exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	d304cc3d3e	DB: 2017-11-24 116602 new exploits Too many to list!	2017-11-24 20:56:23 +00:00
Offensive Security	4b39f0d26d	DB: 2017-11-16 23 new exploits VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1) VideoLAN VLC Media Player 0.8.6a - Denial of Service (1) Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service Microsoft Windows Explorer - '.AVI' File Denial of Service Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service Microsoft Windows Explorer - '.ANI' File Denial of Service Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service Microsoft Windows Explorer - '.doc' File Denial of Service CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service) Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC) Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC) Webby WebServer - SEH Control (PoC) Webby WebServer - Overflow (SEH) (PoC) Quick 'n Easy FTP Server Lite 3.1 - Exploit Quick 'n Easy FTP Server Lite 3.1 - Denial of Service Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC) Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC) FFDshow - SEH Exception Leading to Null Pointer on Read FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read Microsoft Internet Explorer - MSHTML Findtext Processing Issue Microsoft Internet Explorer - MSHTML Findtext Processing Exploit Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption Debian suidmanager 0.18 - Exploit AMD K6 Processor - Exploit Apple Personal Web Sharing 1.1 - Remote Denial of Service AMD K6 Processor - Denial of Service Sun Solaris 7.0 - 'procfs' Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service D-Link DIR605L - Denial of Service RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service (Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow xfstt 1.2/1.4 - Unspecified Memory Disclosure xfstt 1.2/1.4 - Memory Disclosure ViRobot Linux Server 2.0 - Exploit Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities IBM AIX 5.x - Invscout Local Buffer Overflow IBM AIX 5.x - 'Invscout' Local Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012) Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012) IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2) VideoLAN VLC Media Player 0.8.6a - Denial of Service (2) Sun Solaris 10 - ICMP Unspecified Remote Denial of Service Sun Solaris 10 - ICMP Remote Denial of Service Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service Progress WebSpeed 3.0/3.1 - Denial of Service GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service Wireshark 0.99.8 - X.509sat Dissector Denial of Service Wireshark 0.99.8 - LDAP Dissector Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities SmallFTPd - Unspecified Denial of Service SmallFTPd - Denial of Service Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call Mandrake Linux 8.2 /usr/mail - Local Exploit Mandrake Linux 8.2 - '/usr/mail' Local Exploit RedHat 6.2 /sbin/restore - Exploit RedHat 6.2 - '/sbin/restore' Privilege Escalation dump 0.4b15 (RedHat 6.2) - Exploit dump 0.4b15 (RedHat 6.2) - Privilege Escalation xsoldier 0.96 (RedHat 6.2) - Exploit Pine (Local Message Grabber) - Exploit xsoldier 0.96 (RedHat 6.2) - Buffer Overflow Pine (Local Message Grabber) - Local Message Read Seyon 2.1 rev. 4b i586-Linux - Exploit Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read suid_perl 5.001 - Exploit suid_perl 5.001 - Command Execution Sendmail 8.11.x (Linux/i386) - Exploit Sendmail 8.11.x (Linux/i386) - Privilege Escalation Microsoft Excel - Unspecified Remote Code Execution Microsoft Excel - Remote Code Execution Microsoft Word 2000 - Unspecified Code Execution Microsoft Word 2000 - Code Execution IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite Easy RM to MP3 Converter 2.7.3.700 - Exploit Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow Adobe Reader and Acrobat - Exploit Adobe Reader / Acrobat - '.PDF' File Overflow Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) Winamp 5.572 - Exploit (SEH) Winamp 5.572 - Overflow (SEH) ZipScan 2.2c - Exploit (SEH) ZipScan 2.2c - Overflow (SEH) Local Glibc shared library (.so) 2.11.1 - Exploit (Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation Local Glibc Shared Library (.so) 2.11.1 - Code Execution ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation SyncBack Freeware 3.2.20.0 - Exploit SyncBack Freeware 3.2.20.0 - Overflow (SEH) Mediacoder 0.7.3.4672 - Exploit (SEH) Mediacoder 0.7.3.4672 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) DJ Studio Pro 8.1.3.2.1 - Exploit (SEH) DJ Studio Pro 8.1.3.2.1 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit) iworkstation 9.3.2.1.4 - Exploit (SEH) iworkstation 9.3.2.1.4 - Overflow (SEH) Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode) Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode) POP Peeper 3.7 - Exploit (SEH) POP Peeper 3.7 - Overflow (SEH) DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass) DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit) BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass) Slackware Linux 3.4 - 'liloconfig-color' Temporary file Slackware Linux 3.4 - 'makebootdisk' Temporary file Slackware Linux 3.4 - 'liloconfig-color' Temporary File Slackware Linux 3.4 - 'makebootdisk' Temporary File Slackware Linux 3.4 - 'netconfig' Temporary file Slackware Linux 3.4 - 'pkgtool' Temporary file Slackware Linux 3.4 - 'netconfig' Temporary File Slackware Linux 3.4 - 'pkgtool' Temporary File Debian suidmanager 0.18 - Command Execution BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit Slackware Linux 3.5 - Missing /etc/group Privilege Escalation BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission Slackware Linux 3.5 - '/etc/group' Privilege Escalation Sun Solaris 2.6 power management - Exploit Sun Solaris 2.6 - power management Exploit DataLynx suGuard 1.0 - Exploit Sun Solaris 2.5.1 PAM & unix_scheme - Exploit Solaris 2.5.1 ffbconfig - Exploit Solaris 2.5.1 chkey - Exploit Solaris 2.5.1 Ping - Exploit SGI IRIX 6.4 ioconfig - Exploit DataLynx suGuard 1.0 - Privilege Escalation Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation Solaris 2.5.1 - 'ffbconfig' Exploit Solaris 2.5.1 - 'chkey' Exploit Solaris 2.5.1 - 'Ping' Exploit SGI IRIX 6.4 - 'ioconfig' Exploit BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2) Solaris 2.5.1 automount - Exploit Solaris 2.5.1 - 'automount' Exploit BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit Sun Solaris 7.0 dtprintinfo - Buffer Overflow Sun Solaris 7.0 lpset - Buffer Overflow BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow IBM Remote Control Software 1.0 - Exploit IBM Remote Control Software 1.0 - Code Execution Xcmail 0.99.6 - Exploit Xcmail 0.99.6 - Buffer Overflow Sun Solaris 7.0 ff.core - Exploit S.u.S.E. 5.2 lpc - Exploit Sun Solaris 7.0 - 'ff.core' Exploit S.u.S.E. 5.2 - 'lpc' Exploit SGI IRIX 6.2 cdplayer - Exploit SGI IRIX 6.2 - 'cdplayer' Exploit SGI IRIX 5.3 Cadmin - Exploit SGI IRIX 6.0.1 colorview - Exploit SGI IRIX 5.3 - 'Cadmin' Exploit SGI IRIX 6.0.1 - 'colorview' Exploit SGI IRIX 6.3 df - Exploit SGI IRIX 6.4 - datman/cdman Exploit SGI IRIX 6.3 - 'df' Exploit SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.2 fsdump - Exploit RedHat Linux 5.1 xosview - Exploit Slackware Linux 3.1 - Buffer Overflow RedHat Linux 2.1 - 'abuse.console' Exploit SGI IRIX 6.2 - 'fsdump' Exploit RedHat Linux 5.1 - xosview Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow IBM AIX 4.3 infod - Exploit IBM AIX 4.3 - 'infod' Exploit IBM AIX 4.2.1 snap - Insecure Temporary File Creation IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation SGI IRIX 6.4 inpview - Exploit RedHat Linux 5.0 msgchk - Exploit IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 ping - Buffer Overflow IBM AIX 4.2 lchangelv - Buffer Overflow SGI IRIX 6.4 - 'inpview' Exploit RedHat Linux 5.0 - 'msgchk' Exploit IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 - 'ping' Buffer Overflow IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1) RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1) SGI IRIX 6.4 netprint - Exploit SGI IRIX 6.4 - 'netprint' Exploit SGI IRIX 5.3/6.2 ordist - Exploit SGI IRIX 5.3/6.2 - 'ordist' Exploit SGI IRIX 5.3 pkgadjust - Exploit SGI IRIX 5.3 - 'pkgadjust' Exploit Sun Solaris 7.0 procfs - Exploit IBM AIX 3.2.5 - IFS Exploit IBM AIX 4.2.1 lquerypv - Exploit IBM AIX 3.2.5 - 'IFS' Exploit IBM AIX 4.2.1 - 'lquerypv' File Read SGI IRIX 6.3 pset - Exploit SGI IRIX 6.4 rmail - Exploit SGI IRIX 6.3 - 'pset' Exploit SGI IRIX 6.4 - 'rmail' Exploit SGI IRIX 5.2/5.3 serial_ports - Exploit SGI IRIX 6.4 suid_exec - Exploit SGI IRIX 5.1/5.2 sgihelp - Exploit SGI IRIX 6.4 startmidi - Exploit SGI IRIX 5.2/5.3 - 'serial_ports' Exploit SGI IRIX 6.4 - 'suid_exec' Exploit SGI IRIX 5.1/5.2- 'sgihelp' Exploit SGI IRIX 6.4 - 'startmidi' Exploit SGI IRIX 6.4 xfsdump - Exploit SGI IRIX 6.4 - 'xfsdump' Exploit IBM AIX 4.3.1 adb - Exploit IBM AIX 4.3.1 - 'adb' Denial of Service Apple At Ease 5.0 - Exploit Samba < 2.0.5 - Exploit Apple At Ease 5.0 - Information Disclosure Samba < 2.0.5 - Overflow NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow HP-UX 10.20 newgrp - Exploit HP-UX 10.20 newgrp - Privilege Escalation BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2) BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1) FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2) Solaris 7.0 kcms_configure - Exploit Solaris 7.0 - 'kcms_configure Exploit Windowmaker wmmon 1.0 b2 - Exploit Windowmaker wmmon 1.0 b2 - Command Execution Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation Standard & Poors ComStock 4.2.4 - Exploit Standard & Poors ComStock 4.2.4 - Command Execution KDE 1.1.2 KApplication configfile - Exploit (1) KDE 1.1.2 KApplication configfile - Exploit (2) KDE 1.1.2 KApplication configfile - Exploit (3) KDE 1.1.2 KApplication configfile - Privilege Escalation (1) KDE 1.1.2 KApplication configfile - Privilege Escalation (2) KDE 1.1.2 KApplication configfile - Privilege Escalation (3) BSD 'mailx' 8.1.1-10 - Buffer Overflow (2) mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2) Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow IRIX 6.5.x - GR_OSView Buffer Overflow SGI IRIX 6.2 libgl.so - Buffer Overflow IRIX 6.5.x - dmplay Buffer Overflow IRIX 6.2/6.3 lpstat - Buffer Overflow IRIX 6.5.x - inpview Race Condition IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow SGI IRIX 6.2 - 'libgl.so' Buffer Overflow IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition IRIX 5.3/6.x - mail Exploit IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow Libc locale - Exploit (1) Libc locale - Exploit (2) Libc locale - Privilege Escalation (1) Libc locale - Privilege Escalation (2) GNOME esound 0.2.19 - Unix Domain Socket Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition IBM AIX 4.x - setsenv Buffer Overflow IBM AIX 4.3 digest - Buffer Overflow IBM AIX 4.x - enq Buffer Overflow IBM AIX 4.3.x - piobe Buffer Overflow IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow IBM AIX 4.x - 'enq' Buffer Overflow IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow AIX 4.2/4.3 - piomkapqd Buffer Overflow AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow (Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation (Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow QNX RTOS 6.1 - PKG-Installer Buffer Overflow QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass) AFD 1.2.x - Working Directory Local Buffer Overflow AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access HP-UX 10.x - rs.F3000 Unauthorized Access Leksbot 1.2 - Multiple Unspecified Vulnerabilities Leksbot 1.2 - Multiple Vulnerabilities IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation ViRobot Linux Server 2.0 - Overflow (Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3) Nvidia Display Driver Service (Nsvr) - Exploit Nvidia Display Driver Service (Nsvr) - Buffer Overflow IBM AIX 5.3 - GetShell and GetCommand File Enumeration IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure Apple 2.0.4 - Safari Unspecified Local Apple 2.0.4 - Safari Local Exploit Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities IBM AIX 6.1.8 libodm - Arbitrary File Write IBM AIX 6.1.8 - 'libodm' Arbitrary File Write Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass) Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation QEMU (Gentoo) - Local Priv Escalation QEMU (Gentoo) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock) Microsoft WordPerfect Document Converter - Exploit (MS03-036) Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036) CA BrightStor ARCserve Backup - Exploiter Tool CA BrightStor ARCserve Backup - Overflow NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write CDBurnerXP 4.2.4.1351 - Exploit PeerCast 0.1216 - Exploit (Metasploit) PeerCast 0.1216 - Stack Overflow (Metasploit) BigAnt Server 2.52 - Exploit (SEH) BigAnt Server 2.52 - Overflow (SEH) NetTransport Download Manager 2.90.510 - Exploit NetTransport Download Manager 2.90.510 - Overflow (SEH) File Sharing Wizard 1.5.0 - Exploit (SEH) File Sharing Wizard 1.5.0 - Overflow (SEH) Real Player 12.0.0.879 - Exploit Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass) Real Player 12.0.0.879 - Code Execution Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass) IBM AIX 5l FTPd - Remote DES Hash Exploit IBM AIX 5l - 'FTPd' Remote DES Hash Exploit Microsoft Data Access Components - Exploit (MS11-002) Microsoft Data Access Components - Overflow (PoC) (MS11-002) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit) Apple Personal Web Sharing 1.1 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation HP HP-UX 10.34 rlpdaemon - Exploit HP HP-UX 10.34 rlpdaemon - Remote Overflow Ray Chan WWW Authorization Gateway 0.1 - Exploit Ray Chan WWW Authorization Gateway 0.1 - Command Execution Solaris 7.0 Coredump - Exploit Solaris 7.0 - 'Coredump' File Write IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit SGI IRIX 6.2 cgi-bin wrap - Exploit IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read SGI IRIX 6.2 - cgi-bin wrap Exploit SGI IRIX 6.5.2 nsd - Exploit SGI IRIX 6.5.2 - 'nsd'' Exploit IBM AIX 3.2.5 - login(1) Exploit IBM AIX 3.2.5 - 'login(1)' Exploit Compaq Java Applet for Presario SpawnApp - Exploit Compaq Java Applet for Presario SpawnApp - Code Execution Network Security Wizards Dragon-Fire IDS 1.0 - Exploit Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure IBM AIX 4.3.2 ftpd - Remote Buffer Overflow IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow glFTPd 1.17.2 - Exploit glFTPd 1.17.2 - Code Execution Netopia R-series routers 4.6.2 - Exploit Netopia R-series Routers 4.6.2 - Modifying SNMP Tables Sun Java Web Server 1.1.3/2.0 Servlets - Exploit Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure IPFilter 3.x - Fragment Rule Bypass CGIWrap 2.x/3.x - Cross-Site Scripting AIX 4.1/4.2 - pdnsd Buffer Overflow AIX 4.1/4.2 - 'pdnsd' Buffer Overflow RedHat Linux 7.0 Apache - Remote 'Username' Enumeration RedHat Linux 7.0 Apache - Remote Username Enumeration Hylafax 4.1.x - HFaxD Unspecified Format String Hylafax 4.1.x - HFaxD Format String EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Oracle 9i - Multiple Unspecified Vulnerabilities Oracle 9i - Multiple Vulnerabilities File ELF 4.x - Header Unspecified Buffer Overflow File ELF 4.x - Header Buffer Overflow Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack Microsoft Internet Explorer 6 - Unspecified Code Execution (1) Microsoft Internet Explorer 6 - Unspecified Code Execution (2) Microsoft Internet Explorer 6 - Code Execution (1) Microsoft Internet Explorer 6 - Code Execution (2) GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal TFTP Server TFTPDWin 0.4.2 - Directory Traversal Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit Multiple CA Service Management Products - Unspecified Remote Command Execution Multiple CA Service Management Products - Remote Command Execution NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow Bash - Environment Variables Code Injection (Shellshock) Bash - Environment Variables Command Injection (Shellshock) OpenVPN 2.2.29 - Remote Exploit (Shellshock) OpenVPN 2.2.29 - Remote Command Injection (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock) Apache mod_cgi - Remote Exploit (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock) Apache mod_cgi - Remote Command Injection (Shellshock) Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow Poison Ivy 2.3.2 - Remote Buffer Overflow Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution Samba 3.5.11/3.6.3 - Remote Code Execution Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit) Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit) Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock) Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock) IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit) IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock) TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock) Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion Poll It CGI 2.0 - Exploit Poll It CGI 2.0 - Multiple Vulnerabilities DreamPoll 3.1 - Exploit DreamPoll 3.1 - SQL Injection WordPress Plugin WP-Cumulus 1.20 - Exploit WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting Public Media Manager - Exploit Public Media Manager - Remote File Inclusion Joomla! Component com_adagency - Exploit Joomla! Component com_adagency - Local File Inclusion File Upload Manager 1.3 - Exploit File Upload Manager 1.3 - Web Shell File Upload Joomla! Component com_caddy - Exploit Renista CMS - Exploit Renista CMS - SQL Injection BtiTracker 1.3.x < 1.4.x - Exploit BtiTracker 1.3.x < 1.4.x - SQL Injection WordPress Plugin Cimy Counter - Exploit WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting Belkin F5D7234-4 v5 G Wireless Router - Exploit Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed WhatsApp Status Changer 0.2 - Exploit WhatsApp - Remote Change Status MySimpleNews 1.0 - Remotely Readable Administrator Password MySimpleNews 1.0 - Remote Readable Administrator Password SquirrelMail 1.2.11 - Exploit SquirrelMail 1.2.11 - Multiple Vulnerabilities D-Link DCS-936L Network Camera - Cross-Site Request Forgery Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting Yappa-ng 1.x/2.x - Remote File Inclusion Yappa-ng 1.x/2.x - Cross-Site Scripting Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities Aenovo - Multiple Cross-Site Scripting Vulnerabilities Codegrrl - 'Protection.php' Unspecified Code Execution Codegrrl - 'Protection.php' Code Execution Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'index.php' Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting A-Blog 1.0 - Unspecified Cross-Site Scripting A-Blog 1.0 - Cross-Site Scripting Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Akismet 2.1.3 - Unspecified WordPress Plugin Akismet 2.1.3 - Exploit SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections Zoph 0.7.2.1 - Unspecified SQL Injection Zoph 0.7.2.1 - SQL Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Joomla! Component FreiChat 1.0/2.x - HTML Injection Bash CGI - Remote Code Execution (Shellshock) (Metasploit) Bash CGI - Remote Command Injection (Shellshock) (Metasploit) PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock) PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock) Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit Netsweeper 4.0.8 - Authentication Bypass Issue Netsweeper 4.0.8 - Authentication Bypass SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting SimpleInvoices invoices Module - Customer Field Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Cross-Site Scripting iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal iScripts AutoHoster - 'main_smtp.php' Traversal Exploit Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock) Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock) Squid Analysis Report Generator 2.3.10 - Remote Code Execution	2017-11-16 10:02:26 +00:00
Offensive Security	c7b4bfd8e6	DB: 2017-08-23 23 new exploits Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit) IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit) BSD - Passive Connection Shellcode (124 bytes) BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes) BSD/x86 - setuid(0) then execve /bin/sh Shellcode (30 bytes) BSD/x86 - Bind Shell 31337/TCP + setuid(0) Shellcode (94 bytes) BSD/x86 - execve /bin/sh multiplatform Shellcode (27 bytes) BSD/x86 - execve /bin/sh setuid (0) Shellcode (29 bytes) BSD/x86 - Bind Shell 31337/TCP Shellcode (83 bytes) BSD/x86 - Bind Random Port Shellcode (143 bytes) BSD/x86 - setuid(0) + execve /bin/sh Shellcode (30 bytes) BSD/x86 - Bind TCP Shell (31337/TCP) + setuid(0) Shellcode (94 bytes) BSD/x86 - execve /bin/sh Shellcode (27 bytes) BSD/x86 - execve /bin/sh + setuid(0) Shellcode (29 bytes) BSD/x86 - Bind TCP Shell (31337/TCP) Shellcode (83 bytes) BSD/x86 - Bind TCP Shell (Random Port) Shellcode (143 bytes) BSD/x86 - execve /bin/sh Crypt Shellcode (49 bytes) BSD/x86 - execve /bin/sh ENCRYPT* Shellcode (57 bytes) BSD/x86 - Connect torootteam.host.sk:2222 Shellcode (93 bytes) BSD/x86 - cat /etc/master.passwd \| mail [email] Shellcode (92 bytes) BSD/x86 - execve /bin/sh Encoded Shellcode (49 bytes) BSD/x86 - execve /bin/sh Encoded Shellcode (57 bytes) BSD/x86 - Reverse TCP Shell (torootteam.host.sk:2222/TCP) Shellcode (93 bytes) BSD/x86 - execve /bin/cat /etc/master.passwd \| mail [email] Shellcode (92 bytes) BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes) FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes) BSDi/x86 - execve /bin/sh ToUpper Encoded Shellcode (97 bytes) FreeBSD x86 / x64 - execve /bin/sh Anti-Debugging Shellcode (140 bytes) FreeBSD/x86 - connect back.send.exit /etc/passwd Shellcode (112 bytes) FreeBSD/x86 - kill all processes Shellcode (12 bytes) FreeBSD/x86 - rev connect + recv + jmp + return results Shellcode (90 bytes) FreeBSD/x86 - /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes) FreeBSD/x86 - Reverse /bin/sh Shell (127.0.0.1:8000) Shellcode (89 bytes) FreeBSD/x86 - setuid(0); execve(ipf -Fa); Shellcode (57 bytes) FreeBSD/x86 - /bin/sh Encrypted Shellcode (48 bytes) FreeBSD/x86 - Reverse TCP cat /etc/passwd (192.168.1.33:8000/TCP) Shellcode (112 bytes) FreeBSD/x86 - Kill All Processes Shellcode (12 bytes) FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + JMP + Return Results Null-Free Shellcode (90 bytes) FreeBSD/x86 - execve /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes) FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:8000) Null-Free Shellcode (89 bytes) FreeBSD/x86 - setuid(0); + execve(ipf -Fa); Shellcode (57 bytes) FreeBSD/x86 - execve /bin/sh Encoded Shellcode (48 bytes) FreeBSD/x86 - execve /bin/sh Shellcode (2) (23 bytes) FreeBSD/x86 - execve /bin/sh Shellcode (23 bytes) FreeBSD/x86 - kldload /tmp/o.o Shellcode (74 bytes) FreeBSD/x86 - Load Kernel Module (/sbin/kldload /tmp/o.o) Shellcode (74 bytes) FreeBSD/x86 - Connect Port 31337 Shellcode (102 bytes) FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (102 bytes) Linux/x86 - Bind Shellcode (Generator) Windows XP SP1 - Bind Shellcode (Generator) (Generator) - /bin/sh Polymorphic With Printable ASCII Characters Shellcode Linux/x86 - cmd Null-Free Shellcode (Generator) (Generator) - Alphanumeric Shellcode (Encoder/Decoder) Linux/x86 - Bind TCP Shellcode (Generator) Windows XP SP1 - Bind TCP Shell Shellcode (Generator) Linux - execve /bin/sh Polymorphic With Printable ASCII Characters Shellcode (Generator) Linux/x86 - Command Null-Free Shellcode (Generator) Windows - Reverse TCP Shell (127.0.0.1:123/TCP) Alphanumeric Shellcode (Encoder/Decoder) (Generator) Win32 - Multi-Format Encoding Tool Shellcode (Generator) iOS - Version-independent Shellcode Cisco IOS - Connectback 21/TCP Shellcode Windows x86 - Multi-Format Encoding Tool Shellcode (Generator) iOS Version-independent - Null-Free Shellcode Cisco IOS - New TTY / Privilege Level To 15 / Reverse Virtual Terminal Shell (21/TCP) Shellcode Linux/x86-64 - Flush IPTables Rules Shellcode (84 bytes) Linux/x86-64 - Reverse TCP Semi-Stealth Shell Shellcode (88+ bytes) (Generator) Linux/MIPS (Linksys WRT54G/GL) - Bind 4919/TCP Shellcode (276 bytes) Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (84 bytes) Linux/x86-64 - Reverse TCP Semi-Stealth /bin/bash Shell Shellcode (88+ bytes) (Generator) Linux/MIPS (Linksys WRT54G/GL) - Bind TCP /bin/sh Shell (4919/TCP) Shellcode (276 bytes) Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh Shellcode (240 bytes) Linux/PPC - Reverse TCP /bin/sh Shell (192.168.1.1:31337/TCP) Shellcode (240 bytes) Linux/SPARC - Bind 8975/TCP Shellcode (284 bytes) Linux/SPARC - Bind TCP Shell (8975/TCP) Null-Free Shellcode (284 bytes) Linux/x86 - killall5 polymorphic Shellcode (61 bytes) Linux/x86 - /bin/sh Polymorphic Shellcode (48 bytes) Linux/x86 - Bind 4444/TCP Shellcode (XOR Encoded) (152 bytes) Linux/x86 - reboot() polymorphic Shellcode (57 bytes) Linux/x86 - chmod(_/etc/shadow__666) Polymorphic Shellcode (54 bytes) Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) Shellcode (34 bytes) Linux/x86 - Bind 8000/TCP + Execve Iptables -F Shellcode (176 bytes) Linux/x86 - Bind 8000/TCP + Add Root User Shellcode (225+ bytes) Linux/x86 - Bind 8000/TCP ASM Code Linux Shellcode (179 bytes) Linux/x86 - killall5 Polymorphic Shellcode (61 bytes) Linux/x86 - execve /bin/sh Polymorphic Shellcode (48 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) XOR Encoded Shellcode (152 bytes) Linux/x86 - reboot() Polymorphic Shellcode (57 bytes) Linux/x86 - chmod 666 /etc/shadow Polymorphic Shellcode (54 bytes) Linux/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh__0_0) Shellcode (34 bytes) Linux/x86 - Bind TCP Shell (8000/TCP) + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes) Linux/x86 - Bind TCP Shell (8000/TCP) + Add Root User Shellcode (225+ bytes) Linux/x86 - Bind TCP /bin/sh Shell (8000/TCP) Shellcode (179 bytes) Linux/x86 - Serial port shell binding + busybox Launching Shellcode (82 bytes) Linux/x86 - Serial Port Shell Binding (/dev/ttyS0) + busybox Launching Null-Free Shellcode (82 bytes) Linux/x86 - chmod(_/etc/shadow__666) + exit(0) Shellcode (30 bytes) Linux/x86 - chmod 666 /etc/shadow + exit(0) Shellcode (30 bytes) Linux/x86 - Shellcode Obfuscator (Generator) Linux/x86 - Shellcode Obfuscator Null-Free (Generator) Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Shellcode (28 bytes) Linux/x86 - setresuid(0_0_0) /bin/sh Shellcode (35 bytes) Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Null-Free Shellcode (28 bytes) Linux/x86 - setresuid(0_0_0) + /bin/sh Shellcode (35 bytes) Linux/x86 - Reverse TCP /etc/shadow (8192/TCP) Shellcode (155 bytes) Linux/x86 - Reverse TCP cat /etc/shadow (8192/TCP) Shellcode (155 bytes) Linux/x86 - setuid(0) . setgid(0) . aslr_off Shellcode (79 bytes) Linux/x86 - setuid(0) + setgid(0) + aslr_off (Disable ASLR Security) Shellcode (79 bytes) Linux/x86 - /sbin/iptables -F Shellcode (40 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (40 bytes) Linux/x86 - /sbin/ipchains -F Shellcode (40 bytes) Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) Shellcode (40 bytes) Linux/x86 - HTTP/1.x GET_ Downloads + execve() Shellcode (111+ bytes) Linux/x86 - executes command after setreuid Shellcode (49+ bytes) Linux/x86 - HTTP/1.x GET + Downloads + execve() Null-Free Shellcode (111+ bytes) Linux/x86 - setreuid + executes command (49+ bytes) Linux/x86 - Bind 31337/TCP + setuid Shellcode (96 bytes) Linux/x86 - Bind 2707/TCP Shellcode (84 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + setuid Shellcode (96 bytes) Linux/x86 - Bind TCP Shell (2707/TCP) Shellcode (84 bytes) Linux/x86 - Bind 31337/TCP SET_PORT() Shellcode (100 bytes) Linux/x86 - Reverse TCP Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (100 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator) Linux/x86 - Reverse TCP XOR Encoded Shell (127.0.0.1:80/TCP) Shellcode (371 bytes) Linux/x86 - Reverse TCP Shell (127.0.0.1:80/TCP) XOR Encoded Shellcode (371 bytes) Linux/x86 - /tmp/swr to SWAP restore Shellcode (109 bytes) Linux/x86 - Read SWAP write to /tmp/swr Shellcode (109 bytes) Linux/x86 - Bind TCP Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes) Linux/x86 - Bind 64713/TCP Shellcode (86 bytes) Linux/x86 - Bind TCP /bin/sh Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes) Linux/x86 - Bind TCP /bin/sh Shell (64713/TCP) Shellcode (86 bytes) Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes) Linux/x86 - TCP Proxy Shellcode (236 bytes) Linux/x86 - TCP Proxy Null-Free Shellcode (236 bytes) Linux/x86 - execve /bin/sh xored for Intel x86 CPUID Shellcode (41 bytes) Linux/x86 - execve /bin/sh Shellcode (+1 Encoded) (39 bytes) Linux/x86 - Add User (xtz) To /etc/passwd Shellcode (59 bytes) Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP Shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP + fork() Shellcode (98 bytes) Linux/x86 (Intel x86 CPUID) - execve /bin/sh XORED Encoded Shellcode (41 bytes) Linux/x86 - execve /bin/sh Shellcode +1 Encoded (39 bytes) Linux/x86 - Add Root User (xtz) To /etc/passwd Shellcode (59 bytes) Linux/x86 - Anti-Debug Trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (80 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + fork() Shellcode (98 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (32 bytes) Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (32 bytes) Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator) Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator) Linux/x86 - read(0_buf_2541); chmod(buf_4755); Shellcode (23 bytes) Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) Shellcode (36 bytes) Linux/x86 - snoop /dev/dsp Shellcode (172 bytes) Linux/x86 - /bin/sh Standard Opcode Array Payload Shellcode (21 bytes) Linux/x86 - read(0_buf_2541); + chmod(buf_4755); Shellcode (23 bytes) Linux/x86 - write(0__Hello core!\n__12); Exit Shellcode (36/43 bytes) Linux/x86 - snoop /dev/dsp Null-Free Shellcode (172 bytes) Linux/x86 - execve /bin/sh Standard Opcode Array Payload Shellcode (21 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes) Linux/x86 - chroot + standart Shellcode (66 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes) Linux/x86 - Break chroot (../ 20x Loop) + execve /bin/sh Shellcode (66 bytes) Linux/x86 - setreuid/execve Shellcode (31 bytes) Linux/x86 - Alphanumeric Shellcode (64 bytes) Linux/x86 - Alphanumeric using IMUL Method Shellcode (88 bytes) Linux/x86 - setreuid + execve Shellcode (31 bytes) Linux/x86 - Alphanumeric Encoded Shellcode (64 bytes) Linux/x86 - Alphanumeric Encoder (IMUL Method) Shellcode (88 bytes) Linux/x86 - Bind 5074/TCP (ToUpper Encoded) Shellcode (226 bytes) Linux/x86 - Add User (t00r) Anti-IDS Shellcode (116 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) ToUpper Encoded Shellcode (226 bytes) Linux/x86 - Add Root User (t00r) Anti-IDS Shellcode (116 bytes) Linux/x86 - iptables -F Shellcode (45 bytes) Linux/x86 - iptables -F Shellcode (58 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (45 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (58 bytes) Linux/x86 - connect Shellcode (120 bytes) Linux/x86 - Reverse TCP /bin/sh Shell Shellcode (120 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy Shellcode (126 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; + chmod 4555 katy Shellcode (126 bytes) Linux/x86 - execve /bin/sh setreuid(12_12) Shellcode (50 bytes) Linux/x86 - Bind 5074/TCP Shellcode (92 bytes) Linux/x86 - Bind 5074/TCP + fork() Shellcode (130 bytes) Linux/x86 - Add User (t00r) Shellcode (82 bytes) Linux/x86 - Add User Shellcode (104 bytes) Linux/x86 - break chroot Shellcode (34 bytes) Linux/x86 - break chroot Shellcode (46 bytes) Linux/x86 - break chroot execve /bin/sh Shellcode (80 bytes) Linux/x86 - execve /bin/sh + setreuid(12_12) Shellcode (50 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) Shellcode (92 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) + fork() Shellcode (130 bytes) Linux/x86 - Add Root User (t00r) Shellcode (82 bytes) Linux/x86 - Add Root User Shellcode (104 bytes) Linux/x86 - Break chroot (../ 10x Loop) Shellcode (34 bytes) Linux/x86 - Break chroot (../ 10x Loop) Shellcode (46 bytes) Linux/x86 - Break chroot + execve /bin/sh Shellcode (80 bytes) Linux/x86 - execve /bin/sh (XOR Encoded) Shellcode (55 bytes) Linux/x86 - execve /bin/sh XOR Encoded Shellcode (55 bytes) Linux/x86 - chroot()/execve() code Shellcode (80 bytes) Linux/x86 - Add User (z) Shellcode (70 bytes) Linux/x86 - break chroot setuid(0) + /bin/sh Shellcode (132 bytes) Linux/x86-64 - Bind 4444/TCP Shellcode (132 bytes) Linux/x86 - Add Root User (z) Shellcode (70 bytes) Linux/x86 - setreuid(0_ 0) + Break chroot (mkdir/chdir/chroot _../_) + execve /bin/sh Shellcode (132 bytes) Linux/x86-64 - Bind TCP Shell (4444/TCP) Shellcode (132 bytes) Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes) OSX PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes) Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes) Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes) Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes) Linux/PPC / Linux/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes) OSX/PPC / OSX/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes) Linux/x86 / Unix/SPARC / IRIX/MIPS - execve /bin/sh Shellcode (141 bytes) Linux/x86 / Unix/SPARC - execve /bin/sh Shellcode (80 bytes) BSD/x86 / Linux/x86 - execve /bin/sh Shellcode (38 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes) NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes) NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes) OpenBSD/x86 - Bind 6969/TCP Shellcode (148 bytes) OpenBSD/x86 - Add user _w00w00_ Shellcode (112 bytes) OSX/PPC - sync()_ reboot() Shellcode (32 bytes) OpenBSD/x86 - Bind TCP Shell (6969/TCP) Shellcode (148 bytes) OpenBSD/x86 - Add Root User (w00w00) Shellcode (112 bytes) OSX/PPC - sync() + reboot() Shellcode (32 bytes) OSX/PPC - Add user _r00t_ Shellcode (219 bytes) OSX/PPC - Add Root User (r00t) Shellcode (219 bytes) Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes) Solaris/SPARC - Reverse TCP XNOR Encoded Shell (44434/TCP) Shellcode (600 bytes) (Generator) Solaris/SPARC - setreuid/execve Shellcode (56 bytes) Solaris/SPARC - Bind 6666/TCP Shellcode (240 bytes) Solaris/SPARC - setreuid + executes command Shellcode (92+ bytes) Solaris/SPARC - Reverse TCP Shell (44434/TCP) XNOR Encoded Shellcode (600 bytes) (Generator) Solaris/SPARC - setreuid + execve Shellcode (56 bytes) Solaris/SPARC - Bind TCP Shell (6666/TCP) Shellcode (240 bytes) Solaris/SPARC - Bind 6789/TCP Shellcode (228 bytes) Solaris/SPARC - Reverse TCP Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes) Solaris/SPARC - Bind Shellcode (240 bytes) Solaris/x86 - Bind TCP Shellcode (Generator) Solaris/SPARC - Bind TCP /bin/sh (6789/TCP) Shellcode (228 bytes) Solaris/SPARC - Reverse TCP /bin/sh Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes) Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes) Solaris/x86 - Bind TCP Shellcode (Generator) Windows 5.0 < 7.0 x86 - Bind Shell 28876/TCP Null-Free Shellcode Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes) Win32 - SEH Omelet Shellcode Win32 - Bind 23/TCP Winexec Telnet Shellcode (111 bytes) Win32 - PEB!NtGlobalFlags Shellcode (14 bytes) Win32 XP SP2 (FR) - Sellcode cmd.exe Shellcode (32 bytes) Win32/XP SP2 - cmd.exe Shellcode (57 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Win32 - ConnectBack + Download A File + Save + Execute Shellcode Win32 - Download File + Execute Shellcode (Browsers Edition) (Generator) (275+ bytes) Win32 - Download File + Execute Shellcode (192 bytes) Win32 - Download File + Execute Shellcode (124 bytes) Win32/NT/XP - IsDebuggerPresent Shellcode (39 bytes) Win32 SP1/SP2 - Beep Shellcode (35 bytes) Win32/XP SP2 - Pop up message box Shellcode (110 bytes) Win32 - WinExec() Command Parameter Shellcode (104+ bytes) Win32 - Download File + Execute Shellcode (226+ bytes) Windows NT/2000/XP (Russian) - Add User 'slim' Shellcode (318 bytes) Windows 5.0 < 7.0 x86 - Bind TCP Shell (28876/TCP) Null-Free Shellcode Windows XP SP2 x86 (English) - cmd.exe Shellcode (23 bytes) Windows x86 - SEH Omelet Shellcode Windows x86 - Add Administrator User (GAZZA/123456) + Start Telnet Service Shellcode (111 bytes) Windows x86 - PEB!NtGlobalFlags Shellcode (14 bytes) Windows XP SP2 x86 (French) - Sellcode cmd.exe Shellcode (32 bytes) Windows XP SP2 x86 - cmd.exe Shellcode (57 bytes) Windows x86 - PEB _Kernel32.dll_ ImageBase Finder Alphanumeric Shellcode (67 bytes) Windows x86 - PEB _Kernel32.dll_ ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Windows x86 - ConnectBack + Download A File + Save + Execute Shellcode Windows x86 - Download File + Execute Shellcode (Browsers Edition) (275+ bytes) (Generator) Windows x86 - Download File + Execute Shellcode (192 bytes) Windows x86 - Download File + Execute Shellcode (124 bytes) Windows NT/XP x86 - IsDebuggerPresent Shellcode (39 bytes) Windows SP1/SP2 x86 - Beep Shellcode (35 bytes) Windows XP SP2 x86 - Pop up message box Shellcode (110 bytes) Windows x86 - WinExec() Command Parameter Shellcode (104+ bytes) Windows x86 - Download File + Execute Shellcode (226+ bytes) Windows NT/2000/XP (Russian) - Add Administartor User (slim/shady) Shellcode (318 bytes) Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator) Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator) Windows XP - Download File + Execute Shellcode Windows XP SP1 - Bind 58821/TCP Shellcode (116 bytes) Windows XP - Download File + Execute Null-Free Shellcode Windows XP SP1 - Bind TCP Shell (58821/TCP) Shellcode (116 bytes) Win64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes) Windows x64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes) Linux/x86 - setuid(0) + cat /etc/shadow Shellcode (49 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (33 bytes) Linux/x86 - setuid(0) + /bin/cat /etc/shadow Shellcode (49 bytes) Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes) Win32 XP SP3 - ShellExecuteA Shellcode Linux/x86 - Pverwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes) Windows XP SP3 x86 - ShellExecuteA Shellcode Win32 XP SP3 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode FreeBSD/x86 - Bind 1337/TCP Shellcode (167 bytes) Win32/XP SP2 - calc.exe Shellcode (45 bytes) Windows XP SP3 x86 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode FreeBSD/x86 - Bind TCP /bin/sh Shell (1337/TCP) Shellcode (167 bytes) Windows XP SP2 x86 - calc.exe Shellcode (45 bytes) Win32/XP SP2 (EN + AR) - cmd.exe Shellcode (23 bytes) Windows XP SP2 x86 (English / Arabic) - cmd.exe Shellcode (23 bytes) Linux/x86 - break chroot Shellcode (79 bytes) Linux/x86 - setuid + Break chroot (mkdir/chdir/chroot _..._) + execve /bin/sh Shellcode (79 bytes) Linux/x86 - Append '/etc/passwd' + exit() Shellcode (107 bytes) Linux/x86 - Add Root User (toor) To /etc/passwd + exit() Shellcode (107 bytes) Win32 XP SP2 (FR) - calc Shellcode (19 bytes) Windows XP SP2 x86 (French) - calc Shellcode (19 bytes) Linux/x86 - bin/cat /etc/passwd Shellcode (43 bytes) Win32 XP SP3 (English) - cmd.exe Shellcode (26 bytes) Win32 XP SP2 (Turkish) - cmd.exe Shellcode (26 bytes) Linux/x86 - /bin/sh Shellcode (8 bytes) Linux/x86 - execve /bin/cat /etc/passwd Shellcode (43 bytes) Windows XP SP3 x86 (English) - cmd.exe Shellcode (26 bytes) Windows XP SP2 x86 (Turkish) - cmd.exe Shellcode (26 bytes) Linux/x86 - execve /bin/sh Shellcode (8 bytes) Linux/x86 - disabled modsecurity Shellcode (64 bytes) Win32 - JITed Stage-0 Shellcode Win32 - JITed exec notepad Shellcode Windows XP Professional SP2 (ITA) - calc.exe Shellcode (36 bytes) Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes) Linux/x86 - Disabled modsecurity Shellcode (64 bytes) Windows x86 - JITed Stage-0 Shellcode Windows x86 - JITed exec notepad Shellcode Windows XP Professional SP2 (Italian) - calc.exe Shellcode (36 bytes) Windows XP SP2 x86 - write.exe + ExitProcess WinExec Shellcode (16 bytes) Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes) Win32 - MessageBox Shellcode (Metasploit) Windows XP SP3 x86 (Russia) - cmd + ExitProcess WinExec Shellcode (12 bytes) Windows x86 - MessageBox Shellcode (Metasploit) Linux/x86 - Bind nc -lvve/bin/sh -p13377 Shellcode Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes) Linux/x86 - Bind Netcat Shell (13377/TCP) Shellcode Linux/x86 - chmod 0666 /etc/shadow Shellcode (36 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (29 bytes) Linux - write() + exit(0) Shellcode (Genearator With Customizable Text) Linux/x86 - chmod 0777 /etc/shadow Shellcode (33 bytes) Linux/x86 - chmod 0777 /etc/shadow Shellcode (29 bytes) Linux - write() + exit(0) Shellcode (Generator) Linux/x86 - Sends 'Phuck3d!' To All Terminals Shellcode (60 bytes) Linux/x86 - Sends _Phuck3d!_ To All Terminals Shellcode (60 bytes) Windows XP SP2 (FR) - Download File + Execute Shellcode Windows XP SP2 (French) - Download File + Execute Shellcode Linux/x86 - Disable randomize stack addresse Shellcode (106 bytes) Linux/x86 - Disable ASLR Security Shellcode Shellcode (106 bytes) Linux/x86 - setuid(0) + chmod(_/etc/shadow__ 0666) Polymorphic Shellcode (61 bytes) Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall Shellcode (39 bytes) Linux/x86 - setuid(0) + chmod 0666 /etc/shadow Polymorphic Shellcode (61 bytes) Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/shadow Shellcode (39 bytes) Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall Shellcode (39 bytes) Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/passwd Shellcode (39 bytes) Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes) Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes) Solaris/x86 - Sync() & reboot() + exit(0) Shellcode (48 bytes) Solaris/x86 - Sync() + reboot() + exit(0) Shellcode (48 bytes) Linux/x86 - Bind 31337/TCP + setreuid (0_0) Polymorphic Shellcode (131 bytes) Linux/x86-64 - setuid(0) + chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes) Linux/x86 - Bind TCP Shell (31337/TCP) + setreuid(0_0) Polymorphic Shellcode (131 bytes) Linux/x86-64 - setuid(0) + chmod 0777 /etc/passwd + exit(0) Shellcode (63 bytes) Windows XP SP3 (SPA) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes) Windows XP SP3 (Spanish) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes) Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes) Windows - cmd.exe + ExitProcess WinExec Shellcode (195 bytes) Linux/x86 - /bin/sh Polymorphic Shellcode (116 bytes) Linux/ARM - chmod(_/etc/shadow__ 0777) polymorphic Shellcode (84 bytes) Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes) Linux/x86 - execve /bin/sh Polymorphic Shellcode (116 bytes) Linux/ARM - chmod 0777 /etc/shadow Polymorphic Shellcode (84 bytes) Linux/ARM - chmod 0777 /etc/shadow Shellcode (35 bytes) Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); (XOR 88 encoded) Polymorphic Shellcode (78 bytes) Linux/x86 - Bind Shell 64533 Shellcode (97 bytes) Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); XOR 88 Encoded Polymorphic Shellcode (78 bytes) Linux/x86 - Bind TCP /bin/sh Shell (64533/TCP) Shellcode (97 bytes) Linux - setreuid(0_0) execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes) Safari 4.0.5 - 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Shellcode Linux - Bind 6778/TCP (XOR Encoded) Polymorphic Shellcode (125 bytes) Linux - Bind Shell (nc -lp 31337 -e /bin//sh) Polymorphic Shellcode (91 bytes) ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator) Linux - setreuid(0_0) + execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes) Safari 4.0.5 < 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Null-Free Shellcode Linux - Bind TCP Shell (6778/TCP) XOR Encoded Polymorphic Shellcode (125 bytes) Linux - Bind Netcat Shell (31337/TCP) Polymorphic Shellcode (91 bytes) ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator) Win32 - Write-to-file Shellcode (278 bytes) Windows x86 - Write-to-file Null-Free Shellcode (278 bytes) Linux/x86 - Bind Shell Netcat 8080/TCP Shellcode (75 bytes) Linux/x86 - /bin/sh Polymorphic Null-Free Shellcode (46 bytes) Windows XP SP3 English - MessageBoxA Shellcode (87 bytes) BSD/x86 - Bind Shell 2525/TCP Shellcode (167 bytes) Win32 - Checksum Routine Shellcode (18 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (8080/TCP) Shellcode (75 bytes) Linux/x86 - execve /bin/sh Polymorphic Null-Free Shellcode (46 bytes) Windows XP SP3 (English) - MessageBoxA Shellcode (87 bytes) BSD/x86 - Bind TCP Shell (2525/TCP) Shellcode (167 bytes) Windows x86 - Checksum Routine Shellcode (18 bytes) Win32/XP SP3 (TR) - Add Administrator 'zrl' Shellcode (127 bytes) Windows XP SP3 x86 (Turkish) - Add Administrator User (zrl/123456) Shellcode (127 bytes) Win32/XP Professional SP3 (EN) x86 - Add New Local Administrator 'secuid0' Shellcode (113 bytes) Win32 - Add New Local Administrator 'secuid0' Shellcode (326 bytes) Windows XP Professional SP3 (English) x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes) Windows x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (326 bytes) ARM - Bind Connect (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode ARM - Loader Port 0x1337 Shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode ARM - Bind (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode ARM - Loader (0x1337/TCP) Shellcode ARM - ifconfig eth0 192.168.0.2 up Shellcode ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes) Win32 - Speaking 'You got pwned!' Shellcode FreeBSD/x86 - connect back Shellcode (81 bytes) BSD/x86 - Bind Shell 31337/TCP + fork Shellcode (111 bytes) Win32 - eggsearch Shellcode (33 bytes) Linux/SuperH (sh4) - setuid(0) + chmod(_/etc/shadow__ 0666) + exit(0) Shellcode (43 bytes) Linux/x86 - Bind Shell Netcat 6666/TCP Shellcode (69 bytes) OSX/Intel (x86-64) - Reverse TCP Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes) Windows - WinExec Add New Local Administrator 'RubberDuck' + ExitProcess Shellcode (279 bytes) Linux/x86 - ASLR deactivation Shellcode (83 bytes) Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit) Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes) ARM - Add Root User Shellcode (Metasploit) (66+ bytes) (Generator) Windows 5.0 < 7.0 x86 - Speaking _You got pwned!_ Null-Free Shellcode FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:1337/TCP) Shellcode (81 bytes) (Generator) BSD/x86 - Bind TCP Shell (31337/TCP) + fork Shellcode (111 bytes) Windows x86 - eggsearch Shellcode (33 bytes) Linux/SuperH (sh4) - setuid(0) + chmod 0666 /etc/shadow + exit(0) Shellcode (43 bytes) Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69 bytes) OSX/Intel (x86-64) - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes) Windows - Add Local Administrator User (RubberDuck/mudbath) + ExitProcess WinExec Shellcode (279 bytes) Linux/x86 - Disable ASLR Security Shellcode (83 bytes) Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit) Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes) Win32/PerfectXp-pc1/SP3 (TR) - Add Administrator 'kpss' Shellcode (112 bytes) Linux/x86 - Egghunter Shellcode (29 bytes) Windows PerfectXp-pc1/SP3 x86 (Turkish) - Add Administrator User (kpss/12345) Shellcode (112 bytes) Linux/x86 - Egghunter Null-Free Shellcode (29 bytes) Linux/MIPS - XOR Encoder Shellcode (Generator) (60 bytes) Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes) Linux/MIPS - XOR Encoder Shellcode (60 bytes) (Generator) Linux/SuperH (sh4) - setuid(0); + execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes) Linux/MIPS - Add User(UID 0) (rOOt/'pwn3d) Shellcode (164 bytes) Linux/MIPS - Add Root User (rOOt/pwn3d) Shellcode (164 bytes) Linux/MIPS - Connectback Shellcode (port 0x7a69) (168 bytes) Linux/MIPS - Reverse TCP Shell (0x7a69/TCP) Shellcode (168 bytes) Linux/x86 - setuid(0) + setgid(0) + Add User (iph) To /etc/passwd Polymorphic Shellcode Linux/x86 - setuid(0) + setgid(0) + Add Root User (iph) To /etc/passwd Polymorphic Shellcode Linux/x86-64 - Add User (t0r/Winner) Shellcode (189 bytes) Linux/x86-64 - Add Root User (t0r/Winner) Shellcode (189 bytes) Linux/ARM (Raspberry Pi) - Reverse TCP Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes) Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes) Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes) Linux/ARM (Raspberry Pi) - chmod 0777 /etc/shadow Shellcode (41 bytes) Windows XP Professional SP3 - Full ROP calc Shellcode (428 bytes) Windows x64 - Bind TCP Shell Shellcode (508 bytes) Windows XP Professional SP3 - calc Full ROP Shellcode (428 bytes) Windows x64 - Bind TCP Shell (4444/TCP) Shellcode (508 bytes) Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes) Cisco ASA - Authentication Bypass _EXTRABACON_ (Improved Shellcode) (69 bytes) Windows RT ARM - Bind Shell 4444/TCP Shellcode Windows RT ARM - Bind TCP Shell (4444/TCP) Shellcode Windows - Messagebox Shellcode (113 bytes) Linux/MIPS (Little Endian) - Reverse TCP Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes) Windows 7 x86 - Bind Shell 4444/TCP Shellcode (357 Bytes) Windows - Add Administrator 'BroK3n' Shellcode (194 bytes) Windows - Messagebox Null-FreeShellcode (113 bytes) Linux/MIPS (Little Endian) - Reverse TCP /bin/sh Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes) Windows 7 x86 - Bind TCP Shell (4444/TCP) Shellcode (357 Bytes) Windows - Add Administrator User (BroK3n/BroK3n) Null-Free Shellcode (194 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes) Linux/x86-64 - Reverse TCP Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes) Linux/x86-64 - Reverse TCP /bin/bash Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes) Linux/x86-64 - Bind TCP Password (Z~r0) Shell (4444/TCP) Shellcode (81/96 bytes) Linux/x86-64 - Reverse TCP Password (Z~r0) Shell (127.0.0.1:4444/TCP) Shellcode (77-85/90-98 bytes) Windows x86 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows x64 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) + Password (Z~r0) Null-Free Shellcode (81/96 bytes) Linux/x86-64 - Reverse TCP Password (Z~r0) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free + Null-Mask Shellcode (77-85/90-98 bytes) Windows x86 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows x64 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows XP x86-64 - Download File + Execute Shellcode (Generator) Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow Shellcode (55 bytes) Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd Shellcode (55 bytes) Windows XP x86-64 - Download File + Execute Shellcode (Generator) Linux/MIPS (Little Endian) - chmod 666 /etc/shadow Shellcode (55 bytes) Linux/MIPS (Little Endian) - chmod 666 /etc/passwd Shellcode (55 bytes) Linux/x86 - execve(_/bin/sh_) (ROT13 Encoded) Shellcode (68 bytes) Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes) Linux/x86 - execve(_/bin/sh_) ROT13 Encoded Shellcode (68 bytes) Linux/x86 - chmod 0777 /etc/shadow Obfuscated Shellcode (84 bytes) Linux/x86 - Reverse TCP Shell (192.168.1.133:33333) Shellcode (72 bytes) Linux/x86 - Bind Shell 33333/TCP Shellcode (96 bytes) Linux/x86 - Disable ASLR Shellcode (84 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (192.168.1.133:33333) Shellcode (72 bytes) Linux/x86 - Bind TCP /bin/sh Shell (33333/TCP) Shellcode (96 bytes) Linux/x86 - Disable ASLR Security Shellcode (84 bytes) Linux/x86 - Typewriter Shellcode (Generator) Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes) Linux/x86 - Typewriter Shellcode (Generator) Linux/x86 - Create _my.txt_ In Working Directory Shellcode (37 bytes) Win32/XP SP3 - Create ('file.txt') Shellcode (83 bytes) Win32/XP SP3 - Restart computer Shellcode (57 bytes) Linux/x86 - custom execve Shellcode (Encoder/Decoder) (Generator) Windows XP SP3 x86 - Create (_file.txt_) Shellcode (83 bytes) Windows XP SP3 x86 - Restart Computer Shellcode (57 bytes) Linux/x86 - Custom execve Shellcode (Encoder/Decoder) (Generator) Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (17771/TCP) Shellcode (58 bytes) Linux/x86 - chmod() 777 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes) Linux/x86 - chmod 777 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - execve /bin/sh Shellcode (21 bytes) Linux/x86 - Bind Shell Netcat 5555/TCP Shellcode (60 bytes) Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes) Linux/x86 - Bind Netcat Shell (5555/TCP) Shellcode (60 bytes) Linux/x86-64 - execve(/bin/sh) Null-Free Shellcode (30 bytes) Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes) Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes) Linux/x86 - chmod('/etc/shadow'_'0777') Shellcode (42 bytes) Linux/x86 - exec('/bin/dash') Shellcode (45 bytes) Linux/x86 - chmod 0777 /etc/passwd Shellcode (42 bytes) Linux/x86 - chmod /etc/gshadow Shellcode (37 bytes) Linux/x86 - chmod 0777 /etc/shadow Shellcode (42 bytes) Linux/x86 - exec(_/bin/dash_) Shellcode (45 bytes) Linux/x86 - /bin/sh (ROT7 Encoded) Shellcode Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes) Linux/x86 - execve /bin/sh ROT7 Encoded Shellcode Windows XP SP3 x86 (Turkish) - MessageBox Shellcode (24 bytes) Windows x86 - user32!MessageBox 'Hello World!' Null-Free Shellcode (199 bytes) Linux/x86 - /bin/sh (ROL/ROR Encoded) Shellcode Windows x86 - user32!MessageBox _Hello World!_ Null-Free Shellcode (199 bytes) Linux/x86 - execve /bin/sh ROL/ROR Encoded Shellcode OSX/x86-64 - /bin/sh Null-Free Shellcode (34 bytes) Mainframe/System Z - Bind Shell 12345/TCP Shellcode (2488 bytes) OSX/x86-64 - execve /bin/sh Null-Free Shellcode (34 bytes) Mainframe/System Z - Bind TCP Shell (12345/TCP) Null-Free Shellcode (2488 bytes) Linux/x86 - Create file with permission 7775 + exit Shellcode (Generator) Linux/x86 - Create File With Permission 7775 + exit Shellcode (Generator) OSX/x86-64 - Bind 4444/TCP Null-free Shellcode (144 bytes) Linux/x86-64 - /bin/sh Shellcode (34 bytes) Google Android - Telnetd Port 1035 with Parameters Shellcode (248 bytes) OSX/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (144 bytes) Linux/x86-64 - execve /bin/sh Shellcode (34 bytes) Google Android - Bind Telnetd Shell (1035/TCP) + Environment / Parameters Shellcode (248 bytes) Linux/x86-64 - Bind TCP Password (1234) Shell (31173/TCP) Shellcode (92 bytes) Linux/x86-64 - Bind TCP /bin/sh Password (1234) Shell (31173/TCP) Shellcode (92 bytes) Windows XP < 10 - WinExec Null-Free Shellcode (Generator) (Python) Linux/x86-64 - Bind 4444/TCP Shellcode (103 bytes) Linux/x86-64 - Bind TCP Password (hack) Shell (4444/TCP) Shellcode (162 bytes) Windows XP < 10 - WinExec Null-Free Shellcode (Generator) Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (103 bytes) Linux/x86-64 - Bind TCP /bin/sh Password (hack) Shell (4444/TCP) Null-Free Shellcode (162 bytes) Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Shellcode (151 bytes) Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free Shellcode (151 bytes) Linux/x86-64 - execve (xor/not/div Encoded) Shellcode (54 bytes) Linux/x86-64 - execve XOR/NOT/DIV Encoded Shellcode (54 bytes) Linux x86/x86-64 - Bind 4444/TCP Shellcode (251 bytes) Linux x86/x86-64 - Bind Shell (4444/TCP) Shellcode (251 bytes) Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (122 bytes) Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (135 bytes) Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (122 bytes) Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (135 bytes) Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes) Linux/ARM - Reverse TCP /bin/sh Shell (10.0.0.10:1337/TCP) Shellcode (95 bytes) Linux/x86-64 - Bind 5600/TCP Shellcode (81 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (81 bytes) Linux/x86-64 - Bind 5600/TCP Shellcode (86 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (86 bytes) Linux/x86 - Reverse TCP Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes) Linux/x86 - Bind 1472/TCP Shell (IPv6) Shellcode (1250 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes) Linux/x86 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (1250 bytes) Win32 .Net Framework - Execute Native x86 Shellcode Linux/x86-64 - Bind 1472/TCP Shell (IPv6) Shellcode (199 bytes) Linux/x86-64 - Reverse TCP Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes) Windows .Net Framework x86 - Execute Native x86 Shellcode Linux/x86-64 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (199 bytes) Linux/x86-64 - Reverse TCP /bin/sh Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes) Linux/x86 - Bind Shell 1234/TCP (Configurable Port) Shellcode (87 bytes) Linux/x86 - Bind TCP /bin/sh Shell (1234/TCP) Shellcode (87 bytes) (Generator) Linux/x86 - Bind Shell 4444/TCP Shellcode (656 bytes) Linux/x86-64 - execve (XOR Encoded) Shellcode (84 bytes) Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86 - Bind TCP /bin/bash Shell (4444/TCP) Shellcode (656 bytes) Linux/x86-64 - execve XOR Encoded Shellcode (84 bytes) BSD / Linux / Windows x86/x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (13337/TCP) Shellcode (56 bytes) Linux/x86 - /bin/sh + ASLR Bruteforce Shellcode Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes) Linux/x86-64 - Bind Netcat Shellcode (64 bytes) Linux/x86 - Bind Shell 4444/TCP Shellcode (98 bytes) Linux/x86-64 - Bind Ncat (4442/TCP) Shell / SSL / Multi-Channel (4444/TCP-4447/TCP) / Persistant / Fork / IPv4/6 / Password Shellcode (176 bytes) Linux/x86 - Reverse TCP Shell (192.168.227.129:4444) Shellcode (75 bytes) Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Shellcode (172 bytes) Linux/x86 - execve /bin/sh + ASLR Bruteforce Shellcode Linux/x86-64 - Reverse TCP cat /etc/passwd (192.168.86.128:1472/TCP) Shellcode (164 bytes) Linux/x86-64 - Bind Netcat Shell Null-Free Shellcode (64 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (98 bytes) Linux/x86-64 - Bind Ncat Shell (4442/TCP) / SSL / Multi-Channel (4444-4447/TCP) / Persistant / Fork / IPv4/6 / Password Null-Free Shellcode (176 bytes) Linux/x86 - Reverse TCP /bin/sj Shell (192.168.227.129:4444) Shellcode (75 bytes) Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Null-Free Shellcode (172 bytes) Linux/x86-64 - Bind TCP (4442/TCP) Shell / Syscall Persistent / Multi-Terminal (4444/TCP-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes) Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes) Linux/x86-64 - Bind TCP Shell (4442/TCP) / Syscall Persistent / Multi-Terminal (4444-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes) Linux/CRISv32 - Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes) Linux/x86 - Bind Netcat 98/TCP + UDP Shellcode (44/52 bytes) Linux/x86 - Bind zsh 9090/TCP Shellcode (96 bytes) Linux/x86 - Reverse TCP ZSH (127.255.255.254:9090/TCP) Shellcode (80 bytes) Linux/x86 - Bind Netcat Shell (98/TCP + UDP) Shellcode (44/52 bytes) Linux/x86 - Bind TCP /bin/zsh Shell (9090/TCP) Shellcode (96 bytes) Linux/x86 - Reverse TCP /bin/zsh Shell (127.255.255.254:9090/TCP) Shellcode (80 bytes) Windows x64 - WinExec() Shellcode (93 bytes) Windows x64 - cmd.exe WinExec() Shellcode (93 bytes) Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) Linux/x86-64 - execve /bin/sh -c reboot Shellcode (89 bytes) Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes) Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes) Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes) Linux/x86 - execve /bin/bash -c Arbitrary Command Execution Null-Free Shellcode (72 bytes) Linux/x86-64 - Bind 5600/TCP - Shellcode (87 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (87 bytes) Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (Genearator) (129 bytes) Linux/x86 - Reverse TCP Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes) Linux - Bind Shell Dual/Multi Mode Shellcode (156 bytes) Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (129 bytes) (Generator) Linux/x86 - Reverse TCP /bin/sh Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes) Linux - Bind TCP Dual/Multi Mode Shell Shellcode (156 bytes) Linux/x86-64 - Reverse TCP Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes) Linux/x86-64 - Reverse TCP /bin/sh Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes) Windows x86 - Executable Directory Search Shellcode (130 bytes) Windows x86 - Executable Directory Search Null-Free Shellcode (130 bytes) Linux/x86-64 - Flush IPTables Polymorphic Shellcode (47 bytes) Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Polymorphic Shellcode (47 bytes) Linux/x86-64 - Reverse Netcat Polymorphic Shell (127.0.0.1:1234) Shellcode (106 bytes) Linux/x86-64 - Reverse Netcat Shell (127.0.0.1:1234) Polymorphic Shellcode (106 bytes) Linux/x86 - Bind Shell Shellcode (44 bytes) Linux/x86 - Bind TCP /bin/sh Random Port Shell Shellcode (44 bytes) Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Shellcode (67 bytes) Linux/x86 - Reverse /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes) Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Null-Free Shellcode (67 bytes) Linux/x86 - Reverse TCP /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes) Linux/x86 - Disable ASLR Shellcode (80 bytes) Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Shellcode (113 bytes) Linux/x86 - Disable ASLR Security Shellcode (80 bytes) Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Null-Free Shellcode (113 bytes) Linux/x86-64 - /bin/sh Shellcode (31 bytes) Linux/x86 - execve(/bin/sh) setuid(0) setgid(0) (XOR Encoded) Shellcode (66 bytes) Linux/x86-64 - execve /bin/sh Shellcode (31 bytes) Linux/x86 - execve(/bin/sh) + setuid(0) + setgid(0) XOR Encoded Shellcode (66 bytes) Linux/x86 - Reverse UDP Shell (127.0.0.1:53/UDP) Shellcode (668 bytes) Linux/x86 - Bind Shell 4444/TCP Shellcode (75 bytes) Linux/x86 - Reverse UDP /bin/sh Shell (127.0.0.1:53/UDP) Shellcode (668 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (75 bytes) Linux x86 - /bin/sh Shellcode (24 bytes) Linux x86 - execve /bin/sh Shellcode (24 bytes) Linux/x86_64 - kill All Processes Shellcode (19 bytes) Linux/x86_64 - Kill All Processes Shellcode (19 bytes) Php Cloud mining Script - Authentication Bypass (Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass	2017-08-23 05:01:29 +00:00
Offensive Security	479ae86249	DB: 2016-09-06 5 new exploits ProFTPD 1.2.9RC1 - (mod_sql) SQL Injection ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection PHPBB 2.0.4 - PHP Remote File Inclusion Exploit phpBB 2.0.4 - PHP Remote File Inclusion Exploit wu-ftpd 2.6.2 - Off-by-One Remote Root Exploit WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit wu-ftpd 2.6.2 - Remote Root Exploit WU-FTPD 2.6.2 - Remote Root Exploit ProFTPD 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service wu-ftpd 2.6.0 - Remote Root Exploit WU-FTPD 2.6.0 - Remote Root Exploit OpenBSD 2.6 / 2.7ftpd - Remote Exploit OpenBSD 2.6 / 2.7 ftpd - Remote Exploit wu-ftpd 2.6.0 - Remote Format Strings Exploit WU-FTPD 2.6.0 - Remote Format Strings Exploit ProFTPD 1.2.0 (rc2) - memory leakage example Exploit ProFTPd 1.2.0 (rc2) - memory leakage example Exploit ProFTPD 1.2.0pre10 - Remote Denial of Service ProFTPd 1.2.0pre10 - Remote Denial of Service wu-ftpd 2.6.1 - Remote Root Exploit WU-FTPD 2.6.1 - Remote Root Exploit OpenFTPD 0.30.2 - Remote Exploit OpenFTPD 0.30.1 - (message system) Remote Shell Exploit OpenFTPd 0.30.2 - Remote Exploit OpenFTPd 0.30.1 - (message system) Remote Shell Exploit PHP - (PHP-exec-dir) Patch Command Access Restriction Bypass PHP - (php-exec-dir) Patch Command Access Restriction Bypass ProFTPd (ftpdctl) - Local pr_ctrls_connect ProFTPd - (ftpdctl) Local pr_ctrls_connect ProFTPD 1.2.10 - Remote Users Enumeration Exploit ProFTPd 1.2.10 - Remote Users Enumeration Exploit PHPBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit PHP 4.3.9 + PHPBB 2.x - unserialize() Remote Exploit (Compiled) PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled) Apple QuickTime 6.5.2.10 - '.qtif'Image Parsing Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing wu-ftpd 2.6.2 - File Globbing Denial of Service WU-FTPD 2.6.2 - File Globbing Denial of Service RealPlayer 10 - '.smil'Local Buffer Overflow RealPlayer 10 - '.smil' Local Buffer Overflow PHPBB 2.0.13 - 'downloads.php' mod Remote Exploit phpBB 2.0.13 - 'downloads.php' mod Remote Exploit PHPPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting Invision Power Board 2.0.3 - login.php SQL Injection Invision Power Board 2.0.3 - login.php SQL Injection (tutorial) Invision Power Board 2.0.3 - 'login.php' SQL Injection Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) Invision Power Board 1.3.1 - login.php SQL Injection Invision Power Board 1.3.1 - 'login.php' SQL Injection PHPBB 2.0.15 - (highlight) Remote PHP Code Execution phpBB 2.0.15 - (highlight) Remote PHP Code Execution Solaris SPARC / x86 - Local Socket Hijack Exploit Solaris (SPARC / x86) - Local Socket Hijack Exploit PHPBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) Microsoft Windows XP SP2 - 'rdpwd.sys'Remote Kernel Denial of Service Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service PHPBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit FreeFTPD 1.0.8 - (USER) Remote Buffer Overflow freeFTPd 1.0.8 - (USER) Remote Buffer Overflow FreeFTPD 1.0.10 - (PORT Command) Denial of Service freeFTPd 1.0.10 - (PORT Command) Denial of Service Tftpd32 2.81 - (GET Request) Format String Denial of Service (PoC) TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC) Microsoft HTML Help Workshop - '.hhp'Denial of Service Microsoft HTML Help Workshop - '.hhp' Denial of Service PHPWebSite 0.10.0-full - (topics.php) SQL Injection phpWebSite 0.10.0-full - (topics.php) SQL Injection Microsoft Visual Studio 6.0 sp6 - '.dbp'Buffer Overflow Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow PHPBookingCalendar 1.0c - (details_view.php) SQL Injection phpBookingCalendar 1.0c - (details_view.php) SQL Injection Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure Microsoft Internet Explorer 6 - 'Internet.HHCtrl'Heap Overflow Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow PHPBB 3 - 'memberlist.php' SQL Injection phpBB 3 - 'memberlist.php' SQL Injection WoW Roster 1.70 - (/lib/PHPbb.php) Remote File Inclusion WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion PHPBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion phpBB XS 0.58a - (phpBB_root_path) Remote File Inclusion phpBB Static Topics 1.0 - phpbb_root_path File Include phpBB Static Topics 1.0 - phpBB_root_path File Include PHPBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpBB_root_path) Remote File Inclusions PHP News Reader 2.6.4 - (PHPbb.inc.php) Remote File Inclusion Exploit PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exploit PHPBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit PHPBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit PHPBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit PHPBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit PHPBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit PGOSD - 'misc/function.php3'Remote File Inclusion PGOSD - 'misc/function.php3' Remote File Inclusion HP-UX 11i - (LIBC TZ enviroment variable) Privilege Escalation HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPD 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit Yrch 1.0 - (plug.inc.php path variable) Remote File Inclusion Exploit Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Exploit Vizayn Haber - 'haberdetay.asp id variable'SQL Injection Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection newsCMSlite - 'newsCMS.mdb'Remote Password Disclosure newsCMSlite - 'newsCMS.mdb' Remote Password Disclosure iG Calendar 1.0 - (user.php id variable) SQL Injection iG Calendar 1.0 - (user.php id Variable) SQL Injection uniForum 4 - 'wbsearch.aspx'SQL Injection uniForum 4 - 'wbsearch.aspx' SQL Injection MGB 0.5.4.5 - (email.php id variable) SQL Injection MGB 0.5.4.5 - (email.php id Variable) SQL Injection Microsoft Help Workshop 4.03.0002 - '.CNT'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow Microsoft Visual C++ - '.RC Resource Files'Local Buffer Overflow Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow Phpbb Tweaked 3 - (phpbb_root_path) Remote File Inclusion phpBB Tweaked 3 - (phpBB_root_path) Remote File Inclusion phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit phpBB++ Build 100 - (phpBB_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpBB_root_path) Remote File Inclusion Exploit ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) News Bin Pro 5.33 - '.NBI'Local Buffer Overflow News Bin Pro 5.33 - '.nbi' Local Buffer Overflow Extreme PHPBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite'Local Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit Microsoft Windows - '.doc'Malformed Pointers Denial of Service Microsoft Windows - '.doc' Malformed Pointers Denial of Service GestArt Beta 1 - 'aide.php aide'Remote File Inclusion GestArt Beta 1 - 'aide.php aide' Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path'Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion Corel Wordperfect X3 13.0.0.565 - '.PRS'Local Buffer Overflow Corel Wordperfect X3 13.0.0.565 - '.prs' Local Buffer Overflow ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) Winamp 5.3 - '.WMV'Remote Denial of Service Winamp 5.3 - '.wmv' Remote Denial of Service ACDSee 9.0 - '.XPM'Local Buffer Overflow XnView 1.90.3 - '.XPM'Local Buffer Overflow WEBInsta FM 0.1.4 - login.php absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.CLP'Buffer Overflow ACDSee 9.0 - '.xpm' Local Buffer Overflow XnView 1.90.3 - '.xpm' Local Buffer Overflow WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow ABC-View Manager 1.42 - '.PSP'Buffer Overflow FreshView 7.15 - '.PSP'Buffer Overflow ABC-View Manager 1.42 - '.psp' Buffer Overflow FreshView 7.15 - '.psp' Buffer Overflow Gimp 2.2.14 - '.ras'SUNRAS Plugin Buffer Overflow Gimp 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow IrfanView 4.00 - '.iff'Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png'Buffer Overflow Exploit IrfanView 4.00 - '.iff' Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit RealPlayer 10 - '.ra'Remote Denial of Service RealPlayer 10 - '.ra' Remote Denial of Service Winamp 5.34 - '.mp4'Code Execution Exploit Winamp 5.34 - '.mp4' Code Execution Exploit Wikivi5 - 'show.php sous_rep'Remote File Inclusion Wikivi5 - 'show.php sous_rep' Remote File Inclusion LeadTools Raster Thumbnail Object Library - 'LTRTM14e.DLL'Buffer Overflow Exploit LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow Exploit Scallywag - 'template.php path'Remote File Inclusion Scallywag - 'template.php path' Remote File Inclusion Simple Invoices 2007 05 25 - 'index.php submit'SQL Injection Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection Traffic Stats - 'referralUrl.php offset'SQL Injection Traffic Stats - 'referralUrl.php offset' SQL Injection BBS E-Market - 'postscript.php p_mode'Remote File Inclusion BBS E-Market - 'postscript.php p_mode' Remote File Inclusion PHPBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion bwired - 'index.php newsID'SQL Injection bwired - 'index.php newsID' SQL Injection CrystalPlayer 1.98 - '.mls'Local Buffer Overflow CrystalPlayer 1.98 - '.mls' Local Buffer Overflow PHP123 Top Sites - 'category.php cat'SQL Injection PHP123 Top Sites - 'category.php cat' SQL Injection Live for Speed S1/S2/Demo - '.mpr replay'Buffer Overflow Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe'Stack Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow Live for Speed S1/S2/Demo - '.ply'Buffer Overflow Live for Speed S1/S2/Demo - '.spr'Buffer Overflow CartWeaver - 'Details.cfm ProdID'SQL Injection Prozilla Pub Site Directory - 'directory.php cat'SQL Injection Live for Speed S1/S2/Demo - '.ply' Buffer Overflow Live for Speed S1/S2/Demo - '.spr' Buffer Overflow CartWeaver - 'Details.cfm ProdID' SQL Injection Prozilla Pub Site Directory - 'directory.php cat' SQL Injection Prozilla Webring Website Script - 'category.php cat'SQL Injection Prozilla Webring Website Script - 'category.php cat' SQL Injection GetMyOwnArcade - 'search.php query'SQL Injection GetMyOwnArcade - 'search.php query' SQL Injection ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow Sisfo Kampus 2006 - 'dwoprn.php f'Remote File Download Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download Gelato - 'index.php post'SQL Injection Gelato - 'index.php post' SQL Injection modifyform - 'modifyform.html'Remote File Inclusion modifyform - 'modifyform.html' Remote File Inclusion phpBB Plus 1.53 - (phpbb_root_path) Remote File Inclusion phpBB Plus 1.53 - (phpBB_root_path) Remote File Inclusion Black Lily 2007 - 'products.php class'SQL Injection Black Lily 2007 - 'products.php class' SQL Injection PHPBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion wzdftpd 0.8.0 - (USER) Remote Denial of Service WzdFTPD 0.8.0 - (USER) Remote Denial of Service Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc) Solaris 10 (sparc/x86) - sysinfo Kernel Memory Disclosure Exploit Solaris (sparc/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit Mcms Easy Web Make - 'index.php template'Local File Inclusion Mcms Easy Web Make - 'index.php template' Local File Inclusion MOG-WebShop - 'index.php group'SQL Injection MOG-WebShop - 'index.php group' SQL Injection ClipShare - 'uprofile.php UID'SQL Injection ClipShare - 'uprofile.php UID' SQL Injection samPHPweb - 'db.php commonpath'Remote File Inclusion samPHPweb - 'db.php commonpath' Remote File Inclusion RichStrong CMS - 'showproduct.asp cat'SQL Injection RichStrong CMS - 'showproduct.asp cat' SQL Injection Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr'File Handling Buffer Overflow Exploit Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit IrfanView 4.10 - '.fpx'Memory Corruption Exploit IrfanView 4.10 - '.fpx' Memory Corruption Exploit Fully Modded PHPBB - 'kb.php' SQL Injection Fully Modded phpBB - 'kb.php' SQL Injection ASPapp - 'links.asp CatId'SQL Injection ASPapp - 'links.asp CatId' SQL Injection HIS-Webshop - 'his-webshop.pl t'Remote File Disclosure HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure Easynet Forum Host - 'forum.php forum'SQL Injection Easynet Forum Host - 'forum.php forum' SQL Injection Blog PixelMotion - 'index.php categorie'SQL Injection Blog PixelMotion - 'index.php categorie' SQL Injection Prozilla Forum Service - 'forum.php forum'SQL Injection Prozilla Forum Service - 'forum.php forum' SQL Injection Ksemail - 'index.php language'Local File Inclusion Ksemail - 'index.php language' Local File Inclusion RX Maxsoft - 'popup_img.php fotoID'SQL Injection RX Maxsoft - 'popup_img.php fotoID' SQL Injection Apartment Search Script - 'listtest.php r'SQL Injection Apartment Search Script - 'listtest.php r' SQL Injection Jokes Site Script - 'jokes.php?catagorie'SQL Injection Jokes Site Script - 'jokes.php?catagorie' SQL Injection Anserv Auction XL - 'viewfaqs.php cat'SQL Injection Anserv Auction XL - 'viewfaqs.php cat' SQL Injection fipsCMS - 'print.asp lg'SQL Injection fipsCMS - 'print.asp lg' SQL Injection PostcardMentor - 'step1.asp cat_fldAuto'SQL Injection PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection HispaH Model Search - 'cat.php cat'SQL Injection HispaH Model Search - 'cat.php cat' SQL Injection EMO Realty Manager - 'news.php ida'SQL Injection The Real Estate Script - 'dpage.php docID'SQL Injection EMO Realty Manager - 'news.php ida' SQL Injection The Real Estate Script - 'dpage.php docID' SQL Injection GLLCTS2 - 'listing.php sort'Blind SQL Injection GLLCTS2 - 'listing.php sort' Blind SQL Injection PHPMyCart - 'shop.php cat'SQL Injection PHPMyCart - 'shop.php cat' SQL Injection BaSiC-CMS - 'index.php r'SQL Injection BaSiC-CMS - 'index.php r' SQL Injection Mybizz-Classifieds - 'index.php cat'SQL Injection Mybizz-Classifieds - 'index.php cat' SQL Injection Carscripts Classifieds - 'index.php cat'SQL Injection BoatScripts Classifieds - 'index.php type'SQL Injection Carscripts Classifieds - 'index.php cat' SQL Injection BoatScripts Classifieds - 'index.php type' SQL Injection RSS-Aggregator - 'display.php path'Remote File Inclusion RSS-Aggregator - 'display.php path' Remote File Inclusion MyBlog: PHP and MySQL Blog/CMS software - SQL / Cross-Site Scripting MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting CodeDB - 'list.php lang'Local File Inclusion CodeDB - 'list.php lang' Local File Inclusion HRS Multi - 'picture_pic_bv.asp key'Blind SQL Injection HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo'Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo'Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo'Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection Youtuber Clone - 'ugroups.php UID'SQL Injection Youtuber Clone - 'ugroups.php UID' SQL Injection ZeeReviews - 'comments.php ItemID'SQL Injection ZeeReviews - 'comments.php ItemID' SQL Injection Acoustica Beatcraft 1.02 Build 19 - '.bcproj'Local Buffer Overflow Exploit Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow Exploit Living Local Website - 'listtest.php r'SQL Injection Living Local Website - 'listtest.php r' SQL Injection AWStats Totals - 'AWStatstotals.php sort'Remote Code Execution Exploit AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Exploit Pre Real Estate Listings - 'search.php c'SQL Injection Pre Real Estate Listings - 'search.php c' SQL Injection Hotel reservation System - 'city.asp city'Blind SQL Injection Hotel reservation System - 'city.asp city' Blind SQL Injection Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward'Local Denial of Service Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service Availscript Article Script - 'view.php v'SQL Injection Availscript Article Script - 'view.php v' SQL Injection JETIK-WEB Software - 'sayfa.php kat'SQL Injection JETIK-WEB Software - 'sayfa.php kat' SQL Injection Microsoft Windows GDI+ - '.ico'Remote Division By Zero Exploit Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit ArabCMS - 'rss.php rss'Local File Inclusion ArabCMS - 'rss.php rss' Local File Inclusion Easynet4u faq Host - 'faq.php faq'SQL Injection Easynet4u faq Host - 'faq.php faq' SQL Injection Real Estate Scripts 2008 - 'index.php cat'SQL Injection Real Estate Scripts 2008 - 'index.php cat' SQL Injection RaidenFTPD 2.4 build 3620 - Remote Denial of Service RaidenFTPd 2.4 build 3620 - Remote Denial of Service XOOPS Module xhresim - 'index.php no'SQL Injection XOOPS Module xhresim - 'index.php no' SQL Injection Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit DorsaCMS - 'ShowPage.aspx'SQL Injection YDC - 'kdlist.php cat'SQL Injection DorsaCMS - 'ShowPage.aspx' SQL Injection YDC - 'kdlist.php cat' SQL Injection Aj RSS Reader - 'EditUrl.php url'SQL Injection Aj RSS Reader - 'EditUrl.php url' SQL Injection Aiocp 1.4 - (poll_id) SQL Injection AIOCP 1.4 - 'poll_id' SQL Injection SFS EZ Auction - 'viewfaqs.php cat'Blind SQL Injection SFS EZ Career - 'content.php topic'SQL Injection SFS EZ Top Sites - 'topsite.php ts'SQL Injection SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection SFS EZ Career - 'content.php topic' SQL Injection SFS EZ Top Sites - 'topsite.php ts' SQL Injection SFS EZ Pub Site - 'directory.php cat'SQL Injection SFS EZ Pub Site - 'directory.php cat' SQL Injection AJ ARTICLE - 'featured_article.php mode'SQL Injection AJ ARTICLE - 'featured_article.php mode' SQL Injection YourFreeWorld Shopping Cart - 'index.php c'Blind SQL Injection Maran PHP Shop - 'prod.php cat'SQL Injection YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection Maran PHP Shop - 'prod.php cat' SQL Injection PHP Auto Listings - 'moreinfo.php pg'SQL Injection PHP Auto Listings - 'moreinfo.php pg' SQL Injection VLC Media Player < 0.9.6 - '.rt'Stack Buffer Overflow VLC Media Player < 0.9.6 - '.rt' Stack Buffer Overflow Minigal b13 - 'index.php list'Remote File Disclosure Exploit Minigal b13 - 'index.php list' Remote File Disclosure Exploit VCalendar - 'VCalendar.mdb'Remote Database Disclosure VCalendar - 'VCalendar.mdb' Remote Database Disclosure VideoGirls BiZ - 'view_snaps.php type'Blind SQL Injection VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection ParsBlogger - 'blog.asp wr'SQL Injection ParsBlogger - 'blog.asp wr' SQL Injection BaSiC-CMS - 'acm2000.mdb'Remote Database Disclosure BaSiC-CMS - 'acm2000.mdb' Remote Database Disclosure cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp'Stack Overflow cpCommerce 1.2.6 - (URL Rewrite) Input Variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp' Stack Overflow Ocean12 Mailing List Manager Gold - DD / SQL / Cross-Site Scripting Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting Cain & Abel 4.9.23 - '.rdp'Buffer Overflow Exploit Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Exploit User Engine Lite ASP - 'users.mdb'Database Disclosure User Engine Lite ASP - 'users.mdb' Database Disclosure Easy News Content Management - 'News.mdb'Database Disclosure Easy News Content Management - 'News.mdb' Database Disclosure RankEm - 'rankup.asp siteID'SQL Injection RankEm - 'rankup.asp siteID' SQL Injection Cold BBS - 'cforum.mdb'Remote Database Disclosure Cold BBS - 'cforum.mdb' Remote Database Disclosure ASP PORTAL - 'xportal.mdb'Remote Database Disclosure ASP PORTAL - 'xportal.mdb' Remote Database Disclosure Webmaster Marketplace - 'member.php u'SQL Injection Webmaster Marketplace - 'member.php u' SQL Injection CF_Calendar - 'calendarevent.cfm'SQL Injection CF_Calendar - 'calendarevent.cfm' SQL Injection CFMBLOG - 'index.cfm categorynbr'Blind SQL Injection CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection MyCal Personal Events Calendar - 'mycal.mdb'Database Disclosure MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure ASPired2Quote - 'quote.mdb'Remote Database Disclosure ASPired2Quote - 'quote.mdb' Remote Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb'Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb'Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb'Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb'Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb'Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure CFAGCMS 1 - 'right.php title'SQL Injection CFAGCMS 1 - 'right.php title' SQL Injection click&rank - SQL / Cross-Site Scripting click&rank - SQL Injection / Cross-Site Scripting Liberum Help Desk 0.97.3 - SQL / DD Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb'Database Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure MyPHPsite - 'index.php mod'Local File Inclusion MyPHPsite - 'index.php mod' Local File Inclusion MyPBS - 'index.php seasonID'SQL Injection MyPBS - 'index.php seasonID' SQL Injection Extract Website - 'download.php filename'File Disclosure Extract Website - 'download.php filename' File Disclosure CoolPlayer 2.19 - '.Skin'Local Buffer Overflow CoolPlayer 2.19 - '.Skin' Local Buffer Overflow Sepcity Shopping Mall - 'shpdetails.asp ID'SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID'SQL Injection Sepcity Shopping Mall - 'shpdetails.asp ID' SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID' SQL Injection Sepcity Classified - 'classdis.asp ID'SQL Injection Sepcity Classified - 'classdis.asp ID' SQL Injection Ayemsis Emlak Pro - 'acc.mdb'Database Disclosure Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure VUPlayer 2.49 - '.wax'Local Buffer Overflow VUPlayer 2.49 - '.wax' Local Buffer Overflow BlogHelper - 'common_db.inc'Remote Config File Disclosure PollHelper - 'poll.inc'Remote Config File Disclosure BlogHelper - 'common_db.inc' Remote Config File Disclosure PollHelper - 'poll.inc' Remote Config File Disclosure Audacity 1.6.2 - '.aup'Remote Off-by-One Crash Exploit Audacity 1.6.2 - '.aup' Remote Off-by-One Crash Exploit QuoteBook - 'poll.inc'Remote Config File Disclosure QuoteBook - 'poll.inc' Remote Config File Disclosure XOOPS Module tadbook2 - 'open_book.php book_sn'SQL Injection XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection Social Engine - 'browse_classifieds.php s'SQL Injection Social Engine - 'browse_classifieds.php s' SQL Injection Realtor 747 - 'define.php INC_DIR'Remote File Inclusion Realtor 747 - 'define.php INC_DIR' Remote File Inclusion OTSTurntables 1.00.027 - '.ofl'Local Stack Overflow OTSTurntables 1.00.027 - '.ofl' Local Stack Overflow SCMS 1 - 'index.php p'Local File Inclusion SCMS 1 - 'index.php p' Local File Inclusion Graugon Gallery 1.0 - Cross-Site Scripting / SQL / Cookie Bypass Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / Cross-Site Scripting / CM Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / CM pHNews Alpha 1 - 'header.php mod'SQL Injection pHNews Alpha 1 - 'header.php mod' SQL Injection i-dreams GB Server - 'admin.dat'File Disclosure i-dreams GB Server - 'admin.dat' File Disclosure VUplayer 2.49 - '.cue'Local Buffer Overflow VUplayer 2.49 - '.cue' Local Buffer Overflow VUPlayer 2.49 - '.cue'Universal Buffer Overflow VUPlayer 2.49 - '.cue' Universal Buffer Overflow Chasys Media Player 1.1 - '.cue'Stack Overflow Chasys Media Player 1.1 - '.cue' Stack Overflow Chasys Media Player - '.lst Playlist'Local Buffer Overflow Chasys Media Player - '.lst Playlist' Local Buffer Overflow BS.Player 2.34 - '.bsl'Universal SEH Overwrite BS.Player 2.34 - '.bsl' Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml'Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite Abee Chm Maker 1.9.5 - '.CMP'Stack Overflow Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow ActiveKB Knowledgebase - 'loadpanel.php Panel'Local File Inclusion ActiveKB Knowledgebase - 'loadpanel.php Panel' Local File Inclusion ftpdmin 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) ftpdmin 0.96 - Arbitrary File Disclosure Exploit FTPDMIN 0.96 - Arbitrary File Disclosure Exploit Jamroom - 'index.php t'Local File Inclusion Jamroom - 'index.php t' Local File Inclusion W2B phpEmployment - 'conf.inc'File Disclosure W2B phpEmployment - 'conf.inc' File Disclosure phpAdBoard - 'conf.inc'Remote Config File Disclosure phpGreetCards - 'conf.inc'Config File Disclosure phpAdBoard - 'conf.inc' Remote Config File Disclosure phpGreetCards - 'conf.inc' Config File Disclosure phpAdBoardPro - 'config.inc'Config File Disclosure phpDatingClub - 'conf.inc'File Disclosure Job2C - 'conf.inc'Config File Disclosure phpAdBoardPro - 'config.inc' Config File Disclosure phpDatingClub - 'conf.inc' File Disclosure Job2C - 'conf.inc' Config File Disclosure Star Downloader Free 1.45 - '.dat'Universal SEH Overwrite Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite Destiny Media Player 1.61 - '.rdl'Local Buffer Overflow Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow Thickbox Gallery 2 - 'index.php ln'Local File Inclusion Thickbox Gallery 2 - 'index.php ln' Local File Inclusion Symantec Fax Viewer Control 10 - 'DCCFAXVW.DLL'Remote Buffer Overflow Exploit Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit Mercury Audio Player 1.21 - '.b4s'Local Stack Overflow Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow RM Downloader - '.smi'Local Stack Overflow RM Downloader - '.smi' Local Stack Overflow RM Downloader - '.smi'Universal Local Buffer Overflow RM Downloader - '.smi' Universal Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM'Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM'Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF'Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM'Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM' Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM'Local Buffer Overflow Exploit Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Exploit MPLAB IDE 8.30 - '.mcp'Universal Seh Overwrite MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite Pinnacle Studio 12 - '.hfz'Directory Traversal Pinnacle Studio 12 - '.hfz' Directory Traversal COWON America jetCast 2.0.4.1109 - '.mp3'Local Overflow COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow R2 Newsletter Lite/Pro/Stats - 'admin.mdb'Database Disclosure R2 Newsletter Lite/Pro/Stats - 'admin.mdb' Database Disclosure phpDatingClub 3.7 - SQL / Cross-Site Scripting Injection phpDatingClub 3.7 - SQL Injection / Cross-Site Scripting Injection ClearContent - 'image.php url'Remote File Inclusion / Local File Inclusion ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion DJ Calendar - 'DJcalendar.cgi TEMPLATE'File Disclosure DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure Icarus 2.0 - '.ICP'Local Stack Overflow Exploit Icarus 2.0 - '.ICP' Local Stack Overflow Exploit MixSense 1.0.0.1 DJ Studio - '.mp3'Crash Exploit MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit htmldoc 1.8.27.1 - '.html'Universal Stack Overflow htmldoc 1.8.27.1 - '.html' Universal Stack Overflow Acoustica MP3 Audio Mixer 2.471 - '.sgp'Crash Exploit Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash Exploit PHP Paid 4 Mail Script - 'paidbanner.php ID'SQL Injection PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection Microsoft Windows XP - 'win32k.sys'Privilege Escalation Microsoft Windows XP - 'win32k.sys' Privilege Escalation Portel 2008 - 'decide.php patron'Blind SQL Injection Portel 2008 - 'decide.php patron' Blind SQL Injection Microsoft Windows 2003 - '.EOT'BSOD Crash Exploit Microsoft Windows 2003 - '.EOT' BSOD Crash Exploit THOMSON ST585 - 'user.ini'Arbitrary Download THOMSON ST585 - 'user.ini' Arbitrary Download PHP Email Manager - 'remove.php ID'SQL Injection PHP Email Manager - 'remove.php ID' SQL Injection WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service War-FTPD 1.65 - (MKD/CD Requests) Denial of Service EMO Breader Manager - 'video.php movie'SQL Injection EMO Breader Manager - 'video.php movie' SQL Injection Invisible Browsing 5.0.52 - '.ibkey'Local Buffer Overflow Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow HotWeb Rentals - 'details.asp PropId'Blind SQL Injection HotWeb Rentals - 'details.asp PropId' Blind SQL Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend'Command Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection Blender 2.49b - '.blend'Remote Command Execution Blender 2.49b - '.blend' Remote Command Execution Aiocp 1.4.001 - File Inclusion AIOCP 1.4.001 - File Inclusion BibTeX - '.bib'File Handling Memory Corruption BibTeX - '.bib' File Handling Memory Corruption PHP 5.0.0 - domxml_open_file() Local Denial of Service PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service PHP 5.0.0 - simplexml_load_file() Local Denial of Service PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows Audacity 1.2.6 - '.gro'Buffer Overflow Audacity 1.2.6 - '.gro' Buffer Overflow gAlan - '.galan'Universal Buffer Overflow gAlan - '.galan' Universal Buffer Overflow ASPGuest - 'edit.asp ID'Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam'Blind SQL Injection ASPGuest - 'edit.asp ID' Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection dblog - 'dblog.mdb'Remote Database Disclosure dblog - 'dblog.mdb' Remote Database Disclosure PHP 5.0.0 - xmldocfile() Local Denial of Service PHP 5.0.0 - 'xmldocfile()' Local Denial of Service Apollo Player 37.0.0.0 - '.aap'Buffer Overflow Denial of Service Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service OpenOffice - '.slk'Parsing Null Pointer OpenOffice - '.slk' Parsing Null Pointer crownweb - 'page.cfm'SQL Injection crownweb - 'page.cfm' SQL Injection OtsTurntables Free 1.00.047 - '.olf'Universal Buffer Overflow OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg'Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow Orbital Viewer 1.04 - '.orb'Local Universal SEH Overflow Orbital Viewer 1.04 - '.orb' Local Universal SEH Overflow iPhone / iTouch FTPDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service JAD java decompiler 1.5.8g - '.class'Stack Overflow Denial of Service JAD java decompiler 1.5.8g - '.class' Stack Overflow Denial of Service Media Player 6.4.9.1 with K-Lite Codec Pack - Denial of Service/Crash '.avi' Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' Denial of Service/Crash no$gba 2.5c - '.nds'Local crash no$gba 2.5c - '.nds' Local crash Xilisoft Blackberry Ring Tone Maker - '.wma'Local Crash Xilisoft Blackberry Ring Tone Maker - '.wma' Local Crash Dualis 20.4 - '.bin'Local Daniel Of Service Dualis 20.4 - '.bin' Local Daniel Of Service DSEmu 0.4.10 - '.nds'Local Crash Exploit DSEmu 0.4.10 - '.nds' Local Crash Exploit MP3 Wav Editor 3.80 - '.mp3'Local Denial of Service MP3 Wav Editor 3.80 - '.mp3' Local Denial of Service FontForge - .BDF Font File Stack-Based Buffer Overflow FontForge - .BDF Font File Stack Based Buffer Overflow Dolphin 2.0 - '.elf'Local Daniel Of Service Dolphin 2.0 - '.elf' Local Daniel Of Service e-webtech - 'new.asp?id='SQL Injection e-webtech - 'new.asp?id=' SQL Injection SmallFTPD FTP Server 1.0.3 - DELE Command Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service RahnemaCo - page.php PageID Remote File Inclusion RahnemaCo - 'page.php' PageID Remote File Inclusion goffgrafix - Design's SQL Injection goffgrafix - Design's - SQL Injection Spaceacre - SQL / Cross-Site Scripting / HTML Injection Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection ZipExplorer 7.0 - '.zar'Denial of Service ZipExplorer 7.0 - '.zar' Denial of Service ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation iOS - Version-independent shellcode iOS - Version-independent Shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 Shellcode Win32 - SEH omelet shellcode Win32 - SEH omelet Shellcode Win32 - Connectback_ receive_ save and execute shellcode Win32 - Connectback_ receive_ save and execute Shellcode Windows XP - download and exec source shellcode Windows XP - download and exec source Shellcode Win32 XP SP3 - ShellExecuteA shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode Win32 XP SP3 - ShellExecuteA Shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) Shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 Shellcode Win32 - JITed stage-0 shellcode Win32 - JITed stage-0 Shellcode Windows - JITed egg-hunter stage-0 shellcode Windows - JITed egg-hunter stage-0 Shellcode Linux/x86 - nc -lvve/bin/sh -p13377 shellcode Linux/x86 - nc -lvve/bin/sh -p13377 Shellcode Corel VideoStudio Pro X3 - '.mp4'Buffer Overflow Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow Boat Classifieds - 'printdetail.asp?Id'SQL Injection Boat Classifieds - 'printdetail.asp?Id' SQL Injection PHPBB MOD 2.0.19 - Invitation Only (PassCode Bypass) phpBB MOD 2.0.19 - Invitation Only (PassCode Bypass) SnoGrafx - 'cat.php?cat'SQL Injection SnoGrafx - 'cat.php?cat' SQL Injection Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Mediacoder 0.7.5.4710 - ' Universal' SEH Buffer Overflow PlayPad Music Player 1.12 - '.mp3'Denial of Service PlayPad Music Player 1.12 - '.mp3' Denial of Service Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscal'l Emulation Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation xt:Commerce Gambio 2008 - 2010 - ERROR Based SQL Injection 'reviews.php' xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection CuteNews - 'index.php?page'Local File Inclusion CuteNews - 'index.php?page' Local File Inclusion Hanso Converter 1.4.0 - '.ogg'Denial of Service Hanso Converter 1.4.0 - '.ogg' Denial of Service ARM - Bindshell port 0x1337 shellcode ARM - Bind Connect UDP Port 68 shellcode ARM - Loader Port 0x1337 shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode ARM - Bindshell port 0x1337 Shellcode ARM - Bind Connect UDP Port 68 Shellcode ARM - Loader Port 0x1337 Shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode SmallFTPD 1.0.3 - Remote Directory Traversal SmallFTPd 1.0.3 - Remote Directory Traversal HtaEdit 3.2.3.0 - '.hta'Buffer Overflow HtaEdit 3.2.3.0 - '.hta' Buffer Overflow ProFTPD IAC 1.3.x - Remote Root Exploit ProFTPd IAC 1.3.x - Remote Root Exploit VbsEdit 4.7.2.0 - '.vbs'Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda'Denial of Service VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda' Denial of Service Sitefinity CMS - 'ASP.NET'Arbitrary File Upload Sitefinity CMS - 'ASP.NET' Arbitrary File Upload Native Instruments Traktor Pro 1.2.6 - Stack-based Buffer Overflow Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow ProFTPD 1.3.3c - Compromised Source Remote Root Trojan ProFTPd 1.3.3c - Compromised Source Remote Root Trojan Dejcom Market CMS - 'showbrand.aspx'SQL Injection Dejcom Market CMS - 'showbrand.aspx' SQL Injection Aesop GIF Creator 2.1 - '.aep'Buffer Overflow Aesop GIF Creator 2.1 - '.aep' Buffer Overflow Apple iPhone Safari - 'JS .'Remote Crash Apple iPhone Safari - 'JS .' Remote Crash Microsoft Windows Fax Services Cover Page Editor - '.cov'Memory Corruption Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption Win32 - speaking shellcode Win32 - speaking Shellcode ProFTPD mod_sftp - Integer Overflow Denial of Service (PoC) ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC) BWMeter 5.4.0 - '.csv'Denial of Service BWMeter 5.4.0 - '.csv' Denial of Service Magic Music Editor - '.cda'Denial of Service Magic Music Editor - '.cda' Denial of Service wu-ftpd - SITE EXEC/INDEX Format String WU-FTPD - SITE EXEC/INDEX Format String Samba - trans2open Overflow (Solaris SPARC) Samba (Solaris SPARC) - trans2open Overflow FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow Microsoft IIS 4.0 - '.htr'Path Overflow Microsoft IIS 4.0 - '.htr' Path Overflow VariCAD 2010-2.05 EN - '.DWB'Stack Buffer Overflow VariCAD 2010-2.05 EN - '.DWB' Stack Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack-based Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPD 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow PHPBB - viewtopic.php Arbitrary Code Execution phpBB - viewtopic.php Arbitrary Code Execution ProFTPD-1.3.3c - Backdoor Command Execution ProFTPd-1.3.3c - Backdoor Command Execution ABBS Electronic Flash Cards 2.1 - '.fcd'Buffer Overflow ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj'Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow Wordtrainer 3.0 - '.ord'Buffer Overflow Wordtrainer 3.0 - '.ord' Buffer Overflow PlaylistMaker 1.5 - '.txt'Buffer Overflow PlaylistMaker 1.5 - '.txt' Buffer Overflow libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow (PoC) libmodplug 0.8.8.2 - (.abc) Stack Based Buffer Overflow (PoC) MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m'Stack Buffer Overflow MJM Core Player 2011 - '.s3m'Stack Buffer Overflow MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow MJM Core Player 2011 - '.s3m' Stack Buffer Overflow Magix Musik Maker 16 - '.mmm'Stack Buffer Overflow Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow Smallftpd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 FTP Server - Denial of Service FreeAmp 2.0.7 - '.fat'Buffer Overflow FreeAmp 2.0.7 - '.fat' Buffer Overflow VSFTPD 2.3.4 - Backdoor Command Execution vsftpd 2.3.4 - Backdoor Command Execution OS-X - Universal ROP shellcode OS-X - Universal ROP Shellcode Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow Citrix XenApp / XenDesktop - Stack Based Buffer Overflow World Of Warcraft - 'chat-cache.txt'Local Stack Overflow Denial of Service World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service Wav Player 1.1.3.6 - '.pll'Buffer Overflow Wav Player 1.1.3.6 - '.pll' Buffer Overflow Norman Security Suite 8 - 'nprosec.sys'Privilege Escalation Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation Ashampoo Burning Studio Elements 10.0.9 - '.ashprj'Heap Overflow Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow Cytel Studio 9.0 - '.CY3'Stack Buffer Overflow Cytel Studio 9.0 - '.CY3' Stack Buffer Overflow Xion Audio Player 1.0.127 - '.aiff'Denial of Service Xion Audio Player 1.0.127 - '.aiff' Denial of Service SnackAmp 3.1.3 - '.aiff'Denial of Service SnackAmp 3.1.3 - '.aiff' Denial of Service PHP Ticket System Beta 1 - 'index.php p parameter'SQL Injection PHP Ticket System Beta 1 - 'index.php p parameter' SQL Injection Nokia PC Suite Video Manager 7.1.180.64 - '.mp4'Denial of Service Nokia PC Suite Video Manager 7.1.180.64 - '.mp4' Denial of Service Multimedia Builder 4.9.8 - '.mef'Denial of Service Multimedia Builder 4.9.8 - '.mef' Denial of Service Tftpd32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf'FileOpen Crash TFTPD32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf' FileOpen Crash Microsoft Wordpad 5.1 - '.doc'Null Pointer Dereference Microsoft Wordpad 5.1 - '.doc' Null Pointer Dereference Lattice Semiconductor PAC-Designer 6.21 - '.PAC'Exploit Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (1) wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (2) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (1) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (2) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPD 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Washington University wu-ftpd 2.5.0 - message Buffer Overflow Washington University WU-FTPD 2.5.0 - message Buffer Overflow GlFtpd 1.17.2 - Exploit glFTPd 1.17.2 - Exploit Oracle Outside-In - .LWP File Parsing Stack-Based Buffer Overflow Oracle Outside-In - .LWP File Parsing Stack Based Buffer Overflow wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw'Cross-Site Scripting Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw' Cross-Site Scripting Microsoft Windows Media Player 7.0 - '.wms'Arbitrary Script Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit ProFTPD 1.2 - SIZE Remote Denial of Service ProFTPd 1.2 - SIZE Remote Denial of Service Microsoft Windows Media Player 7.0 - '.wmz'Arbitrary Java Applet Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet wu-ftpd 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion Wu-Ftpd 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String Joe Text Editor 2.8 - '.joerc'Arbitrary Command Execution Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal WhitSoft slimserve ftpd 1.0/2.0 - Directory Traversal wu-ftpd 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPD 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion freebsd 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities FreeBSD 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities raidenftpd 2.1 - Directory Traversal RaidenFTPd 2.1 - Directory Traversal AV Arcade Free Edition - 'add_rating.php id parameter'Blind SQL Injection AV Arcade Free Edition - 'add_rating.php id parameter' Blind SQL Injection Solaris 2.6/7/8 - SPARC xlock Heap Overflow Solaris 2.6/7/8 -(SPARC) xlock Heap Overflow glFTPD 1.x - LIST Denial of Service glFTPd 1.x - 'LIST' Denial of Service Wu-Ftpd 2.6 - File Globbing Heap Corruption WU-FTPD 2.6 - File Globbing Heap Corruption Joomla RokModule Component - 'index.php module parameter'Blind SQL Injection Joomla RokModule Component - 'index.php module parameter' Blind SQL Injection PHPWebsite 0.8.2 - PHP File Include phpWebSite 0.8.2 - PHP File Include PHPWebSite 0.8.3 - News Message HTML Injection phpWebSite 0.8.3 - News Message HTML Injection PHPWebSite 0.8.3 - article.php Cross-Site Scripting phpWebSite 0.8.3 - article.php Cross-Site Scripting PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion phpBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion PHPBB 2.0.3 - search.php Cross-Site Scripting phpBB 2.0.3 - search.php Cross-Site Scripting ProFTPD 1.2.x - STAT Command Denial of Service ProFTPd 1.2.x - STAT Command Denial of Service Joomla Tags - 'index.php tag parameter'SQL Injection Joomla Tags - 'index.php tag parameter' SQL Injection Joomla Commedia Plugin - 'index.php task parameter'SQL Injection Joomla Kunena Component - 'index.php search parameter'SQL Injection Joomla Commedia Plugin - 'index.php task parameter' SQL Injection Joomla Kunena Component - 'index.php search parameter' SQL Injection PHPBB 2.0.3 - privmsg.php SQL Injection phpBB 2.0.3 - privmsg.php SQL Injection Joomla Spider Catalog - 'index.php product_id parameter'SQL Injection Joomla Spider Catalog - 'index.php product_id parameter' SQL Injection Battleaxe Software BTTLXE Forum - login.asp SQL Injection Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection SudBox Boutique 1.2 - login.php Authentication Bypass SudBox Boutique 1.2 - 'login.php' Authentication Bypass friendsinwar FAQ Manager - 'view_faq.php question parameter'SQL Injection friendsinwar FAQ Manager - 'view_faq.php question parameter' SQL Injection GuildFTPD 0.999.8 - CWD Command Denial of Service GuildFTPd 0.999.8 - CWD Command Denial of Service ProductCart 1.5/1.6/2.0 - login.asp SQL Injection ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection SmartCMS - 'index.php idx parameter'SQL Injection SmartCMS - 'index.php idx parameter' SQL Injection mcrypt 2.6.8 - stack-based Buffer Overflow (PoC) mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC) wu-ftpd 2.6.2 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 - realpath() Off-by-One Buffer Overflow wu-ftpd 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow freeBSD 4.8 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow SmartCMS - 'index.php menuitem parameter'SQL Injection / Cross-Site Scripting SmartCMS - 'index.php menuitem parameter' SQL Injection / Cross-Site Scripting FreeFTPD - Remote Authentication Bypass Exploit freeFTPd - Remote Authentication Bypass Exploit PHPBB 2.0.6 - URL BBCode HTML Injection phpBB 2.0.6 - URL BBCode HTML Injection wzdftpd 0.1 rc5 - Login Remote Denial of Service ProFTPD 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun WzdFTPD 0.1 rc5 - Login Remote Denial of Service ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun PHPBB 2.0.x - profile.php SQL Injection phpBB 2.0.x - profile.php SQL Injection PHPBB 2.0.6 - privmsg.php Cross-Site Scripting phpBB 2.0.6 - privmsg.php Cross-Site Scripting Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET'Arbitrary File Upload Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload MyBB AwayList Plugin - 'index.php id parameter'SQL Injection MyBB AwayList Plugin - 'index.php id parameter' SQL Injection SmallFTPD 1.0.3 - Remote Denial of Service SmallFTPd 1.0.3 - Remote Denial of Service MyBB - 'editpost.php posthash'SQL Injection Joomla Spider Calendar - 'index.php date parameter'Blind SQL Injection MyBB - 'editpost.php posthash' SQL Injection Joomla Spider Calendar - 'index.php date parameter' Blind SQL Injection Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting PHPBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection phpBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection Inmatrix Ltd. Zoom Player 8.5 - '.jpeg'Exploit Inmatrix Ltd. Zoom Player 8.5 - '.jpeg' Exploit PHPBB 2.0.x - album_portal.php Remote File Inclusion phpBB 2.0.x - album_portal.php Remote File Inclusion PHPBB 2.0.x - viewtopic.php PHP Script Injection phpBB 2.0.x - viewtopic.php PHP Script Injection JShop E-Commerce Suite 3.0 - page.php Cross-Site Scripting JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting NullSoft Winamp 2-5 - '.wsz'Remote Code Execution NullSoft Winamp 2-5 - '.wsz' Remote Code Execution phpWebsite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting Scripts Genie Gallery Personals - 'gallery.php L parameter'SQL Injection Scripts Genie Gallery Personals - 'gallery.php L parameter' SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter'SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter' SQL Injection Scripts Genie Games Site Script - 'index.php id parameter'SQL Injection Scripts Genie Games Site Script - 'index.php id parameter' SQL Injection Photodex ProShow Producer 5.0.3297 - '.pxs'Memory Corruption Exploit Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit Scripts Genie Top Sites - 'out.php id parameter'SQL Injection Scripts Genie Top Sites - 'out.php id parameter' SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter'SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter' SQL Injection W-Agora 4.1.6 - a login.php loginuser Parameter Cross-Site Scripting W-Agora 4.1.6 - a 'login.php' loginuser Parameter Cross-Site Scripting PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack-Based Buffer Overflow Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Based Buffer Overflow PHPBB 2.0.x - admin_cash.php Remote PHP File Include phpBB 2.0.x - admin_cash.php Remote PHP File Include UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter Cross-Site Scripting UBBCentral UBB.threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Newlanguage Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting Rebus:list - 'list.php list_id parameter'SQL Injection Rebus:list - 'list.php list_id parameter' SQL Injection SynConnect Pms - 'index.php loginid parameter'SQL Injection SynConnect Pms - 'index.php loginid parameter' SQL Injection Groovy Media Player 3.2.0 - '.mp3'Buffer Overflow Groovy Media Player 3.2.0 - '.mp3' Buffer Overflow glFTPD 1.x/2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities PHPWebSite 0.x - Image File Processing Arbitrary PHP File Upload phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload PHPBB 2.0.x - Authentication Bypass (1) PHPBB 2.0.x - Authentication Bypass (2) PHPBB 2.0.x - Authentication Bypass (3) phpBB 2.0.x - Authentication Bypass (1) phpBB 2.0.x - Authentication Bypass (2) phpBB 2.0.x - Authentication Bypass (3) PHPCOIN 1.2 - login.php Multiple Parameter Cross-Site Scripting PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow PHPBB 2.0.13 DLMan Pro Module - SQL Injection PHPBB 2.0.13 Linkz Pro Module - SQL Injection phpBB 2.0.13 DLMan Pro Module - SQL Injection phpBB 2.0.13 Linkz Pro Module - SQL Injection PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting phpBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter'SQL Injection Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter' SQL Injection PHPBB Remote - mod.php SQL Injection Datenbank Module For PHPBB - Remote mod.php Cross-Site Scripting phpBB Remote - mod.php SQL Injection Datenbank Module For phpBB - Remote mod.php Cross-Site Scripting PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection RaidenFTPD 2.4 - Unauthorized File Access RaidenFTPd 2.4 - Unauthorized File Access CartWIZ 1.10 - login.asp Redirect Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting CartWIZ 1.10 - login.asp Message Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting PHPBB 2.0.x - profile.php Cross-Site Scripting PHPBB 2.0.x - viewtopic.php Cross-Site Scripting phpBB 2.0.x - profile.php Cross-Site Scripting phpBB 2.0.x - viewtopic.php Cross-Site Scripting Notes Module for PHPBB - SQL Injection Notes Module for phpBB - SQL Injection PHPCOIN 1.2 - login.php PHPcoinsessid Parameter SQL Injection PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection CodetoSell ViArt Shop Enterprise 2.1.6 - page.php page Parameter Cross-Site Scripting CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting PHPBB 2.0.x - URL Tag BBCode.php phpBB 2.0.x - URL Tag BBCode.php Active News Manager - login.asp SQL Injection Active News Manager - 'login.asp' SQL Injection FunkyASP AD Systems 1.1 - login.asp SQL Injection FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow OS4E - login.asp SQL Injection OS4E - 'login.asp' SQL Injection JiRo's Upload System 1.0 - login.asp SQL Injection NEXTWEB - (i)Site login.asp SQL Injection JiRo's Upload System 1.0 - 'login.asp' SQL Injection NEXTWEB - (i)Site 'login.asp' SQL Injection Livingcolor Livingmailing 1.3 - login.asp SQL Injection Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection WWWeb Concepts Events System 1.0 - login.asp SQL Injection WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection Cool Cafe Chat 1.2.1 - login.asp SQL Injection Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection LaGarde StoreFront 5.0 Shopping Cart - login.asp SQL Injection LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection PHPWebsite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal phpWebSite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal Cuppa CMS - 'alertConfigField.php urlConfig parameter'Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php urlConfig parameter' Remote / Local File Inclusion VBZoom 1.0/1.11 - login.php UserID Parameter Cross-Site Scripting VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting PHP Lite Calendar Express 2.2 - login.php cid Parameter SQL Injection PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection ATutor 1.5.1 - login.php course Parameter Cross-Site Scripting ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting Adrenalin Player 2.2.5.3 - '.wax'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow PHPwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access PHPwcms 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access AVS Media Player 4.1.11.100 - '.ac3'Denial of Service AVS Media Player 4.1.11.100 - '.ac3' Denial of Service Adrenalin Player 2.2.5.3 - '.wvx'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow WinAmp 5.63 - Stack-based Buffer Overflow WinAmp 5.63 - Stack Based Buffer Overflow PHPX 3.5.x - Admin login.php SQL Injection PHPX 3.5.x - Admin 'login.php' SQL Injection DRZES Hms 3.2 - login.php Cross-Site Scripting DRZES Hms 3.2 - 'login.php' Cross-Site Scripting PortalApp 3.3/4.0 - login.asp Cross-Site Scripting SiteEnable 3.3 - login.asp Cross-Site Scripting IntranetApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting PortalApp 3.3/4.0 - 'login.asp' Cross-Site Scripting SiteEnable 3.3 - 'login.asp' Cross-Site Scripting IntranetApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting VbsEdit 5.9.3 - '.smi'Buffer Overflow VbsEdit 5.9.3 - '.smi' Buffer Overflow Artweaver 3.1.5 - '.awd'Buffer Overflow Artweaver 3.1.5 - '.awd' Buffer Overflow XnView 2.03 - '.pct'Buffer Overflow XnView 2.03 - '.pct' Buffer Overflow aoblogger 2.3 - login.php username Field SQL Injection aoblogger 2.3 - 'login.php' username Field SQL Injection WebspotBlogging 3.0 - login.php SQL Injection WebspotBlogging 3.0 - 'login.php' SQL Injection miniBloggie 1.0 - login.php SQL Injection miniBloggie 1.0 - 'login.php' SQL Injection ASPThai Forums 8.0 - login.asp SQL Injection ASPThai Forums 8.0 - 'login.asp' SQL Injection Windows RT ARM - Bind Shell (Port 4444) shellcode Windows RT ARM - Bind Shell (Port 4444) Shellcode Virtual Hosting Control System 2.2/2.4 - login.php check_login() Function Authentication Bypass Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass Siteframe Beaumont 5.0.1/5.0.2 - page.php HTML Injection Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection Ginkgo CMS - 'index.php rang parameter'SQL Injection Ginkgo CMS - 'index.php rang parameter' SQL Injection Game-Panel 2.6 - login.php Cross-Site Scripting Game-Panel 2.6 - 'login.php' Cross-Site Scripting QwikiWiki 1.4/1.5 - login.php Multiple Parameter Cross-Site Scripting QwikiWiki 1.4/1.5 - 'login.php' Multiple Parameter Cross-Site Scripting PHPWebsite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection PHPWebsite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection PhxContacts 0.93 - login.php Cross-Site Scripting PhxContacts 0.93 - 'login.php' Cross-Site Scripting MLMAuction Script - 'gallery.php id parameter'SQL Injection MLMAuction Script - 'gallery.php id parameter' SQL Injection RedCMS 0.1 - login.php Multiple Parameter SQL Injection RedCMS 0.1 - 'login.php' Multiple Parameter SQL Injection ShopWeezle 2.0 - login.php itemID Parameter SQL Injection ShopWeezle 2.0 - 'login.php' itemID Parameter SQL Injection ContentBoxx - login.php Cross-Site Scripting ContentBoxx - 'login.php' Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter SQL Injection phpBB Chart Mod 1.1 - charts.php id Parameter SQL Injection PHPBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion JSBoard 2.0.10/2.0.11 - login.php Cross-Site Scripting JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting CyberBuild - login.asp SessionID Parameter SQL Injection CyberBuild - 'login.asp' SessionID Parameter SQL Injection CyberBuild - login.asp SessionID Parameter Cross-Site Scripting CyberBuild - 'login.asp' SessionID Parameter Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting phpBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting PHPBB 2.0.20 - Unauthorized HTTP Proxy phpBB 2.0.20 - Unauthorized HTTP Proxy PHPBB 2.0.x - template.php Remote File Inclusion phpBB 2.0.x - template.php Remote File Inclusion PHPBB - BBRSS.php Remote File Inclusion RahnemaCo - page.php Remote File Inclusion phpBB - BBRSS.php Remote File Inclusion RahnemaCo - 'page.php' Remote File Inclusion BlueDragon Server 6.2.1 - '.cfm'Denial of Service BlueDragon Server 6.2.1 - '.cfm' Denial of Service MyMail 1.0 - login.php Cross-Site Scripting MyMail 1.0 - 'login.php' Cross-Site Scripting Woltlab Burning Board FLVideo Addon - 'video.php value parameter'SQL Injection Woltlab Burning Board FLVideo Addon - 'video.php value parameter' SQL Injection PHPBB 1.2.4 For Mambo - Multiple Remote File Inclusion phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion PHPbb-auction 1.x - auction_room.php ar Parameter SQL Injection PHPbb-auction 1.x - auction_store.php u Parameter SQL Injection phpBB-auction 1.x - auction_room.php ar Parameter SQL Injection phpBB-auction 1.x - auction_store.php u Parameter SQL Injection Linux/x86 - Multi-Egghunter shellcode Linux/x86 - Multi-Egghunter Shellcode Jamroom 3.0.16 - login.php Cross-Site Scripting Jamroom 3.0.16 - 'login.php' Cross-Site Scripting DCP-Portal 6.0 - login.php username Parameter SQL Injection DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection PhpBB XS 0.58 - Multiple Remote File Inclusion phpBB XS 0.58 - Multiple Remote File Inclusion AckerTodo 4.2 - login.php Multiple SQL Injection AckerTodo 4.2 - 'login.php' Multiple SQL Injection PHPWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion PHPBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico'Buffer Overflow phpBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico' Buffer Overflow Evandor Easy notesManager 0.0.1 - login.php username Parameter SQL Injection Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php Multiple Parameter Cross-Site Scripting AIOCP 1.3.x - cp_dpage.php choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - cp_show_ec_products.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_links_search.php orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion AIOCP 1.3.x - cp_dpage.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_edit_user.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_contact_us.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_login.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_users_online.php order_field Parameter SQL Injection AIOCP 1.3.x - cp_codice_fiscale.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_links_search.php orderdir Parameter SQL Injection AIOCP 1.3.x - cp_dpage.php Full Path Disclosure AIOCP 1.3.x - cp_show_ec_products.php Full Path Disclosure AIOCP 1.3.x - cp_show_page_help.php Full Path Disclosure AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting Windows x86 - Persistent Reverse Shell TCP (494 Bytes) AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure INFINICART - login.asp Multiple Parameter Cross-Site Scripting INFINICART - 'login.asp' Multiple Parameter Cross-Site Scripting Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion SIAP CMS - login.asp SQL Injection SIAP CMS - 'login.asp' SQL Injection AppIntellect SpotLight CRM - login.asp SQL Injection AppIntellect SpotLight CRM - 'login.asp' SQL Injection DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection PHPBB 2.0.21 - privmsg.php HTML Injection phpBB 2.0.21 - privmsg.php HTML Injection Indexu 5.0/5.3 - login.php error_msg Parameter Cross-Site Scripting Indexu 5.0/5.3 - 'login.php' error_msg Parameter Cross-Site Scripting myBloggie 2.1.5 - login.php PATH_INFO Parameter Cross-Site Scripting myBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Avira Secure Backup 1.0.0.1 Build 3616 - '.reg'Buffer Overflow Avira Secure Backup 1.0.0.1 Build 3616 - '.reg' Buffer Overflow Boilsoft RM TO MP3 Converter 1.72 - Crash PoC '.wav' Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC Tyger Bug Tracking System 1.1.3 - login.php PATH_INFO Parameter Cross-Site Scripting Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Horde Framework 3.1.3 - login.php Cross-Site Scripting Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting PHPStats 0.1.9 - Multiple SQL Injections PHPStats 0.1.9 - PHP-Stats-options.php Remote Code Execution phpStats 0.1.9 - Multiple SQL Injections phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion Free File Hosting System 1.1 - 'login.php' AD_BODY_TEMP Parameter Remote File Inclusion DeskPro 2.0.1 - login.php HTML Injection DeskPro 2.0.1 - 'login.php' HTML Injection plesk 8.1.1 - login.php3 Directory Traversal plesk 8.1.1 - 'login.php3' Directory Traversal Ahhp Portal - page.php Multiple Remote File Inclusion Ahhp Portal - 'page.php' Multiple Remote File Inclusion Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion PHPPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting Maia Mailguard 1.0.2 - login.php Multiple Local File Inclusion Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusion Nukedit 4.9.x - login.asp Cross-Site Scripting Nukedit 4.9.x - 'login.asp' Cross-Site Scripting Pay Roll Time Sheet and Punch Card Application With Web UI - login.asp SQL Injection Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp'Version Attribute Buffer Overflow RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow PHPGedView 4.1 - login.php Cross-Site Scripting PHPGedView 4.1 - 'login.php' Cross-Site Scripting E-Smart Cart 1.0 - login.asp SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow E-Smart Cart 1.0 - 'login.asp' SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection AfterLogic MailBee WebMail Pro 3.x - login.php mode Parameter Cross-Site Scripting AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting JiRo's Banner System 2.0 - login.asp Multiple SQL Injection JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection WinUAE 1.4.4 - 'zfile.c' Stack-Based Buffer Overflow WinUAE 1.4.4 - 'zfile.c' Stack Based Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color() MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color() Android Web Browser - GIF File Heap-Based Buffer Overflow Android Web Browser - GIF File Heap Based Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP'Project File Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow PHPstats 0.1_alpha - 'PHPstats.php' Cross-Site Scripting phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting Publish-It 3.6d - '.pui'SEH Buffer Overflow Publish-It 3.6d - '.pui' SEH Buffer Overflow LeadTools Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities PHPBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion LeadTools Multimedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion PHPBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion EsContacts 1.0 - login.php msg Parameter Cross-Site Scripting EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting NASA Ames Research Center BigView 1.8 - '.PNM'Stack-Based Buffer Overflow NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter'SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter' SQL Injection VCDGear 3.50 - '.cue'Stack Buffer Overflow VCDGear 3.50 - '.cue' Stack Buffer Overflow FaName 1.0 - page.php name Parameter Cross-Site Scripting FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - login.php Multiple Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - 'login.php' Multiple Parameter Cross-Site Scripting Claroline 1.8.9 - PHPbb/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/reply.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/viewtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting Trixbox - 'endpoint_aastra.php mac parameter'Remote Code Injection Trixbox - 'endpoint_aastra.php mac parameter' Remote Code Injection Free Download Manager - Stack-based Buffer Overflow Free Download Manager - Stack Based Buffer Overflow XRms 1.99.2 - login.php target Parameter Cross-Site Scripting XRms 1.99.2 - 'login.php' target Parameter Cross-Site Scripting Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service Microsoft DebugDiag 1.0 - ' CrashHangExt.dll' ActiveX Control Remote Denial of Service PHPWebSite 0.9.3 - 'links.php' SQL Injection phpWebSite 0.9.3 - 'links.php' SQL Injection Easyedit CMS - page.php intPageID Parameter SQL Injection Easyedit CMS - 'page.php' intPageID Parameter SQL Injection aMSN - '.ctt'Remote Denial of Service aMSN - '.ctt' Remote Denial of Service 68 Classifieds 4.1 - login.php goto Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting ProFTPD 1.3 - 'mod_sql' Username SQL Injection ProFTPd 1.3 - 'mod_sql' Username SQL Injection LinPHA 1.3.2/1.3.3 - login.php Cross-Site Scripting LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting Recover Data for Novell Netware 1.0 - '.sav'Remote Denial of Service Recover Data for Novell Netware 1.0 - '.sav' Remote Denial of Service J. River Media Jukebox 12 - '.mp3'Remote Heap Buffer Overflow J. River Media Jukebox 12 - '.mp3' Remote Heap Buffer Overflow Invision Power Board 3.0.3 - '.txt'MIME-Type Cross-Site Scripting Invision Power Board 3.0.3 - '.txt' MIME-Type Cross-Site Scripting OpenOffice 3.1 - '.csv'Remote Denial of Service OpenOffice 3.1 - '.csv' Remote Denial of Service OpenOffice 3.1 - '.slk'NULL Pointer Dereference Remote Denial of Service OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service BS.Player 2.51 - '.mp3'Buffer Overflow BS.Player 2.51 - '.mp3' Buffer Overflow netKar PRO 1.1 - '.nkuser'File Creation NULL Pointer Denial Of Service netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service Aqua Real Screensaver - '.ar'Buffer Overflow Aqua Real Screensaver - '.ar' Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3'Remote Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow Sonique 2.0 - '.xpl'Remote Stack-Based Buffer Overflow Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow Property Watch - login.php redirect Parameter Cross-Site Scripting Property Watch - 'login.php' redirect Parameter Cross-Site Scripting Xilisoft Video Converter 3.1.8.0720b - '.ogg'Buffer Overflow Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow Mulitple Wordpress Themes - 'admin-ajax.php img parameter'Arbitrary File Download Mulitple Wordpress Themes - 'admin-ajax.php img parameter' Arbitrary File Download Crystal Player 1.98 - '.mls'Buffer Overflow Crystal Player 1.98 - '.mls' Buffer Overflow Wordpress Acento Theme - 'view-pdf.php file parameter'Arbitrary File Download Wordpress Acento Theme - 'view-pdf.php file parameter' Arbitrary File Download GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution DragDropCart - login.php redirect Parameter Cross-Site Scripting DragDropCart - 'login.php' redirect Parameter Cross-Site Scripting Microsoft Bluetooth Personal Area Networking - 'BthPan.sys'Privilege Escalation Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation WordPress RB Agency Plugin 2.4.7 - Local File Disclosure Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'Buffer Overflow/Denial of Service EIP Overwrite Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite Wireshark 1.4.3 - '.pcap'Memory Corruption Wireshark 1.4.3 - '.pcap' Memory Corruption Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'SEH Buffer Overflow Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf'Remote Buffer Overflow DivX Player 6.x - '.dps'Remote Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow DivX Player 6.x - '.dps' Remote Buffer Overflow VLC Media Player 1.0.5 - '.ape'Denial of Service VLC Media Player 1.0.5 - '.ape' Denial of Service RealPlayer 11 - '.rmp'Remote Buffer Overflow RealPlayer 11 - '.rmp' Remote Buffer Overflow Advantech AdamView 4.30.003 - '.gni'SEH Buffer Overflow Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f'Remote Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow eXPert PDF 7.0.880.0 - '.pj'Heab-based Buffer Overflow eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack Based Buffer Overflow PHPWebSite 1.7.1 - 'upload.php' Arbitrary File Upload phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution PHPWebSite 1.7.1 - 'mod.php' SQL Injection phpWebSite 1.7.1 - 'mod.php' SQL Injection Linux/x86 - custom execve-shellcode Encoder/Decoder Linux/x86 - custom execve-Shellcode Encoder/Decoder ProFTPd 1.3.5 (mod_copy) - Remote Command Execution ProFTPd 1.3.5 - (mod_copy) Remote Command Execution ProFTPD 1.3.5 - Mod_Copy Command Execution ProFTPd 1.3.5 - 'Mod_Copy' Command Execution Linux/x86 - Download & Execute shellcode Linux/x86 - Download & Execute Shellcode Adobe Flash - Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File Valhala Honeypot 1.8 - Stack-Based Buffer Overflow Valhala Honeypot 1.8 - Stack Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass WebKit Cross-Site Scripting Filter - ' Cross-Site ScriptingAuditor.cpp' Security Bypass Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow Mpxplay Multimedia Commander 2.00a - .m3u Stack Based Buffer Overflow Linux/x86-64 - /bin/sh shellcode Linux/x86-64 - /bin/sh Shellcode Last PassBroker 3.2.16 - Stack-Based Buffer Overflow Last PassBroker 3.2.16 - Stack Based Buffer Overflow C2 WebResource - 'File' Parameter Cross-Site Scripting C2 WebResource - ' File' Parameter Cross-Site Scripting SmallFTPD - Unspecified Denial of Service SmallFTPd - Unspecified Denial of Service VLC 2.2.1 libvlccore - '.mp3'Stack Overflow VLC 2.2.1 libvlccore - '.mp3' Stack Overflow FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read FBZX 2.10 - Local Stack-Based Buffer Overflow FBZX 2.10 - Local Stack Based Buffer Overflow TACK 1.07 - Local Stack-Based Buffer Overflow TACK 1.07 - Local Stack Based Buffer Overflow Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp Multiple Field SQL Injection Authentication Bypass Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass Wireshark - iseries_parse_packet Heap-Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow Wireshark - iseries_parse_packet Heap Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow Wireshark - find_signature Stack-Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow Wireshark - getRate Stack-Based Out-of-Bounds Read Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow Wireshark - find_signature Stack Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow Wireshark - getRate Stack Based Out-of-Bounds Read Adobe Flash TextField.variable Setter - Use-After-Free Adobe Flash TextField.Variable Setter - Use-After-Free Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read eshtery CMS - 'FileManager.aspx' Local File Disclosure eshtery CMS - ' FileManager.aspx' Local File Disclosure pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read pdfium CPDF_Function::Call - Stack-Based Buffer Overflow pdfium CPDF_Function::Call - Stack Based Buffer Overflow MySQL 5.5.45 (64bit) - Local Credentials Disclosure pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read Tftpd32 and Tftpd64 - Denial Of Service TFTPD32 and Tftpd64 - Denial Of Service glibc - getaddrinfo Stack-Based Buffer Overflow glibc - getaddrinfo Stack Based Buffer Overflow Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow libxml2 - xmlDictAddString Heap-Based Buffer Overread libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread libxml2 - htmlCurrentChar Heap-Based Buffer Overread Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow libxml2 - xmlDictAddString Heap Based Buffer Overread libxml2 - xmlParseEndTag2 Heap Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap Based Buffer Overread libxml2 - htmlCurrentChar Heap Based Buffer Overread Kamailio 4.3.4 - Heap-Based Buffer Overflow Kamailio 4.3.4 - Heap Based Buffer Overflow Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow Wireshark - dissect_2008_16_security_4 Stack Based Buffer Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow NRSS Reader 0.3.9 - Local Stack-Based Overflow NRSS Reader 0.3.9 - Local Stack Based Overflow Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap-Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads Graphite2 - GlyphCache::GlyphCache Heap Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Based Memory Corruption Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) PHP 5.0.0 - imap_mail() Local Denial of Service PHP 5.0.0 - 'imap_mail()' Local Denial of Service PHP 5.0.0 - html_doc_file() Local Denial of Service PHP 5.0.0 - 'html_doc_file()' Local Denial of Service	2016-09-06 05:08:08 +00:00

4 commits