bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1408 commits 1 branch 0 tags 366 MiB
Commit graph

3 commits

Author SHA1 Message Date
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00
Offensive Security
4b39f0d26d DB: 2017-11-16 
23 new exploits

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (1)

Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service
Microsoft Windows Explorer - '.AVI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service
Microsoft Windows Explorer - '.ANI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service
Microsoft Windows Explorer - '.doc' File Denial of Service

CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)

Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities
Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities

iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service

Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)
Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC)

Webby WebServer - SEH Control (PoC)
Webby WebServer - Overflow (SEH) (PoC)

Quick 'n Easy FTP Server Lite 3.1 - Exploit
Quick 'n Easy FTP Server Lite 3.1 - Denial of Service

Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC)

FFDshow - SEH Exception Leading to Null Pointer on Read
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read

Microsoft Internet Explorer - MSHTML Findtext Processing Issue
Microsoft Internet Explorer - MSHTML Findtext Processing Exploit

Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption
Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption
Debian suidmanager 0.18 - Exploit
AMD K6 Processor - Exploit
Apple Personal Web Sharing 1.1 - Remote Denial of Service
AMD K6 Processor - Denial of Service

Sun Solaris 7.0 - 'procfs' Denial of Service

S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service
S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service

Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service
Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service

D-Link DIR605L - Denial of Service

RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service

(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service
ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service

IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow
IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow

xfstt 1.2/1.4 - Unspecified Memory Disclosure
xfstt 1.2/1.4 - Memory Disclosure

ViRobot Linux Server 2.0 - Exploit

Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities

IBM AIX 5.x - Invscout Local Buffer Overflow
IBM AIX 5.x - 'Invscout' Local Buffer Overflow

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow

Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)
Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)

IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption
IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption

Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow
Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow

Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities
Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (2)

Sun Solaris 10 - ICMP Unspecified Remote Denial of Service
Sun Solaris 10 - ICMP Remote Denial of Service

Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service
Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service

Progress WebSpeed 3.0/3.1 - Denial of Service

GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities
GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities
Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service
Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service
Wireshark 0.99.8 - X.509sat Dissector Denial of Service
Wireshark 0.99.8 - LDAP Dissector Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service

Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities

SmallFTPd - Unspecified Denial of Service
SmallFTPd - Denial of Service

Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference
Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference

Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference
Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference

Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference
Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)

Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine

Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits

Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference

Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine
Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine

Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call
Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Mandrake Linux 8.2 /usr/mail - Local Exploit
Mandrake Linux 8.2 - '/usr/mail' Local Exploit

RedHat 6.2 /sbin/restore - Exploit
RedHat 6.2 - '/sbin/restore' Privilege Escalation

dump 0.4b15 (RedHat 6.2) - Exploit
dump 0.4b15 (RedHat 6.2) - Privilege Escalation
xsoldier 0.96 (RedHat 6.2) - Exploit
Pine (Local Message Grabber) - Exploit
xsoldier 0.96 (RedHat 6.2) - Buffer Overflow
Pine (Local Message Grabber) - Local Message Read

Seyon 2.1 rev. 4b i586-Linux - Exploit
Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow

glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit
glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read

suid_perl 5.001 - Exploit
suid_perl 5.001 - Command Execution

Sendmail 8.11.x (Linux/i386) - Exploit
Sendmail 8.11.x (Linux/i386) - Privilege Escalation

Microsoft Excel - Unspecified Remote Code Execution
Microsoft Excel - Remote Code Execution

Microsoft Word 2000 - Unspecified Code Execution
Microsoft Word 2000 - Code Execution
IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation
IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation

IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite

Easy RM to MP3 Converter 2.7.3.700 - Exploit
Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow

Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit
Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow

Adobe Reader and Acrobat - Exploit
Adobe Reader / Acrobat - '.PDF' File Overflow

Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH)

Winamp 5.572 - Exploit (SEH)
Winamp 5.572 - Overflow (SEH)

ZipScan 2.2c - Exploit (SEH)
ZipScan 2.2c - Overflow (SEH)
Local Glibc shared library (.so) 2.11.1 - Exploit
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
Local Glibc Shared Library (.so) 2.11.1 - Code Execution
ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation

SyncBack Freeware 3.2.20.0 - Exploit
SyncBack Freeware 3.2.20.0 - Overflow (SEH)

Mediacoder 0.7.3.4672 - Exploit (SEH)
Mediacoder 0.7.3.4672 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH)

DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)
DJ Studio Pro 8.1.3.2.1 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit)

iworkstation 9.3.2.1.4 - Exploit (SEH)
iworkstation 9.3.2.1.4 - Overflow (SEH)

Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)
Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode)

POP Peeper 3.7 - Exploit (SEH)
POP Peeper 3.7 - Overflow (SEH)

DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass
DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass)

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit)

BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass)
Slackware Linux 3.4 - 'liloconfig-color' Temporary file
Slackware Linux 3.4 - 'makebootdisk' Temporary file
Slackware Linux 3.4 - 'liloconfig-color' Temporary File
Slackware Linux 3.4 - 'makebootdisk' Temporary File
Slackware Linux 3.4 - 'netconfig' Temporary file
Slackware Linux 3.4 - 'pkgtool' Temporary file
Slackware Linux 3.4 - 'netconfig' Temporary File
Slackware Linux 3.4 - 'pkgtool' Temporary File

Debian suidmanager 0.18 - Command Execution
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission
Slackware Linux 3.5 - '/etc/group' Privilege Escalation

Sun Solaris 2.6 power management - Exploit
Sun Solaris 2.6 - power management Exploit
DataLynx suGuard 1.0 - Exploit
Sun Solaris 2.5.1 PAM & unix_scheme - Exploit
Solaris 2.5.1 ffbconfig - Exploit
Solaris 2.5.1 chkey - Exploit
Solaris 2.5.1 Ping - Exploit
SGI IRIX 6.4 ioconfig - Exploit
DataLynx suGuard 1.0 - Privilege Escalation
Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation
Solaris 2.5.1 - 'ffbconfig' Exploit
Solaris 2.5.1 - 'chkey' Exploit
Solaris 2.5.1 - 'Ping' Exploit
SGI IRIX 6.4 - 'ioconfig' Exploit
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2)

Solaris 2.5.1 automount - Exploit
Solaris 2.5.1 - 'automount' Exploit
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit
Sun Solaris 7.0 dtprintinfo - Buffer Overflow
Sun Solaris 7.0 lpset - Buffer Overflow
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow
Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow

IBM Remote Control Software 1.0 - Exploit
IBM Remote Control Software 1.0 - Code Execution

Xcmail 0.99.6 - Exploit
Xcmail 0.99.6 - Buffer Overflow
Sun Solaris 7.0 ff.core - Exploit
S.u.S.E. 5.2 lpc - Exploit
Sun Solaris 7.0 - 'ff.core' Exploit
S.u.S.E. 5.2 - 'lpc' Exploit

SGI IRIX 6.2 cdplayer - Exploit
SGI IRIX 6.2 - 'cdplayer' Exploit
SGI IRIX 5.3 Cadmin - Exploit
SGI IRIX 6.0.1 colorview - Exploit
SGI IRIX 5.3 - 'Cadmin' Exploit
SGI IRIX 6.0.1 - 'colorview' Exploit
SGI IRIX 6.3 df - Exploit
SGI IRIX 6.4 - datman/cdman Exploit
SGI IRIX 6.3 - 'df' Exploit
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.2 fsdump - Exploit
RedHat Linux 5.1 xosview - Exploit
Slackware Linux 3.1 - Buffer Overflow
RedHat Linux 2.1 - 'abuse.console' Exploit
SGI IRIX 6.2 - 'fsdump' Exploit
RedHat Linux 5.1 - xosview
Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow

IBM AIX 4.3 infod - Exploit
IBM AIX 4.3 - 'infod' Exploit

IBM AIX 4.2.1 snap - Insecure Temporary File Creation
IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation
SGI IRIX 6.4 inpview - Exploit
RedHat Linux 5.0 msgchk - Exploit
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 ping - Buffer Overflow
IBM AIX 4.2 lchangelv - Buffer Overflow
SGI IRIX 6.4 - 'inpview' Exploit
RedHat Linux 5.0 - 'msgchk' Exploit
IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 - 'ping' Buffer Overflow
IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow

RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)

SGI IRIX 6.4 netprint - Exploit
SGI IRIX 6.4 - 'netprint' Exploit

SGI IRIX 5.3/6.2 ordist - Exploit
SGI IRIX 5.3/6.2 - 'ordist' Exploit

SGI IRIX 5.3 pkgadjust - Exploit
SGI IRIX 5.3 - 'pkgadjust' Exploit

Sun Solaris 7.0 procfs - Exploit
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 4.2.1 lquerypv - Exploit
IBM AIX 3.2.5 - 'IFS' Exploit
IBM AIX 4.2.1 - 'lquerypv' File Read
SGI IRIX 6.3 pset - Exploit
SGI IRIX 6.4 rmail - Exploit
SGI IRIX 6.3 - 'pset' Exploit
SGI IRIX 6.4 - 'rmail' Exploit
SGI IRIX 5.2/5.3 serial_ports - Exploit
SGI IRIX 6.4 suid_exec - Exploit
SGI IRIX 5.1/5.2 sgihelp - Exploit
SGI IRIX 6.4 startmidi - Exploit
SGI IRIX 5.2/5.3 - 'serial_ports' Exploit
SGI IRIX 6.4 - 'suid_exec' Exploit
SGI IRIX 5.1/5.2- 'sgihelp' Exploit
SGI IRIX 6.4 - 'startmidi' Exploit

SGI IRIX 6.4 xfsdump - Exploit
SGI IRIX 6.4 - 'xfsdump' Exploit

IBM AIX 4.3.1 adb - Exploit
IBM AIX 4.3.1 - 'adb' Denial of Service
Apple At Ease 5.0 - Exploit
Samba < 2.0.5 - Exploit
Apple At Ease 5.0 - Information Disclosure
Samba < 2.0.5 - Overflow

NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit
NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space

Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow

HP-UX 10.20 newgrp - Exploit
HP-UX 10.20 newgrp - Privilege Escalation

BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)

BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2)

Solaris 7.0 kcms_configure - Exploit
Solaris 7.0 - 'kcms_configure Exploit

Windowmaker wmmon 1.0 b2 - Exploit
Windowmaker wmmon 1.0 b2 - Command Execution

Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit
Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation

Standard & Poors ComStock 4.2.4 - Exploit
Standard & Poors ComStock 4.2.4 - Command Execution
KDE 1.1.2 KApplication configfile - Exploit (1)
KDE 1.1.2 KApplication configfile - Exploit (2)
KDE 1.1.2 KApplication configfile - Exploit (3)
KDE 1.1.2 KApplication configfile - Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Privilege Escalation (2)
KDE 1.1.2 KApplication configfile - Privilege Escalation (3)

BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)
mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2)

Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
IRIX 6.5.x - GR_OSView Buffer Overflow
SGI IRIX 6.2 libgl.so - Buffer Overflow
IRIX 6.5.x - dmplay Buffer Overflow
IRIX 6.2/6.3 lpstat - Buffer Overflow
IRIX 6.5.x - inpview Race Condition
IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow
SGI IRIX 6.2 - 'libgl.so' Buffer Overflow
IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow
IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition

IRIX 5.3/6.x - mail Exploit
IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow
Libc locale - Exploit (1)
Libc locale - Exploit (2)
Libc locale - Privilege Escalation (1)
Libc locale - Privilege Escalation (2)

GNOME esound 0.2.19 - Unix Domain Socket Race Condition

Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition
IBM AIX 4.x - setsenv Buffer Overflow
IBM AIX 4.3 digest - Buffer Overflow
IBM AIX 4.x - enq Buffer Overflow
IBM AIX 4.3.x - piobe Buffer Overflow
IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow
IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow
IBM AIX 4.x - 'enq' Buffer Overflow
IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow

SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow

AIX 4.2/4.3 - piomkapqd Buffer Overflow
AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow

(Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation

(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection
Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection
QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow
QNX RTOS 6.1 - PKG-Installer Buffer Overflow
QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow
QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow

NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass
NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass)

AFD 1.2.x - Working Directory Local Buffer Overflow
AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation

IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow

HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access
HP-UX 10.x - rs.F3000 Unauthorized Access

Leksbot 1.2 - Multiple Unspecified Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities

IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow

IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation
IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation

ViRobot Linux Server 2.0 - Overflow

(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation
Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)

Nvidia Display Driver Service (Nsvr) - Exploit
Nvidia Display Driver Service (Nsvr) - Buffer Overflow
IBM AIX 5.3 - GetShell and GetCommand File Enumeration
IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure

Apple 2.0.4 - Safari Unspecified Local
Apple 2.0.4 - Safari Local Exploit

Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities

IBM AIX 6.1.8 libodm - Arbitrary File Write
IBM AIX 6.1.8 - 'libodm' Arbitrary File Write

Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation

VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass)

Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation

QEMU (Gentoo) - Local Priv Escalation
QEMU (Gentoo) - Privilege Escalation

Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)

Microsoft WordPerfect Document Converter - Exploit (MS03-036)
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)

CA BrightStor ARCserve Backup - Exploiter Tool
CA BrightStor ARCserve Backup - Overflow

NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write

CDBurnerXP 4.2.4.1351 - Exploit

PeerCast 0.1216 - Exploit (Metasploit)
PeerCast 0.1216 - Stack Overflow (Metasploit)

BigAnt Server 2.52 - Exploit (SEH)
BigAnt Server 2.52 - Overflow (SEH)

NetTransport Download Manager 2.90.510 - Exploit
NetTransport Download Manager 2.90.510 - Overflow (SEH)

File Sharing Wizard 1.5.0 - Exploit (SEH)
File Sharing Wizard 1.5.0 - Overflow (SEH)
Real Player 12.0.0.879 - Exploit
Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)
Real Player 12.0.0.879 - Code Execution
Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass)

IBM AIX 5l FTPd - Remote DES Hash Exploit
IBM AIX 5l - 'FTPd' Remote DES Hash Exploit

Microsoft Data Access Components - Exploit (MS11-002)
Microsoft Data Access Components - Overflow (PoC) (MS11-002)

FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit)

Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)

Apple Personal Web Sharing 1.1 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 -  Upload / Execute Read Scripts

IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit
IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation

HP HP-UX 10.34 rlpdaemon - Exploit
HP HP-UX 10.34 rlpdaemon - Remote Overflow

Ray Chan WWW Authorization Gateway 0.1 - Exploit
Ray Chan WWW Authorization Gateway 0.1 - Command Execution

Solaris 7.0 Coredump - Exploit
Solaris 7.0 - 'Coredump' File Write
IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit
SGI IRIX 6.2 cgi-bin wrap - Exploit
IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read
SGI IRIX 6.2 - cgi-bin wrap Exploit

SGI IRIX 6.5.2 nsd - Exploit
SGI IRIX 6.5.2 - 'nsd'' Exploit

IBM AIX 3.2.5 - login(1) Exploit
IBM AIX 3.2.5 - 'login(1)' Exploit

Compaq Java Applet for Presario SpawnApp - Exploit
Compaq Java Applet for Presario SpawnApp - Code Execution

Network Security Wizards Dragon-Fire IDS 1.0 - Exploit
Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution

Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure

IBM AIX 4.3.2 ftpd - Remote Buffer Overflow
IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow

glFTPd 1.17.2 - Exploit
glFTPd 1.17.2 - Code Execution

Netopia R-series routers 4.6.2 - Exploit
Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

Sun Java Web Server 1.1.3/2.0 Servlets - Exploit
Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure

IPFilter 3.x - Fragment Rule Bypass

CGIWrap 2.x/3.x - Cross-Site Scripting

AIX 4.1/4.2 - pdnsd Buffer Overflow
AIX 4.1/4.2 - 'pdnsd' Buffer Overflow

RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote Username Enumeration

Hylafax 4.1.x - HFaxD Unspecified Format String
Hylafax 4.1.x - HFaxD Format String

EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow

LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities
LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities

Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities
Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities

Oracle 9i - Multiple Unspecified Vulnerabilities
Oracle 9i - Multiple Vulnerabilities

File ELF 4.x - Header Unspecified Buffer Overflow
File ELF 4.x - Header Buffer Overflow
Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue
Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack
Microsoft Internet Explorer 6 - Unspecified Code Execution (1)
Microsoft Internet Explorer 6 - Unspecified Code Execution (2)
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)

GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal

TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal
TFTP Server TFTPDWin 0.4.2 - Directory Traversal

Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit

Multiple CA Service Management Products - Unspecified Remote Command Execution
Multiple CA Service Management Products - Remote Command Execution

NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow

Bash - Environment Variables Code Injection (Shellshock)
Bash - Environment Variables Command Injection (Shellshock)

OpenVPN 2.2.29 - Remote Exploit (Shellshock)
OpenVPN 2.2.29 - Remote Command Injection (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)
Apache mod_cgi - Remote Exploit (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)
Apache mod_cgi - Remote Command Injection (Shellshock)

Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow
Poison Ivy 2.3.2 - Remote Buffer Overflow

Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution
Samba 3.5.11/3.6.3 - Remote Code Execution

Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)

Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion

Poll It CGI 2.0 - Exploit
Poll It CGI 2.0 - Multiple Vulnerabilities

DreamPoll 3.1 - Exploit
DreamPoll 3.1 - SQL Injection

WordPress Plugin WP-Cumulus 1.20 - Exploit
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting

Public Media Manager - Exploit
Public Media Manager - Remote File Inclusion

Joomla! Component com_adagency - Exploit
Joomla! Component com_adagency - Local File Inclusion

File Upload Manager 1.3 - Exploit
File Upload Manager 1.3 - Web Shell File Upload

Joomla! Component com_caddy - Exploit

Renista CMS - Exploit
Renista CMS - SQL Injection

BtiTracker 1.3.x < 1.4.x - Exploit
BtiTracker 1.3.x < 1.4.x - SQL Injection

WordPress Plugin Cimy Counter - Exploit
WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting

Belkin F5D7234-4 v5 G Wireless Router - Exploit
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed

WhatsApp Status Changer 0.2 - Exploit
WhatsApp - Remote Change Status

MySimpleNews 1.0 - Remotely Readable Administrator Password
MySimpleNews 1.0 - Remote Readable Administrator Password

SquirrelMail 1.2.11 - Exploit
SquirrelMail 1.2.11 - Multiple Vulnerabilities

D-Link DCS-936L Network Camera - Cross-Site Request Forgery
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting

Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Cross-Site Scripting Vulnerabilities

Codegrrl - 'Protection.php' Unspecified Code Execution
Codegrrl - 'Protection.php' Code Execution
Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'index.php' Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting

A-Blog 1.0 - Unspecified Cross-Site Scripting
A-Blog 1.0 - Cross-Site Scripting

Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Akismet 2.1.3 - Unspecified
WordPress Plugin Akismet 2.1.3 - Exploit

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities

UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit
UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information

Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload
Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload

MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections

Zoph 0.7.2.1 - Unspecified SQL Injection
Zoph 0.7.2.1 - SQL Injection

Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component FreiChat 1.0/2.x - HTML Injection

Bash CGI - Remote Code Execution (Shellshock) (Metasploit)
Bash CGI - Remote Command Injection (Shellshock) (Metasploit)

PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock)
PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)

Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities

Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit

Netsweeper 4.0.8 - Authentication Bypass Issue
Netsweeper 4.0.8 - Authentication Bypass

SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting

Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting
Bugzilla 4.2 - Tabular Reports Cross-Site Scripting

iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal
iScripts AutoHoster - 'main_smtp.php' Traversal Exploit

Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits

Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)

NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)

Squid Analysis Report Generator 2.3.10 - Remote Code Execution
 2017-11-16 10:02:26 +00:00
Offensive Security
e515bac4fe DB: 2017-10-27 
2 new exploits

Microsoft Windows XP/2000 - TCP Connection Reset Remote Exploit
Microsoft Windows XP/2000 - TCP Connection Reset

WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflows (PoC)
WinEggDropShell 1.7 - Unauthenticated Multiple Remote Stack Overflows (PoC)

FileCOPA FTP Server 1.01 - 'USER' Remote Unauthenticated Denial of Service
FileCOPA FTP Server 1.01 - 'USER' Unauthenticated Remote Denial of Service

Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Unauthenticated Remote Stack Based Overrun (PoC)

Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPD Unauthenticated Remote Denial of Service / Buffer Overflow (PoC)

Simple HTTPD 1.41 - '/aux' Remote Denial of Service
Simple HTTPd 1.41 - '/aux' Remote Denial of Service

MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Denial of Service

Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service
Oracle Internet Directory 10.1.4 - Unauthenticated Remote Denial of Service

Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service
Linksys WAG54G v2 Wireless ADSL Router - HTTPd Denial of Service

Nofeel FTP Server 3.6 - 'CWD' Command Remote Memory Consumption
Nofeel FTP Server 3.6 - 'CWD' Remote Memory Consumption

Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service
Home FTP Server 1.10.1.139 - 'SITE INDEX' Remote Denial of Service

XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service
XM Easy Personal FTP Server - 'APPE' / 'DELE' Denial of Service

httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)
httpdx 1.5.2 - Unauthenticated Remote Denial of Service (PoC)

httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service Vulnerabilities (PoC)
httpdx 1.5.3b - Unauthenticated Remote Denial of Service Multiple Vulnerabilities (PoC)

eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crashs (SEH) (PoC)
eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Crashs (SEH) (PoC)

TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (1)
TYPSoft FTP Server 1.10 - 'RETR' Denial of Service (1)

(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Remote Denial of Service

Motorola SB5101 Hax0rware Rajko HTTPD - Remote Exploit (PoC)
Motorola SB5101 Hax0rware Rajko HTTPd - Remote Exploit (PoC)

Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service
Unreal Tournament 3 2.1 - 'STEAMBLOB' Remote Denial of Service

TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (2)
TYPSoft FTP Server 1.10 - 'RETR' Denial of Service (2)

Objectivity/DB - Lack of Authentication Remote Exploit
Objectivity/DB - Lack of Authentication

IPComp - encapsulation Unauthenticated kernel memory Corruption
IPComp - encapsulation Unauthenticated Kernel Memory Corruption

Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC)
Crush FTP 5 - 'APPE' Remote JVM Blue Screen of Death (PoC)

torrent-stats - httpd.c Denial of Service
torrent-stats - 'httpd.c' Denial of Service

Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor status.cgi Denial of Service
Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor 'status.cgi' Denial of Service

WhitSoft SlimServe - HTTPD 1.1 Get Denial of Service
WhitSoft SlimServe HTTPd 1.1 - Get Denial of Service

Linksys BEFSR41 1.4x - Gozila.cgi Denial of Service
Linksys BEFSR41 1.4x - 'Gozila.cgi' Denial of Service

BRS Webweaver 1.06 httpd - 'User-Agent' Remote Denial of Service
BRS Webweaver 1.06 - HTTPd 'User-Agent' Remote Denial of Service

Surfboard httpd 1.1.9 - Remote Buffer Overflow
Surfboard HTTPd 1.1.9 - Remote Buffer Overflow

RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service
RobotFTP Server 1.0/2.0 - Unauthenticated Remote Command Denial of Service

Titan FTP Server 3.0 - 'LIST' Command Denial of Service
Titan FTP Server 3.0 - 'LIST' Denial of Service

Monkey HTTPD 1.1.1 - Crash (PoC)
Monkey HTTPd 1.1.1 - Crash (PoC)

Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow
Alt-N MDaemon 2-8 - IMAP Unauthenticated Remote Buffer Overflow

Titan FTP Server 6.05 build 550 - 'DELE' Command Remote Buffer Overflow
Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow

Surgemail and WebMail 3.0 - 'Page' Command Remote Format String
Surgemail and WebMail 3.0 - 'Page' Remote Format String

Call of Duty 4 1.5 - Malformed 'stats' Command Denial of Service
Call of Duty 4 1.5 - 'stats' Denial of Service

Softalk Mail Server 8.5.1 - 'APPEND' Command Remote Denial of Service
Softalk Mail Server 8.5.1 - 'APPEND' Remote Denial of Service

FileCOPA FTP Server 5.01 - 'NOOP' Command Denial of Service
FileCOPA FTP Server 5.01 - 'NOOP' Denial of Service

Hybserv2 - ':help' Command Denial of Service
Hybserv2 - ':help' Denial of Service

Titan FTP Server 8.40 - 'APPE' Command Remote Denial of Service
Titan FTP Server 8.40 - 'APPE' Remote Denial of Service

TYPSoft FTP Server 1.1 - 'APPE' Command Remote Buffer Overflow
TYPSoft FTP Server 1.1 - 'APPE' Remote Buffer Overflow

Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial of Service
Sony Bravia KDL-32CX525 - 'hping' Remote Denial of Service
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
freeFTPd 1.0.8 - 'mkd' Command Denial of Service
SmallFTPd 1.0.3 - 'mkd' Denial of Service
freeFTPd 1.0.8 - 'mkd' Denial of Service

Wireshark 2.2.0 to 2.2.12 - ROS Dissector Denial of Service
Wireshark 2.2.0 < 2.2.12 - ROS Dissector Denial of Service

AIX 4.3/5.1 < 5.3 - 'lsmcode' Command Execution Privilege Escalation
AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation

xp-AntiSpy 3.9.7-4 - '.xpas' file Buffer Overflow
xp-AntiSpy 3.9.7-4 - '.xpas' File Buffer Overflow

GTA SA-MP server.cfg - Buffer Overflow (Metasploit)
GTA SA-MP - 'server.cfg' Buffer Overflow (Metasploit)

SCO Unixware 7.1 - 'pkg' command Exploit
SCO Unixware 7.1 - 'pkg' Exploit

Caldera UnixWare 7.1.1 - WebTop SCOAdminReg.cgi Arbitrary Command Execution
Caldera UnixWare 7.1.1 - WebTop 'SCOAdminReg.cgi' Arbitrary Command Execution

OSSEC 2.7 < 2.8.1 - 'diff' Command Privilege Escalation
OSSEC 2.7 < 2.8.1 - 'diff' Privilege Escalation

Microsoft Windows 10 - pcap Driver Privilege Escalation
Microsoft Windows 10 - 'pcap' Driver Privilege Escalation
PHPMailer < 5.2.21 - Local File Disclosure
HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow

Apache 2.0.45 - APR Remote Exploit
Apache 2.0.45 - 'APR' Remote Exploit

RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Remote Exploit

Pavuk Digest - Authentication Buffer Overflow Remote Exploit
Pavuk Digest - Authentication Remote Buffer Overflow

3CServer 1.1 - FTP Server Remote Exploit
3CServer 1.1 (FTP Server) - Remote Exploit

LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Remote Exploit
LimeWire 4.1.2 < 4.5.6 - 'GET' Remote Exploit

MailEnable Enterprise 1.x - Imapd Remote Exploit
MailEnable Enterprise 1.x - IMAPd Remote Exploit

Sumus 0.2.2 - httpd Remote Buffer Overflow
Sumus 0.2.2 - HTTPd Remote Buffer Overflow

Symantec Scan Engine 5.0.x - Change Admin Password Remote Exploit
Symantec Scan Engine 5.0.x - Change Admin Password

Mercur Messaging 2005 (Windows 2000 SP4) - IMAP (Subscribe) Remote Exploit
Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote Exploit

CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow
CoreHTTP 0.5.3alpha - HTTPd Remote Buffer Overflow

Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow
Postcast Server Pro 3.0.61 / Quiksoft EasyMail - 'emsmtp.dll 6.0.1' Buffer Overflow

Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow
Mercury/32 4.52 IMAPD - 'SEARCH' Authenticated Overflow

SonicWALL SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit
SonicWALL SSL-VPN - 'NeLaunchCtrl' ActiveX Control Remote Exploit

simple httpd 1.38 - Multiple Vulnerabilities
Simple HTTPd 1.38 - Multiple Vulnerabilities

Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB)
Cisco IOS 12.3(18) (FTP Server)  - Remote Exploit (Attached to GDB)

freeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH)
freeSSHd 1.2.1 - 'rename' Remote Buffer Overflow (SEH)

Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow (Metasploit)
Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Buffer Overflow (Metasploit)

Home FTP Server - 'MKD' Command Directory Traversal
Home FTP Server - 'MKD' Directory Traversal

Apple iTunes 8.1.x - 'daap' Buffer Overflow Remote Exploit
Apple iTunes 8.1.x - 'daap' Remote Buffer Overflow

eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflows (1)
eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (1)

eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflows (2)
eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (2)

EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - 'MKD' Authenticated Remote Buffer Overflow

Xftp client 3.0 - PWD Remote Exploit
Xftp client 3.0 - 'PWD' Remote Exploit

ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Authenticated Remote Exploit (ASLR + DEP Bypass)
EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'MKD' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'CWD' Authenticated Remote Buffer Overflow

EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow (Metasploit)

CesarFTP 0.99g - 'MKD' Command Buffer Overflow (Metasploit)
CesarFTP 0.99g - 'MKD' Buffer Overflow (Metasploit)

Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
Alt-N MDaemon 6.8.5 - WorldClient 'form2raw.cgi' Stack Buffer Overflow (Metasploit)

Linksys WRT54 Access Point - apply.cgi Buffer Overflow (Metasploit)
Linksys WRT54 Access Point - 'apply.cgi' Buffer Overflow (Metasploit)

Progea Movicon 11 - TCPUploadServer Remote Exploit
Progea Movicon 11 - 'TCPUploadServer' Remote Exploit

PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit)
PCMan FTP Server - 'PUT_ Buffer Overflow (Metasploit)

Freefloat FTP Server - 'LIST' Command Buffer Overflow
Freefloat FTP Server - 'LIST' Buffer Overflow

KnFTP 1.0.0 Server - 'USER' command Remote Buffer Overflow
KnFTP 1.0.0 Server - 'USER' Remote Buffer Overflow

SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit
SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Exploit

Matt Wright - FormHandler.cgi 2.0 Reply Attachment
Matt Wright - 'FormHandler.cgi' 2.0 Reply Attachment

Solution Scripts Home Free 1.0 - search.cgi Directory Traversal
Solution Scripts Home Free 1.0 - 'search.cgi' Directory Traversal

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution
CNC Technology BizDB 1.0 - 'bizdb-search.cgi' Remote Command Execution

3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution
3R Soft MailStudio 2000 2.0 - 'userreg.cgi' Arbitrary Command Execution

Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote 'Username' and Password Retrieval
Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username / Password Retrieval

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter
Greg Matthews - 'Classifieds.cgi' 1.0 MetaCharacter

Squid Web Proxy 2.2 - cachemgr.cgi Unauthorized Connection
Squid Web Proxy 2.2 - 'cachemgr.cgi' Unauthorized Connection

Leif M. Wright - ad.cgi 1.0 Unchecked Input
Leif M. Wright - 'ad.cgi' 1.0 Unchecked Input

NCSA 1.3/1.4.x/1.5 / Apache httpd 0.8.11/0.8.14 - ScriptAlias Source Retrieval
NCSA 1.3/1.4.x/1.5 / Apache HTTPd 0.8.11/0.8.14 - ScriptAlias Source Retrieval

SWSoft ASPSeek 1.0 - s.cgi Buffer Overflow
SWSoft ASPSeek 1.0 - 's.cgi' Buffer Overflow
Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp4.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - 'a1disp2.cgi' Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - 'a1disp3.cgi' Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - 'a1disp4.cgi' Traversal Arbitrary File Read

Tarantella Enterprise 3 3.x - TTAWebTop.cgi Arbitrary File Viewing
Tarantella Enterprise 3 3.x - 'TTAWebTop.cgi' Arbitrary File Viewing
NCSA httpd 1.x - Buffer Overflow (1)
NCSA httpd 1.x - Buffer Overflow (2)
NCSA HTTPd 1.x - Buffer Overflow (1)
NCSA HTTPd 1.x - Buffer Overflow (2)

BPM Studio Pro 4.2 - HTTPD Directory Traversal
BPM Studio Pro 4.2 - HTTPd Directory Traversal
Light HTTPD 0.1 - GET Buffer Overflow (1)
Light HTTPD 0.1 - GET Buffer Overflow (2)
Light HTTPd 0.1 - GET Buffer Overflow (1)
Light HTTPd 0.1 - GET Buffer Overflow (2)

Null HTTPD 0.5 - Remote Heap Corruption
Null HTTPd 0.5 - Remote Heap Corruption

Boozt Standard 0.9.8 - index.cgi Buffer Overrun
Boozt Standard 0.9.8 - 'index.cgi' Buffer Overrun

Webmin 0.9x / Usermin 0.9x/1.0 - Session ID Spoofing Unauthenticated Access
Webmin 0.9x / Usermin 0.9x/1.0 - Unauthenticated Access Session ID Spoofing

Axis Communications Video Server 2.x - Command.cgi File Creation
Axis Communications Video Server 2.x - 'Command.cgi' File Creation

Freefloat FTP Server - 'PUT' Command Buffer Overflow
Freefloat FTP Server - 'PUT' Buffer Overflow
MNOGoSearch 3.1.20 - search.cgi UL Buffer Overflow (1)
MNOGoSearch 3.1.20 - search.cgi UL Buffer Overflow (2)
MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (1)
MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (2)
MySQL - Remote Unauthenticated User Enumeration
(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit
MySQL - Unauthenticated Remote User Enumeration
(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Remote Authentication Bypass

Freefloat FTP Server - 'USER' Command Buffer Overflow
Freefloat FTP Server - 'USER' Buffer Overflow

Mephistoles HTTPD 0.6 - Cross-Site Scripting
Mephistoles HTTPd 0.6 - Cross-Site Scripting

SurgeLDAP 1.0 - User.cgi Directory Traversal
SurgeLDAP 1.0 - 'User.cgi' Directory Traversal

Nagios3 - history.cgi Remote Command Execution
Nagios3 - 'history.cgi' Remote Command Execution

Nagios3 - history.cgi Host Command Execution (Metasploit)
Nagios3 - 'history.cgi' Host Command Execution (Metasploit)

Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun
Firebird 1.0 - Unauthenticated Remote Database Name Buffer Overrun

acme thttpd 2.0.7 - Directory Traversal
Acme thttpd 2.0.7 - Directory Traversal

Freefloat FTP Server 1.0 - 'Raw' Commands Buffer Overflow
Freefloat FTP Server 1.0 - 'Raw' Buffer Overflow

NETGEAR DGN1000B - setup.cgi Remote Command Execution (Metasploit)
NETGEAR DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit)

Linksys E1500/E2500 - apply.cgi Remote Command Injection (Metasploit)
Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit)

Linksys WRT54GL - apply.cgi Command Execution (Metasploit)
Linksys WRT54GL - 'apply.cgi' Command Execution (Metasploit)

NETGEAR DGN2200B - pppoe.cgi Remote Command Execution (Metasploit)
NETGEAR DGN2200B - 'pppoe.cgi' Remote Command Execution (Metasploit)

SAP ConfigServlet - Remote Unauthenticated Payload Execution (Metasploit)
SAP ConfigServlet - Unauthenticated Remote Payload Execution (Metasploit)

GroundWork - monarch_scan.cgi OS Command Injection (Metasploit)
GroundWork - 'monarch_scan.cgi' OS Command Injection (Metasploit)

Linksys WRT160N v2 - apply.cgi Remote Command Injection (Metasploit)
Linksys WRT160N v2 - 'apply.cgi' Remote Command Injection (Metasploit)

WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe HTTPd 1.0/1.1 - Directory Traversal

Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit
Nginx 1.3.9/1.4.0 (x86) - Brute Force

PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow
PCMan FTP Server 2.07 - 'PASS' Buffer Overflow
Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption
PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow
Mikrotik RouterOS sshd (ROSSSH) - Unauthenticated Remote Heap Corruption
PCMan FTP Server 2.07 - 'STOR' Buffer Overflow

Cisco Secure ACS 2.3 - LoginProxy.cgi Cross-Site Scripting
Cisco Secure ACS 2.3 - 'LoginProxy.cgi' Cross-Site Scripting

PCMan FTP Server 2.07 - 'STOR' Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - 'STOR' Stack Overflow (Metasploit)

Supermicro Onboard IPMI - close_window.cgi Buffer Overflow (Metasploit)
Supermicro Onboard IPMI - 'close_window.cgi' Buffer Overflow (Metasploit)

Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - setup.cgi Cross-Site Scripting Vulnerabilities
Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - 'setup.cgi' Cross-Site Scripting

TinTin++ / WinTin++ 1.97.9 - '#chat' Command Multiple Vulnerabilities
TinTin++ / WinTin++ 1.97.9 - '#chat' Multiple Vulnerabilities
PCMan FTP Server 2.07 - 'ABOR' Command Buffer Overflow
PCMan FTP Server 2.07 - 'CWD' Command Buffer Overflow
PCMan FTP Server 2.07 - 'ABOR' Buffer Overflow
PCMan FTP Server 2.07 - 'CWD' Buffer Overflow

Ultra Mini HTTPD 1.21 - POST Stack Buffer Overflow
Ultra Mini HTTPD 1.21 - 'POST' Stack Buffer Overflow

Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
Ultra Mini HTTPD 1.21 - 'POST' Stack Buffer Overflow

ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal
ALFTP FTP Client 4.1/5.0 - 'LIST' Directory Traversal

Glub Tech Secure FTP 2.5.15 - 'LIST' Command Directory Traversal
Glub Tech Secure FTP 2.5.15 - 'LIST' Directory Traversal
UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal
WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal
Classic FTP 1.02 - 'LIST' Command Directory Traversal
UltraEdit 14.00b - FTP/SFTP 'LIST' Directory Traversal
WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Directory Traversal
Classic FTP 1.02 - 'LIST' Directory Traversal

AceFTP 3.80.3 - 'LIST' Command Directory Traversal
AceFTP 3.80.3 - 'LIST' Directory Traversal

RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Command Directory Traversal
RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Directory Traversal

Vtiger - Install Unauthenticated Remote Command Execution (Metasploit)
Vtiger - 'Install' Unauthenticated Remote Command Execution (Metasploit)

httpdx 1.5 - 'MKD' Command Directory Traversal
httpdx 1.5 - 'MKD' Directory Traversal

D-Link Devices - Authentication.cgi Buffer Overflow (Metasploit)
D-Link Devices - 'Authentication.cgi' Buffer Overflow (Metasploit)

rbot 0.9.14 - '!react' Command Unauthorized Access
rbot 0.9.14 - '!react' Unauthorized Access

VMTurbo Operations Manager 4.6 - vmtadmin.cgi Remote Command Execution (Metasploit)
VMTurbo Operations Manager 4.6 - 'vmtadmin.cgi' Remote Command Execution (Metasploit)

Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow
Solar FTP Server 2.1.1 - 'PASV' Remote Buffer Overflow
Freefloat FTP Server - 'ALLO' Command Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'MKD' Command Buffer Overflow
Freefloat FTP Server - 'ALLO' Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'MKD' Buffer Overflow

Endian Firewall 2.4 - openvpn_users.cgi PATH_INFO Cross-Site Scripting
Endian Firewall 2.4 - 'openvpn_users.cgi?PATH_INFO' Cross-Site Scripting

PCMan FTP Server 2.0.7 - 'PUT' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'PUT' Buffer Overflow

PCMan FTP Server 2.0.7 - 'GET' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'GET' Buffer Overflow

PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow

Zpanel - Remote Unauthenticated Remote Code Execution (Metasploit)
Zpanel - Unauthenticated Remote Code Execution (Metasploit)

PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow (Metasploit)

IPFire - proxy.cgi Remote Code Execution (Metasploit)
IPFire - 'proxy.cgi' Remote Code Execution (Metasploit)

PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'ls' Buffer Overflow (Metasploit)

EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
EasyFTP Server 1.7.0.11 - 'APPE'  Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'HOST' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'DELETE' Buffer Overflow
Freefloat FTP Server 1.0 - 'ABOR' Buffer Overflow
Freefloat FTP Server 1.0 - 'RMD' Buffer Overflow
Freefloat FTP Server 1.0 - 'HOST' Buffer Overflow
Freefloat FTP Server 1.0 - 'RENAME' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'RENAME' Buffer Overflow
PCMan FTP Server 2.0.7 - 'UMASK' Buffer Overflow
Freefloat FTP Server 1.0 - 'DIR' Buffer Overflow
PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'NLST' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'SITE CHMOD' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow
BolinTech DreamFTP Server 1.02 - 'RETR' Command Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'ACCT' Buffer Overflow
Freefloat FTP Server 1.0 - 'SITE ZONE' Buffer Overflow
PCMan FTP Server 2.0.7 - 'NLST' Buffer Overflow
PCMan FTP Server 2.0.7 - 'SITE CHMOD' Buffer Overflow
PCMan FTP Server 2.0.7 - 'PORT' Buffer Overflow
BolinTech DreamFTP Server 1.02 - 'RETR' Remote Buffer Overflow

NETGEAR DGN2200 - dnslookup.cgi Command Injection (Metasploit)
NETGEAR DGN2200 - 'dnslookup.cgi' Command Injection (Metasploit)

VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command Execution (Metasploit)
VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Unauthenticated Command Execution (Metasploit)

CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit
CCBILL CGI - 'ccbillx.c' 'whereami.cgi' Remote Exploit

phpBB 2.0.6 - search_id SQL Injection MD5 Hash Remote Exploit
phpBB 2.0.6 - 'search_id' SQL Injection MD5 Hash Remote Exploit

eXtropia Shopping Cart - web_store.cgi Remote Exploit
eXtropia Shopping Cart - 'web_store.cgi' Remote Exploit

Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit
Limbo 1.0.4.2 - '_SERVER[REMOTE_ADDR]' Overwrite Remote Exploit

TFT Gallery 0.10 - Password Disclosure Remote Exploit
TFT Gallery 0.10 - Password Disclosure

XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit
XOOPS 2.0.13.2 - 'xoopsOption[nocommon]' Remote Exploit

Drupal 4.7 - attachment mod_mime Remote Exploit
Drupal 4.7 - 'Attachment mod_mime' Remote Exploit

Cahier de texte 2.0 - Database Backup/Source Disclosure Remote Exploit
Cahier de texte 2.0 - Database Backup / Source Disclosure

CSPartner 1.0 - Delete All Users / SQL Injection Remote Exploit
CSPartner 1.0 - Delete All Users / SQL Injection

Podcast Generator 1.2 - Unauthorized Re-Installation Remote Exploit
Podcast Generator 1.2 - Unauthorized Re-Installation

SPIP < 2.0.9 - Arbitrary Copy All Passwords to .XML File Remote Exploit
SPIP < 2.0.9 - Arbitrary Copy All Passwords to '.XML' File

Nagios3 - statuswml.cgi Command Injection (Metasploit)
Nagios3 - 'statuswml.cgi' Command Injection (Metasploit)

QuickTime Streaming Server - parse_xml.cgi Remote Execution (Metasploit)
QuickTime Streaming Server - 'parse_xml.cgi' Remote Execution (Metasploit)

Nagios3 - statuswml.cgi Ping Command Execution (Metasploit)
Nagios3 - 'statuswml.cgi' 'Ping' Command Execution (Metasploit)

E-Mail Security Virtual Appliance - learn-msg.cgi Command Injection (Metasploit)
E-Mail Security Virtual Appliance - 'learn-msg.cgi' Command Injection (Metasploit)

AHG Search Engine 1.0 - search.cgi Arbitrary Command Execution
AHG Search Engine 1.0 - 'search.cgi' Arbitrary Command Execution
CGIScript.net - csPassword.cgi 1.0 Information Disclosure
CGIScript.net - csPassword.cgi 1.0 HTAccess File Modification
CGIScript.net - 'csPassword.cgi' 1.0 Information Disclosure
CGIScript.net - 'csPassword.cgi' 1.0 HTAccess File Modification

MailReader.com 2.3.x - NPH-MR.cgi File Disclosure
MailReader.com 2.3.x - 'NPH-MR.cgi' File Disclosure

BizDesign ImageFolio 2.x/3.0.1 - nph-build.cgi Cross-Site Scripting
BizDesign ImageFolio 2.x/3.0.1 - 'nph-build.cgi' Cross-Site Scripting
cPanel 5.0 - Guestbook.cgi Remote Command Execution (1)
cPanel 5.0 - Guestbook.cgi Remote Command Execution (2)
cPanel 5.0 - Guestbook.cgi Remote Command Execution (3)
cPanel 5.0 - Guestbook.cgi Remote Command Execution (4)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (1)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (2)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (3)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (4)

HappyMall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Command Execution
HappyMall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Command Execution

HappyMall E-Commerce Software 4.3/4.4 - Member_HTML.cgi Command Execution
HappyMall E-Commerce Software 4.3/4.4 - 'Member_HTML.cgi' Command Execution

Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Cross-Site Scripting
Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Cross-Site Scripting

Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi File Disclosure
Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' File Disclosure

Zeus Web Server 4.x - Admin Interface VS_Diag.cgi Cross-Site Scripting
Zeus Web Server 4.x - Admin Interface 'VS_Diag.cgi' Cross-Site Scripting

ImageFolio 2.2x/3.0/3.1 - Admin.cgi Directory Traversal
ImageFolio 2.2x/3.0/3.1 - 'Admin.cgi' Directory Traversal

SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting
SurgeLDAP 1.0 d - 'User.cgi' Cross-Site Scripting

Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.cgi Cross-Site Scripting
Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - 'Message.cgi' Cross-Site Scripting

CommerceSQL Shopping Cart 2.2 - index.cgi Directory Traversal
CommerceSQL Shopping Cart 2.2 - 'index.cgi' Directory Traversal

DansGuardian Webmin Module 0.x - edit.cgi Directory Traversal
DansGuardian Webmin Module 0.x - 'edit.cgi' Directory Traversal

ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access
ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access

BoardPower Forum - ICQ.cgi Cross-Site Scripting
BoardPower Forum - 'ICQ.cgi' Cross-Site Scripting

Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution
Axis Network Camera 2.x And Video Server 1-3 - 'virtualinput.cgi' Arbitrary Command Execution

Gossamer Threads Links 2.x - User.cgi Cross-Site Scripting
Gossamer Threads Links 2.x - 'User.cgi' Cross-Site Scripting

MegaBook 2.0/2.1 - Admin.cgi EntryID Cross-Site Scripting
MegaBook 2.0/2.1 - 'Admin.cgi?EntryID' Cross-Site Scripting

PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting
PerlDiver 2.31 - 'Perldiver.cgi' Cross-Site Scripting

GlobalNoteScript 4.20 - Read.cgi Remote Command Execution
GlobalNoteScript 4.20 - 'Read.cgi' Remote Command Execution

Pngren 2.0.1 - Kaiseki.cgi Remote Command Execution
Pngren 2.0.1 - 'Kaiseki.cgi' Remote Command Execution

Walla TeleSite 3.0 - ts.cgi File Existence Enumeration
Walla TeleSite 3.0 - 'ts.cgi' File Existence Enumeration

Easy Search System 1.1 - search.cgi Cross-Site Scripting
Easy Search System 1.1 - 'search.cgi' Cross-Site Scripting

Kryptronic ClickCartPro 5.1/5.2 - CP-APP.cgi Cross-Site Scripting
Kryptronic ClickCartPro 5.1/5.2 - 'CP-APP.cgi' Cross-Site Scripting

Cholod MySQL Based Message Board - Mb.cgi SQL Injection
Cholod MySQL Based Message Board - 'Mb.cgi' SQL Injection

BlankOL 1.0 - Bol.cgi Multiple Cross-Site Scripting Vulnerabilities
BlankOL 1.0 - 'Bol.cgi' Multiple Cross-Site Scripting Vulnerabilities

Web-APP.net WebAPP 0.9.x - /mods/calendar/index.cgi?vsSD' Cross-Site Scripting
Web-APP.net WebAPP 0.9.x - '/mods/calendar/index.cgi?vsSD' Cross-Site Scripting

Net Clubs Pro 4.0 - imessage.cgi 'Username' Cross-Site Scripting
Net Clubs Pro 4.0 - 'imessage.cgi?Username' Cross-Site Scripting

Cosmoshop 8.10.78/8.11.106 - Lshop.cgi SQL Injection
Cosmoshop 8.10.78/8.11.106 - 'Lshop.cgi' SQL Injection

Netwin SurgeFTP 2.3a1 - SurgeFTPMGR.cgi Multiple Input Validation Vulnerabilities
Netwin SurgeFTP 2.3a1 - 'SurgeFTPMGR.cgi' Multiple Input Validation Vulnerabilities

WebEvent 4.03 - Webevent.cgi Cross-Site Scripting
WebEvent 4.03 - 'Webevent.cgi' Cross-Site Scripting

Urchin 5.7.x - session.cgi Cross-Site Scripting
Urchin 5.7.x - 'session.cgi' Cross-Site Scripting

Google Urchin 5.7.3 - Report.cgi Authentication Bypass
Google Urchin 5.7.3 - \Report.cgi' Authentication Bypass

Web Terra 1.1 - books.cgi Remote Command Execution
Web Terra 1.1 - 'books.cgi' Remote Command Execution

D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit Lancfg2get.cgi
D-Link DSL-2730B Modem - 'Lancfg2get.cgi Persistent Cross-Site Scripting

Zenoss 3.2.1 - Remote Authenticated Command Execution
Zenoss 3.2.1 - Authenticated Remote Command Execution

Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (Metasploit)
Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Unauthenticated Remote Command Execution (Metasploit)
 2017-10-27 05:01:37 +00:00