joomla! / Mambo Component Com_comprofiler 1.0 - class.php Remote File Inclusion Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion Hewlett-Packard 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery Hewlett-Packard (HP) 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery Mambo MostlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion Mambo Module MOStlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion Irfanview 3.99 - Multiple BMP Denial of Service Vulnerabilities IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities Joomla! / Mambo Component Mod_Forum - PHPBB_Root.php Remote File Inclusion Joomla! / Mambo Component Mod_Forum - 'PHPBB_Root.php' Remote File Inclusion Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting Mambo Module MOStlyCE 2.4 - 'connector.php' Cross-Site Scripting Mambo MOStlyCE Module 2.4 Image Manager Utility - Arbitrary File Upload Mambo Module MOStlyCE 2.4 Image Manager Utility - Arbitrary File Upload Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting S9Y Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting Joomla! Extension Komento 1.7.2 - Persistent Cross-Site Scripting Joomla! Extension JV Comment 3.0.2 - (index.php id Parameter) SQL Injection Joomla! Component 'com_komento' 1.7.2 - Persistent Cross-Site Scripting Joomla! Component 'com_jvcomment' 3.0.2 - 'id' Parameter SQL Injection Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection Joomla! / Mambo Component com_filebase - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection PCMan FTP Server 2.07 - ABOR Command Buffer Overflow PCMan FTP Server 2.07 - CWD Command Buffer Overflow PCMan FTP Server 2.07 - 'ABOR' Command Buffer Overflow PCMan FTP Server 2.07 - 'CWD' Command Buffer Overflow Joomla! Component JomSocial 2.6 - Code Execution Joomla! Component 'com_community' 2.6 - Code Execution Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities S9Y Serendipity 1.7.5 - (Backend) Multiple Vulnerabilities Joomla! / Mambo Component Joomlaearn Lms - 'cat' Parameter SQL Injection Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection Joomla! Component YouTube Gallery - SQL Injection Joomla! Component 'com_youtubegallery' - SQL Injection Joomla! Component Spider Form Maker 3.4 - SQL Injection Joomla! Component 'com_formmaker' 3.4 - SQL Injection Joomla! Component Spider Calendar 3.2.6 - SQL Injection Joomla! Component 'com_spidercalendar' 3.2.6 - SQL Injection Joomla! Component Spider Contacts 1.3.6 - (index.php contacts_id Parameter)SQL Injection Joomla! Component 'com_spidercontacts' 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component Face Gallery 1.0 - Multiple Vulnerabilities Joomla! Component Mac Gallery 1.5 - Arbitrary File Download Joomla! Component 'com_facegallery' 1.0 - Multiple Vulnerabilities Joomla! Component 'com_macgallery' 1.5 - Arbitrary File Download Joomla! Component HD FLV Player < 2.1.0.1 - SQL Injection Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - SQL Injection Joomla! Component HD FLV Player < 2.1.0.1 - Arbitrary File Download Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - Arbitrary File Download Mambo - 'com_docman' 1.3.0 Component Multiple SQL Injection Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting Mambo CMS 4.6.x - Multiple Cross-Site Scripting Vulnerabilities Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities Hewlett-Packard UCMDB - JMX-Console Authentication Bypass Hewlett-Packard (HP) UCMDB - JMX-Console Authentication Bypass PCMan FTP Server 2.0.7 - Buffer Overflow MKD Command PCMan FTP Server 2.0.7 - 'MKD' Command Buffer Overflow Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery Mambo 4.6.5 - 'index.php' Cross-Site Request Forgery Serendipity 1.5.1 - 'research_display.php' SQL Injection S9Y Serendipity 1.5.1 - 'research_display.php' SQL Injection Mambo CMS N-Skyrslur - Cross-Site Scripting Mambo Component 'com_n-skyrslur' - Cross-Site Scripting Mambo CMS N-Gallery Component - SQL Injection Mambo CMS AHS Shop Component - SQL Injection Mambo Component 'com_n-gallery' - SQL Injection Mambo Component 'com_ahsshop' - SQL Injection Mambo CMS N-Press Component - SQL Injection Mambo Component 'com_n-press' - SQL Injection Mambo CMS N-Frettir Component - SQL Injection Mambo CMS N-Myndir Component - SQL Injection Mambo Component 'com_n-frettir' - SQL Injection Mambo Component 'com_n-myndir' - SQL Injection Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting S9Y Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting Joomla! Component Simple Photo Gallery 1.0 - Arbitrary File Upload Joomla! Component 'com_simplephotogallery' 1.0 - Arbitrary File Upload Joomla! Component Simple Photo Gallery 1.0 - SQL Injection Joomla! Component 'com_simplephotogallery' 1.0 - SQL Injection Joomla! Plugin eCommerce-WD 1.2.5 - SQL Injection Joomla! Component 'com_ecommercewd' 1.2.5 - SQL Injection Joomla! Component Spider FAQ - SQL Injection Joomla! Component 'com_spiderfaq' - SQL Injection Joomla! Component Gallery WD - SQL Injection Joomla! Component Contact Form Maker 1.0.1 - SQL Injection Joomla! Component 'com_gallery_wd' - SQL Injection Joomla! Component 'com_contactformmaker' 1.0.1 - SQL Injection Joomla! Component Spider Random Article - SQL Injection Joomla! Component 'com_rand' - SQL Injection Joomla! Component SimpleImageUpload - Arbitrary File Upload Joomla! Component 'com_simpleimageupload' - Arbitrary File Upload Joomla! Component DOCman - Multiple Vulnerabilities Joomla! Component 'com_docman' - Multiple Vulnerabilities Joomla! Plugin Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities Joomla! Component 'com_helpdeskpro' < 1.4.0 - Multiple Vulnerabilities PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow PCMan FTP Server 2.0.7 - 'PUT' Command Buffer Overflow Joomla! Component Event Manager 2.1.4 - Multiple Vulnerabilities Joomla! Component 'com_jem' 2.1.4 - Multiple Vulnerabilities Joomla! Component com_memorix - SQL Injection Joomla! Component com_informations - SQL Injection Joomla! Component 'com_memorix' - SQL Injection Joomla! Component 'com_informations' - SQL Injection PCMan FTP Server 2.0.7 - GET Command Buffer Overflow PCMan FTP Server 2.0.7 - 'GET' Command Buffer Overflow PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow Joomla! Component Real Estate Manager 3.7 - SQL Injection Joomla! Component 'com_realestatemanager' 3.7 - SQL Injection Joomla! Extension Realtyna RPL 8.9.2 - Multiple SQL Injections Joomla! Extension Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Joomla! Component 'com_rpl' 8.9.2 - Multiple SQL Injections Joomla! Component 'com_rpl' 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Joomla! Component JNews (com_jnews) 8.5.1 - SQL Injection Joomla! Component 'com_jnews' 8.5.1 - SQL Injection Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting S9Y Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting Joomla! Component JVideoClip - 'uid' Parameter SQL Injection Joomla! Component 'com_jvideoclip' - 'uid' Parameter SQL Injection Joomla! Component Content History - SQL Injection / Remote Code Execution (Metasploit) Joomla! Component 'com_contenthistory' - SQL Injection / Remote Code Execution (Metasploit) Joomla! Component Maian15 - 'name' Parameter Arbitrary File Upload Joomla! Component 'com_maian15' - 'name' Parameter Arbitrary File Upload Joomla! Component Aclsfgpl - 'index.php' Arbitrary File Upload Joomla! Component 'com_aclsfgpl' - 'index.php' Arbitrary File Upload Joomla! Component Wire Immogest - 'index.php' SQL Injection Joomla! Component 'com_wire_immogest' - 'index.php' SQL Injection Joomla! Component Almond Classifieds - Arbitrary File Upload Joomla! Component 'com_aclassfb' - Arbitrary File Upload Joomla! Extension Sexy Polling - 'answer_id' Parameter SQL Injection Joomla! Component 'com_sexypolling' - 'answer_id' Parameter SQL Injection Joomla! 1.5 < 3.4.5 - Object Injection x-forwarded-for Header Remote Code Execution Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution Joomla! Plugin Projoom NovaSFH - 'upload.php' Arbitrary File Upload Joomla! Component 'com_novasfh' - 'upload.php' Arbitrary File Upload Joomla! Component Inneradmission - 'index.php' SQL Injection Joomla! Component 'com_inneradmission' - 'index.php' SQL Injection Joomla! Extension Spider Video Player - 'theme' Parameter SQL Injection Joomla! Component 'spidervideoplayer' - 'theme' Parameter SQL Injection Joomla! Extension JSN Poweradmin 2.3.0 - Multiple Vulnerabilities Joomla! Component 'com_poweradmin' 2.3.0 - Multiple Vulnerabilities Joomla! Component Easy YouTube Gallery 1.0.2 - SQL Injection Joomla! Component 'com_easy_youtube_gallery' 1.0.2 - SQL Injection PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow (Metasploit) Joomla! Extension SecurityCheck 2.8.9 - Multiple Vulnerabilities Joomla! Component 'SecurityCheck' 2.8.9 - Multiple Vulnerabilities Joomla! Extension PayPlans (com_payplans) 3.3.6 - SQL Injection Joomla! Component 'com_payplans' 3.3.6 - SQL Injection Joomla! Component En Masse (com_enmasse) 5.1 < 6.4 - SQL Injection Joomla! Component 'com_enmasse' 5.1 < 6.4 - SQL Injection Joomla! Component BT Media (com_bt_media) - SQL Injection Joomla! Component 'com_bt_media' - SQL Injection Joomla! Component Publisher Pro (com_publisher) - SQL Injection Joomla! Component 'com_publisher' - SQL Injection Joomla! Component Guru Pro (com_guru) - SQL Injection PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit) Joomla! Component 'com_guru' - SQL Injection PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit) Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097) Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) Microsoft Windows - GDI+ DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097) Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097) Microsoft Windows - GDI+ EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) Microsoft Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) freeFTPd 1.0.8 - 'mkd' Command Denial Of Service Micro Focus Rumba 9.4 - Local Denial Of Service Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow S9Y Serendipity 2.0.4 - Cross-Site Scripting Rumba FTP Client 4.x - Stack buffer overflow (SEH) Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free OS X/iOS Kernel - IOSurface Use-After-Free OS X/iOS - mach_ports_register Multiple Memory Safety Issues NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths Privilege Escalation NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d NVIDIA Driver - No Bounds Checking in Escape 0x7000194 NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x600000D NVIDIA Driver - NvStreamKms Stack Buffer Overflow in PsSetCreateProcessNotifyRoutineEx Callback Privilege Escalation NVIDIA Driver - Escape 0x100010b Missing Bounds Check NVIDIA Driver - No Bounds Checking in Escape 0x7000170 NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027 NVIDIA Driver - Incorrect Bounds Check in Escape 0x70001b2 NVIDIA Driver - Missing Bounds Check in Escape 0x100009a NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5 NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014 NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9 MacOS 10.12 - 'task_t' Privilege Escalation PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow	2016-11-01 05:01:18 +00:00
Offensive Security	d97b4f7c48	DB: 2016-10-28	2016-10-28 11:54:09 +00:00
Offensive Security	da85686a94	DB: 2016-10-28 6 new exploits Real Server < 8.0.2 - Remote Exploit (Windows Platforms) RealServer < 8.0.2 - Remote Exploit (Windows Platforms) OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh) OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident CdRecord 2.0 - Mandrake Privilege Escalation CDRTools CDRecord 2.0 - Mandrake Privilege Escalation LeapFTP 2.7.x - Remote Buffer Overflow LeapWare LeapFTP 2.7.x - Remote Buffer Overflow GNU Cfengine 2.-2.0.3 - Remote Stack Overflow GNU CFEngine 2.-2.0.3 - Remote Stack Overflow IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP) IPSwitch IMail LDAP Daemon - Remote Buffer Overflow Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow IPSwitch IMail LDAP Daemon/Service - Buffer Overflow RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow Traceroute - Privilege Escalation LBL Traceroute - Privilege Escalation Perl (Redhat 6.2) - Restore and Dump Local Exploit Redhat 6.2 Restore and Dump - Local Exploit (Perl) HP-UX 11.00/10.20 - crontab Overwrite Files Exploit Solaris/SPARC 2.7 / 7 - locale Format String HP-UX 11.00/10.20 crontab - Overwrite Files Exploit Solaris/SPARC 2.7 / 7 locale - Format String Solaris - locale Format Strings (noexec stack) Exploit Solaris locale - Format Strings (noexec stack) Exploit glibc - locale bug mount Exploit GLIBC locale - bug mount Exploit Red Hat 6.2 xsoldier-0.96 - Exploit Red Hat 6.2 xsoldier 0.96 - Exploit OpenBSD 2.6 / 2.7 ftpd - Remote Exploit OpenBSD ftpd 2.6 / 2.7 - Remote Exploit GLIBC - Locale Format Strings Exploit GLIBC locale - Format Strings Exploit IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit SquirrelMail - chpasswd Buffer Overflow SquirrelMail - 'chpasswd' Buffer Overflow rlpr 2.04 - msg() Remote Format String Rlpr 2.04 - msg() Remote Format String Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit IRIX - Multiple Buffer Overflows (LsD) SGI IRIX - Multiple Buffer Overflows (LsD) IRIX - /bin/login Local Buffer Overflow SGI IRIX - /bin/login Local Buffer Overflow Solaris 2.4 - passwd & yppasswd & nispasswd Overflows Solaris 2.4 passwd / yppasswd / nispasswd - Overflows BlackJumboDog - Remote Buffer Overflow BlackJumboDog FTP Server - Remote Buffer Overflow Ollydbg 1.10 - Format String OllyDbg 1.10 - Format String SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit) SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit) CDRecord - '$RSH' exec() SUID Shell Creation CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow HP-UX 11.0/11.11 swxxx - Privilege Escalation HP-UX 11.0/11.11 - swxxx Privilege Escalation Zinf 2.2.1 - Local Buffer Overflow Zinf Audio Player 2.2.1 - Local Buffer Overflow ShixxNote 6.net - Remote Buffer Overflow ShixxNOTE 6.net - Remote Buffer Overflow MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow MailCarrier 2.51 - Remote Buffer Overflow SLMail 5.5 - POP3 PASS Buffer Overflow TABS MailCarrier 2.51 - Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow eZshopper - 'loadpage.cgi' Directory Traversal Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2) Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002) Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support) Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow Knet 1.04c - Buffer Overflow Denial of Service KNet Web Server 1.04c - Buffer Overflow Denial of Service Einstein 1.01 - Local Password Disclosure (asm) Einstein 1.01 - Local Password Disclosure (ASM) RealPlayer 10 - '.smil' Local Buffer Overflow RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2) phpBB 2.0.12 - Session Handling Authentication Bypass UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection xmlrpc.php Library 1.3.0 - Remote Command Execution (2) xmlrpc.php Library 1.3.0 - Remote Command Execution (3) XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2) XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3) wMailServer 1.0 - Remote Denial of Service SoftiaCom wMailServer 1.0 - Remote Denial of Service ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) BusinessMail 4.60.00 - Remote Buffer Overflow BusinessMail Server 4.60.00 - Remote Buffer Overflow WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit) Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit) Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid) Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid) Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow CA iGateway - (debug mode) Remote Buffer Overflow CA iTechnology iGateway - (debug mode) Remote Buffer Overflow Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC) Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit) KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit) Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp) KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp) Zorum Forum 3.5 - (rollid) SQL Injection Zorum Forum 3.5 - 'rollid' SQL Injection SaphpLesson 2.0 - (forumid) SQL Injection saPHP Lesson 2.0 - (forumid) SQL Injection zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service Zix Forum 1.12 - (layid) SQL Injection Zix Forum 1.12 - 'layid' SQL Injection QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion Indexu 5.0.1 - (admin_template_path) Remote File Inclusion SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion Solaris 10 - sysinfo() Local Kernel Memory Disclosure Solaris 10 sysinfo() - Local Kernel Memory Disclosure SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion WFTPD 3.23 - (SIZE) Remote Buffer Overflow Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC) Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC) Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl) Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl) PHPMyWebmin 1.0 - (window.php) Remote File Inclusion phpMyWebmin 1.0 - (window.php) Remote File Inclusion VideoDB 2.2.1 - (pdf.php) Remote File Inclusion VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion Microsoft Office 2003 - PPT Local Buffer Overflow (PoC) Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC) Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - Constructor Privilege Escalation Solaris 10 (libnspr) - Constructor Privilege Escalation Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service 3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC) 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC) 3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC) BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC) AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit Irokez CMS 0.7.1 - Multiple Remote File Inclusion Irokez Blog 0.7.1 - Multiple Remote File Inclusion PHP-update 2.7 - Multiple Vulnerabilities PHP-Update 2.7 - Multiple Vulnerabilities Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) TFTPDWIN 0.4.2 - Remote Buffer Overflow ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow 3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit) FdScript 1.3.2 - 'download.php' Remote File Disclosure FD Script 1.3.2 - 'download.php' Remote File Disclosure Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit) Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit) SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass ZebraFeeds 1.0 - (zf_path) Remote File Inclusion ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow MailEnable Professional 2.35 - Remote Buffer Overflow MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit) Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2) Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2) 3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl) madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow 3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl) Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow TFTPDWIN Server 0.4.2 - (UDP) Denial of Service ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service NetVios Portal - 'page.asp' SQL Injection NetVIOS Portal - 'page.asp' SQL Injection Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow Microsoft Windows GDI - Privilege Escalation (MS07-017) (1) Microsoft Windows - GDI Privilege Escalation (MS07-017) (1) qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Microsoft Windows GDI - Privilege Escalation (MS07-017) (2) Microsoft Windows - GDI Privilege Escalation (MS07-017) (2) Zomplog 3.8 - (force_download.php) Remote File Disclosure Zomplog 3.8 - 'force_download.php' Remote File Disclosure Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC) Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003) Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1) UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2) Microsoft Windows GDI+ - ICO File Remote Denial of Service Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service Safari 3 for Windows Beta - Remote Command Execution (PoC) Apple Safari 3 for Windows Beta - Remote Command Execution (PoC) YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection Oracle 9i/10g Evil Views - Change Passwords Exploit Oracle 9i/10g - Evil Views Change Passwords Exploit Savant 3.1 - GET Request Remote Overflow (Universal) Savant Web Server 3.1 - GET Request Remote Overflow (Universal) Easy Chat Server 2.2 - Remote Denial of Service EFS Easy Chat Server 2.2 - Remote Denial of Service Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite Thomson SIP phone ST 2030 - Remote Denial of Service Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service MSN messenger 7.x (8.0?) - Video Remote Heap Overflow Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow MDPro 1.0.76 - SQL Injection MD-Pro 1.0.76 - SQL Injection ZZ FlashChat 3.1 - (help.php) Local File Inclusion ZZ FlashChat 3.1 - 'help.php' Local File Inclusion PHP-AGTC membership system 1.1a - Remote Add Admin PHP-AGTC Membership System 1.1a - Remote Add Admin Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion badblue 2.72b - Multiple Vulnerabilities BadBlue 2.72b - Multiple Vulnerabilities SquirrelMail G/PGP Plugin - deletekey() Command Injection SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection hp software update client 3.0.8.4 - Multiple Vulnerabilities HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC) QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC) Gradman 0.1.3 - (agregar_info.php) Local File Inclusion Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities Mini File Host 1.2 - (upload.php language) Local File Inclusion Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service Mini File Host 1.2 - 'language' Parameter Local File Inclusion Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service Gradman 0.1.3 - (info.php tabla) Local File Inclusion Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Gradman 0.1.3 - 'info.php' Local File Inclusion Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion Frimousse 0.0.2 - explorerdir.php Local Directory Traversal 360 Web Manager 3.0 - (IDFM) SQL Injection bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal 360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection bloofox 0.3 - SQL Injection / File Disclosure Mooseguy Blog System 1.0 - (blog.php month) SQL Injection Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection IDM-OS 1.0 - (download.php Filename) File Disclosure IDM-OS 1.0 - 'Filename' Parameter File Disclosure MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit aflog 1.01 - Cross-Site Scripting / SQL Injection Easysitenetwork Recipe - 'categoryId' SQL Injection Coppermine Photo Gallery 1.4.14 - SQL Injection Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection Coppermine Photo Gallery 1.4.10 - SQL Injection web wiz rich text editor 4.0 - Multiple Vulnerabilities Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure Joomla! Component Marketplace 1.1.1 - SQL Injection Joomla! Component com_Marketplace 1.1.1 - SQL Injection ASPapp - 'links.asp CatId' SQL Injection ASPapp Knowledge Base - 'links.asp CatId' SQL Injection ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit Quick TFTP Pro 2.1 - Remote SEH Overflow Quick TFTP Server Pro 2.1 - Remote SEH Overflow Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016) Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016) HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC) Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC) Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow hp openview nnm 7.53 - Multiple Vulnerabilities HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities PHPKB 1.5 Knowledge Base - 'ID' SQL Injection PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021) Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021) HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ZeusCart 2.0 - (category_list.php) SQL Injection ZeusCart 2.0 - 'category_list.php' SQL Injection Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin Zomplog 3.8.2 - (force_download.php) File Disclosure Zomplog 3.8.2 - 'force_download.php' File Disclosure PHP AGTC-Membership System 1.1a - Arbitrary Add Admin PHP-AGTC Membership System 1.1a - Arbitrary Add Admin PHP Booking Calendar 10 d - SQL Injection phpBookingCalendar 10 d - SQL Injection SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC) Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC) Yuhhu 2008 SuperStar - (board) SQL Injection Yuhhu 2008 SuperStar - 'board' SQL Injection gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow trixbox - (langChoice) Local File Inclusion (connect-back) (2) Trixbox - (langChoice) Local File Inclusion (connect-back) (2) Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities z-breaknews 2.0 - (single.php) SQL Injection z-breaknews 2.0 - 'single.php' SQL Injection Ultra Office - ActiveX Control Remote Buffer Overflow Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC) Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC) phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Zanfi CMS lite / Jaw Portal free - (page) SQL Injection phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021) Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021) opennms < 1.5.96 - Multiple Vulnerabilities OpenNMS < 1.5.96 - Multiple Vulnerabilities yerba sacphp 6.3 - Multiple Vulnerabilities Yerba SACphp 6.3 - Multiple Vulnerabilities Microsoft Windows GDI+ - PoC (MS08-052) (2) Microsoft Windows - GDI+ PoC (MS08-052) (2) zeeproperty - (adid) SQL Injection zeeproperty - 'adid' SQL Injection TUGzip 3.00 archiver - '.zip' Local Buffer Overflow TugZip 3.00 Archiver - '.zip' Local Buffer Overflow AJ ARTICLE - 'featured_article.php mode' SQL Injection AJ Article - 'featured_article.php mode' SQL Injection Article Publisher PRO 1.5 - Insecure Cookie Handling Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling YourFreeWorld Classifieds - (category) SQL Injection YourFreeWorld Classifieds - 'category' SQL Injection PG Roomate Finder Solution - (Authentication Bypass) SQL Injection Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC) Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC) asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC) Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC) ProFTPd with mod_mysql - Authentication Bypass ProFTPd - 'mod_mysql' Authentication Bypass ppim 1.0 - Multiple Vulnerabilities pPIM 1.0 - Multiple Vulnerabilities Orbit 2.8.4 - Long Hostname Remote Buffer Overflow Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH) Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH) Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC) Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC) bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities Racer 0.5.3b5 - Remote Stack Buffer Overflow Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution Online Guestbook Pro - (display) Blind SQL Injection Esoftpro Online Guestbook Pro - (display) Blind SQL Injection tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ZaoCMS - (user_id) SQL Injection ZaoCMS - 'user_id' SQL Injection Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC) Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC) ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection WebBoard 2.90 Beta - Remote File Disclosure 212Cafe WebBoard 2.90 Beta - Remote File Disclosure ZeusCart 2.3 - (maincatid) SQL Injection ZeusCart 2.3 - 'maincatid' SQL Injection DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC) Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC) OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC) Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC) DD-WRT - (httpd service) Remote Command Execution DD-WRT HTTPd Daemon/Service - Remote Command Execution GLinks 2.1 - (cat) Blind SQL Injection Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH) Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH) Payment Processor Script - 'shop.htm cid' SQL Injection Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) BandCMS 0.10 - news.php Multiple SQL Injection Rock Band CMS 0.10 - news.php Multiple SQL Injection Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Eureka Mail Client 2.2q - PoC Buffer Overflow Eureka Email Client 2.2q - PoC Buffer Overflow Solaris 8.0 - LPD Command Execution (Metasploit) Solaris 8.0 LPD - Command Execution (Metasploit) Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit) Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit) Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit) Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit) ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit) NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit) Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit) PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit) BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow Dopewars 1.5.12 Server - Denial of Service Dopewars Server 1.5.12 - Denial of Service Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit) Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit) HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit) Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit) Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution HP Power Manager Administration - Universal Buffer Overflow Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service HP Openview NNM 7.53 - Invalid DB Error Code HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery Eureka Mail Client - Remote Buffer Overflow Eureka Email Client - Remote Buffer Overflow IDEAL Administration 2009 9.7 - Local Buffer Overflow PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow phpshop 0.8.1 - Multiple Vulnerabilities phpShop 0.8.1 - Multiple Vulnerabilities IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow DigitalHive - Multiple Vulnerabilities Digital Hive - Multiple Vulnerabilities zabbix server - Multiple Vulnerabilities Zabbix Server - Multiple Vulnerabilities freekot - (Authentication Bypass) SQL Injection Digiappz Freekot - (Authentication Bypass) SQL Injection TFTP Daemon 1.9 - Denial of Service Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service B2B Trading Marketplace - SQL Injection SoftBiz B2B trading Marketplace Script - SQL Injection Mini-stream - Windows XP SP2 and SP3 Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service iTunes 9.0.1 - '.pls' Handling Buffer Overflow Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC) Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service bild flirt system 2.0 - 'index.php' 'id' SQL Injection Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) iOS Safari - Bad 'VML' Remote Denial of Service iOS Safari - Remote Denial of Service Apple iOS Safari - Bad 'VML' Remote Denial of Service Apple iOS Safari - Remote Denial of Service HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow Adobe Reader - Escape From PDF Adobe Reader - Escape From '.PDF' TugZip 3.5 - '.ZIP' File Buffer Overflow TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow Joomla! Component jp_jobs - SQL Injection Joomla! Component com_jp_jobs - SQL Injection Joomla! Component QPersonel - SQL Injection Joomla! Component com_QPersonel - SQL Injection Bild Flirt 1.0 - SQL Injection Bild Flirt System 1.0 - SQL Injection Safari 4.0.5 - (531.22.7) Denial of Service Apple Safari 4.0.5 - (531.22.7) Denial of Service Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service Safari 4.0.3 / 4.0.4 - Stack Exhaustion Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion 724CMS Enterprise 4.59 - SQL Injection PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections 724CMS 4.59 Enterprise - SQL Injection PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections Joomla! Component JE Job - Local File Inclusion Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass) Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass) Joomla! Component com_jejob 1.0 - 'catid' SQL Injection Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service Office^2 iPhone - XLS Denial of Service GoodiWare GoodReader iPhone - XLS Denial of Service Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service Office^2 iPhone - '.XLS' Denial of Service GoodiWare GoodReader iPhone - '.XLS' Denial of Service Yamamah (news) - SQL Injection / Source Code Disclosure Yamamah - 'news' SQL Injection / Source Code Disclosure Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities YPNinc JokeScript - (ypncat_id) SQL Injection YPNinc JokeScript - 'ypncat_id' SQL Injection YPNinc PHP Realty Script - (docID) SQL Injection YPNinc PHP Realty Script - 'docID' SQL Injection HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) Safari Browser 4.0.2 - Clickjacking Apple Safari 4.0.2 - Clickjacking Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7' Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7) Apple iOS - pdf Jailbreak Exploit Apple iOS - '.pdf' Jailbreak Exploit HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit) AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit) DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow FatPlayer 0.6b - '.wav' Buffer Overflow (SEH) Fat Player 0.6b - '.wav' Buffer Overflow (SEH) CubeCart 2.0.1 - SQL Injection Brooky CubeCart 2.0.1 - SQL Injection DATAC RealWin SCADA 1.06 - Buffer Overflow DATAC RealWin SCADA Server 1.06 - Buffer Overflow pilot cart 7.3 - Multiple Vulnerabilities ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities Mp3-Nator 2.0 - Buffer Overflow (SEH) MP3-Nator 2.0 - Buffer Overflow (SEH) Safari 5.02 - Stack Overflow Denial of Service Apple Safari 5.02 - Stack Overflow Denial of Service Microsoft Windows Task Scheduler - Privilege Escalation Microsoft Windows - Task Scheduler Privilege Escalation Pandora Fms 3.1 - Authentication Bypass Pandora FMS 3.1 - Authentication Bypass bugtracker.net 3.4.4 - Multiple Vulnerabilities BugTracker.NET 3.4.4 - Multiple Vulnerabilities Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow WMITools ActiveX - Remote Command Execution Microsoft WMITools ActiveX - Remote Command Execution VideoSpirit Pro 1.68 - Local Buffer Overflow VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit) Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit) PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit) PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit) Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit) Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit) Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit) Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit) Solaris sadmind - Command Execution (Metasploit) Solaris Sadmind - Command Execution (Metasploit) Sun Solaris - Telnet Remote Authentication Bypass (Metasploit) Sun Solaris Telnet - Remote Authentication Bypass (Metasploit) Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit) Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit) Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit) Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit) TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit) 3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit) Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit) ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit) Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit) Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit) Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit) CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit) Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2) Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2) FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit) Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit) Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit) Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit) Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit) Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit) MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit) Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit) Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit) Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit) MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit) Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) IMail IMAP4D - Delete Overflow (Metasploit) IPSwitch IMail IMAP4D - Delete Overflow (Metasploit) Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit) Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit) Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit) Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit) AOL Instant Messenger - goaway Overflow (Metasploit) AOL Instant Messenger AIM - goaway Overflow (Metasploit) Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit) Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit) Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit) RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit) RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit) Adobe Shockwave - rcsL Memory Corruption (Metasploit) Adobe Shockwave Player - rcsL Memory Corruption (Metasploit) Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit) Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit) WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) ACDSee - XPM File Section Buffer Overflow (Metasploit) ACDSee - '.XPM' File Section Buffer Overflow (Metasploit) HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit) HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit) Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit) Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit) QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit) Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit) Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit) Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) Serv-U FTPD - MDTM Overflow (Metasploit) RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit) 3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit) 3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit) FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) SentinelLM - UDP Buffer Overflow (Metasploit) Sentinel LM - UDP Buffer Overflow (Metasploit) Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit) Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit) Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit) Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit) Sambar 6 - Search Results Buffer Overflow (Metasploit) Sambar Server 6 - Search Results Buffer Overflow (Metasploit) IA WebMail 3.x - Buffer Overflow (Metasploit) IA WebMail Server 3.x - Buffer Overflow (Metasploit) Savant 3.1 Web Server - Overflow Exploit (Metasploit) Savant Web Server 3.1 - Overflow Exploit (Metasploit) HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit) Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit) Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit) IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit) PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit) PSOProxy 0.91 - Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit) Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit) Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit) NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit) NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit) MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit) Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit) YPOPS 0.6 - Buffer Overflow (Metasploit) YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit) Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit) Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit) IMail LDAP Service - Buffer Overflow (Metasploit) IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit) GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit) Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit) Poptop - Negative Read Overflow (Metasploit) UoW IMAP server - LSUB Buffer Overflow (Metasploit) PoPToP - Negative Read Overflow (Metasploit) UoW IMAPd Server - LSUB Buffer Overflow (Metasploit) DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit) DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit) Samba (Linux/x86) - trans2open Overflow (Metasploit) iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) AppleFileServer - LoginExt PathName Overflow (Metasploit) Samba (Linux x86) - trans2open Overflow (Metasploit) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit) Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit) Safari - Archive Metadata Command Execution (Metasploit) Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit) Apple Safari - Archive Metadata Command Execution (Metasploit) iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Mail.app - Image Attachment Command Execution (Metasploit) Apple Mail.app - Image Attachment Command Execution (Metasploit) Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit) Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit) Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit) Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit) Samba trans2open (BSD/x86) - Overflow Exploit (Metasploit) Samba (BSD x86) - trans2open Overflow Exploit (Metasploit) PHP XML-RPC - Arbitrary Code Execution (Metasploit) XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit) AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit) HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit) AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit) HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit) TWiki Search Function - Arbitrary Command Execution (Metasploit) TWiki - Search Function Arbitrary Command Execution (Metasploit) Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit) The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit) Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit) Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit) Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit) Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit) 7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities 7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit) HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit) VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit) eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit) Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit) manageengine support center plus 7.8 build 7801 - Directory Traversal ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal Safari 5.0.6/5.1 - SVG DOM Processing (PoC) Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC) Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass) Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass) TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit) TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit) Sports PHool 1.0 - Remote File Inclusion SportsPHool 1.0 - Remote File Inclusion Mini-stream 3.0.1.1 - Buffer Overflow (3) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3) Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Zabbix 1.8.4 - (popup.php) SQL Injection Zabbix 1.8.4 - 'popup.php' SQL Injection CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit) CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit) Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit) RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit) Family Connections - less.php Remote Command Execution (Metasploit) Family Connections CMS - 'less.php' Remote Command Execution (Metasploit) FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting openemr 4 - Multiple Vulnerabilities Safari - GdiDrawStream BSoD OpenEMR 4 - Multiple Vulnerabilities Apple Safari - GdiDrawStream BSoD clip bucket 2.6 - Multiple Vulnerabilities Clipbucket 2.6 - Multiple Vulnerabilities Tube Ace(Adult PHP Tube Script) - SQL Injection Tube Ace (Adult PHP Tube Script) - SQL Injection Dolibarr CMS 3.2.0 < Alpha - File Inclusion Dolibarr 3.2.0 < Alpha - File Inclusion PBLang - Local File Inclusion PBLang Bulletin Board System - Local File Inclusion NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit) Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit) Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit) Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit) TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit) Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit) TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit) TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit) samsung net-i ware 1.37 - Multiple Vulnerabilities Samsung NET-i ware 1.37 - Multiple Vulnerabilities iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC) Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC) GIMP - script-fu Server Buffer Overflow (Metasploit) GIMP script-fu - Server Buffer Overflow (Metasploit) SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit) SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit) Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit) Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit) Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit) Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit) Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption UoW imapd 10.234/12.264 - Buffer Overflow UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit) UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit) UoW IMAPd Server 10.234/12.264 - Buffer Overflow UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit) UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit) RedHat 6.2 - Piranha Virtual Server Package Default Account and Password RedHat 6.2 Piranha Virtual Server Package - Default Account and Password Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit) Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit) hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection RedHat 6 - glibc/locale Subsystem Format String Solaris 2.6/7.0 - /locale Subsystem Format String RedHat 6 GLIBC/locale - Subsystem Format String Solaris 2.6/7.0 /locale - Subsystem Format String Solaris 2.6/7.0 - 'eject' locale Subsystem Format String Solaris 2.6/7.0 'eject' locale - Subsystem Format String Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5) Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5) RedHat restore 0.4 b15 - Insecure Environment Variables RedHat 0.4 b15 restore - Insecure Environment Variables Viscosity OpenVPN Client (OSX) - Privilege Escalation Viscosity - Privilege Escalation Solaris 2.x/7.0/8 catman - Race Condition (1) Solaris 2.x/7.0/8 catman - Race Condition (2) Solaris 2.x/7.0/8 Catman - Race Condition (1) Solaris 2.x/7.0/8 Catman - Race Condition (2) sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities T-dah Webmail - Multiple Persistent Cross-Site Scripting T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Ntpd - Remote Buffer Overflow NTPd - Remote Buffer Overflow Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow Solaris 2.x/7.0/8 lpd - Remote Command Execution HP-UX 11.0 SWVerify - Buffer Overflow Solaris 2.x/7.0/8 LPD - Remote Command Execution HP-UX 11.0 - SWVerify Buffer Overflow phusion WebServer 1.0 - Directory Traversal (1) phusion WebServer 1.0 - Directory Traversal (2) Phusion WebServer 1.0 - Directory Traversal (1) Phusion WebServer 1.0 - Directory Traversal (2) Progress 9.1 - sqlcpp Local Buffer Overflow Progress Database 9.1 - sqlcpp Local Buffer Overflow PsyBNC 2.3 - Oversized Passwords Denial of Service psyBNC 2.3 - Oversized Passwords Denial of Service Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1) Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2) WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1) WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2) Midicart - PHP Arbitrary File Upload Midicart PHP - Arbitrary File Upload otrs 3.1 - Persistent Cross-Site Scripting OTRS 3.1 - Persistent Cross-Site Scripting EType EServ 2.9x POP3 - Remote Denial of Service EType EServ 2.9x - POP3 Remote Denial of Service Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution Invision Power Board 3.3.4 - Unserialize Regex Bypass Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit) Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit) NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit) Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit) Kerio MailServer 5.6.3 - add_acl Module Overflow Kerio MailServer 5.6.3 add_acl Module - Overflow phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting IBM System Director - Remote System Level Exploit IBM System Director Agent - Remote System Level Exploit Tectia SSH - USERAUTH Change Request Password Reset (Metasploit) (SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit) Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit) Oracle MySQL (Windows) - MOF Execution (Metasploit) CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1) CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2) GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1) GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2) IWConfig - Local ARGV Command Line Buffer Overflow (1) IWConfig - Local ARGV Command Line Buffer Overflow (2) IWConfig - Local ARGV Command Line Buffer Overflow (3) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3) Novell File Reporter Agent - XML Parsing Remote Code Execution Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1) RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2) RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1) RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4) Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Nagios - history.cgi Remote Command Execution Nagios3 - history.cgi Remote Command Execution phpshop 2.0 - SQL Injection phpShop 2.0 - SQL Injection Freesshd - Authentication Bypass (Metasploit) FreeSSHD - Authentication Bypass (Metasploit) RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access SLMail 5.5 - POP3 PASS Remote Buffer Overflow SLMail 5.5 - Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service Microsoft Windows Light HTTPD 0.1 - Buffer Overflow Light HTTPD 0.1 (Windows) - Buffer Overflow MSN Messenger 6.2.0137 - '.png' Buffer Overflow Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow Smail-3 - Multiple Remote and Local Vulnerabilities Smail 3 - Multiple Remote and Local Vulnerabilities Cisco Linksys E4200 Firmware - Multiple Vulnerabilities Cisco Linksys E4200 - Multiple Vulnerabilities Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting SlimServe httpd 1.0/1.1 - Directory Traversal WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal Quick TFTP Server 2.2 - Denial of Service Quick TFTP Server Pro 2.2 - Denial of Service aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection XMB 1.9.3 - u2u.php Cross-Site Scripting XMB Forum 1.9.3 - u2u.php Cross-Site Scripting PHPAlbum 0.2.3/4.1 - Local File Inclusion PHP Photo Album 0.2.3/4.1 - Local File Inclusion Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret) BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret) NetBSD mail.local - Privilege Escalation (Metasploit) NetBSD mail.local(8) - Privilege Escalation (Metasploit) PCMAN FTP 2.07 - PASS Command Buffer Overflow PCMan FTP Server 2.07 - PASS Command Buffer Overflow PCMAN FTP 2.07 - STOR Command Buffer Overflow PCMan FTP Server 2.07 - STOR Command Buffer Overflow EImagePro - - subList.asp CatID Parameter SQL Injection EImagePro - subList.asp CatID Parameter SQL Injection OZJournals 1.2 - Vname Parameter Cross-Site Scripting OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection OZJournals 1.5 - Multiple Input Validation Vulnerabilities Baby FTP server 1.24 - Denial of Service PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit) PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit) Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit) Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit) Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow Festalon 0.5 - '.HES' Remote Heap Buffer Overflow EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow A-CART 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002) Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002) Fish - Multiple Remote Buffer Overflow Vulnerabilities FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service Uebimiau 2.7.x - 'index.php' Cross-Site Scripting Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting Seagate BlackArmor - Root Exploit Seagate BlackArmor NAS - Root Exploit Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering PCMAN FTP 2.07 - ABOR Command Buffer Overflow PCMAN FTP 2.07 - CWD Command Buffer Overflow PCMan FTP Server 2.07 - ABOR Command Buffer Overflow PCMan FTP Server 2.07 - CWD Command Buffer Overflow HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access amfphp 1.2 - browser/details class Parameter Cross-Site Scripting amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting PCMAN FTP 2.07 - Buffer Overflow PCMan FTP Server 2.07 - Buffer Overflow Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities Novell Groupwise Messenger 2.0 - Client Buffer Overflow Novell Groupwise Messenger 2.0 Client - Buffer Overflow Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting OpenNms 1.5.x - HTTP Response Splitting OpenNMS 1.5.x - HTTP Response Splitting Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass Pilot Group PG Roommate - SQL Injection Pilot Group PG Roommate Finder Solution - SQL Injection OpenSSL TLS Heartbeat Extension - Memory Disclosure OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions) OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions) Heartbleed OpenSSL - Information Leak Exploit (1) OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1) IBM Director 5.20 - CIM Server Privilege Escalation IBM System Director Agent 5.20 - CIM Server Privilege Escalation Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support) Kolibri 2.0 - GET Request Stack Buffer Overflow Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow Easy Chat Server 3.1 - Stack Buffer Overflow EFS Easy Chat Server 3.1 - Stack Buffer Overflow Sphider 1.3.6 - Multiple Vulnerabilities Sphider Search Engine 1.3.6 - Multiple Vulnerabilities Kolibri WebServer 2.0 - GET Request SEH Exploit Kolibri Web Server 2.0 - GET Request SEH Exploit MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit) Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit) VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit) VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit) Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit) Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit) Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection Impact Software AdPeeps - Cross-Site Scripting / HTML Injection PPScript - 'shop.htm' SQL Injection Payment Processor Script (PPScript) - 'shop.htm' SQL Injection ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060) Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060) Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit) Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit) Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit) Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit) Exim ESMTP 4.80 glibc gethostbyname - Denial of Service Exim ESMTP 4.80 - glibc gethostbyname Denial of Service Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting Publish-It - PUI Buffer Overflow (SEH) Publish-It - '.PUI' Buffer Overflow (SEH) WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin) WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin) Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities abrt (Fedora 21) - Race Condition Abrt (Fedora 21) - Race Condition Webgate WESP SDK 1.2 - ChangePassword Stack Overflow WebGate WESP SDK 1.2 - ChangePassword Stack Overflow Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Oracle - Outside-In DOCX File Parsing Memory Corruption Oracle - Outside-In '.DOCX' File Parsing Memory Corruption iTunes 10.6.1.7 - '.pls' Title Buffer Overflow Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070) Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070) Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit) Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit) MiniUPnP - Multiple Denial of Service Vulnerabilities MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities Kaseya Virtual System Administrator - Multiple Vulnerabilities (2) Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2) Safari - User-Assisted Applescript Exec Attack (Metasploit) Apple Safari - User-Assisted Applescript Exec Attack (Metasploit) Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read pdfium CPDF_Function::Call - Stack Based Buffer Overflow pdfium - CPDF_Function::Call Stack Based Buffer Overflow Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit) Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass MiCasa VeraLite - Remote Code Execution MiCasaVerde VeraLite - Remote Code Execution SmallFTPd 1.0.3 - 'mkd' Command Denial of Service SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service GNU GTypist 2.9.5-2 - Local Buffer Overflow uSQLite 1.0.0 - Denial Of Service HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation CherryTree 0.36.9 - Memory Corruption (PoC)	2016-10-28 05:01:21 +00:00
Offensive Security	07fdc778ee	DB: 2016-10-21 24 new exploits NetAuctionHelp 4.1 - search.asp SQL Injection Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow Microsoft Edge - Array.join Info Leak (MS16-119) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) HikVision Security Systems - Activex Buffer Overflow Oracle Netbeans IDE 8.1 - Directory Traversal MiCasa VeraLite - Remote Code Execution Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection Classifieds Rental Script - SQL Injection SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Event Calendar PHP 1.5 - SQL Injection SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal SPIP 3.1.2 - Cross-Site Request Forgery Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Edge - Spread Operator Stack Overflow (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)	2016-10-21 05:01:17 +00:00
Offensive Security	77b46b2163	DB: 2016-10-20 13 new exploits PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit PHP FFI Extension 5.0.5 - Local Safe_mode Bypass PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC) Apple QuickTime < 7.2 - SMIL Remote Integer Overflow Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC) Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow Integramod nederland 1.4.2 - Remote File Inclusion Integramod Nederland 1.4.2 - Remote File Inclusion CNDSOFT 2.3 - Cross-Site Request Forgery / Arbitrary File Upload NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation The Unarchiver 3.11.1 - '.tar.Z' Crash PoC XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege Escalation Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path Privilege Escalation PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege Escalation	2016-10-20 05:01:17 +00:00
Offensive Security	f49abcf00f	DB: 2016-10-14 13 new exploits Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) Linux Kernel 4.6.3 - 'Netfilter' Privilege Escalation (Metasploit) ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation Thatware 0.4.6 - SQL Injection InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation Simple Blog PHP 2.0 - Multiple Vulnerabilities Simple Blog PHP 2.0 - SQL Injection Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow) Linux Kernel (Ubuntu 14.04.3) - 'perf_event_open()' Can Race with execve() (Access /etc/shadow) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) PHP Press Release - (Add Admin) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery BirdBlog 1.4.0 - Cross-Site Request Forgery (Add New Post) phpEnter 4.2.7 - Cross-Site Request Forgery (Add New Post) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery ApPHP MicroCMS 3.9.5 - Cross-Site Request Forgery (Add Admin) ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation VOX Music Player 2.8.8 - '.pls' Denial of Service IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation Colorful Blog - Stored Cross Site Scripting Colorful Blog - Cross-Site Request Forgery (Change Admin Password) Hotspot Shield 6.0.3 - Unquoted Service Path Privilege Escalation RSS News AutoPilot Script 1.0.1 / 3.1.0 - Admin Panel Authentication Bypass JonhCMS 4.5.1 - SQL Injection	2016-10-14 05:01:16 +00:00
Offensive Security	7607be84a3	DB: 2016-09-10 3 new exploits freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated) freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow freeSSHd 1.2.1 - Authenticated Remote SEH Overflow Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service Serv-U 7.3 - (Authenticated) Remote FTP File Replacement Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow PoC LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow PoC Hannon Hill Cascade Server - (Authenticated) Command Execution Hannon Hill Cascade Server - Authenticated Command Execution Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - Authenticated Multiple Vulnerabilities Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities Femitter FTP Server 1.x - Authenticated Multiple Vulnerabilities Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service NetAccess IP3 - (Authenticated) (ping option) Command Injection NetAccess IP3 - Authenticated (ping option) Command Injection Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting Apache Axis2 Administration console - Authenticated Cross-Site Scripting Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow ActFax Server FTP - (Authenticated) Remote Buffer Overflow ActFax Server FTP - Authenticated Remote Buffer Overflow Oracle Database - Protocol Authentication Bypass Oracle Database - Protocol Authentication Bypass IRIS Citations Management Tool - (Authenticated) Remote Command Execution IRIS Citations Management Tool - Authenticated Remote Command Execution Airmail 3.0.2 - Cross-Site Scripting LamaHub 0.0.6.2 - Buffer Overflow Vodafone Mobile Wifi - Reset Admin Password Zabbix 2.0 - 3.0.3 - SQL Injection Zabbix 2.0 < 3.0.3 - SQL Injection Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF) Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF) Alfresco - /proxy endpoint Parameter Server Side Request Forgery Alfresco - /cmisbrowser url Parameter Server Side Request Forgery vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF) vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery	2016-09-10 05:08:39 +00:00
Offensive Security	d36011b4f9	DB: 2016-09-07 3 new exploits Too many to list!	2016-09-07 05:09:19 +00:00
Offensive Security	5e2fc10125	DB: 2016-09-03	2016-09-03 13:13:25 +00:00
Offensive Security	31a21bb68d	DB: 2016-09-03 14 new exploits Too many to list!	2016-09-03 05:08:42 +00:00
Offensive Security	29076928d8	DB: 2016-08-17 10 new exploits Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service Exploit Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service LifeType 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit LifeType 1.0.4 - Multiple Vulnerabilities Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote DoS Exploit Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote Denial of Service cms-bandits 2.5 - (spaw_root) Remote File Inclusion Enterprise Payroll Systems 1.1 - (footer) Remote Include CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion 0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash Exploit empris r20020923 - (phormationdir) Remote Include aePartner 0.8.3 - (dir[data]) Remote Include 0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash PoC empris r20020923 - (phormationdir) Remote File Inclusion aePartner 0.8.3 - (dir[data]) Remote File Inclusion SmartSiteCMS 1.0 - (root) Remote File Inclusion Opera 9 - (long href) Remote Denial of Service Exploit SmartSite CMS 1.0 - (root) Remote File Inclusion Opera 9 - (long href) Remote Denial of Service w-Agora 4.2.0 - (inc_dir) Remote File Inclusion Exploit w-Agora 4.2.0 - (inc_dir) Remote File Inclusion BitchX 1.1-final do_hook() Remote Denial of Service Exploit BitchX 1.1-final - do_hook() Remote Denial of Service BLOG:CMS 4.0.0k SQL Injection Exploit BLOG:CMS 4.0.0k - SQL Injection Sun Board 1.00.00 alpha Remote File Inclusion Sun Board 1.00.00 alpha - Remote File Inclusion Mailist 3.0 Insecure Backup/Local File Inclusion Mailist 3.0 - Insecure Backup/Local File Inclusion AdaptCMS 2.0.0 Beta (init.php) Remote File Inclusion AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion VisualShapers ezContents 1.x/2.0 - db.php Arbitrary File Inclusion VisualShapers ezContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion VoteBox 2.0 Votebox.php Remote File Inclusion VoteBox 2.0 - Votebox.php Remote File Inclusion TRG News 3.0 Script Remote File Inclusion TRG News 3.0 Script - Remote File Inclusion Vortex Portal 2.0 content.php act Parameter Remote File Inclusion Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion Shoutbox 1.0 Shoutbox.php Remote File Inclusion Shoutbox 1.0 - Shoutbox.php Remote File Inclusion Ajaxmint Gallery 1.0 Local File Inclusion Ajaxmint Gallery 1.0 - Local File Inclusion Zabbix 2.2.x_ 3.0.x - SQL Injection Microsoft Office Word 2013_2016 - sprmSdyaTop Denial of Service (MS16-099) Zabbix 2.2.x / 3.0.x - SQL Injection Microsoft Office Word 2013/2016 - sprmSdyaTop Denial of Service (MS16-099) Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use After Free PoC Windows x86 - MessageBoxA Shellcode (242 bytes) Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes) Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist Nagios Log Server 1.4.1 - Multiple Vulnerabilities Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV	2016-08-17 05:02:47 +00:00
Offensive Security	076ef173f9	DB: 2016-06-11 23 new exploits Poison Ivy 2.1.x C2 Buffer Overflow (msf) Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit Mobiketa 1.0 - CSRF Add Admin Exploit miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query phpMyFAQ 2.9.0 - Stored XSS Windows x86 system(_systeminfo_) Shellcode Armadito Antimalware - Backdoor/Bypass Riot Games League of Legends - Insecure File Permissions Privilege Escalation IPFire proxy.cgi RCE IPFire Bash Environment Variable Injection (Shellshock) Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Android - /system/bin/sdcard Stack Buffer Overflow OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2 OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver	2016-06-11 05:06:22 +00:00
Offensive Security	a447a01cb8	DB: 2016-05-20	2016-05-20 06:50:49 +00:00
Offensive Security	3ca3a35ce6	DB: 2016-04-28 4 new exploits EMC ViPR SRM - Cross-Site Request Forgery Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048) Mach Race OS X Local Privilege Escalation Exploit	2016-04-28 05:03:01 +00:00
Offensive Security	1f79ff2236	DB: 2016-04-09 3 new exploits WordPress Freshmail - Unauthenticated SQL Injection WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection Express Zip <= 2.40 - Path Traversal Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation op5 7.1.9 - Remote Command Execution	2016-04-09 05:02:52 +00:00
Offensive Security	dfc00ffd48	DB: 2016-03-24 22 new exploits Windows NDProxy - Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002) Windows XP SP3 x86 and 2003 SP2 x86 - NDProxy Privilege Escalation (MS14-002) exim <= 4.84-3 - Local Root Exploit Exim <= 4.84-3 - Local Root Exploit CoolPlayer (Standalone) build 2.19 - .m3u Stack Overflow OS X / iOS Suid Binary Logic Error Kernel Code Execution Multiple CCTV-DVR Vendors - Remote Code Execution MiCollab 7.0 - SQL Injection Vulnerability Comodo Antivirus Forwards Emulated API Calls to the Real API During Scans Avira - Heap Underflow Parsing PE Section Headers Comodo - PackMan Unpacker Insufficient Parameter Validation Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents Wireshark - dissect_ber_integer Static Out-of-Bounds Write Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation Comodo Antivirus - Heap Overflow in LZX Decompression OS X Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort Adobe Flash - Shape Rendering Crash Adobe Flash - Zlib Codec Heap Overflow Adobe Flash - Sprite Creation Use-After-Free Adobe Flash - Uninitialized Stack Parameter Access in AsBroadcaster.broadcastMessage UaF Fix Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix OS X Kernel - AppleKeyStore Use-After-Free OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in nVidia Geforce Driver OS X Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver	2016-03-24 05:03:51 +00:00
Offensive Security	477bcbdcc0	DB: 2016-03-17 5 new exploits phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities My Book World Edition NAS Multiple Vulnerability My Book World Edition NAS - Multiple Vulnerabilities Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php) DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities New-CMS - Multiple Vulnerability New-CMS - Multiple Vulnerabilities Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities i-Gallery - Multiple Vulnerability i-Gallery - Multiple Vulnerabilities My Kazaam Notes Management System Multiple Vulnerability My Kazaam Notes Management System - Multiple Vulnerabilities Omnidocs - Multiple Vulnerability Omnidocs - Multiple Vulnerabilities Web Cookbook Multiple Vulnerability Web Cookbook - Multiple Vulnerabilities KikChat - (LFI/RCE) Multiple Vulnerability KikChat - (LFI/RCE) Multiple Vulnerabilities Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability xEpan 1.0.4 - Multiple Vulnerability xEpan 1.0.4 - Multiple Vulnerabilities AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow Cisco UCS Manager 2.1(1b) - Shellshock Exploit OpenSSH <= 7.2p1 - xauth Injection FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow	2016-03-17 07:07:56 +00:00
Offensive Security	958f5c3f9d	DB: 2016-01-29 40 new exploits	2016-01-29 05:03:51 +00:00
Offensive Security	cf0225763f	DB: 2016-01-02 3 new exploits	2016-01-02 05:02:02 +00:00
Offensive Security	69243df248	DB: 2015-12-10 14 new exploits	2015-12-10 05:02:23 +00:00
Offensive Security	8a009f2fce	DB: 2015-10-28 9 new exploits	2015-10-28 05:03:06 +00:00
Offensive Security	d0e0fe5941	DB: 2015-10-27 4 new exploits	2015-10-27 05:02:38 +00:00
Offensive Security	09104c8692	DB: 2015-10-02 9 new exploits	2015-10-02 05:02:31 +00:00
Offensive Security	7fcce7a954	DB: 2015-10-01 14 new exploits	2015-10-01 05:02:54 +00:00
Offensive Security	bb2fcd6716	DB: 2015-09-24 13 new exploits	2015-09-24 05:03:17 +00:00
Offensive Security	1d1147296b	DB: 2015-09-23 35 new exploits	2015-09-23 05:02:17 +00:00
Offensive Security	c6421d54c9	DB: 2015-09-21 9 new exploits	2015-09-21 05:01:49 +00:00
Offensive Security	1ba31aab30	DB: 2015-09-12 6 new exploits	2015-09-12 05:02:45 +00:00
Offensive Security	42b241205e	DB: 2015-09-11 20 new exploits	2015-09-11 05:01:46 +00:00
Offensive Security	488f57ec93	DB: 2015-09-07 6 new exploits	2015-09-07 05:02:07 +00:00
Offensive Security	37dce18f7f	DB: 2015-09-03 16 new exploits	2015-09-03 05:02:25 +00:00
Offensive Security	270dc872cf	DB: 2015-09-01 17 new exploits	2015-09-01 05:02:37 +00:00
Offensive Security	30734a6700	DB: 2015-08-19 16 new exploits	2015-08-19 05:01:48 +00:00
Offensive Security	9569f264ec	DB: 2015-08-14 191 new exploits	2015-08-14 05:02:47 +00:00
Offensive Security	a732415255	DB: 2015-08-13 1 new exploits	2015-08-13 05:06:40 +00:00
Offensive Security	b6cfc9b565	DB: 2015-08-10 3 new exploits	2015-08-10 05:01:54 +00:00
Offensive Security	3b462fe869	DB: 2015-07-23 2 new exploits	2015-07-23 05:01:51 +00:00
Offensive Security	b22d6ae97a	DB: 2015-07-03 13 new exploits	2015-07-03 05:03:11 +00:00
Offensive Security	b3321b3426	DB: 2015-05-15 17 new exploits	2015-05-15 05:02:32 +00:00
Offensive Security	e6dc3c025a	DB: 2015-05-09 28 new exploits	2015-05-09 05:03:14 +00:00
Offensive Security	029eaafec5	DB: 2015-04-27 2 new exploits	2015-04-27 05:02:03 +00:00
Offensive Security	fffcb94afe	DB: 2015-04-22 30 new exploits	2015-04-22 05:02:28 +00:00
Offensive Security	cc553d1147	DB: 2015-04-20 11 new exploits	2015-04-20 12:44:13 +00:00

1 2

89 commits