exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Offensive Security	d304cc3d3e	DB: 2017-11-24 116602 new exploits Too many to list!	2017-11-24 20:56:23 +00:00
Offensive Security	4b39f0d26d	DB: 2017-11-16 23 new exploits VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1) VideoLAN VLC Media Player 0.8.6a - Denial of Service (1) Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service Microsoft Windows Explorer - '.AVI' File Denial of Service Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service Microsoft Windows Explorer - '.ANI' File Denial of Service Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service Microsoft Windows Explorer - '.doc' File Denial of Service CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service) Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC) Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC) Webby WebServer - SEH Control (PoC) Webby WebServer - Overflow (SEH) (PoC) Quick 'n Easy FTP Server Lite 3.1 - Exploit Quick 'n Easy FTP Server Lite 3.1 - Denial of Service Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC) Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC) FFDshow - SEH Exception Leading to Null Pointer on Read FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read Microsoft Internet Explorer - MSHTML Findtext Processing Issue Microsoft Internet Explorer - MSHTML Findtext Processing Exploit Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption Debian suidmanager 0.18 - Exploit AMD K6 Processor - Exploit Apple Personal Web Sharing 1.1 - Remote Denial of Service AMD K6 Processor - Denial of Service Sun Solaris 7.0 - 'procfs' Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service D-Link DIR605L - Denial of Service RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service (Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow xfstt 1.2/1.4 - Unspecified Memory Disclosure xfstt 1.2/1.4 - Memory Disclosure ViRobot Linux Server 2.0 - Exploit Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities IBM AIX 5.x - Invscout Local Buffer Overflow IBM AIX 5.x - 'Invscout' Local Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012) Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012) IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2) VideoLAN VLC Media Player 0.8.6a - Denial of Service (2) Sun Solaris 10 - ICMP Unspecified Remote Denial of Service Sun Solaris 10 - ICMP Remote Denial of Service Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service Progress WebSpeed 3.0/3.1 - Denial of Service GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service Wireshark 0.99.8 - X.509sat Dissector Denial of Service Wireshark 0.99.8 - LDAP Dissector Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities SmallFTPd - Unspecified Denial of Service SmallFTPd - Denial of Service Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call Mandrake Linux 8.2 /usr/mail - Local Exploit Mandrake Linux 8.2 - '/usr/mail' Local Exploit RedHat 6.2 /sbin/restore - Exploit RedHat 6.2 - '/sbin/restore' Privilege Escalation dump 0.4b15 (RedHat 6.2) - Exploit dump 0.4b15 (RedHat 6.2) - Privilege Escalation xsoldier 0.96 (RedHat 6.2) - Exploit Pine (Local Message Grabber) - Exploit xsoldier 0.96 (RedHat 6.2) - Buffer Overflow Pine (Local Message Grabber) - Local Message Read Seyon 2.1 rev. 4b i586-Linux - Exploit Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read suid_perl 5.001 - Exploit suid_perl 5.001 - Command Execution Sendmail 8.11.x (Linux/i386) - Exploit Sendmail 8.11.x (Linux/i386) - Privilege Escalation Microsoft Excel - Unspecified Remote Code Execution Microsoft Excel - Remote Code Execution Microsoft Word 2000 - Unspecified Code Execution Microsoft Word 2000 - Code Execution IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite Easy RM to MP3 Converter 2.7.3.700 - Exploit Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow Adobe Reader and Acrobat - Exploit Adobe Reader / Acrobat - '.PDF' File Overflow Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) Winamp 5.572 - Exploit (SEH) Winamp 5.572 - Overflow (SEH) ZipScan 2.2c - Exploit (SEH) ZipScan 2.2c - Overflow (SEH) Local Glibc shared library (.so) 2.11.1 - Exploit (Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation Local Glibc Shared Library (.so) 2.11.1 - Code Execution ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation SyncBack Freeware 3.2.20.0 - Exploit SyncBack Freeware 3.2.20.0 - Overflow (SEH) Mediacoder 0.7.3.4672 - Exploit (SEH) Mediacoder 0.7.3.4672 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) DJ Studio Pro 8.1.3.2.1 - Exploit (SEH) DJ Studio Pro 8.1.3.2.1 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit) iworkstation 9.3.2.1.4 - Exploit (SEH) iworkstation 9.3.2.1.4 - Overflow (SEH) Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode) Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode) POP Peeper 3.7 - Exploit (SEH) POP Peeper 3.7 - Overflow (SEH) DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass) DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit) BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass) Slackware Linux 3.4 - 'liloconfig-color' Temporary file Slackware Linux 3.4 - 'makebootdisk' Temporary file Slackware Linux 3.4 - 'liloconfig-color' Temporary File Slackware Linux 3.4 - 'makebootdisk' Temporary File Slackware Linux 3.4 - 'netconfig' Temporary file Slackware Linux 3.4 - 'pkgtool' Temporary file Slackware Linux 3.4 - 'netconfig' Temporary File Slackware Linux 3.4 - 'pkgtool' Temporary File Debian suidmanager 0.18 - Command Execution BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit Slackware Linux 3.5 - Missing /etc/group Privilege Escalation BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission Slackware Linux 3.5 - '/etc/group' Privilege Escalation Sun Solaris 2.6 power management - Exploit Sun Solaris 2.6 - power management Exploit DataLynx suGuard 1.0 - Exploit Sun Solaris 2.5.1 PAM & unix_scheme - Exploit Solaris 2.5.1 ffbconfig - Exploit Solaris 2.5.1 chkey - Exploit Solaris 2.5.1 Ping - Exploit SGI IRIX 6.4 ioconfig - Exploit DataLynx suGuard 1.0 - Privilege Escalation Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation Solaris 2.5.1 - 'ffbconfig' Exploit Solaris 2.5.1 - 'chkey' Exploit Solaris 2.5.1 - 'Ping' Exploit SGI IRIX 6.4 - 'ioconfig' Exploit BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2) Solaris 2.5.1 automount - Exploit Solaris 2.5.1 - 'automount' Exploit BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit Sun Solaris 7.0 dtprintinfo - Buffer Overflow Sun Solaris 7.0 lpset - Buffer Overflow BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow IBM Remote Control Software 1.0 - Exploit IBM Remote Control Software 1.0 - Code Execution Xcmail 0.99.6 - Exploit Xcmail 0.99.6 - Buffer Overflow Sun Solaris 7.0 ff.core - Exploit S.u.S.E. 5.2 lpc - Exploit Sun Solaris 7.0 - 'ff.core' Exploit S.u.S.E. 5.2 - 'lpc' Exploit SGI IRIX 6.2 cdplayer - Exploit SGI IRIX 6.2 - 'cdplayer' Exploit SGI IRIX 5.3 Cadmin - Exploit SGI IRIX 6.0.1 colorview - Exploit SGI IRIX 5.3 - 'Cadmin' Exploit SGI IRIX 6.0.1 - 'colorview' Exploit SGI IRIX 6.3 df - Exploit SGI IRIX 6.4 - datman/cdman Exploit SGI IRIX 6.3 - 'df' Exploit SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.2 fsdump - Exploit RedHat Linux 5.1 xosview - Exploit Slackware Linux 3.1 - Buffer Overflow RedHat Linux 2.1 - 'abuse.console' Exploit SGI IRIX 6.2 - 'fsdump' Exploit RedHat Linux 5.1 - xosview Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow IBM AIX 4.3 infod - Exploit IBM AIX 4.3 - 'infod' Exploit IBM AIX 4.2.1 snap - Insecure Temporary File Creation IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation SGI IRIX 6.4 inpview - Exploit RedHat Linux 5.0 msgchk - Exploit IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 ping - Buffer Overflow IBM AIX 4.2 lchangelv - Buffer Overflow SGI IRIX 6.4 - 'inpview' Exploit RedHat Linux 5.0 - 'msgchk' Exploit IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 - 'ping' Buffer Overflow IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1) RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1) SGI IRIX 6.4 netprint - Exploit SGI IRIX 6.4 - 'netprint' Exploit SGI IRIX 5.3/6.2 ordist - Exploit SGI IRIX 5.3/6.2 - 'ordist' Exploit SGI IRIX 5.3 pkgadjust - Exploit SGI IRIX 5.3 - 'pkgadjust' Exploit Sun Solaris 7.0 procfs - Exploit IBM AIX 3.2.5 - IFS Exploit IBM AIX 4.2.1 lquerypv - Exploit IBM AIX 3.2.5 - 'IFS' Exploit IBM AIX 4.2.1 - 'lquerypv' File Read SGI IRIX 6.3 pset - Exploit SGI IRIX 6.4 rmail - Exploit SGI IRIX 6.3 - 'pset' Exploit SGI IRIX 6.4 - 'rmail' Exploit SGI IRIX 5.2/5.3 serial_ports - Exploit SGI IRIX 6.4 suid_exec - Exploit SGI IRIX 5.1/5.2 sgihelp - Exploit SGI IRIX 6.4 startmidi - Exploit SGI IRIX 5.2/5.3 - 'serial_ports' Exploit SGI IRIX 6.4 - 'suid_exec' Exploit SGI IRIX 5.1/5.2- 'sgihelp' Exploit SGI IRIX 6.4 - 'startmidi' Exploit SGI IRIX 6.4 xfsdump - Exploit SGI IRIX 6.4 - 'xfsdump' Exploit IBM AIX 4.3.1 adb - Exploit IBM AIX 4.3.1 - 'adb' Denial of Service Apple At Ease 5.0 - Exploit Samba < 2.0.5 - Exploit Apple At Ease 5.0 - Information Disclosure Samba < 2.0.5 - Overflow NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow HP-UX 10.20 newgrp - Exploit HP-UX 10.20 newgrp - Privilege Escalation BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2) BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1) FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2) Solaris 7.0 kcms_configure - Exploit Solaris 7.0 - 'kcms_configure Exploit Windowmaker wmmon 1.0 b2 - Exploit Windowmaker wmmon 1.0 b2 - Command Execution Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation Standard & Poors ComStock 4.2.4 - Exploit Standard & Poors ComStock 4.2.4 - Command Execution KDE 1.1.2 KApplication configfile - Exploit (1) KDE 1.1.2 KApplication configfile - Exploit (2) KDE 1.1.2 KApplication configfile - Exploit (3) KDE 1.1.2 KApplication configfile - Privilege Escalation (1) KDE 1.1.2 KApplication configfile - Privilege Escalation (2) KDE 1.1.2 KApplication configfile - Privilege Escalation (3) BSD 'mailx' 8.1.1-10 - Buffer Overflow (2) mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2) Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow IRIX 6.5.x - GR_OSView Buffer Overflow SGI IRIX 6.2 libgl.so - Buffer Overflow IRIX 6.5.x - dmplay Buffer Overflow IRIX 6.2/6.3 lpstat - Buffer Overflow IRIX 6.5.x - inpview Race Condition IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow SGI IRIX 6.2 - 'libgl.so' Buffer Overflow IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition IRIX 5.3/6.x - mail Exploit IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow Libc locale - Exploit (1) Libc locale - Exploit (2) Libc locale - Privilege Escalation (1) Libc locale - Privilege Escalation (2) GNOME esound 0.2.19 - Unix Domain Socket Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition IBM AIX 4.x - setsenv Buffer Overflow IBM AIX 4.3 digest - Buffer Overflow IBM AIX 4.x - enq Buffer Overflow IBM AIX 4.3.x - piobe Buffer Overflow IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow IBM AIX 4.x - 'enq' Buffer Overflow IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow AIX 4.2/4.3 - piomkapqd Buffer Overflow AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow (Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation (Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow QNX RTOS 6.1 - PKG-Installer Buffer Overflow QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass) AFD 1.2.x - Working Directory Local Buffer Overflow AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access HP-UX 10.x - rs.F3000 Unauthorized Access Leksbot 1.2 - Multiple Unspecified Vulnerabilities Leksbot 1.2 - Multiple Vulnerabilities IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation ViRobot Linux Server 2.0 - Overflow (Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3) Nvidia Display Driver Service (Nsvr) - Exploit Nvidia Display Driver Service (Nsvr) - Buffer Overflow IBM AIX 5.3 - GetShell and GetCommand File Enumeration IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure Apple 2.0.4 - Safari Unspecified Local Apple 2.0.4 - Safari Local Exploit Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities IBM AIX 6.1.8 libodm - Arbitrary File Write IBM AIX 6.1.8 - 'libodm' Arbitrary File Write Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass) Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation QEMU (Gentoo) - Local Priv Escalation QEMU (Gentoo) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock) Microsoft WordPerfect Document Converter - Exploit (MS03-036) Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036) CA BrightStor ARCserve Backup - Exploiter Tool CA BrightStor ARCserve Backup - Overflow NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write CDBurnerXP 4.2.4.1351 - Exploit PeerCast 0.1216 - Exploit (Metasploit) PeerCast 0.1216 - Stack Overflow (Metasploit) BigAnt Server 2.52 - Exploit (SEH) BigAnt Server 2.52 - Overflow (SEH) NetTransport Download Manager 2.90.510 - Exploit NetTransport Download Manager 2.90.510 - Overflow (SEH) File Sharing Wizard 1.5.0 - Exploit (SEH) File Sharing Wizard 1.5.0 - Overflow (SEH) Real Player 12.0.0.879 - Exploit Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass) Real Player 12.0.0.879 - Code Execution Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass) IBM AIX 5l FTPd - Remote DES Hash Exploit IBM AIX 5l - 'FTPd' Remote DES Hash Exploit Microsoft Data Access Components - Exploit (MS11-002) Microsoft Data Access Components - Overflow (PoC) (MS11-002) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit) Apple Personal Web Sharing 1.1 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation HP HP-UX 10.34 rlpdaemon - Exploit HP HP-UX 10.34 rlpdaemon - Remote Overflow Ray Chan WWW Authorization Gateway 0.1 - Exploit Ray Chan WWW Authorization Gateway 0.1 - Command Execution Solaris 7.0 Coredump - Exploit Solaris 7.0 - 'Coredump' File Write IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit SGI IRIX 6.2 cgi-bin wrap - Exploit IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read SGI IRIX 6.2 - cgi-bin wrap Exploit SGI IRIX 6.5.2 nsd - Exploit SGI IRIX 6.5.2 - 'nsd'' Exploit IBM AIX 3.2.5 - login(1) Exploit IBM AIX 3.2.5 - 'login(1)' Exploit Compaq Java Applet for Presario SpawnApp - Exploit Compaq Java Applet for Presario SpawnApp - Code Execution Network Security Wizards Dragon-Fire IDS 1.0 - Exploit Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure IBM AIX 4.3.2 ftpd - Remote Buffer Overflow IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow glFTPd 1.17.2 - Exploit glFTPd 1.17.2 - Code Execution Netopia R-series routers 4.6.2 - Exploit Netopia R-series Routers 4.6.2 - Modifying SNMP Tables Sun Java Web Server 1.1.3/2.0 Servlets - Exploit Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure IPFilter 3.x - Fragment Rule Bypass CGIWrap 2.x/3.x - Cross-Site Scripting AIX 4.1/4.2 - pdnsd Buffer Overflow AIX 4.1/4.2 - 'pdnsd' Buffer Overflow RedHat Linux 7.0 Apache - Remote 'Username' Enumeration RedHat Linux 7.0 Apache - Remote Username Enumeration Hylafax 4.1.x - HFaxD Unspecified Format String Hylafax 4.1.x - HFaxD Format String EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Oracle 9i - Multiple Unspecified Vulnerabilities Oracle 9i - Multiple Vulnerabilities File ELF 4.x - Header Unspecified Buffer Overflow File ELF 4.x - Header Buffer Overflow Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack Microsoft Internet Explorer 6 - Unspecified Code Execution (1) Microsoft Internet Explorer 6 - Unspecified Code Execution (2) Microsoft Internet Explorer 6 - Code Execution (1) Microsoft Internet Explorer 6 - Code Execution (2) GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal TFTP Server TFTPDWin 0.4.2 - Directory Traversal Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit Multiple CA Service Management Products - Unspecified Remote Command Execution Multiple CA Service Management Products - Remote Command Execution NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow Bash - Environment Variables Code Injection (Shellshock) Bash - Environment Variables Command Injection (Shellshock) OpenVPN 2.2.29 - Remote Exploit (Shellshock) OpenVPN 2.2.29 - Remote Command Injection (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock) Apache mod_cgi - Remote Exploit (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock) Apache mod_cgi - Remote Command Injection (Shellshock) Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow Poison Ivy 2.3.2 - Remote Buffer Overflow Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution Samba 3.5.11/3.6.3 - Remote Code Execution Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit) Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit) Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock) Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock) IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit) IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock) TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock) Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion Poll It CGI 2.0 - Exploit Poll It CGI 2.0 - Multiple Vulnerabilities DreamPoll 3.1 - Exploit DreamPoll 3.1 - SQL Injection WordPress Plugin WP-Cumulus 1.20 - Exploit WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting Public Media Manager - Exploit Public Media Manager - Remote File Inclusion Joomla! Component com_adagency - Exploit Joomla! Component com_adagency - Local File Inclusion File Upload Manager 1.3 - Exploit File Upload Manager 1.3 - Web Shell File Upload Joomla! Component com_caddy - Exploit Renista CMS - Exploit Renista CMS - SQL Injection BtiTracker 1.3.x < 1.4.x - Exploit BtiTracker 1.3.x < 1.4.x - SQL Injection WordPress Plugin Cimy Counter - Exploit WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting Belkin F5D7234-4 v5 G Wireless Router - Exploit Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed WhatsApp Status Changer 0.2 - Exploit WhatsApp - Remote Change Status MySimpleNews 1.0 - Remotely Readable Administrator Password MySimpleNews 1.0 - Remote Readable Administrator Password SquirrelMail 1.2.11 - Exploit SquirrelMail 1.2.11 - Multiple Vulnerabilities D-Link DCS-936L Network Camera - Cross-Site Request Forgery Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting Yappa-ng 1.x/2.x - Remote File Inclusion Yappa-ng 1.x/2.x - Cross-Site Scripting Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities Aenovo - Multiple Cross-Site Scripting Vulnerabilities Codegrrl - 'Protection.php' Unspecified Code Execution Codegrrl - 'Protection.php' Code Execution Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'index.php' Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting A-Blog 1.0 - Unspecified Cross-Site Scripting A-Blog 1.0 - Cross-Site Scripting Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Akismet 2.1.3 - Unspecified WordPress Plugin Akismet 2.1.3 - Exploit SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections Zoph 0.7.2.1 - Unspecified SQL Injection Zoph 0.7.2.1 - SQL Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Joomla! Component FreiChat 1.0/2.x - HTML Injection Bash CGI - Remote Code Execution (Shellshock) (Metasploit) Bash CGI - Remote Command Injection (Shellshock) (Metasploit) PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock) PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock) Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit Netsweeper 4.0.8 - Authentication Bypass Issue Netsweeper 4.0.8 - Authentication Bypass SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting SimpleInvoices invoices Module - Customer Field Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Cross-Site Scripting iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal iScripts AutoHoster - 'main_smtp.php' Traversal Exploit Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock) Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock) Squid Analysis Report Generator 2.3.10 - Remote Code Execution	2017-11-16 10:02:26 +00:00
Offensive Security	52c4bb1e58	DB: 2016-08-14 5 new exploits AWStats (5.0-6.3) Input Validation Hole in 'logfile' AWStats 5.0-6.3 - Input Validation Hole in 'logfile' Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross-Site Scripting Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow WorldMail imapd 3.0 SEH Overflow (egg hunter) WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter) e107 website system 0.7.5 contact.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 download.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 admin.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 fpw.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 news.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - contact.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - download.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - admin.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - fpw.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - news.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 signup.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 submitnews.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - signup.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - submitnews.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 user.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter XSS Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (1) PHP-Nuke Sarkilar Module 'id' Parameter SQL Injection PHP-Nuke Sarkilar Module - 'id' Parameter SQL Injection PHP-Nuke Nuke League Module 'tid' Parameter Cross-Site Scripting PHP-Nuke Nuke League Module - 'tid' Parameter Cross-Site Scripting Kimson CMS 'id' Parameter Cross-Site Scripting Kimson CMS - 'id' Parameter Cross-Site Scripting Ocean12 FAQ Manager Pro 'Keyword' Parameter Cross-Site Scripting Multiple Ocean12 Products 'Admin_ID' Parameter SQL Injection Ocean12 FAQ Manager Pro - 'Keyword' Parameter Cross-Site Scripting Multiple Ocean12 Products - 'Admin_ID' Parameter SQL Injection LinksPro 'OrderDirection' Parameter SQL Injection LinksPro - 'OrderDirection' Parameter SQL Injection PHP-Nuke Downloads Module 'url' Parameter SQL Injection PHP-Nuke Downloads Module - 'url' Parameter SQL Injection PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass PuterJam\'s Blog PJBlog3 3.0.6 \'action.asp\' SQL Injection PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection PHP-Nuke 8.0 Downloads Module 'query' Parameter Cross-Site Scripting PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting Oracle 10g Secure Enterprise Search 'search_p_groups' Parameter Cross-Site Scripting Oracle 10g Secure Enterprise Search - 'search_p_groups' Parameter Cross-Site Scripting Scriptsez Easy Image Downloader 'id' Parameter Cross-Site Scripting Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting XOOPS 2.3.3 \\\'op\\\' Parameter Multiple Cross-Site Scripting Vulnerabilities XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities Joomla! CB Resume Builder 'group_id' Parameter SQL Injection X-Cart Email Subscription 'email' Parameter Cross-Site Scripting Joomla! CB Resume Builder - 'group_id' Parameter SQL Injection X-Cart Email Subscription - 'email' Parameter Cross-Site Scripting RunCMS 'forum' Parameter SQL Injection RunCMS - 'forum' Parameter SQL Injection Multiple JiRo's Products 'files/login.asp' Multiple SQL Injection Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection Elxis 'filename' Parameter Directory Traversal Elxis - 'filename' Parameter Directory Traversal Ez Cart 'sid' Parameter Cross-Site Scripting Ez Cart - 'sid' Parameter Cross-Site Scripting Joomla! iF Portfolio Nexus 'controller' Parameter Remote File Inclusion Joomla! iF Portfolio Nexus - 'controller' Parameter Remote File Inclusion Joomla! Jobads 'type' Parameter SQL Injection Joomla! Jobads - 'type' Parameter SQL Injection Jamit Job Board 'post_id' Parameter Cross-Site Scripting Jamit Job Board - 'post_id' Parameter Cross-Site Scripting Tribisur 'cat' Parameter Cross-Site Scripting Tribisur - 'cat' Parameter Cross-Site Scripting Extreme Mobster 'login' Parameter Cross-Site Scripting Extreme Mobster - 'login' Parameter Cross-Site Scripting Subex Nikira Fraud Management System GUI 'message' Parameter Cross-Site Scripting Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-Site Scripting Softbiz Jobs 'sbad_type' Parameter Cross-Site Scripting Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting HD FLV Player Component for Joomla! 'id' Parameter SQL Injection HD FLV Player Component for Joomla! - 'id' Parameter SQL Injection Spectrum Software WebManager CMS 'pojam' Parameter Cross-Site Scripting Saskia's Shopsystem 'id' Parameter Local File Inclusion Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting Saskia's Shopsystem - 'id' Parameter Local File Inclusion Pars CMS 'RP' Parameter Multiple SQL Injection Pars CMS - 'RP' Parameter Multiple SQL Injection Kasseler CMS News Module 'id' Parameter SQL Injection Kasseler CMS News Module - 'id' Parameter SQL Injection Ziggurat Farsi CMS 'id' Parameter Unspecified Cross-Site Scripting Ziggurat Farsi CMS - 'id' Parameter Unspecified Cross-Site Scripting Vana CMS 'filename' Parameter Remote File Download Vana CMS - 'filename' Parameter Remote File Download Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal Ziggurrat Farsi CMS - 'bck' Parameter Directory Traversal Viennabux Beta! 'cat' Parameter SQL Injection Viennabux Beta! - 'cat' Parameter SQL Injection HP System Management Homepage 'RedirectUrl' Parameter URI Redirection HP System Management Homepage - 'RedirectUrl' Parameter URI Redirection Sterlite SAM300 AX Router 'Stat_Radio' Parameter Cross-Site Scripting Sterlite SAM300 AX Router - 'Stat_Radio' Parameter Cross-Site Scripting Last Wizardz 'id' Parameter SQL Injection Last Wizardz - 'id' Parameter SQL Injection Plesk Server Administrator (PSA) 'locale' Parameter Local File Inclusion Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion VideoWhisper PHP 2 Way Video Chat 'r' Parameter Cross-Site Scripting VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting KubeSupport 'lang' Parameter SQL Injection KubeSupport - 'lang' Parameter SQL Injection ReCMS 'users_lang' Parameter Directory Traversal ReCMS - 'users_lang' Parameter Directory Traversal jCore 'search' Parameter Cross-Site Scripting jCore - 'search' Parameter Cross-Site Scripting PHP168 Template Editor 'filename' Parameter Directory Traversal PHP168 Template Editor - 'filename' Parameter Directory Traversal uzbl \'uzbl-core\' \'@SELECTED_URI\' Mouse Button Bindings Command Injection uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection SyntaxCMS 'rows_per_page' Parameter SQL Injection Edit-X PHP CMS 'search_text' Parameter Cross-Site Scripting SyntaxCMS - 'rows_per_page' Parameter SQL Injection Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting Nasim Guest Book 'page' Parameter Cross-Site Scripting Nasim Guest Book - 'page' Parameter Cross-Site Scripting FreeSchool 'key_words' Parameter Cross-Site Scripting FreeSchool - 'key_words' Parameter Cross-Site Scripting tourismscripts HotelBook 'hotel_id' Parameter Multiple SQL Injection tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection Spiceworks 'query' Parameter Cross-Site Scripting Spiceworks - 'query' Parameter Cross-Site Scripting NWS-Classifieds 'cmd' Parameter Local File Inclusion NWS-Classifieds - 'cmd' Parameter Local File Inclusion WebAsyst Shop-Script PREMIUM 'searchstring' Parameter Cross-Site Scripting WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting Web TV 'chn' Parameter Cross-Site Scripting Web TV - 'chn' Parameter Cross-Site Scripting Honest Traffic 'msg' Parameter Cross-Site Scripting Honest Traffic - 'msg' Parameter Cross-Site Scripting PHP Photo Vote 1.3F 'page' Parameter Cross-Site Scripting PHP Photo Vote 1.3F - 'page' Parameter Cross-Site Scripting Wap-motor 'image' Parameter Directory Traversal Wap-motor - 'image' Parameter Directory Traversal QuarkMail 'tf' Parameter Directory Traversal QuarkMail - 'tf' Parameter Directory Traversal Microsoft Windows VISTA 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution Microsoft Windows VISTA - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution LES PACKS 'ID' Parameter SQL Injection LES PACKS - 'ID' Parameter SQL Injection PHPShop 2.1 EE 'name_new' Parameter Cross-Site Scripting PHPShop 2.1 EE - 'name_new' Parameter Cross-Site Scripting IBM OmniFind 'command' Parameter Cross-Site Scripting IBM OmniFind - 'command' Parameter Cross-Site Scripting Joomla Store Directory 'id' Parameter SQL Injection Joomla Store Directory - 'id' Parameter SQL Injection PHP State 'id' Parameter SQL Injection Joomla Jeformcr 'id' Parameter SQL Injection JExtensions Property Finder Component for Joomla! 'sf_id' Parameter SQL Injection PHP State - 'id' Parameter SQL Injection Joomla Jeformcr - 'id' Parameter SQL Injection JExtensions Property Finder Component for Joomla! - 'sf_id' Parameter SQL Injection Social Share 'postid' Parameter SQL Injection Social Share - 'postid' Parameter SQL Injection Openfiler 'device' Parameter Cross-Site Scripting Openfiler - 'device' Parameter Cross-Site Scripting Social Share 'username' Parameter SQL Injection Social Share - 'username' Parameter SQL Injection Social Share 'search' Parameter Cross-Site Scripting HotWeb Scripts HotWeb Rentals 'PageId' Parameter SQL Injection Social Share - 'search' Parameter Cross-Site Scripting HotWeb Scripts HotWeb Rentals - 'PageId' Parameter SQL Injection SnapProof 'retPageID' Parameter Cross-Site Scripting SnapProof - 'retPageID' Parameter Cross-Site Scripting VidiScript 'vp' Parameter Cross-Site Scripting VidiScript - 'vp' Parameter Cross-Site Scripting PHP-Fusion 'article_id' Parameter SQL Injection PHP-Fusion - 'article_id' Parameter SQL Injection Qianbo Enterprise Web Site Management System 'Keyword' Parameter Cross-Site Scripting RunCMS 'partners' Module 'id' Parameter SQL Injection Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-Site Scripting RunCMS 'partners' Module - 'id' Parameter SQL Injection Technicolor THOMSON TG585v7 Wireless Router 'url' Parameter Cross-Site Scripting Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-Site Scripting SyCtel Design 'menu' Parameter Multiple Local File Inclusion SyCtel Design - 'menu' Parameter Multiple Local File Inclusion phpGraphy 0.9.13 b 'theme_dir' Parameter Cross-Site Scripting phpGraphy 0.9.13 b - 'theme_dir' Parameter Cross-Site Scripting Web Auction 0.3.6 'lang' Parameter Cross-Site Scripting Web Auction 0.3.6 - 'lang' Parameter Cross-Site Scripting Multiple GoT.MY Products 'theme_dir' Parameter Cross-Site Scripting Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting Flash Tag Cloud And MT-Cumulus Plugin 'tagcloud' Parameter Cross-Site Scripting Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting Joomla! 'com_cbcontact' Component 'contact_id' Parameter SQL Injection Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection Joomla! 'com_maplocator' Component 'cid' Parameter SQL Injection Joomla! 'com_maplocator' Component - 'cid' Parameter SQL Injection Tolinet Agencia 'id' Parameter SQL Injection Tolinet Agencia - 'id' Parameter SQL Injection WebFileExplorer 3.6 'user' and 'pass' SQL Injection WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection Sitemagic CMS 'SMTpl' Parameter Directory Traversal Sitemagic CMS - 'SMTpl' Parameter Directory Traversal Nodesforum '_nodesforum_node' Parameter SQL Injection Joomla! 'com_morfeoshow' Component 'idm' Parameter SQL Injection Nodesforum - '_nodesforum_node' Parameter SQL Injection Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection Joomla! 'com_jr_tfb' Component 'controller' Parameter Local File Inclusion Joomla! 'com_jr_tfb' Component - 'controller' Parameter Local File Inclusion eTAWASOL 'id' Parameter SQL Injection eTAWASOL - 'id' Parameter SQL Injection Prontus CMS 'page' Parameter Cross-Site Scripting ICMusic '1.2 music_id' Parameter SQL Injection Prontus CMS - 'page' Parameter Cross-Site Scripting ICMusic 1.2 - 'music_id' Parameter SQL Injection Flowplayer 3.2.7 linkUrl' Parameter Cross-Site Scripting Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting Easy Estate Rental 's_location' Parameter SQL Injection Joomla Foto Component 'id_categoria' Parameter SQL Injection Easy Estate Rental - 's_location' Parameter SQL Injection Joomla Foto Component - 'id_categoria' Parameter SQL Injection Joomla Juicy Gallery Component 'picId' Parameter SQL Injection Joomla Juicy Gallery Component - 'picId' Parameter SQL Injection Joomla Controller Component 'Itemid' Parameter SQL Injection Joomla Controller Component - 'Itemid' Parameter SQL Injection Synergy Software 'id' Parameter SQL Injection Godly Forums 'id' Parameter SQL Injection Synergy Software - 'id' Parameter SQL Injection Godly Forums - 'id' Parameter SQL Injection MyBB MyTabs Plugin 'tab' Parameter SQL Injection MyBB MyTabs Plugin - 'tab' Parameter SQL Injection mt LinkDatenbank 'b' Parameter Cross-Site Scripting mt LinkDatenbank - 'b' Parameter Cross-Site Scripting Joomla! Slideshow Gallery Component 'id' Parameter SQL Injection Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection Joomla! 'com_community' Component 'userid' Parameter SQL Injection Joomla! 'com_community' Component - 'userid' Parameter SQL Injection phpWebSite 'page_id' Parameter Cross-Site Scripting phpWebSite - 'page_id' Parameter Cross-Site Scripting Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection VicBlog 'tag' Parameter SQL Injection Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection VicBlog - 'tag' Parameter SQL Injection Kisanji 'gr' Parameter Cross-Site Scripting Kisanji - 'gr' Parameter Cross-Site Scripting Joomla! 'com_biitatemplateshop' Component 'groups' Parameter SQL Injection Joomla! 'com_biitatemplateshop' Component - 'groups' Parameter SQL Injection Vanira CMS 'vtpidshow' Parameter SQL Injection Vanira CMS - 'vtpidshow' Parameter SQL Injection Joomla! 'com_expedition' Component 'id' Parameter SQL Injection Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection Joomla! 'com_tree' Component 'key' Parameter SQL Injection Joomla! 'com_br' Component 'state_id' Parameter SQL Injection Joomla! 'com_shop' Component 'id' Parameter SQL Injection Joomla! 'com_tree' Component - 'key' Parameter SQL Injection Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection Joomla! 'com_shop' Component - 'id' Parameter SQL Injection Splunk 4.1.6 'segment' Parameter Cross-Site Scripting Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting Multiple Cisco Products 'file' Parameter Directory Traversal Multiple Cisco Products - 'file' Parameter Directory Traversal IBSng B1.34(T96) 'str' Parameter Cross-Site Scripting IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting SmartJobBoard 'keywords' Parameter Cross-Site Scripting SmartJobBoard - 'keywords' Parameter Cross-Site Scripting Joomla Content Component 'year' Parameter SQL Injection Joomla Content Component - 'year' Parameter SQL Injection Webistry 1.6 'pid' Parameter SQL Injection Webistry 1.6 - 'pid' Parameter SQL Injection WordPress Skysa App Bar Plugin 'idnews' Parameter Cross-Site Scripting WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting Video Community Portal 'userID' Parameter SQL Injection Video Community Portal - 'userID' Parameter SQL Injection PHP Booking Calendar 10e 'page_info_message' Parameter Cross-Site Scripting Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection Joomla! 'com_caproductprices' Component 'id' Parameter SQL Injection Joomla! 'com_caproductprices' Component - 'id' Parameter SQL Injection GraphicsClone Script 'term' parameter Cross-Site Scripting GraphicsClone Script - 'term' parameter Cross-Site Scripting PostNuke pnAddressbook Module 'id' Parameter SQL Injection PostNuke pnAddressbook Module - 'id' Parameter SQL Injection Joomla! 'com_br' Component 'controller' Parameter Local File Inclusion Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion Joomla! Full 'com_full' Component 'id' Parameter SQL Injection Joomla! Full 'com_full' Component - 'id' Parameter SQL Injection Joomla! 'com_xball' Component 'team_id' Parameter SQL Injection Joomla! 'com_boss' Component 'controller' Parameter Local File Inclusion Joomla! 'com_xball' Component - 'team_id' Parameter SQL Injection Joomla! 'com_boss' Component - 'controller' Parameter Local File Inclusion Joomla! 'com_some' Component 'controller' Parameter Local File Inclusion Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Inclusion Joomla! 'com_kp' Component 'controller' Parameter Local File Inclusion Joomla! 'com_some' Component - 'controller' Parameter Local File Inclusion Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion Ultimate Locator 'radius' Parameter SQL Injection Joomla! 'com_jesubmit' Component 'index.php' Arbitrary File Upload Ultimate Locator - 'radius' Parameter SQL Injection Joomla! 'com_jesubmit' Component - 'index.php' Arbitrary File Upload Joomla! 'com_motor' Component 'cid' Parameter SQL Injection Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection Joomla! 'com_firmy' Component 'Id' Parameter SQL Injection Joomla! 'com_firmy' Component - 'Id' Parameter SQL Injection Joomla! 'com_crhotels' Component 'catid' Parameter SQL Injection Joomla! 'com_propertylab' Component 'id' Parameter SQL Injection Joomla! 'com_crhotels' Component - 'catid' Parameter SQL Injection Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection Joomla! 'com_cmotour' Component 'id' Parameter SQL Injection Joomla! 'com_cmotour' Component - 'id' Parameter SQL Injection Joomla! 'com_bnf' Component 'seccion_id' Parameter SQL Injection Joomla! 'com_bnf' Component - 'seccion_id' Parameter SQL Injection Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting Joomla! Currency Converter Component - 'from' Parameter Cross-Site Scripting RabbitWiki 'title' Parameter Cross-Site Scripting RabbitWiki - 'title' Parameter Cross-Site Scripting Zimbra 'view' Parameter Cross-Site Scripting Zimbra - 'view' Parameter Cross-Site Scripting SMW+ 1.5.6 'target' Parameter HTML Injection SMW+ 1.5.6 - 'target' Parameter HTML Injection ProWiki 'id' Parameter Cross-Site Scripting ProWiki - 'id' Parameter Cross-Site Scripting Tiki Wiki CMS Groupware 'url' Parameter URI Redirection Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection Impulsio CMS 'id' Parameter SQL Injection Impulsio CMS - 'id' Parameter SQL Injection Joomla! X-Shop Component 'idd' Parameter SQL Injection Joomla! X-Shop Component - 'idd' Parameter SQL Injection Joomla! 'com_xvs' Component 'controller' Parameter Local File Inclusion Joomla! 'com_xvs' Component - 'controller' Parameter Local File Inclusion starCMS 'q' Parameter URI Cross-Site Scripting starCMS - 'q' Parameter URI Cross-Site Scripting JPM Article Script 6 'page2' Parameter SQL Injection JPM Article Script 6 - 'page2' Parameter SQL Injection LeKommerce 'id' Parameter SQL Injection LeKommerce - 'id' Parameter SQL Injection Event Calendar PHP 'cal_year' Parameter Cross-Site Scripting Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting XM Forum 'id' Parameter Multiple SQL Injection Uiga FanClub 'p' Parameter SQL Injection XM Forum - 'id' Parameter Multiple SQL Injection Uiga FanClub - 'p' Parameter SQL Injection WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross-Site Scripting WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting Ramui Forum Script 'query' Parameter Cross-Site Scripting Ramui Forum Script - 'query' Parameter Cross-Site Scripting GD Star Rating 1.9.16 'tpl_section' Parameter Cross-Site Scripting GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting LongTail JW Player 'debug' Parameter Cross-Site Scripting LongTail JW Player - 'debug' Parameter Cross-Site Scripting Small-Cms 'hostname' Parameter Remote PHP Code Injection Small-Cms - 'hostname' Parameter Remote PHP Code Injection Joomla! Alphacontent Component 'limitstart' Parameter SQL Injection Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection Flogr 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities Flogr - 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities e107 Image Gallery Plugin 'name' Parameter Remote File Disclosure e107 Image Gallery Plugin - 'name' Parameter Remote File Disclosure Joomla! 'com_szallasok' Component 'id' Parameter SQL Injection Joomla! 'com_szallasok' Component - 'id' Parameter SQL Injection SWFUpload 'movieName' Parameter Cross-Site Scripting SWFUpload - 'movieName' Parameter Cross-Site Scripting WordPress SocialFit Plugin 'msg' Parameter Cross-Site Scripting WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting WordPress church_admin Plugin 'id' parameter Cross-Site Scripting WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting WordPress church_admin Plugin - 'id' parameter Cross-Site Scripting sflog! 'section' Parameter Local File Inclusion sflog! - 'section' Parameter Local File Inclusion WebsitePanel 'ReturnUrl' Parameter URI Redirection WebsitePanel - 'ReturnUrl' Parameter URI Redirection WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Inclusion web@all 'name' Parameter Cross-Site Scripting WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion web@all - 'name' Parameter Cross-Site Scripting Joomla! 'com_hello' Component 'controller' Parameter Local File Inclusion Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion REDAXO 'subpage' Parameter Cross-Site Scripting Joomla Odudeprofile component 'profession' Parameter SQL Injection REDAXO - 'subpage' Parameter Cross-Site Scripting Joomla Odudeprofile component - 'profession' Parameter SQL Injection BarCodeWiz 'BarcodeWiz.dll' ActiveX Control 'Barcode' Method Remote Buffer Overflow BarCodeWiz 'BarcodeWiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow JW Player 'playerready' Parameter Cross-Site Scripting eNdonesia 'cid' Parameter SQL Injection JW Player - 'playerready' Parameter Cross-Site Scripting eNdonesia - 'cid' Parameter SQL Injection ntop 'arbfile' Parameter Cross-Site Scripting ntop - 'arbfile' Parameter Cross-Site Scripting Elefant CMS 'id' Parameter Cross-Site Scripting Elefant CMS - 'id' Parameter Cross-Site Scripting YT-Videos Script 'id' Parameter SQL Injection YT-Videos Script - 'id' Parameter SQL Injection GetSimple 'path' Parameter Local File Inclusion GetSimple - 'path' Parameter Local File Inclusion LISTSERV 16 'SHOWTPL' Parameter Cross-Site Scripting LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting JPM Article Blog Script 6 'tid' Parameter Cross-Site Scripting JPM Article Blog Script 6 - 'tid' Parameter Cross-Site Scripting KindEditor 'name' Parameter Cross-Site Scripting KindEditor - 'name' Parameter Cross-Site Scripting PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Inclusion PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion JW Player 'logo.link' Parameter Cross-Site Scripting JW Player - 'logo.link' Parameter Cross-Site Scripting PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion Joomla! Komento Component 'cid' Parameter SQL Injection PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion Joomla! Komento Component - 'cid' Parameter SQL Injection WordPress Cloudsafe365 Plugin 'file' Parameter Remote File Disclosure WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure Wiki Web Help 'configpath' Parameter Remote File Inclusion Wiki Web Help - 'configpath' Parameter Remote File Inclusion LiteSpeed Web Server 'gtitle' parameter Cross-Site Scripting LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting WordPress Download Monitor Plugin 'dlsearch' Parameter Cross-Site Scripting WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting FBDj 'id' Parameter SQL Injection FBDj - 'id' Parameter SQL Injection vBSEO 'u' parameter Cross-Site Scripting vBSEO - 'u' parameter Cross-Site Scripting WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Inclusion WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion TAGWORX.CMS 'cid' Parameter SQL Injection TAGWORX.CMS - 'cid' Parameter SQL Injection WordPress Video Lead Form Plugin 'errMsg' Parameter Cross-Site Scripting WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting WordPress ABC Test Plugin 'id' Parameter Cross-Site Scripting WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting Open Realty 'select_users_lang' Parameter Local File Inclusion Open Realty - 'select_users_lang' Parameter Local File Inclusion FirePass 7.0 SSL VPN 'refreshURL' Parameter URI Redirection FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection SMF 'view' Parameter Cross-Site Scripting SMF - 'view' Parameter Cross-Site Scripting Gramophone 'rs' Parameter Cross-Site Scripting Gramophone - 'rs' Parameter Cross-Site Scripting Joomla! com_parcoauto Component 'idVeicolo' Parameter SQL Injection Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection OrangeHRM 'sortField' Parameter SQL Injection WordPress FLV Player Plugin 'id' Parameter SQL Injection OrangeHRM - 'sortField' Parameter SQL Injection WordPress FLV Player Plugin - 'id' Parameter SQL Injection WordPress Kakao Theme 'ID' Parameter SQL Injection WordPress PHP Event Calendar Plugin 'cid' Parameter SQL Injection WordPress Eco-annu Plugin 'eid' Parameter SQL Injection WordPress Kakao Theme - 'ID' Parameter SQL Injection WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection WordPress Dailyedition-mouss Theme 'id' Parameter SQL Injection WordPress Tagged Albums Plugin 'id' Parameter SQL Injection WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection Omni-Secure 'dir' Parameter Multiple File Disclosure Vulnerabilities Friends in War The FAQ Manager 'question' Parameter SQL Injection Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities Friends in War The FAQ Manager - 'question' Parameter SQL Injection openSIS 'modname' Parameter Local File Inclusion openSIS - 'modname' Parameter Local File Inclusion WordPress Madebymilk Theme 'id' Parameter SQL Injection WordPress Madebymilk Theme - 'id' Parameter SQL Injection WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload WordPress Webplayer Plugin 'id' Parameter SQL Injection WordPress Plg Novana Plugin 'id' Parameter SQL Injection WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload WordPress Webplayer Plugin - 'id' Parameter SQL Injection WordPress Plg Novana Plugin - 'id' Parameter SQL Injection WordPress Magazine Basic Theme 'id' Parameter SQL Injection WordPress Magazine Basic Theme - 'id' Parameter SQL Injection WordPress Ads Box Plugin 'count' Parameter SQL Injection WordPress Ads Box Plugin - 'count' Parameter SQL Injection Forescout CounterACT 'a' Parameter Open Redirection WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection Forescout CounterACT - 'a' Parameter Open Redirection WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection WordPress Toolbox Theme 'mls' Parameter SQL Injection Elastix 'page' Parameter Cross-Site Scripting TinyMCPUK 'test' Parameter Cross-Site Scripting WordPress Toolbox Theme - 'mls' Parameter SQL Injection Elastix - 'page' Parameter Cross-Site Scripting TinyMCPUK - 'test' Parameter Cross-Site Scripting WordPress Zingiri Forums Plugin 'language' Parameter Local File Inclusion WordPress Nest Theme 'codigo' Parameter SQL Injection Sourcefabric Newscoop 'f_email' Parameter SQL Injection WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion WordPress Nest Theme - 'codigo' Parameter SQL Injection Sourcefabric Newscoop - 'f_email' Parameter SQL Injection FOOT Gestion 'id' Parameter SQL Injection FOOT Gestion - 'id' Parameter SQL Injection PHP Address Book 'group' Parameter Cross-Site Scripting PHP Address Book - 'group' Parameter Cross-Site Scripting Joomla! ZT Autolinks Component 'controller' Parameter Local File Inclusion Joomla! Bit Component 'controller' Parameter Local File Inclusion Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion Joomla! Bit Component - 'controller' Parameter Local File Inclusion MyBB Transactions Plugin 'transaction' Parameter SQL Injection MyBB Transactions Plugin - 'transaction' Parameter SQL Injection WHM 'filtername' Parameter Cross-Site Scripting WHM - 'filtername' Parameter Cross-Site Scripting Havalite CMS 'comment' Parameter HTML Injection Havalite CMS - 'comment' Parameter HTML Injection WordPress NextGEN Gallery Plugin 'test-head' Parameter Cross-Site Scripting WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting WordPress Gallery Plugin 'filename_1' Parameter Remote Arbitrary File Access WordPress Gallery Plugin - 'filename_1' Parameter Remote Arbitrary File Access phpLiteAdmin 'table' Parameter SQL Injection IP.Gallery 'img' Parameter SQL Injection phpLiteAdmin - 'table' Parameter SQL Injection IP.Gallery - 'img' Parameter SQL Injection gpEasy CMS 'section' Parameter Cross-Site Scripting gpEasy CMS - 'section' Parameter Cross-Site Scripting iCart Pro 'section' Parameter SQL Injection iCart Pro - 'section' Parameter SQL Injection WordPress WP-Table Reloaded Plugin 'id' Parameter Cross-Site Scripting WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross-Site Scripting WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting WordPress Audio Player Plugin 'playerID' Parameter Cross-Site Scripting WordPress Pinboard Theme 'tab' Parameter Cross-Site Scripting WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting Squirrelcart 'table' Parameter Cross-Site Scripting Squirrelcart - 'table' Parameter Cross-Site Scripting OpenEMR 'site' Parameter Cross-Site Scripting OpenEMR - 'site' Parameter Cross-Site Scripting WordPress Uploader Plugin 'blog' Parameter Cross-Site Scripting WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting WordPress Count Per Day Plugin 'daytoshow' Parameter Cross-Site Scripting WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting WordPress podPress Plugin 'playerID' Parameter Cross-Site Scripting WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting Jaow CMS 'add_ons' Parameter Cross-Site Scripting Jaow CMS - 'add_ons' Parameter Cross-Site Scripting WordPress Feedweb Plugin 'wp_post_id' Parameter Cross-Site Scripting WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting Symphony 'sort' Parameter SQL Injection Symphony - 'sort' Parameter SQL Injection WordPress Traffic Analyzer Plugin 'aoid' Parameter Cross-Site Scripting WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting WordPress Spiffy XSPF Player Plugin 'playlist_id' Parameter SQL Injection WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection WordPress Spider Video Player Plugin 'theme' Parameter SQL Injection Request Tracker 'ShowPending' Parameter SQL Injection WordPress Spider Video Player Plugin - 'theme' Parameter SQL Injection Request Tracker - 'ShowPending' Parameter SQL Injection Fork CMS 'file' Parameter Local File Inclusion Fork CMS - 'file' Parameter Local File Inclusion WordPress wp-FileManager Plugin 'path' Parameter Arbitrary File Download Open Flash Chart 'get-data' Parameter Cross-Site Scripting WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download Open Flash Chart - 'get-data' Parameter Cross-Site Scripting Jojo CMS 'search' Parameter Cross-Site Scripting Jojo CMS - 'search' Parameter Cross-Site Scripting WordPress Ambience Theme 'src' Parameter Cross-Site Scripting WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting TaxiMonger for Android 'name' Parameter HTML Injection TaxiMonger for Android - 'name' Parameter HTML Injection ZamFoo 'date' Parameter Remote Command Injection ZamFoo - 'date' Parameter Remote Command Injection Xorbin Analog Flash Clock 'widgetUrl' Parameter Cross-Site Scripting Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting WordPress WP Feed Plugin 'nid' Parameter SQL Injection WordPress Category Grid View Gallery Plugin 'ID' Parameter Cross-Site Scripting WordPress WP Feed Plugin - 'nid' Parameter SQL Injection WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting WordPress FlagEm Plugin 'cID' Parameter Cross-Site Scripting WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting Xibo 'layout' Parameter HTML Injection Xibo - 'layout' Parameter HTML Injection Flo CMS 'archivem' Parameter SQL Injection Flo CMS - 'archivem' Parameter SQL Injection eTransfer Lite 'file name' Parameter HTML Injection WordPress mukioplayer4wp Plugin 'cid' Parameter SQL Injection eTransfer Lite - 'file name' Parameter HTML Injection WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection Monstra CMS 'login' Parameter SQL Injection Monstra CMS - 'login' Parameter SQL Injection Joomla! JVideoClip Component 'uid' Parameter SQL Injection Joomla! JVideoClip Component - 'uid' Parameter SQL Injection WordPress WP-Realty Plugin 'listing_id' Parameter SQL Injection WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload Joomla! Maian15 Component - 'name' Parameter Arbitrary Shell Upload Nagios XI 'tfPassword' Parameter SQL Injection Nagios XI - 'tfPassword' Parameter SQL Injection Enorth Webpublisher CMS 'thisday' Parameter SQL Injection Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection WordPress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection eduTrac 'showmask' Parameter Directory Traversal eduTrac - 'showmask' Parameter Directory Traversal Veno File Manager 'q' Parameter Arbitrary File Download Veno File Manager - 'q' Parameter Arbitrary File Download Leed 'id' Parameter SQL Injection Leed - 'id' Parameter SQL Injection xBoard 'post' Parameter Local File Inclusion xBoard - 'post' Parameter Local File Inclusion i-doit Pro 'objID' Parameter SQL Injection i-doit Pro - 'objID' Parameter SQL Injection Joomla! Sexy Polling Extension 'answer_id' Parameter SQL Injection Joomla! Sexy Polling Extension - 'answer_id' Parameter SQL Injection XOS Shop 'goto' Parameter SQL Injection XOS Shop - 'goto' Parameter SQL Injection Eventum 'hostname' Parameter Remote Code Execution Eventum - 'hostname' Parameter Remote Code Execution WordPress Relevanssi Plugin 'category_name' Parameter SQL Injection WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection Professional Designer E-Store 'id' Parameter Multiple SQL Injection Professional Designer E-Store - 'id' Parameter Multiple SQL Injection MeiuPic 'ctl' Parameter Local File Inclusion MeiuPic - 'ctl' Parameter Local File Inclusion Jorjweb 'id' Parameter SQL Injection qEngine 'run' Parameter Local File Inclusion Jorjweb - 'id' Parameter SQL Injection qEngine - 'run' Parameter Local File Inclusion Seo Panel 'file' Parameter Directory Traversal Seo Panel - 'file' Parameter Directory Traversal ZeusCart 'prodid' Parameter SQL Injection ZeusCart - 'prodid' Parameter SQL Injection VoipSwitch 'action' Parameter Local File Inclusion VoipSwitch - 'action' Parameter Local File Inclusion Joomla! Spider Video Player Extension 'theme' Parameter SQL Injection Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042) Microsoft Office Excel - Out-of-Bounds Read Remote Code Execution (MS16-042) Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099) FreePBX 13 / 14 - Remote Code Execution Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (2) Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit	2016-08-14 05:06:43 +00:00

Author

SHA1

Message

Date

Offensive Security

d304cc3d3e

DB: 2017-11-24

116602 new exploits

Too many to list!

2017-11-24 20:56:23 +00:00

Offensive Security

4b39f0d26d

DB: 2017-11-16

23 new exploits

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (1)

Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service
Microsoft Windows Explorer - '.AVI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service
Microsoft Windows Explorer - '.ANI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service
Microsoft Windows Explorer - '.doc' File Denial of Service

CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)

Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities
Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities

iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service

Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)
Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC)

Webby WebServer - SEH Control (PoC)
Webby WebServer - Overflow (SEH) (PoC)

Quick 'n Easy FTP Server Lite 3.1 - Exploit
Quick 'n Easy FTP Server Lite 3.1 - Denial of Service

Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC)

FFDshow - SEH Exception Leading to Null Pointer on Read
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read

Microsoft Internet Explorer - MSHTML Findtext Processing Issue
Microsoft Internet Explorer - MSHTML Findtext Processing Exploit

Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption
Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption
Debian suidmanager 0.18 - Exploit
AMD K6 Processor - Exploit
Apple Personal Web Sharing 1.1 - Remote Denial of Service
AMD K6 Processor - Denial of Service

Sun Solaris 7.0 - 'procfs' Denial of Service

S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service
S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service

Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service
Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service

D-Link DIR605L - Denial of Service

RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service

(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service
ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service

IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow
IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow

xfstt 1.2/1.4 - Unspecified Memory Disclosure
xfstt 1.2/1.4 - Memory Disclosure

ViRobot Linux Server 2.0 - Exploit

Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities

IBM AIX 5.x - Invscout Local Buffer Overflow
IBM AIX 5.x - 'Invscout' Local Buffer Overflow

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow

Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)
Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)

IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption
IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption

Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow
Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow

Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities
Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (2)

Sun Solaris 10 - ICMP Unspecified Remote Denial of Service
Sun Solaris 10 - ICMP Remote Denial of Service

Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service
Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service

Progress WebSpeed 3.0/3.1 - Denial of Service

GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities
GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities
Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service
Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service
Wireshark 0.99.8 - X.509sat Dissector Denial of Service
Wireshark 0.99.8 - LDAP Dissector Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service

Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities

SmallFTPd - Unspecified Denial of Service
SmallFTPd - Denial of Service

Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference
Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference

Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference
Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference

Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference
Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)

Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine

Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits

Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference

Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine
Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine

Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call
Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Mandrake Linux 8.2 /usr/mail - Local Exploit
Mandrake Linux 8.2 - '/usr/mail' Local Exploit

RedHat 6.2 /sbin/restore - Exploit
RedHat 6.2 - '/sbin/restore' Privilege Escalation

dump 0.4b15 (RedHat 6.2) - Exploit
dump 0.4b15 (RedHat 6.2) - Privilege Escalation
xsoldier 0.96 (RedHat 6.2) - Exploit
Pine (Local Message Grabber) - Exploit
xsoldier 0.96 (RedHat 6.2) - Buffer Overflow
Pine (Local Message Grabber) - Local Message Read

Seyon 2.1 rev. 4b i586-Linux - Exploit
Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow

glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit
glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read

suid_perl 5.001 - Exploit
suid_perl 5.001 - Command Execution

Sendmail 8.11.x (Linux/i386) - Exploit
Sendmail 8.11.x (Linux/i386) - Privilege Escalation

Microsoft Excel - Unspecified Remote Code Execution
Microsoft Excel - Remote Code Execution

Microsoft Word 2000 - Unspecified Code Execution
Microsoft Word 2000 - Code Execution
IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation
IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation

IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite

Easy RM to MP3 Converter 2.7.3.700 - Exploit
Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow

Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit
Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow

Adobe Reader and Acrobat - Exploit
Adobe Reader / Acrobat - '.PDF' File Overflow

Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH)

Winamp 5.572 - Exploit (SEH)
Winamp 5.572 - Overflow (SEH)

ZipScan 2.2c - Exploit (SEH)
ZipScan 2.2c - Overflow (SEH)
Local Glibc shared library (.so) 2.11.1 - Exploit
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
Local Glibc Shared Library (.so) 2.11.1 - Code Execution
ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation

SyncBack Freeware 3.2.20.0 - Exploit
SyncBack Freeware 3.2.20.0 - Overflow (SEH)

Mediacoder 0.7.3.4672 - Exploit (SEH)
Mediacoder 0.7.3.4672 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH)

DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)
DJ Studio Pro 8.1.3.2.1 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit)

iworkstation 9.3.2.1.4 - Exploit (SEH)
iworkstation 9.3.2.1.4 - Overflow (SEH)

Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)
Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode)

POP Peeper 3.7 - Exploit (SEH)
POP Peeper 3.7 - Overflow (SEH)

DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass
DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass)

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit)

BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass)
Slackware Linux 3.4 - 'liloconfig-color' Temporary file
Slackware Linux 3.4 - 'makebootdisk' Temporary file
Slackware Linux 3.4 - 'liloconfig-color' Temporary File
Slackware Linux 3.4 - 'makebootdisk' Temporary File
Slackware Linux 3.4 - 'netconfig' Temporary file
Slackware Linux 3.4 - 'pkgtool' Temporary file
Slackware Linux 3.4 - 'netconfig' Temporary File
Slackware Linux 3.4 - 'pkgtool' Temporary File

Debian suidmanager 0.18 - Command Execution
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission
Slackware Linux 3.5 - '/etc/group' Privilege Escalation

Sun Solaris 2.6 power management - Exploit
Sun Solaris 2.6 - power management Exploit
DataLynx suGuard 1.0 - Exploit
Sun Solaris 2.5.1 PAM & unix_scheme - Exploit
Solaris 2.5.1 ffbconfig - Exploit
Solaris 2.5.1 chkey - Exploit
Solaris 2.5.1 Ping - Exploit
SGI IRIX 6.4 ioconfig - Exploit
DataLynx suGuard 1.0 - Privilege Escalation
Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation
Solaris 2.5.1 - 'ffbconfig' Exploit
Solaris 2.5.1 - 'chkey' Exploit
Solaris 2.5.1 - 'Ping' Exploit
SGI IRIX 6.4 - 'ioconfig' Exploit
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2)

Solaris 2.5.1 automount - Exploit
Solaris 2.5.1 - 'automount' Exploit
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit
Sun Solaris 7.0 dtprintinfo - Buffer Overflow
Sun Solaris 7.0 lpset - Buffer Overflow
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow
Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow

IBM Remote Control Software 1.0 - Exploit
IBM Remote Control Software 1.0 - Code Execution

Xcmail 0.99.6 - Exploit
Xcmail 0.99.6 - Buffer Overflow
Sun Solaris 7.0 ff.core - Exploit
S.u.S.E. 5.2 lpc - Exploit
Sun Solaris 7.0 - 'ff.core' Exploit
S.u.S.E. 5.2 - 'lpc' Exploit

SGI IRIX 6.2 cdplayer - Exploit
SGI IRIX 6.2 - 'cdplayer' Exploit
SGI IRIX 5.3 Cadmin - Exploit
SGI IRIX 6.0.1 colorview - Exploit
SGI IRIX 5.3 - 'Cadmin' Exploit
SGI IRIX 6.0.1 - 'colorview' Exploit
SGI IRIX 6.3 df - Exploit
SGI IRIX 6.4 - datman/cdman Exploit
SGI IRIX 6.3 - 'df' Exploit
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.2 fsdump - Exploit
RedHat Linux 5.1 xosview - Exploit
Slackware Linux 3.1 - Buffer Overflow
RedHat Linux 2.1 - 'abuse.console' Exploit
SGI IRIX 6.2 - 'fsdump' Exploit
RedHat Linux 5.1 - xosview
Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow

IBM AIX 4.3 infod - Exploit
IBM AIX 4.3 - 'infod' Exploit

IBM AIX 4.2.1 snap - Insecure Temporary File Creation
IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation
SGI IRIX 6.4 inpview - Exploit
RedHat Linux 5.0 msgchk - Exploit
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 ping - Buffer Overflow
IBM AIX 4.2 lchangelv - Buffer Overflow
SGI IRIX 6.4 - 'inpview' Exploit
RedHat Linux 5.0 - 'msgchk' Exploit
IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 - 'ping' Buffer Overflow
IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow

RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)

SGI IRIX 6.4 netprint - Exploit
SGI IRIX 6.4 - 'netprint' Exploit

SGI IRIX 5.3/6.2 ordist - Exploit
SGI IRIX 5.3/6.2 - 'ordist' Exploit

SGI IRIX 5.3 pkgadjust - Exploit
SGI IRIX 5.3 - 'pkgadjust' Exploit

Sun Solaris 7.0 procfs - Exploit
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 4.2.1 lquerypv - Exploit
IBM AIX 3.2.5 - 'IFS' Exploit
IBM AIX 4.2.1 - 'lquerypv' File Read
SGI IRIX 6.3 pset - Exploit
SGI IRIX 6.4 rmail - Exploit
SGI IRIX 6.3 - 'pset' Exploit
SGI IRIX 6.4 - 'rmail' Exploit
SGI IRIX 5.2/5.3 serial_ports - Exploit
SGI IRIX 6.4 suid_exec - Exploit
SGI IRIX 5.1/5.2 sgihelp - Exploit
SGI IRIX 6.4 startmidi - Exploit
SGI IRIX 5.2/5.3 - 'serial_ports' Exploit
SGI IRIX 6.4 - 'suid_exec' Exploit
SGI IRIX 5.1/5.2- 'sgihelp' Exploit
SGI IRIX 6.4 - 'startmidi' Exploit

SGI IRIX 6.4 xfsdump - Exploit
SGI IRIX 6.4 - 'xfsdump' Exploit

IBM AIX 4.3.1 adb - Exploit
IBM AIX 4.3.1 - 'adb' Denial of Service
Apple At Ease 5.0 - Exploit
Samba < 2.0.5 - Exploit
Apple At Ease 5.0 - Information Disclosure
Samba < 2.0.5 - Overflow

NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit
NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space

Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow

HP-UX 10.20 newgrp - Exploit
HP-UX 10.20 newgrp - Privilege Escalation

BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)

BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2)

Solaris 7.0 kcms_configure - Exploit
Solaris 7.0 - 'kcms_configure Exploit

Windowmaker wmmon 1.0 b2 - Exploit
Windowmaker wmmon 1.0 b2 - Command Execution

Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit
Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation

Standard & Poors ComStock 4.2.4 - Exploit
Standard & Poors ComStock 4.2.4 - Command Execution
KDE 1.1.2 KApplication configfile - Exploit (1)
KDE 1.1.2 KApplication configfile - Exploit (2)
KDE 1.1.2 KApplication configfile - Exploit (3)
KDE 1.1.2 KApplication configfile - Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Privilege Escalation (2)
KDE 1.1.2 KApplication configfile - Privilege Escalation (3)

BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)
mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2)

Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
IRIX 6.5.x - GR_OSView Buffer Overflow
SGI IRIX 6.2 libgl.so - Buffer Overflow
IRIX 6.5.x - dmplay Buffer Overflow
IRIX 6.2/6.3 lpstat - Buffer Overflow
IRIX 6.5.x - inpview Race Condition
IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow
SGI IRIX 6.2 - 'libgl.so' Buffer Overflow
IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow
IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition

IRIX 5.3/6.x - mail Exploit
IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow
Libc locale - Exploit (1)
Libc locale - Exploit (2)
Libc locale - Privilege Escalation (1)
Libc locale - Privilege Escalation (2)

GNOME esound 0.2.19 - Unix Domain Socket Race Condition

Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition
IBM AIX 4.x - setsenv Buffer Overflow
IBM AIX 4.3 digest - Buffer Overflow
IBM AIX 4.x - enq Buffer Overflow
IBM AIX 4.3.x - piobe Buffer Overflow
IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow
IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow
IBM AIX 4.x - 'enq' Buffer Overflow
IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow

SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow

AIX 4.2/4.3 - piomkapqd Buffer Overflow
AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow

(Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation

(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection
Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection
QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow
QNX RTOS 6.1 - PKG-Installer Buffer Overflow
QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow
QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow

NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass
NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass)

AFD 1.2.x - Working Directory Local Buffer Overflow
AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation

IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow

HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access
HP-UX 10.x - rs.F3000 Unauthorized Access

Leksbot 1.2 - Multiple Unspecified Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities

IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow

IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation
IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation

ViRobot Linux Server 2.0 - Overflow

(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation
Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)

Nvidia Display Driver Service (Nsvr) - Exploit
Nvidia Display Driver Service (Nsvr) - Buffer Overflow
IBM AIX 5.3 - GetShell and GetCommand File Enumeration
IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure

Apple 2.0.4 - Safari Unspecified Local
Apple 2.0.4 - Safari Local Exploit

Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities

IBM AIX 6.1.8 libodm - Arbitrary File Write
IBM AIX 6.1.8 - 'libodm' Arbitrary File Write

Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation

VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass)

Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation

QEMU (Gentoo) - Local Priv Escalation
QEMU (Gentoo) - Privilege Escalation

Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)

Microsoft WordPerfect Document Converter - Exploit (MS03-036)
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)

CA BrightStor ARCserve Backup - Exploiter Tool
CA BrightStor ARCserve Backup - Overflow

NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write

CDBurnerXP 4.2.4.1351 - Exploit

PeerCast 0.1216 - Exploit (Metasploit)
PeerCast 0.1216 - Stack Overflow (Metasploit)

BigAnt Server 2.52 - Exploit (SEH)
BigAnt Server 2.52 - Overflow (SEH)

NetTransport Download Manager 2.90.510 - Exploit
NetTransport Download Manager 2.90.510 - Overflow (SEH)

File Sharing Wizard 1.5.0 - Exploit (SEH)
File Sharing Wizard 1.5.0 - Overflow (SEH)
Real Player 12.0.0.879 - Exploit
Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)
Real Player 12.0.0.879 - Code Execution
Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass)

IBM AIX 5l FTPd - Remote DES Hash Exploit
IBM AIX 5l - 'FTPd' Remote DES Hash Exploit

Microsoft Data Access Components - Exploit (MS11-002)
Microsoft Data Access Components - Overflow (PoC) (MS11-002)

FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit)

Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)

Apple Personal Web Sharing 1.1 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 -  Upload / Execute Read Scripts

IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit
IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation

HP HP-UX 10.34 rlpdaemon - Exploit
HP HP-UX 10.34 rlpdaemon - Remote Overflow

Ray Chan WWW Authorization Gateway 0.1 - Exploit
Ray Chan WWW Authorization Gateway 0.1 - Command Execution

Solaris 7.0 Coredump - Exploit
Solaris 7.0 - 'Coredump' File Write
IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit
SGI IRIX 6.2 cgi-bin wrap - Exploit
IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read
SGI IRIX 6.2 - cgi-bin wrap Exploit

SGI IRIX 6.5.2 nsd - Exploit
SGI IRIX 6.5.2 - 'nsd'' Exploit

IBM AIX 3.2.5 - login(1) Exploit
IBM AIX 3.2.5 - 'login(1)' Exploit

Compaq Java Applet for Presario SpawnApp - Exploit
Compaq Java Applet for Presario SpawnApp - Code Execution

Network Security Wizards Dragon-Fire IDS 1.0 - Exploit
Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution

Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure

IBM AIX 4.3.2 ftpd - Remote Buffer Overflow
IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow

glFTPd 1.17.2 - Exploit
glFTPd 1.17.2 - Code Execution

Netopia R-series routers 4.6.2 - Exploit
Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

Sun Java Web Server 1.1.3/2.0 Servlets - Exploit
Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure

IPFilter 3.x - Fragment Rule Bypass

CGIWrap 2.x/3.x - Cross-Site Scripting

AIX 4.1/4.2 - pdnsd Buffer Overflow
AIX 4.1/4.2 - 'pdnsd' Buffer Overflow

RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote Username Enumeration

Hylafax 4.1.x - HFaxD Unspecified Format String
Hylafax 4.1.x - HFaxD Format String

EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow

LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities
LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities

Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities
Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities

Oracle 9i - Multiple Unspecified Vulnerabilities
Oracle 9i - Multiple Vulnerabilities

File ELF 4.x - Header Unspecified Buffer Overflow
File ELF 4.x - Header Buffer Overflow
Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue
Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack
Microsoft Internet Explorer 6 - Unspecified Code Execution (1)
Microsoft Internet Explorer 6 - Unspecified Code Execution (2)
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)

GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal

TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal
TFTP Server TFTPDWin 0.4.2 - Directory Traversal

Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit

Multiple CA Service Management Products - Unspecified Remote Command Execution
Multiple CA Service Management Products - Remote Command Execution

NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow

Bash - Environment Variables Code Injection (Shellshock)
Bash - Environment Variables Command Injection (Shellshock)

OpenVPN 2.2.29 - Remote Exploit (Shellshock)
OpenVPN 2.2.29 - Remote Command Injection (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)
Apache mod_cgi - Remote Exploit (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)
Apache mod_cgi - Remote Command Injection (Shellshock)

Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow
Poison Ivy 2.3.2 - Remote Buffer Overflow

Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution
Samba 3.5.11/3.6.3 - Remote Code Execution

Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)

Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion

Poll It CGI 2.0 - Exploit
Poll It CGI 2.0 - Multiple Vulnerabilities

DreamPoll 3.1 - Exploit
DreamPoll 3.1 - SQL Injection

WordPress Plugin WP-Cumulus 1.20 - Exploit
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting

Public Media Manager - Exploit
Public Media Manager - Remote File Inclusion

Joomla! Component com_adagency - Exploit
Joomla! Component com_adagency - Local File Inclusion

File Upload Manager 1.3 - Exploit
File Upload Manager 1.3 - Web Shell File Upload

Joomla! Component com_caddy - Exploit

Renista CMS - Exploit
Renista CMS - SQL Injection

BtiTracker 1.3.x < 1.4.x - Exploit
BtiTracker 1.3.x < 1.4.x - SQL Injection

WordPress Plugin Cimy Counter - Exploit
WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting

Belkin F5D7234-4 v5 G Wireless Router - Exploit
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed

WhatsApp Status Changer 0.2 - Exploit
WhatsApp - Remote Change Status

MySimpleNews 1.0 - Remotely Readable Administrator Password
MySimpleNews 1.0 - Remote Readable Administrator Password

SquirrelMail 1.2.11 - Exploit
SquirrelMail 1.2.11 - Multiple Vulnerabilities

D-Link DCS-936L Network Camera - Cross-Site Request Forgery
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting

Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Cross-Site Scripting Vulnerabilities

Codegrrl - 'Protection.php' Unspecified Code Execution
Codegrrl - 'Protection.php' Code Execution
Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'index.php' Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting

A-Blog 1.0 - Unspecified Cross-Site Scripting
A-Blog 1.0 - Cross-Site Scripting

Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Akismet 2.1.3 - Unspecified
WordPress Plugin Akismet 2.1.3 - Exploit

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities

UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit
UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information

Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload
Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload

MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections

Zoph 0.7.2.1 - Unspecified SQL Injection
Zoph 0.7.2.1 - SQL Injection

Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component FreiChat 1.0/2.x - HTML Injection

Bash CGI - Remote Code Execution (Shellshock) (Metasploit)
Bash CGI - Remote Command Injection (Shellshock) (Metasploit)

PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock)
PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)

Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities

Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit

Netsweeper 4.0.8 - Authentication Bypass Issue
Netsweeper 4.0.8 - Authentication Bypass

SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting

Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting
Bugzilla 4.2 - Tabular Reports Cross-Site Scripting

iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal
iScripts AutoHoster - 'main_smtp.php' Traversal Exploit

Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits

Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)

NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)

Squid Analysis Report Generator 2.3.10 - Remote Code Execution

2017-11-16 10:02:26 +00:00

Offensive Security

52c4bb1e58

DB: 2016-08-14

5 new exploits

AWStats (5.0-6.3) Input Validation Hole in 'logfile'
AWStats 5.0-6.3 - Input Validation Hole in 'logfile'

Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross-Site Scripting
Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting

Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow

WorldMail imapd 3.0 SEH Overflow (egg hunter)
WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)
e107 website system 0.7.5 contact.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 download.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 admin.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 fpw.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 news.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - contact.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - download.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - admin.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - fpw.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - news.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 signup.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 submitnews.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - signup.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - submitnews.php Query String (PATH_INFO) Parameter XSS

e107 website system 0.7.5 user.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter XSS

Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (1)

PHP-Nuke Sarkilar Module 'id' Parameter SQL Injection
PHP-Nuke Sarkilar Module - 'id' Parameter SQL Injection

PHP-Nuke Nuke League Module 'tid' Parameter Cross-Site Scripting
PHP-Nuke Nuke League Module - 'tid' Parameter Cross-Site Scripting

Kimson CMS 'id' Parameter Cross-Site Scripting
Kimson CMS - 'id' Parameter Cross-Site Scripting
Ocean12 FAQ Manager Pro 'Keyword' Parameter Cross-Site Scripting
Multiple Ocean12 Products 'Admin_ID' Parameter SQL Injection
Ocean12 FAQ Manager Pro - 'Keyword' Parameter Cross-Site Scripting
Multiple Ocean12 Products - 'Admin_ID' Parameter SQL Injection

LinksPro 'OrderDirection' Parameter SQL Injection
LinksPro - 'OrderDirection' Parameter SQL Injection

PHP-Nuke Downloads Module 'url' Parameter SQL Injection
PHP-Nuke Downloads Module - 'url' Parameter SQL Injection

PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass
PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass

PuterJam\'s Blog PJBlog3 3.0.6 \'action.asp\' SQL Injection
PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection

PHP-Nuke 8.0 Downloads Module 'query' Parameter Cross-Site Scripting
PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting

Oracle 10g Secure Enterprise Search 'search_p_groups' Parameter Cross-Site Scripting
Oracle 10g Secure Enterprise Search - 'search_p_groups' Parameter Cross-Site Scripting

Scriptsez Easy Image Downloader 'id' Parameter Cross-Site Scripting
Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting

XOOPS 2.3.3 \\\'op\\\' Parameter Multiple Cross-Site Scripting Vulnerabilities
XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities
Joomla! CB Resume Builder 'group_id' Parameter SQL Injection
X-Cart Email Subscription 'email' Parameter Cross-Site Scripting
Joomla! CB Resume Builder - 'group_id' Parameter SQL Injection
X-Cart Email Subscription - 'email' Parameter Cross-Site Scripting

RunCMS 'forum' Parameter SQL Injection
RunCMS - 'forum' Parameter SQL Injection

Multiple JiRo's Products 'files/login.asp' Multiple SQL Injection
Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection

Elxis 'filename' Parameter Directory Traversal
Elxis - 'filename' Parameter Directory Traversal

Ez Cart 'sid' Parameter Cross-Site Scripting
Ez Cart - 'sid' Parameter Cross-Site Scripting

Joomla! iF Portfolio Nexus 'controller' Parameter Remote File Inclusion
Joomla! iF Portfolio Nexus - 'controller' Parameter Remote File Inclusion

Joomla! Jobads 'type' Parameter SQL Injection
Joomla! Jobads - 'type' Parameter SQL Injection

Jamit Job Board 'post_id' Parameter Cross-Site Scripting
Jamit Job Board - 'post_id' Parameter Cross-Site Scripting

Tribisur 'cat' Parameter Cross-Site Scripting
Tribisur - 'cat' Parameter Cross-Site Scripting

Extreme Mobster 'login' Parameter Cross-Site Scripting
Extreme Mobster - 'login' Parameter Cross-Site Scripting

Subex Nikira Fraud Management System GUI 'message' Parameter Cross-Site Scripting
Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-Site Scripting

Softbiz Jobs 'sbad_type' Parameter Cross-Site Scripting
Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting

HD FLV Player Component for Joomla! 'id' Parameter SQL Injection
HD FLV Player Component for Joomla! - 'id' Parameter SQL Injection
Spectrum Software WebManager CMS 'pojam' Parameter Cross-Site Scripting
Saskia's Shopsystem 'id' Parameter Local File Inclusion
Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting
Saskia's Shopsystem - 'id' Parameter Local File Inclusion

Pars CMS 'RP' Parameter Multiple SQL Injection
Pars CMS - 'RP' Parameter Multiple SQL Injection

Kasseler CMS News Module 'id' Parameter SQL Injection
Kasseler CMS News Module - 'id' Parameter SQL Injection

Ziggurat Farsi CMS 'id' Parameter Unspecified Cross-Site Scripting
Ziggurat Farsi CMS - 'id' Parameter Unspecified Cross-Site Scripting

Vana CMS 'filename' Parameter Remote File Download
Vana CMS - 'filename' Parameter Remote File Download

Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal
Ziggurrat Farsi CMS - 'bck' Parameter Directory Traversal

Viennabux Beta! 'cat' Parameter SQL Injection
Viennabux Beta! - 'cat' Parameter SQL Injection

HP System Management Homepage 'RedirectUrl' Parameter URI Redirection
HP System Management Homepage - 'RedirectUrl' Parameter URI Redirection

Sterlite SAM300 AX Router 'Stat_Radio' Parameter Cross-Site Scripting
Sterlite SAM300 AX Router - 'Stat_Radio' Parameter Cross-Site Scripting

Last Wizardz 'id' Parameter SQL Injection
Last Wizardz - 'id' Parameter SQL Injection

Plesk Server Administrator (PSA) 'locale' Parameter Local File Inclusion
Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion

VideoWhisper PHP 2 Way Video Chat 'r' Parameter Cross-Site Scripting
VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting

KubeSupport 'lang' Parameter SQL Injection
KubeSupport - 'lang' Parameter SQL Injection

ReCMS 'users_lang' Parameter Directory Traversal
ReCMS - 'users_lang' Parameter Directory Traversal

jCore 'search' Parameter Cross-Site Scripting
jCore - 'search' Parameter Cross-Site Scripting

PHP168 Template Editor 'filename' Parameter Directory Traversal
PHP168 Template Editor - 'filename' Parameter Directory Traversal

uzbl \'uzbl-core\' \'@SELECTED_URI\' Mouse Button Bindings Command Injection
uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection
SyntaxCMS 'rows_per_page' Parameter SQL Injection
Edit-X PHP CMS 'search_text' Parameter Cross-Site Scripting
SyntaxCMS - 'rows_per_page' Parameter SQL Injection
Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting

Nasim Guest Book 'page' Parameter Cross-Site Scripting
Nasim Guest Book - 'page' Parameter Cross-Site Scripting

FreeSchool 'key_words' Parameter Cross-Site Scripting
FreeSchool - 'key_words' Parameter Cross-Site Scripting

tourismscripts HotelBook 'hotel_id' Parameter Multiple SQL Injection
tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection

Spiceworks 'query' Parameter Cross-Site Scripting
Spiceworks - 'query' Parameter Cross-Site Scripting

NWS-Classifieds 'cmd' Parameter Local File Inclusion
NWS-Classifieds - 'cmd' Parameter Local File Inclusion

WebAsyst Shop-Script PREMIUM 'searchstring' Parameter Cross-Site Scripting
WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting

Web TV 'chn' Parameter Cross-Site Scripting
Web TV - 'chn' Parameter Cross-Site Scripting

Honest Traffic 'msg' Parameter Cross-Site Scripting
Honest Traffic - 'msg' Parameter Cross-Site Scripting

PHP Photo Vote 1.3F 'page' Parameter Cross-Site Scripting
PHP Photo Vote 1.3F - 'page' Parameter Cross-Site Scripting

Wap-motor 'image' Parameter Directory Traversal
Wap-motor - 'image' Parameter Directory Traversal

QuarkMail 'tf' Parameter Directory Traversal
QuarkMail - 'tf' Parameter Directory Traversal

Microsoft Windows VISTA 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution
Microsoft Windows VISTA - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution

LES PACKS 'ID' Parameter SQL Injection
LES PACKS - 'ID' Parameter SQL Injection

PHPShop 2.1 EE 'name_new' Parameter Cross-Site Scripting
PHPShop 2.1 EE - 'name_new' Parameter Cross-Site Scripting

IBM OmniFind 'command' Parameter Cross-Site Scripting
IBM OmniFind - 'command' Parameter Cross-Site Scripting

Joomla Store Directory 'id' Parameter SQL Injection
Joomla Store Directory - 'id' Parameter SQL Injection
PHP State 'id' Parameter SQL Injection
Joomla Jeformcr 'id' Parameter SQL Injection
JExtensions Property Finder Component for Joomla! 'sf_id' Parameter SQL Injection
PHP State - 'id' Parameter SQL Injection
Joomla Jeformcr - 'id' Parameter SQL Injection
JExtensions Property Finder Component for Joomla! - 'sf_id' Parameter SQL Injection

Social Share 'postid' Parameter SQL Injection
Social Share - 'postid' Parameter SQL Injection

Openfiler 'device' Parameter Cross-Site Scripting
Openfiler - 'device' Parameter Cross-Site Scripting

Social Share 'username' Parameter SQL Injection
Social Share - 'username' Parameter SQL Injection
Social Share 'search' Parameter Cross-Site Scripting
HotWeb Scripts HotWeb Rentals 'PageId' Parameter SQL Injection
Social Share - 'search' Parameter Cross-Site Scripting
HotWeb Scripts HotWeb Rentals - 'PageId' Parameter SQL Injection

SnapProof 'retPageID' Parameter Cross-Site Scripting
SnapProof - 'retPageID' Parameter Cross-Site Scripting

VidiScript 'vp' Parameter Cross-Site Scripting
VidiScript - 'vp' Parameter Cross-Site Scripting

PHP-Fusion 'article_id' Parameter SQL Injection
PHP-Fusion - 'article_id' Parameter SQL Injection
Qianbo Enterprise Web Site Management System 'Keyword' Parameter Cross-Site Scripting
RunCMS 'partners' Module 'id' Parameter SQL Injection
Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-Site Scripting
RunCMS 'partners' Module - 'id' Parameter SQL Injection

Technicolor THOMSON TG585v7 Wireless Router 'url' Parameter Cross-Site Scripting
Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-Site Scripting

SyCtel Design 'menu' Parameter Multiple Local File Inclusion
SyCtel Design - 'menu' Parameter Multiple Local File Inclusion

phpGraphy 0.9.13 b 'theme_dir' Parameter Cross-Site Scripting
phpGraphy 0.9.13 b - 'theme_dir' Parameter Cross-Site Scripting

Web Auction 0.3.6 'lang' Parameter Cross-Site Scripting
Web Auction 0.3.6 - 'lang' Parameter Cross-Site Scripting

Multiple GoT.MY Products 'theme_dir' Parameter Cross-Site Scripting
Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting

Flash Tag Cloud And MT-Cumulus Plugin 'tagcloud' Parameter Cross-Site Scripting
Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting

Joomla! 'com_cbcontact' Component 'contact_id' Parameter SQL Injection
Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection

Joomla! 'com_maplocator' Component 'cid' Parameter SQL Injection
Joomla! 'com_maplocator' Component - 'cid' Parameter SQL Injection

Tolinet Agencia 'id' Parameter SQL Injection
Tolinet Agencia - 'id' Parameter SQL Injection

WebFileExplorer 3.6 'user' and 'pass' SQL Injection
WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection

Sitemagic CMS 'SMTpl' Parameter Directory Traversal
Sitemagic CMS - 'SMTpl' Parameter Directory Traversal
Nodesforum '_nodesforum_node' Parameter SQL Injection
Joomla! 'com_morfeoshow' Component 'idm' Parameter SQL Injection
Nodesforum - '_nodesforum_node' Parameter SQL Injection
Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection

Joomla! 'com_jr_tfb' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_jr_tfb' Component - 'controller' Parameter Local File Inclusion

eTAWASOL 'id' Parameter SQL Injection
eTAWASOL - 'id' Parameter SQL Injection
Prontus CMS 'page' Parameter Cross-Site Scripting
ICMusic '1.2 music_id' Parameter SQL Injection
Prontus CMS - 'page' Parameter Cross-Site Scripting
ICMusic 1.2 - 'music_id' Parameter SQL Injection

Flowplayer 3.2.7 linkUrl' Parameter Cross-Site Scripting
Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting
Easy Estate Rental 's_location' Parameter SQL Injection
Joomla Foto Component 'id_categoria' Parameter SQL Injection
Easy Estate Rental - 's_location' Parameter SQL Injection
Joomla Foto Component - 'id_categoria' Parameter SQL Injection

Joomla Juicy Gallery Component 'picId' Parameter SQL Injection
Joomla Juicy Gallery Component - 'picId' Parameter SQL Injection

Joomla Controller Component 'Itemid' Parameter SQL Injection
Joomla Controller Component - 'Itemid' Parameter SQL Injection
Synergy Software 'id' Parameter SQL Injection
Godly Forums 'id' Parameter SQL Injection
Synergy Software - 'id' Parameter SQL Injection
Godly Forums - 'id' Parameter SQL Injection

MyBB MyTabs Plugin 'tab' Parameter SQL Injection
MyBB MyTabs Plugin - 'tab' Parameter SQL Injection

mt LinkDatenbank 'b' Parameter Cross-Site Scripting
mt LinkDatenbank - 'b' Parameter Cross-Site Scripting

Joomla! Slideshow Gallery Component 'id' Parameter SQL Injection
Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection

Joomla! 'com_community' Component 'userid' Parameter SQL Injection
Joomla! 'com_community' Component - 'userid' Parameter SQL Injection

phpWebSite 'page_id' Parameter Cross-Site Scripting
phpWebSite - 'page_id' Parameter Cross-Site Scripting
Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection
VicBlog 'tag' Parameter SQL Injection
Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection
VicBlog - 'tag' Parameter SQL Injection

Kisanji 'gr' Parameter Cross-Site Scripting
Kisanji - 'gr' Parameter Cross-Site Scripting

Joomla! 'com_biitatemplateshop' Component 'groups' Parameter SQL Injection
Joomla! 'com_biitatemplateshop' Component - 'groups' Parameter SQL Injection

Vanira CMS 'vtpidshow' Parameter SQL Injection
Vanira CMS - 'vtpidshow' Parameter SQL Injection

Joomla! 'com_expedition' Component 'id' Parameter SQL Injection
Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection
Joomla! 'com_tree' Component 'key' Parameter SQL Injection
Joomla! 'com_br' Component 'state_id' Parameter SQL Injection
Joomla! 'com_shop' Component 'id' Parameter SQL Injection
Joomla! 'com_tree' Component - 'key' Parameter SQL Injection
Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection
Joomla! 'com_shop' Component - 'id' Parameter SQL Injection

Splunk 4.1.6 'segment' Parameter Cross-Site Scripting
Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting

Multiple Cisco Products 'file' Parameter Directory Traversal
Multiple Cisco Products - 'file' Parameter Directory Traversal

IBSng B1.34(T96) 'str' Parameter Cross-Site Scripting
IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting

SmartJobBoard 'keywords' Parameter Cross-Site Scripting
SmartJobBoard - 'keywords' Parameter Cross-Site Scripting

Joomla Content Component 'year' Parameter SQL Injection
Joomla Content Component - 'year' Parameter SQL Injection

Webistry 1.6 'pid' Parameter SQL Injection
Webistry 1.6 - 'pid' Parameter SQL Injection

WordPress Skysa App Bar Plugin 'idnews' Parameter Cross-Site Scripting
WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting

Video Community Portal 'userID' Parameter SQL Injection
Video Community Portal - 'userID' Parameter SQL Injection
PHP Booking Calendar 10e 'page_info_message' Parameter Cross-Site Scripting
Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection
PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting
Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection

Joomla! 'com_caproductprices' Component 'id' Parameter SQL Injection
Joomla! 'com_caproductprices' Component - 'id' Parameter SQL Injection

GraphicsClone Script 'term' parameter Cross-Site Scripting
GraphicsClone Script - 'term' parameter Cross-Site Scripting

PostNuke pnAddressbook Module 'id' Parameter SQL Injection
PostNuke pnAddressbook Module - 'id' Parameter SQL Injection

Joomla! 'com_br' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion

Joomla! Full 'com_full' Component 'id' Parameter SQL Injection
Joomla! Full 'com_full' Component - 'id' Parameter SQL Injection
Joomla! 'com_xball' Component 'team_id' Parameter SQL Injection
Joomla! 'com_boss' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_xball' Component - 'team_id' Parameter SQL Injection
Joomla! 'com_boss' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_some' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_kp' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_some' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion
Ultimate Locator 'radius' Parameter SQL Injection
Joomla! 'com_jesubmit' Component 'index.php' Arbitrary File Upload
Ultimate Locator - 'radius' Parameter SQL Injection
Joomla! 'com_jesubmit' Component - 'index.php' Arbitrary File Upload

Joomla! 'com_motor' Component 'cid' Parameter SQL Injection
Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection

Joomla! 'com_firmy' Component 'Id' Parameter SQL Injection
Joomla! 'com_firmy' Component - 'Id' Parameter SQL Injection
Joomla! 'com_crhotels' Component 'catid' Parameter SQL Injection
Joomla! 'com_propertylab' Component 'id' Parameter SQL Injection
Joomla! 'com_crhotels' Component - 'catid' Parameter SQL Injection
Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection

Joomla! 'com_cmotour' Component 'id' Parameter SQL Injection
Joomla! 'com_cmotour' Component - 'id' Parameter SQL Injection

Joomla! 'com_bnf' Component 'seccion_id' Parameter SQL Injection
Joomla! 'com_bnf' Component - 'seccion_id' Parameter SQL Injection

Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting
Joomla! Currency Converter Component - 'from' Parameter Cross-Site Scripting

RabbitWiki 'title' Parameter Cross-Site Scripting
RabbitWiki - 'title' Parameter Cross-Site Scripting

Zimbra 'view' Parameter Cross-Site Scripting
Zimbra - 'view' Parameter Cross-Site Scripting

SMW+ 1.5.6 'target' Parameter HTML Injection
SMW+ 1.5.6 - 'target' Parameter HTML Injection

ProWiki 'id' Parameter Cross-Site Scripting
ProWiki - 'id' Parameter Cross-Site Scripting

Tiki Wiki CMS Groupware 'url' Parameter URI Redirection
Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection

Impulsio CMS 'id' Parameter SQL Injection
Impulsio CMS - 'id' Parameter SQL Injection

Joomla! X-Shop Component 'idd' Parameter SQL Injection
Joomla! X-Shop Component - 'idd' Parameter SQL Injection

Joomla! 'com_xvs' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_xvs' Component - 'controller' Parameter Local File Inclusion

starCMS 'q' Parameter URI Cross-Site Scripting
starCMS - 'q' Parameter URI Cross-Site Scripting

JPM Article Script 6 'page2' Parameter SQL Injection
JPM Article Script 6 - 'page2' Parameter SQL Injection

LeKommerce 'id' Parameter SQL Injection
LeKommerce - 'id' Parameter SQL Injection

Event Calendar PHP 'cal_year' Parameter Cross-Site Scripting
Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting
XM Forum 'id' Parameter Multiple SQL Injection
Uiga FanClub 'p' Parameter SQL Injection
XM Forum - 'id' Parameter Multiple SQL Injection
Uiga FanClub - 'p' Parameter SQL Injection

WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross-Site Scripting
WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting

Ramui Forum Script 'query' Parameter Cross-Site Scripting
Ramui Forum Script - 'query' Parameter Cross-Site Scripting

GD Star Rating 1.9.16 'tpl_section' Parameter Cross-Site Scripting
GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting

LongTail JW Player 'debug' Parameter Cross-Site Scripting
LongTail JW Player - 'debug' Parameter Cross-Site Scripting

Small-Cms 'hostname' Parameter Remote PHP Code Injection
Small-Cms - 'hostname' Parameter Remote PHP Code Injection

Joomla! Alphacontent Component 'limitstart' Parameter SQL Injection
Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection

Flogr 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities
Flogr - 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities

e107 Image Gallery Plugin 'name' Parameter Remote File Disclosure
e107 Image Gallery Plugin - 'name' Parameter Remote File Disclosure

Joomla! 'com_szallasok' Component 'id' Parameter SQL Injection
Joomla! 'com_szallasok' Component - 'id' Parameter SQL Injection

SWFUpload 'movieName' Parameter Cross-Site Scripting
SWFUpload - 'movieName' Parameter Cross-Site Scripting
WordPress SocialFit Plugin 'msg' Parameter Cross-Site Scripting
WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting
WordPress church_admin Plugin 'id' parameter Cross-Site Scripting
WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting
WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting
WordPress church_admin Plugin - 'id' parameter Cross-Site Scripting

sflog! 'section' Parameter Local File Inclusion
sflog! - 'section' Parameter Local File Inclusion

WebsitePanel 'ReturnUrl' Parameter URI Redirection
WebsitePanel - 'ReturnUrl' Parameter URI Redirection
WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Inclusion
web@all 'name' Parameter Cross-Site Scripting
WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion
web@all - 'name' Parameter Cross-Site Scripting

Joomla! 'com_hello' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion
REDAXO 'subpage' Parameter Cross-Site Scripting
Joomla Odudeprofile component 'profession' Parameter SQL Injection
REDAXO - 'subpage' Parameter Cross-Site Scripting
Joomla Odudeprofile component - 'profession' Parameter SQL Injection

BarCodeWiz 'BarcodeWiz.dll' ActiveX Control 'Barcode' Method Remote Buffer Overflow
BarCodeWiz 'BarcodeWiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow
JW Player 'playerready' Parameter Cross-Site Scripting
eNdonesia 'cid' Parameter SQL Injection
JW Player - 'playerready' Parameter Cross-Site Scripting
eNdonesia - 'cid' Parameter SQL Injection

ntop 'arbfile' Parameter Cross-Site Scripting
ntop - 'arbfile' Parameter Cross-Site Scripting

Elefant CMS 'id' Parameter Cross-Site Scripting
Elefant CMS - 'id' Parameter Cross-Site Scripting

YT-Videos Script 'id' Parameter SQL Injection
YT-Videos Script - 'id' Parameter SQL Injection

GetSimple 'path' Parameter Local File Inclusion
GetSimple - 'path' Parameter Local File Inclusion

LISTSERV 16 'SHOWTPL' Parameter Cross-Site Scripting
LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting

JPM Article Blog Script 6 'tid' Parameter Cross-Site Scripting
JPM Article Blog Script 6 - 'tid' Parameter Cross-Site Scripting

KindEditor 'name' Parameter Cross-Site Scripting
KindEditor - 'name' Parameter Cross-Site Scripting

PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Inclusion
PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion

JW Player 'logo.link' Parameter Cross-Site Scripting
JW Player - 'logo.link' Parameter Cross-Site Scripting
PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion
Joomla! Komento Component 'cid' Parameter SQL Injection
PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion
Joomla! Komento Component - 'cid' Parameter SQL Injection

WordPress Cloudsafe365 Plugin 'file' Parameter Remote File Disclosure
WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure

Wiki Web Help 'configpath' Parameter Remote File Inclusion
Wiki Web Help - 'configpath' Parameter Remote File Inclusion

LiteSpeed Web Server 'gtitle' parameter Cross-Site Scripting
LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting

WordPress Download Monitor Plugin 'dlsearch' Parameter Cross-Site Scripting
WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting

FBDj 'id' Parameter SQL Injection
FBDj - 'id' Parameter SQL Injection

vBSEO 'u' parameter Cross-Site Scripting
vBSEO - 'u' parameter Cross-Site Scripting

WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Inclusion
WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion

TAGWORX.CMS 'cid' Parameter SQL Injection
TAGWORX.CMS - 'cid' Parameter SQL Injection

WordPress Video Lead Form Plugin 'errMsg' Parameter Cross-Site Scripting
WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting

WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting
WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting

Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting
Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting

WordPress ABC Test Plugin 'id' Parameter Cross-Site Scripting
WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting

Open Realty 'select_users_lang' Parameter Local File Inclusion
Open Realty - 'select_users_lang' Parameter Local File Inclusion

FirePass 7.0 SSL VPN 'refreshURL' Parameter URI Redirection
FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection

SMF 'view' Parameter Cross-Site Scripting
SMF - 'view' Parameter Cross-Site Scripting

Gramophone 'rs' Parameter Cross-Site Scripting
Gramophone - 'rs' Parameter Cross-Site Scripting

Joomla! com_parcoauto Component 'idVeicolo' Parameter SQL Injection
Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection
OrangeHRM 'sortField' Parameter SQL Injection
WordPress FLV Player Plugin 'id' Parameter SQL Injection
OrangeHRM - 'sortField' Parameter SQL Injection
WordPress FLV Player Plugin - 'id' Parameter SQL Injection
WordPress Kakao Theme 'ID' Parameter SQL Injection
WordPress PHP Event Calendar Plugin 'cid' Parameter SQL Injection
WordPress Eco-annu Plugin 'eid' Parameter SQL Injection
WordPress Kakao Theme - 'ID' Parameter SQL Injection
WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection
WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection
WordPress Dailyedition-mouss Theme 'id' Parameter SQL Injection
WordPress Tagged Albums Plugin 'id' Parameter SQL Injection
WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection
WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection
Omni-Secure 'dir' Parameter Multiple File Disclosure Vulnerabilities
Friends in War The FAQ Manager 'question' Parameter SQL Injection
Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities
Friends in War The FAQ Manager - 'question' Parameter SQL Injection

openSIS 'modname' Parameter Local File Inclusion
openSIS - 'modname' Parameter Local File Inclusion

WordPress Madebymilk Theme 'id' Parameter SQL Injection
WordPress Madebymilk Theme - 'id' Parameter SQL Injection
WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload
WordPress Webplayer Plugin 'id' Parameter SQL Injection
WordPress Plg Novana Plugin 'id' Parameter SQL Injection
WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload
WordPress Webplayer Plugin - 'id' Parameter SQL Injection
WordPress Plg Novana Plugin - 'id' Parameter SQL Injection

WordPress Magazine Basic Theme 'id' Parameter SQL Injection
WordPress Magazine Basic Theme - 'id' Parameter SQL Injection

WordPress Ads Box Plugin 'count' Parameter SQL Injection
WordPress Ads Box Plugin - 'count' Parameter SQL Injection
Forescout CounterACT 'a' Parameter Open Redirection
WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection
Forescout CounterACT - 'a' Parameter Open Redirection
WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection
WordPress Toolbox Theme 'mls' Parameter SQL Injection
Elastix 'page' Parameter Cross-Site Scripting
TinyMCPUK 'test' Parameter Cross-Site Scripting
WordPress Toolbox Theme - 'mls' Parameter SQL Injection
Elastix - 'page' Parameter Cross-Site Scripting
TinyMCPUK - 'test' Parameter Cross-Site Scripting
WordPress Zingiri Forums Plugin 'language' Parameter Local File Inclusion
WordPress Nest Theme 'codigo' Parameter SQL Injection
Sourcefabric Newscoop 'f_email' Parameter SQL Injection
WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion
WordPress Nest Theme - 'codigo' Parameter SQL Injection
Sourcefabric Newscoop - 'f_email' Parameter SQL Injection

FOOT Gestion 'id' Parameter SQL Injection
FOOT Gestion - 'id' Parameter SQL Injection

PHP Address Book 'group' Parameter Cross-Site Scripting
PHP Address Book - 'group' Parameter Cross-Site Scripting
Joomla! ZT Autolinks Component 'controller' Parameter Local File Inclusion
Joomla! Bit Component 'controller' Parameter Local File Inclusion
Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion
Joomla! Bit Component - 'controller' Parameter Local File Inclusion

MyBB Transactions Plugin 'transaction' Parameter SQL Injection
MyBB Transactions Plugin - 'transaction' Parameter SQL Injection

WHM 'filtername' Parameter Cross-Site Scripting
WHM - 'filtername' Parameter Cross-Site Scripting

Havalite CMS 'comment' Parameter HTML Injection
Havalite CMS - 'comment' Parameter HTML Injection

WordPress NextGEN Gallery Plugin 'test-head' Parameter Cross-Site Scripting
WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting

WordPress Gallery Plugin 'filename_1' Parameter Remote Arbitrary File Access
WordPress Gallery Plugin - 'filename_1' Parameter Remote Arbitrary File Access
phpLiteAdmin 'table' Parameter SQL Injection
IP.Gallery 'img' Parameter SQL Injection
phpLiteAdmin - 'table' Parameter SQL Injection
IP.Gallery - 'img' Parameter SQL Injection

gpEasy CMS 'section' Parameter Cross-Site Scripting
gpEasy CMS - 'section' Parameter Cross-Site Scripting

iCart Pro 'section' Parameter SQL Injection
iCart Pro - 'section' Parameter SQL Injection

WordPress WP-Table Reloaded Plugin 'id' Parameter Cross-Site Scripting
WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting

WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross-Site Scripting
WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting
WordPress Audio Player Plugin 'playerID' Parameter Cross-Site Scripting
WordPress Pinboard Theme 'tab' Parameter Cross-Site Scripting
WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting
WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting

Squirrelcart 'table' Parameter Cross-Site Scripting
Squirrelcart - 'table' Parameter Cross-Site Scripting

OpenEMR 'site' Parameter Cross-Site Scripting
OpenEMR - 'site' Parameter Cross-Site Scripting

WordPress Uploader Plugin 'blog' Parameter Cross-Site Scripting
WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting

WordPress Count Per Day Plugin 'daytoshow' Parameter Cross-Site Scripting
WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting

WordPress podPress Plugin 'playerID' Parameter Cross-Site Scripting
WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting

Jaow CMS 'add_ons' Parameter Cross-Site Scripting
Jaow CMS - 'add_ons' Parameter Cross-Site Scripting

WordPress Feedweb Plugin 'wp_post_id' Parameter Cross-Site Scripting
WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting

Symphony 'sort' Parameter SQL Injection
Symphony - 'sort' Parameter SQL Injection

WordPress Traffic Analyzer Plugin 'aoid' Parameter Cross-Site Scripting
WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting

WordPress Spiffy XSPF Player Plugin 'playlist_id' Parameter SQL Injection
WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection
WordPress Spider Video Player Plugin 'theme' Parameter SQL Injection
Request Tracker 'ShowPending' Parameter SQL Injection
WordPress Spider Video Player Plugin - 'theme' Parameter SQL Injection
Request Tracker - 'ShowPending' Parameter SQL Injection

Fork CMS 'file' Parameter Local File Inclusion
Fork CMS - 'file' Parameter Local File Inclusion
WordPress wp-FileManager Plugin 'path' Parameter Arbitrary File Download
Open Flash Chart 'get-data' Parameter Cross-Site Scripting
WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download
Open Flash Chart - 'get-data' Parameter Cross-Site Scripting

Jojo CMS 'search' Parameter Cross-Site Scripting
Jojo CMS - 'search' Parameter Cross-Site Scripting

WordPress Ambience Theme 'src' Parameter Cross-Site Scripting
WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting

TaxiMonger for Android 'name' Parameter HTML Injection
TaxiMonger for Android - 'name' Parameter HTML Injection

ZamFoo 'date' Parameter Remote Command Injection
ZamFoo - 'date' Parameter Remote Command Injection

Xorbin Analog Flash Clock 'widgetUrl' Parameter Cross-Site Scripting
Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
WordPress WP Feed Plugin 'nid' Parameter SQL Injection
WordPress Category Grid View Gallery Plugin 'ID' Parameter Cross-Site Scripting
WordPress WP Feed Plugin - 'nid' Parameter SQL Injection
WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting

WordPress FlagEm Plugin 'cID' Parameter Cross-Site Scripting
WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting

Xibo 'layout' Parameter HTML Injection
Xibo - 'layout' Parameter HTML Injection

Flo CMS 'archivem' Parameter SQL Injection
Flo CMS - 'archivem' Parameter SQL Injection
eTransfer Lite 'file name' Parameter HTML Injection
WordPress mukioplayer4wp Plugin 'cid' Parameter SQL Injection
eTransfer Lite - 'file name' Parameter HTML Injection
WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection

Monstra CMS 'login' Parameter SQL Injection
Monstra CMS - 'login' Parameter SQL Injection

Joomla! JVideoClip Component 'uid' Parameter SQL Injection
Joomla! JVideoClip Component - 'uid' Parameter SQL Injection

WordPress WP-Realty Plugin 'listing_id' Parameter SQL Injection
WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection

Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload
Joomla! Maian15 Component - 'name' Parameter Arbitrary Shell Upload

Nagios XI 'tfPassword' Parameter SQL Injection
Nagios XI - 'tfPassword' Parameter SQL Injection

Enorth Webpublisher CMS 'thisday' Parameter SQL Injection
Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection

WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection
WordPress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection

eduTrac 'showmask' Parameter Directory Traversal
eduTrac - 'showmask' Parameter Directory Traversal

Veno File Manager 'q' Parameter Arbitrary File Download
Veno File Manager - 'q' Parameter Arbitrary File Download

Leed 'id' Parameter SQL Injection
Leed - 'id' Parameter SQL Injection

xBoard 'post' Parameter Local File Inclusion
xBoard - 'post' Parameter Local File Inclusion

i-doit Pro 'objID' Parameter SQL Injection
i-doit Pro - 'objID' Parameter SQL Injection

Joomla! Sexy Polling Extension 'answer_id' Parameter SQL Injection
Joomla! Sexy Polling Extension - 'answer_id' Parameter SQL Injection

XOS Shop 'goto' Parameter SQL Injection
XOS Shop - 'goto' Parameter SQL Injection

Eventum 'hostname' Parameter Remote Code Execution
Eventum - 'hostname' Parameter Remote Code Execution

WordPress Relevanssi Plugin 'category_name' Parameter SQL Injection
WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection

Professional Designer E-Store 'id' Parameter Multiple SQL Injection
Professional Designer E-Store - 'id' Parameter Multiple SQL Injection

MeiuPic 'ctl' Parameter Local File Inclusion
MeiuPic - 'ctl' Parameter Local File Inclusion
Jorjweb 'id' Parameter SQL Injection
qEngine 'run' Parameter Local File Inclusion
Jorjweb - 'id' Parameter SQL Injection
qEngine - 'run' Parameter Local File Inclusion

Seo Panel 'file' Parameter Directory Traversal
Seo Panel - 'file' Parameter Directory Traversal

ZeusCart 'prodid' Parameter SQL Injection
ZeusCart - 'prodid' Parameter SQL Injection

VoipSwitch 'action' Parameter Local File Inclusion
VoipSwitch - 'action' Parameter Local File Inclusion

Joomla! Spider Video Player Extension 'theme' Parameter SQL Injection
Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection

Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)
Microsoft Office Excel - Out-of-Bounds Read Remote Code Execution (MS16-042)

Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
FreePBX 13 / 14 - Remote Code Execution
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (2)
Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit

2016-08-14 05:06:43 +00:00

3 commits