627 commits

Author	SHA1	Message	Date
Offensive Security	d97b4f7c48	DB: 2016-10-28	2016-10-28 11:54:09 +00:00
Offensive Security	da85686a94	DB: 2016-10-28 ... 6 new exploits Real Server < 8.0.2 - Remote Exploit (Windows Platforms) RealServer < 8.0.2 - Remote Exploit (Windows Platforms) OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh) OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident CdRecord 2.0 - Mandrake Privilege Escalation CDRTools CDRecord 2.0 - Mandrake Privilege Escalation LeapFTP 2.7.x - Remote Buffer Overflow LeapWare LeapFTP 2.7.x - Remote Buffer Overflow GNU Cfengine 2.-2.0.3 - Remote Stack Overflow GNU CFEngine 2.-2.0.3 - Remote Stack Overflow IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP) IPSwitch IMail LDAP Daemon - Remote Buffer Overflow Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow IPSwitch IMail LDAP Daemon/Service - Buffer Overflow RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow Traceroute - Privilege Escalation LBL Traceroute - Privilege Escalation Perl (Redhat 6.2) - Restore and Dump Local Exploit Redhat 6.2 Restore and Dump - Local Exploit (Perl) HP-UX 11.00/10.20 - crontab Overwrite Files Exploit Solaris/SPARC 2.7 / 7 - locale Format String HP-UX 11.00/10.20 crontab - Overwrite Files Exploit Solaris/SPARC 2.7 / 7 locale - Format String Solaris - locale Format Strings (noexec stack) Exploit Solaris locale - Format Strings (noexec stack) Exploit glibc - locale bug mount Exploit GLIBC locale - bug mount Exploit Red Hat 6.2 xsoldier-0.96 - Exploit Red Hat 6.2 xsoldier 0.96 - Exploit OpenBSD 2.6 / 2.7 ftpd - Remote Exploit OpenBSD ftpd 2.6 / 2.7 - Remote Exploit GLIBC - Locale Format Strings Exploit GLIBC locale - Format Strings Exploit IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit SquirrelMail - chpasswd Buffer Overflow SquirrelMail - 'chpasswd' Buffer Overflow rlpr 2.04 - msg() Remote Format String Rlpr 2.04 - msg() Remote Format String Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit IRIX - Multiple Buffer Overflows (LsD) SGI IRIX - Multiple Buffer Overflows (LsD) IRIX - /bin/login Local Buffer Overflow SGI IRIX - /bin/login Local Buffer Overflow Solaris 2.4 - passwd & yppasswd & nispasswd Overflows Solaris 2.4 passwd / yppasswd / nispasswd - Overflows BlackJumboDog - Remote Buffer Overflow BlackJumboDog FTP Server - Remote Buffer Overflow Ollydbg 1.10 - Format String OllyDbg 1.10 - Format String SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit) SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit) CDRecord - '$RSH' exec() SUID Shell Creation CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow HP-UX 11.0/11.11 swxxx - Privilege Escalation HP-UX 11.0/11.11 - swxxx Privilege Escalation Zinf 2.2.1 - Local Buffer Overflow Zinf Audio Player 2.2.1 - Local Buffer Overflow ShixxNote 6.net - Remote Buffer Overflow ShixxNOTE 6.net - Remote Buffer Overflow MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow MailCarrier 2.51 - Remote Buffer Overflow SLMail 5.5 - POP3 PASS Buffer Overflow TABS MailCarrier 2.51 - Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow eZshopper - 'loadpage.cgi' Directory Traversal Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2) Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002) Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002) Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support) Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow Knet 1.04c - Buffer Overflow Denial of Service KNet Web Server 1.04c - Buffer Overflow Denial of Service Einstein 1.01 - Local Password Disclosure (asm) Einstein 1.01 - Local Password Disclosure (ASM) RealPlayer 10 - '.smil' Local Buffer Overflow RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2) phpBB 2.0.12 - Session Handling Authentication Bypass UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection xmlrpc.php Library 1.3.0 - Remote Command Execution (2) xmlrpc.php Library 1.3.0 - Remote Command Execution (3) XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2) XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3) wMailServer 1.0 - Remote Denial of Service SoftiaCom wMailServer 1.0 - Remote Denial of Service ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) BusinessMail 4.60.00 - Remote Buffer Overflow BusinessMail Server 4.60.00 - Remote Buffer Overflow WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit) Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit) Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid) Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid) Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow CA iGateway - (debug mode) Remote Buffer Overflow CA iTechnology iGateway - (debug mode) Remote Buffer Overflow Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC) Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit) KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit) Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp) KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp) Zorum Forum 3.5 - (rollid) SQL Injection Zorum Forum 3.5 - 'rollid' SQL Injection SaphpLesson 2.0 - (forumid) SQL Injection saPHP Lesson 2.0 - (forumid) SQL Injection zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service Zix Forum 1.12 - (layid) SQL Injection Zix Forum 1.12 - 'layid' SQL Injection QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion Indexu 5.0.1 - (admin_template_path) Remote File Inclusion SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion Solaris 10 - sysinfo() Local Kernel Memory Disclosure Solaris 10 sysinfo() - Local Kernel Memory Disclosure SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion WFTPD 3.23 - (SIZE) Remote Buffer Overflow Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC) Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC) Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl) Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl) PHPMyWebmin 1.0 - (window.php) Remote File Inclusion phpMyWebmin 1.0 - (window.php) Remote File Inclusion VideoDB 2.2.1 - (pdf.php) Remote File Inclusion VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion Microsoft Office 2003 - PPT Local Buffer Overflow (PoC) Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC) Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - Constructor Privilege Escalation Solaris 10 (libnspr) - Constructor Privilege Escalation Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service 3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC) 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC) 3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit 3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC) BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC) AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit Irokez CMS 0.7.1 - Multiple Remote File Inclusion Irokez Blog 0.7.1 - Multiple Remote File Inclusion PHP-update 2.7 - Multiple Vulnerabilities PHP-Update 2.7 - Multiple Vulnerabilities Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC) TFTPDWIN 0.4.2 - Remote Buffer Overflow ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow 3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit) FdScript 1.3.2 - 'download.php' Remote File Disclosure FD Script 1.3.2 - 'download.php' Remote File Disclosure Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit) Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit) SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass ZebraFeeds 1.0 - (zf_path) Remote File Inclusion ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow MailEnable Professional 2.35 - Remote Buffer Overflow MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit) Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2) Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2) 3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl) madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow 3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl) Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow TFTPDWIN Server 0.4.2 - (UDP) Denial of Service ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service NetVios Portal - 'page.asp' SQL Injection NetVIOS Portal - 'page.asp' SQL Injection Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow Microsoft Windows GDI - Privilege Escalation (MS07-017) (1) Microsoft Windows - GDI Privilege Escalation (MS07-017) (1) qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Microsoft Windows GDI - Privilege Escalation (MS07-017) (2) Microsoft Windows - GDI Privilege Escalation (MS07-017) (2) Zomplog 3.8 - (force_download.php) Remote File Disclosure Zomplog 3.8 - 'force_download.php' Remote File Disclosure Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC) Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003) Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1) UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1) UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2) Microsoft Windows GDI+ - ICO File Remote Denial of Service Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service Safari 3 for Windows Beta - Remote Command Execution (PoC) Apple Safari 3 for Windows Beta - Remote Command Execution (PoC) YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection Oracle 9i/10g Evil Views - Change Passwords Exploit Oracle 9i/10g - Evil Views Change Passwords Exploit Savant 3.1 - GET Request Remote Overflow (Universal) Savant Web Server 3.1 - GET Request Remote Overflow (Universal) Easy Chat Server 2.2 - Remote Denial of Service EFS Easy Chat Server 2.2 - Remote Denial of Service Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite Thomson SIP phone ST 2030 - Remote Denial of Service Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service MSN messenger 7.x (8.0?) - Video Remote Heap Overflow Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow MDPro 1.0.76 - SQL Injection MD-Pro 1.0.76 - SQL Injection ZZ FlashChat 3.1 - (help.php) Local File Inclusion ZZ FlashChat 3.1 - 'help.php' Local File Inclusion PHP-AGTC membership system 1.1a - Remote Add Admin PHP-AGTC Membership System 1.1a - Remote Add Admin Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion badblue 2.72b - Multiple Vulnerabilities BadBlue 2.72b - Multiple Vulnerabilities SquirrelMail G/PGP Plugin - deletekey() Command Injection SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection hp software update client 3.0.8.4 - Multiple Vulnerabilities HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC) QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC) Gradman 0.1.3 - (agregar_info.php) Local File Inclusion Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities Mini File Host 1.2 - (upload.php language) Local File Inclusion Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service Mini File Host 1.2 - 'language' Parameter Local File Inclusion Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service Gradman 0.1.3 - (info.php tabla) Local File Inclusion Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Gradman 0.1.3 - 'info.php' Local File Inclusion Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion Frimousse 0.0.2 - explorerdir.php Local Directory Traversal 360 Web Manager 3.0 - (IDFM) SQL Injection bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal 360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection bloofox 0.3 - SQL Injection / File Disclosure Mooseguy Blog System 1.0 - (blog.php month) SQL Injection Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection IDM-OS 1.0 - (download.php Filename) File Disclosure IDM-OS 1.0 - 'Filename' Parameter File Disclosure MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit aflog 1.01 - Cross-Site Scripting / SQL Injection Easysitenetwork Recipe - 'categoryId' SQL Injection Coppermine Photo Gallery 1.4.14 - SQL Injection Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection Coppermine Photo Gallery 1.4.10 - SQL Injection web wiz rich text editor 4.0 - Multiple Vulnerabilities Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure Joomla! Component Marketplace 1.1.1 - SQL Injection Joomla! Component com_Marketplace 1.1.1 - SQL Injection ASPapp - 'links.asp CatId' SQL Injection ASPapp Knowledge Base - 'links.asp CatId' SQL Injection ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit Quick TFTP Pro 2.1 - Remote SEH Overflow Quick TFTP Server Pro 2.1 - Remote SEH Overflow Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016) Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016) HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC) Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC) Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow hp openview nnm 7.53 - Multiple Vulnerabilities HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities PHPKB 1.5 Knowledge Base - 'ID' SQL Injection PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021) Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021) HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ZeusCart 2.0 - (category_list.php) SQL Injection ZeusCart 2.0 - 'category_list.php' SQL Injection Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin Zomplog 3.8.2 - (force_download.php) File Disclosure Zomplog 3.8.2 - 'force_download.php' File Disclosure PHP AGTC-Membership System 1.1a - Arbitrary Add Admin PHP-AGTC Membership System 1.1a - Arbitrary Add Admin PHP Booking Calendar 10 d - SQL Injection phpBookingCalendar 10 d - SQL Injection SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC) Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC) Yuhhu 2008 SuperStar - (board) SQL Injection Yuhhu 2008 SuperStar - 'board' SQL Injection gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow trixbox - (langChoice) Local File Inclusion (connect-back) (2) Trixbox - (langChoice) Local File Inclusion (connect-back) (2) Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities z-breaknews 2.0 - (single.php) SQL Injection z-breaknews 2.0 - 'single.php' SQL Injection Ultra Office - ActiveX Control Remote Buffer Overflow Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC) Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC) phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Zanfi CMS lite / Jaw Portal free - (page) SQL Injection phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021) Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021) opennms < 1.5.96 - Multiple Vulnerabilities OpenNMS < 1.5.96 - Multiple Vulnerabilities yerba sacphp 6.3 - Multiple Vulnerabilities Yerba SACphp 6.3 - Multiple Vulnerabilities Microsoft Windows GDI+ - PoC (MS08-052) (2) Microsoft Windows - GDI+ PoC (MS08-052) (2) zeeproperty - (adid) SQL Injection zeeproperty - 'adid' SQL Injection TUGzip 3.00 archiver - '.zip' Local Buffer Overflow TugZip 3.00 Archiver - '.zip' Local Buffer Overflow AJ ARTICLE - 'featured_article.php mode' SQL Injection AJ Article - 'featured_article.php mode' SQL Injection Article Publisher PRO 1.5 - Insecure Cookie Handling Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling YourFreeWorld Classifieds - (category) SQL Injection YourFreeWorld Classifieds - 'category' SQL Injection PG Roomate Finder Solution - (Authentication Bypass) SQL Injection Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC) Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC) asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC) Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC) ProFTPd with mod_mysql - Authentication Bypass ProFTPd - 'mod_mysql' Authentication Bypass ppim 1.0 - Multiple Vulnerabilities pPIM 1.0 - Multiple Vulnerabilities Orbit 2.8.4 - Long Hostname Remote Buffer Overflow Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH) Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH) Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC) Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC) bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities Racer 0.5.3b5 - Remote Stack Buffer Overflow Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution Online Guestbook Pro - (display) Blind SQL Injection Esoftpro Online Guestbook Pro - (display) Blind SQL Injection tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ZaoCMS - (user_id) SQL Injection ZaoCMS - 'user_id' SQL Injection Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC) Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC) ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection WebBoard 2.90 Beta - Remote File Disclosure 212Cafe WebBoard 2.90 Beta - Remote File Disclosure ZeusCart 2.3 - (maincatid) SQL Injection ZeusCart 2.3 - 'maincatid' SQL Injection DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC) Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC) OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC) Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC) DD-WRT - (httpd service) Remote Command Execution DD-WRT HTTPd Daemon/Service - Remote Command Execution GLinks 2.1 - (cat) Blind SQL Injection Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH) Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH) Payment Processor Script - 'shop.htm cid' SQL Injection Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) BandCMS 0.10 - news.php Multiple SQL Injection Rock Band CMS 0.10 - news.php Multiple SQL Injection Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Eureka Mail Client 2.2q - PoC Buffer Overflow Eureka Email Client 2.2q - PoC Buffer Overflow Solaris 8.0 - LPD Command Execution (Metasploit) Solaris 8.0 LPD - Command Execution (Metasploit) Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit) Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit) Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit) Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit) ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit) NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit) Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit) PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit) BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow Dopewars 1.5.12 Server - Denial of Service Dopewars Server 1.5.12 - Denial of Service Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit) Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit) HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit) Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit) Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution HP Power Manager Administration - Universal Buffer Overflow Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service HP Openview NNM 7.53 - Invalid DB Error Code HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery Eureka Mail Client - Remote Buffer Overflow Eureka Email Client - Remote Buffer Overflow IDEAL Administration 2009 9.7 - Local Buffer Overflow PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow phpshop 0.8.1 - Multiple Vulnerabilities phpShop 0.8.1 - Multiple Vulnerabilities IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow DigitalHive - Multiple Vulnerabilities Digital Hive - Multiple Vulnerabilities zabbix server - Multiple Vulnerabilities Zabbix Server - Multiple Vulnerabilities freekot - (Authentication Bypass) SQL Injection Digiappz Freekot - (Authentication Bypass) SQL Injection TFTP Daemon 1.9 - Denial of Service Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service B2B Trading Marketplace - SQL Injection SoftBiz B2B trading Marketplace Script - SQL Injection Mini-stream - Windows XP SP2 and SP3 Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service iTunes 9.0.1 - '.pls' Handling Buffer Overflow Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC) Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service bild flirt system 2.0 - 'index.php' 'id' SQL Injection Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) iOS Safari - Bad 'VML' Remote Denial of Service iOS Safari - Remote Denial of Service Apple iOS Safari - Bad 'VML' Remote Denial of Service Apple iOS Safari - Remote Denial of Service HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow Adobe Reader - Escape From PDF Adobe Reader - Escape From '.PDF' TugZip 3.5 - '.ZIP' File Buffer Overflow TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow Joomla! Component jp_jobs - SQL Injection Joomla! Component com_jp_jobs - SQL Injection Joomla! Component QPersonel - SQL Injection Joomla! Component com_QPersonel - SQL Injection Bild Flirt 1.0 - SQL Injection Bild Flirt System 1.0 - SQL Injection Safari 4.0.5 - (531.22.7) Denial of Service Apple Safari 4.0.5 - (531.22.7) Denial of Service Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service Safari 4.0.3 / 4.0.4 - Stack Exhaustion Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion 724CMS Enterprise 4.59 - SQL Injection PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections 724CMS 4.59 Enterprise - SQL Injection PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections Joomla! Component JE Job - Local File Inclusion Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass) Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass) Joomla! Component com_jejob 1.0 - 'catid' SQL Injection Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service Office^2 iPhone - XLS Denial of Service GoodiWare GoodReader iPhone - XLS Denial of Service Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service Office^2 iPhone - '.XLS' Denial of Service GoodiWare GoodReader iPhone - '.XLS' Denial of Service Yamamah (news) - SQL Injection / Source Code Disclosure Yamamah - 'news' SQL Injection / Source Code Disclosure Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities YPNinc JokeScript - (ypncat_id) SQL Injection YPNinc JokeScript - 'ypncat_id' SQL Injection YPNinc PHP Realty Script - (docID) SQL Injection YPNinc PHP Realty Script - 'docID' SQL Injection HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) Safari Browser 4.0.2 - Clickjacking Apple Safari 4.0.2 - Clickjacking Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7' Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7) Apple iOS - pdf Jailbreak Exploit Apple iOS - '.pdf' Jailbreak Exploit HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit) AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit) DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow FatPlayer 0.6b - '.wav' Buffer Overflow (SEH) Fat Player 0.6b - '.wav' Buffer Overflow (SEH) CubeCart 2.0.1 - SQL Injection Brooky CubeCart 2.0.1 - SQL Injection DATAC RealWin SCADA 1.06 - Buffer Overflow DATAC RealWin SCADA Server 1.06 - Buffer Overflow pilot cart 7.3 - Multiple Vulnerabilities ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities Mp3-Nator 2.0 - Buffer Overflow (SEH) MP3-Nator 2.0 - Buffer Overflow (SEH) Safari 5.02 - Stack Overflow Denial of Service Apple Safari 5.02 - Stack Overflow Denial of Service Microsoft Windows Task Scheduler - Privilege Escalation Microsoft Windows - Task Scheduler Privilege Escalation Pandora Fms 3.1 - Authentication Bypass Pandora FMS 3.1 - Authentication Bypass bugtracker.net 3.4.4 - Multiple Vulnerabilities BugTracker.NET 3.4.4 - Multiple Vulnerabilities Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow WMITools ActiveX - Remote Command Execution Microsoft WMITools ActiveX - Remote Command Execution VideoSpirit Pro 1.68 - Local Buffer Overflow VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit) Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit) PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit) PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit) Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit) Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit) Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit) Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit) Solaris sadmind - Command Execution (Metasploit) Solaris Sadmind - Command Execution (Metasploit) Sun Solaris - Telnet Remote Authentication Bypass (Metasploit) Sun Solaris Telnet - Remote Authentication Bypass (Metasploit) Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit) Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit) Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit) Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit) TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit) 3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit) Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit) ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit) Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit) Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit) Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit) CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit) Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2) Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2) FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit) Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit) Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit) Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit) Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit) Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit) MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit) Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit) Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit) Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit) MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit) Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) IMail IMAP4D - Delete Overflow (Metasploit) IPSwitch IMail IMAP4D - Delete Overflow (Metasploit) Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit) Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit) Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit) Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit) AOL Instant Messenger - goaway Overflow (Metasploit) AOL Instant Messenger AIM - goaway Overflow (Metasploit) Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit) Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit) Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit) RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit) RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit) Adobe Shockwave - rcsL Memory Corruption (Metasploit) Adobe Shockwave Player - rcsL Memory Corruption (Metasploit) Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit) Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit) WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) ACDSee - XPM File Section Buffer Overflow (Metasploit) ACDSee - '.XPM' File Section Buffer Overflow (Metasploit) HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit) HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit) Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit) Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit) QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit) Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit) Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit) Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) Serv-U FTPD - MDTM Overflow (Metasploit) RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit) Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit) 3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit) 3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit) FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) SentinelLM - UDP Buffer Overflow (Metasploit) Sentinel LM - UDP Buffer Overflow (Metasploit) Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit) Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit) Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit) Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit) Sambar 6 - Search Results Buffer Overflow (Metasploit) Sambar Server 6 - Search Results Buffer Overflow (Metasploit) IA WebMail 3.x - Buffer Overflow (Metasploit) IA WebMail Server 3.x - Buffer Overflow (Metasploit) Savant 3.1 Web Server - Overflow Exploit (Metasploit) Savant Web Server 3.1 - Overflow Exploit (Metasploit) HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit) Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit) Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit) IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit) PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit) PSOProxy 0.91 - Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit) Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit) Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit) NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit) NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit) MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit) Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit) YPOPS 0.6 - Buffer Overflow (Metasploit) YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit) Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit) Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit) IMail LDAP Service - Buffer Overflow (Metasploit) IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit) GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit) Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit) Poptop - Negative Read Overflow (Metasploit) UoW IMAP server - LSUB Buffer Overflow (Metasploit) PoPToP - Negative Read Overflow (Metasploit) UoW IMAPd Server - LSUB Buffer Overflow (Metasploit) DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit) DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit) Samba (Linux/x86) - trans2open Overflow (Metasploit) iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) AppleFileServer - LoginExt PathName Overflow (Metasploit) Samba (Linux x86) - trans2open Overflow (Metasploit) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit) Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit) Safari - Archive Metadata Command Execution (Metasploit) Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit) Apple Safari - Archive Metadata Command Execution (Metasploit) iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Mail.app - Image Attachment Command Execution (Metasploit) Apple Mail.app - Image Attachment Command Execution (Metasploit) Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit) Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit) Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit) Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit) Samba trans2open (*BSD/x86) - Overflow Exploit (Metasploit) Samba (*BSD x86) - trans2open Overflow Exploit (Metasploit) PHP XML-RPC - Arbitrary Code Execution (Metasploit) XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit) AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit) HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit) AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit) HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit) TWiki Search Function - Arbitrary Command Execution (Metasploit) TWiki - Search Function Arbitrary Command Execution (Metasploit) Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit) The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit) Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit) Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit) Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit) Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit) 7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities 7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit) HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit) VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit) eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit) Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit) manageengine support center plus 7.8 build 7801 - Directory Traversal ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal Safari 5.0.6/5.1 - SVG DOM Processing (PoC) Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC) Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass) Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass) TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit) TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit) Sports PHool 1.0 - Remote File Inclusion SportsPHool 1.0 - Remote File Inclusion Mini-stream 3.0.1.1 - Buffer Overflow (3) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3) Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Zabbix 1.8.4 - (popup.php) SQL Injection Zabbix 1.8.4 - 'popup.php' SQL Injection CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit) CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit) Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit) RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit) Family Connections - less.php Remote Command Execution (Metasploit) Family Connections CMS - 'less.php' Remote Command Execution (Metasploit) FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting openemr 4 - Multiple Vulnerabilities Safari - GdiDrawStream BSoD OpenEMR 4 - Multiple Vulnerabilities Apple Safari - GdiDrawStream BSoD clip bucket 2.6 - Multiple Vulnerabilities Clipbucket 2.6 - Multiple Vulnerabilities Tube Ace(Adult PHP Tube Script) - SQL Injection Tube Ace (Adult PHP Tube Script) - SQL Injection Dolibarr CMS 3.2.0 < Alpha - File Inclusion Dolibarr 3.2.0 < Alpha - File Inclusion PBLang - Local File Inclusion PBLang Bulletin Board System - Local File Inclusion NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit) Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit) Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit) Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit) TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit) Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit) TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit) TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit) samsung net-i ware 1.37 - Multiple Vulnerabilities Samsung NET-i ware 1.37 - Multiple Vulnerabilities iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC) Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC) GIMP - script-fu Server Buffer Overflow (Metasploit) GIMP script-fu - Server Buffer Overflow (Metasploit) SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit) SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit) Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit) Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit) Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit) Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit) Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption UoW imapd 10.234/12.264 - Buffer Overflow UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit) UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit) UoW IMAPd Server 10.234/12.264 - Buffer Overflow UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit) UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit) RedHat 6.2 - Piranha Virtual Server Package Default Account and Password RedHat 6.2 Piranha Virtual Server Package - Default Account and Password Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit) Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit) hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection RedHat 6 - glibc/locale Subsystem Format String Solaris 2.6/7.0 - /locale Subsystem Format String RedHat 6 GLIBC/locale - Subsystem Format String Solaris 2.6/7.0 /locale - Subsystem Format String Solaris 2.6/7.0 - 'eject' locale Subsystem Format String Solaris 2.6/7.0 'eject' locale - Subsystem Format String Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5) Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5) RedHat restore 0.4 b15 - Insecure Environment Variables RedHat 0.4 b15 restore - Insecure Environment Variables Viscosity OpenVPN Client (OSX) - Privilege Escalation Viscosity - Privilege Escalation Solaris 2.x/7.0/8 catman - Race Condition (1) Solaris 2.x/7.0/8 catman - Race Condition (2) Solaris 2.x/7.0/8 Catman - Race Condition (1) Solaris 2.x/7.0/8 Catman - Race Condition (2) sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities T-dah Webmail - Multiple Persistent Cross-Site Scripting T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Ntpd - Remote Buffer Overflow NTPd - Remote Buffer Overflow Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow Solaris 2.x/7.0/8 lpd - Remote Command Execution HP-UX 11.0 SWVerify - Buffer Overflow Solaris 2.x/7.0/8 LPD - Remote Command Execution HP-UX 11.0 - SWVerify Buffer Overflow phusion WebServer 1.0 - Directory Traversal (1) phusion WebServer 1.0 - Directory Traversal (2) Phusion WebServer 1.0 - Directory Traversal (1) Phusion WebServer 1.0 - Directory Traversal (2) Progress 9.1 - sqlcpp Local Buffer Overflow Progress Database 9.1 - sqlcpp Local Buffer Overflow PsyBNC 2.3 - Oversized Passwords Denial of Service psyBNC 2.3 - Oversized Passwords Denial of Service Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1) Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2) WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1) WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2) Midicart - PHP Arbitrary File Upload Midicart PHP - Arbitrary File Upload otrs 3.1 - Persistent Cross-Site Scripting OTRS 3.1 - Persistent Cross-Site Scripting EType EServ 2.9x POP3 - Remote Denial of Service EType EServ 2.9x - POP3 Remote Denial of Service Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution Invision Power Board 3.3.4 - Unserialize Regex Bypass Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit) Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit) NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit) Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit) Kerio MailServer 5.6.3 - add_acl Module Overflow Kerio MailServer 5.6.3 add_acl Module - Overflow phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting IBM System Director - Remote System Level Exploit IBM System Director Agent - Remote System Level Exploit Tectia SSH - USERAUTH Change Request Password Reset (Metasploit) (SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit) Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit) Oracle MySQL (Windows) - MOF Execution (Metasploit) CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1) CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2) GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1) GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2) IWConfig - Local ARGV Command Line Buffer Overflow (1) IWConfig - Local ARGV Command Line Buffer Overflow (2) IWConfig - Local ARGV Command Line Buffer Overflow (3) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2) Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3) Novell File Reporter Agent - XML Parsing Remote Code Execution Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1) RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2) RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1) RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3) RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3) RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4) Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Nagios - history.cgi Remote Command Execution Nagios3 - history.cgi Remote Command Execution phpshop 2.0 - SQL Injection phpShop 2.0 - SQL Injection Freesshd - Authentication Bypass (Metasploit) FreeSSHD - Authentication Bypass (Metasploit) RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access SLMail 5.5 - POP3 PASS Remote Buffer Overflow SLMail 5.5 - Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service Microsoft Windows Light HTTPD 0.1 - Buffer Overflow Light HTTPD 0.1 (Windows) - Buffer Overflow MSN Messenger 6.2.0137 - '.png' Buffer Overflow Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow Smail-3 - Multiple Remote and Local Vulnerabilities Smail 3 - Multiple Remote and Local Vulnerabilities Cisco Linksys E4200 Firmware - Multiple Vulnerabilities Cisco Linksys E4200 - Multiple Vulnerabilities Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting SlimServe httpd 1.0/1.1 - Directory Traversal WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal Quick TFTP Server 2.2 - Denial of Service Quick TFTP Server Pro 2.2 - Denial of Service aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection XMB 1.9.3 - u2u.php Cross-Site Scripting XMB Forum 1.9.3 - u2u.php Cross-Site Scripting PHPAlbum 0.2.3/4.1 - Local File Inclusion PHP Photo Album 0.2.3/4.1 - Local File Inclusion Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret) BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret) NetBSD mail.local - Privilege Escalation (Metasploit) NetBSD mail.local(8) - Privilege Escalation (Metasploit) PCMAN FTP 2.07 - PASS Command Buffer Overflow PCMan FTP Server 2.07 - PASS Command Buffer Overflow PCMAN FTP 2.07 - STOR Command Buffer Overflow PCMan FTP Server 2.07 - STOR Command Buffer Overflow EImagePro - - subList.asp CatID Parameter SQL Injection EImagePro - subList.asp CatID Parameter SQL Injection OZJournals 1.2 - Vname Parameter Cross-Site Scripting OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection OZJournals 1.5 - Multiple Input Validation Vulnerabilities Baby FTP server 1.24 - Denial of Service PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit) PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit) Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit) Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit) Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow Festalon 0.5 - '.HES' Remote Heap Buffer Overflow EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow A-CART 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002) Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002) Fish - Multiple Remote Buffer Overflow Vulnerabilities FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service Uebimiau 2.7.x - 'index.php' Cross-Site Scripting Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting Seagate BlackArmor - Root Exploit Seagate BlackArmor NAS - Root Exploit Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering PCMAN FTP 2.07 - ABOR Command Buffer Overflow PCMAN FTP 2.07 - CWD Command Buffer Overflow PCMan FTP Server 2.07 - ABOR Command Buffer Overflow PCMan FTP Server 2.07 - CWD Command Buffer Overflow HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access amfphp 1.2 - browser/details class Parameter Cross-Site Scripting amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting PCMAN FTP 2.07 - Buffer Overflow PCMan FTP Server 2.07 - Buffer Overflow Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities Novell Groupwise Messenger 2.0 - Client Buffer Overflow Novell Groupwise Messenger 2.0 Client - Buffer Overflow Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting OpenNms 1.5.x - HTTP Response Splitting OpenNMS 1.5.x - HTTP Response Splitting Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass Pilot Group PG Roommate - SQL Injection Pilot Group PG Roommate Finder Solution - SQL Injection OpenSSL TLS Heartbeat Extension - Memory Disclosure OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions) OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions) Heartbleed OpenSSL - Information Leak Exploit (1) OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1) IBM Director 5.20 - CIM Server Privilege Escalation IBM System Director Agent 5.20 - CIM Server Privilege Escalation Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support) Kolibri 2.0 - GET Request Stack Buffer Overflow Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow Easy Chat Server 3.1 - Stack Buffer Overflow EFS Easy Chat Server 3.1 - Stack Buffer Overflow Sphider 1.3.6 - Multiple Vulnerabilities Sphider Search Engine 1.3.6 - Multiple Vulnerabilities Kolibri WebServer 2.0 - GET Request SEH Exploit Kolibri Web Server 2.0 - GET Request SEH Exploit MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit) Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit) VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit) VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit) Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit) Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit) Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection Impact Software AdPeeps - Cross-Site Scripting / HTML Injection PPScript - 'shop.htm' SQL Injection Payment Processor Script (PPScript) - 'shop.htm' SQL Injection ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060) Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060) Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit) Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit) Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit) Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit) Exim ESMTP 4.80 glibc gethostbyname - Denial of Service Exim ESMTP 4.80 - glibc gethostbyname Denial of Service Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting Publish-It - PUI Buffer Overflow (SEH) Publish-It - '.PUI' Buffer Overflow (SEH) WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin) WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin) Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities abrt (Fedora 21) - Race Condition Abrt (Fedora 21) - Race Condition Webgate WESP SDK 1.2 - ChangePassword Stack Overflow WebGate WESP SDK 1.2 - ChangePassword Stack Overflow Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Oracle - Outside-In DOCX File Parsing Memory Corruption Oracle - Outside-In '.DOCX' File Parsing Memory Corruption iTunes 10.6.1.7 - '.pls' Title Buffer Overflow Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070) Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070) Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit) Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit) MiniUPnP - Multiple Denial of Service Vulnerabilities MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities Kaseya Virtual System Administrator - Multiple Vulnerabilities (2) Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2) Safari - User-Assisted Applescript Exec Attack (Metasploit) Apple Safari - User-Assisted Applescript Exec Attack (Metasploit) Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read pdfium CPDF_Function::Call - Stack Based Buffer Overflow pdfium - CPDF_Function::Call Stack Based Buffer Overflow Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit) Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass MiCasa VeraLite - Remote Code Execution MiCasaVerde VeraLite - Remote Code Execution SmallFTPd 1.0.3 - 'mkd' Command Denial of Service SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service GNU GTypist 2.9.5-2 - Local Buffer Overflow uSQLite 1.0.0 - Denial Of Service HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation CherryTree 0.36.9 - Memory Corruption (PoC)	2016-10-28 05:01:21 +00:00
Offensive Security	1e70058c1e	DB: 2016-10-27 ... 3 new exploits ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection ProFTPd 1.2.9RC1 - 'mod_sql' SQL Injection OpenBSD - (ibcs2_exec) Kernel Local Exploit OpenBSD - 'ibcs2_exec' Kernel Local Exploit Microsoft FrontPage Server Extensions - fp30reg.dll Exploit (MS03-051) Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051) IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit OpenBSD 2.x < 3.3 - exec_ibcs2_coff_prep_zmagic() Kernel Exploit IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit OpenBSD 2.x < 3.3 - 'exec_ibcs2_coff_prep_zmagic()' kernel stack overflow Foxmail 5.0 - PunyLib.dll Remote Stack Overflow Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow (MS04-011) Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011) Microsoft Windows 2000/XP - Lsasrv.dll Remote Universal Exploit (MS04-011) Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1) Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (1) Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2) Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (2) Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038) Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote Exploit (MS05-038) Microsoft Internet Explorer 6 - (mshtml.dll datasrc) Denial of Service Microsoft Internet Explorer 6 - 'mshtml.dll datasrc' Denial of Service Microsoft Internet Explorer 6 - (mshtml.dll div) Denial of Service Microsoft Internet Explorer 6 - 'mshtml.dll div' Denial of Service Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution Admbook 1.2.2 - 'x-forwarded-for' Remote Command Execution Microsoft Internet Explorer 6 - (script action handlers) (mshtml.dll) Denial of Service Microsoft Internet Explorer 6 - (script action handlers) 'mshtml.dll' Denial of Service Microsoft Internet Explorer 6 - (mshtml.dll checkbox) Crash Microsoft Internet Explorer 6 - 'mshtml.dll checkbox' Crash Total Commander 6.x - (unacev2.dll) Buffer Overflow (PoC) Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC) Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service (PoC) Mozilla Firefox 1.5.0.2 - 'js320.dll/xpcom_core.dll' Denial of Service (PoC) Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion Aardvark Topsites PHP 4.2.2 - 'lostpw.php' Remote File Inclusion ACal 2.2.6 - (day.php) Remote File Inclusion ACal 2.2.6 - 'day.php' Remote File Inclusion Ad Manager Pro 2.6 - (ipath) Remote File Inclusion Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion A-Blog 2.0 - (menu.php) Remote File Inclusion A-Blog 2.0 - 'menu.php' Remote File Inclusion 2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit 2BGal 3.0 - 'admin/configuration.inc.php' Local Inclusion Exploit a-ConMan 3.2b - (common.inc.php) Remote File Inclusion a-ConMan 3.2b - 'common.inc.php' Remote File Inclusion RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service Macromedia Shockwave 10 (SwDir.dll) Internet Explorer 7 - Denial of Service Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double-Free Microsoft Windows - NtRaiseHardError 'Csrss.exe/winsrv.dll' Double-Free BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service BrowseDialog Class 'ccrpbds6.dll' Internet Explorer 7 - Denial of Service DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE Denial of Service DivX Player 6.4.1 - DivXBrowserPlugin 'npdivx32.dll' IE Denial of Service ACGVclick 0.2.0 - (path) Remote File Inclusion ACGVclick 0.2.0 - 'path' Remote File Inclusion ACGVannu 1.3 - (index2.php) Remote User Pass Change ACGVannu 1.3 - 'index2.php' Remote User Pass Change CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service DivX Web Player 1.3.0 - 'npdivx32.dll' Remote Denial of Service Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow Denial of Service Macromedia 10.1.4.20 - 'SwDir.dll' Internet Explorer Stack Overflow Denial of Service Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption NetSprint Toolbar - ActiveX toolbar.dll Denial of Service (PoC) NetSprint Toolbar - ActiveX 'toolbar.dll' Denial of Service (PoC) ActSoft DVD-Tools - (dvdtools.ocx 3.8.5.0) Stack Overflow ActSoft DVD-Tools - 'dvdtools.ocx 3.8.5.0' Stack Overflow SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service SmartCode VNC Manager 3.6 - 'scvncctrl.dll' Denial of Service Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) Overwrite (SEH) Barcodewiz ActiveX Control 2.0 - (Barcodewiz.dll) Remote Buffer Overflow (PoC) Barcodewiz ActiveX Control 2.52 - 'Barcodewiz.dll' Overwrite (SEH) Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC) Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service Remote Display Dev kit 1.2.1.0 - 'RControl.dll' Denial of Service Hewlett Packard 1.0.0.309 - hpqvwocx.dll ActiveX Magview Overflow (PoC) Hewlett Packard 1.0.0.309 - 'hpqvwocx.dll' ActiveX Magview Overflow (PoC) Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution Exploit LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow LeadTools Raster ISIS Object 'LTRIS14e.DLL 14.5.0.44' - Remote Buffer Overflow Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Exploit Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow SafeNet High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - 'Ywcvwr.dll' Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - 'Ywcupl.dll' Download / Execute Exploit BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit 6ALBlog - (newsid) SQL Injection 6ALBlog - 'newsid' SQL Injection Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write Avax Vector 'Avaxswf.dll' 1.0.0.1 - ActiveX Arbitrary Data Write HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write Exploit AMX Corp. VNC ActiveX Control - (AmxVnc.dll 1.0.13.0) Buffer Overflow AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Buffer Overflow HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - SaveToFile() Exploit WinPcap 4.0 - NPF.SYS Privilege Elevation (PoC) WinPcap 4.0 - 'NPF.SYS' Privilege Elevation (PoC) Program Checker - (sasatl.dll 1.5.0.531) JavaScript Heap Spraying Exploit Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit Program Checker - (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit Symantec AntiVirus - symtdi.sys Privilege Escalation SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write Exploit Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit Symantec AntiVirus - 'symtdi.sys' Privilege Escalation Data Dynamics ActiveReport ActiveX - (actrpt2.dll 2.5) Insecure Method Data Dynamics ActiveReport ActiveX - 'actrpt2.dll 2.5' Insecure Method Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow Zenturi NixonMyPrograms Class 'sasatl.dll 1.5.0.531' - Remote Buffer Overflow PHP - PHP_gd2.dll imagepsloadfont Local Buffer Overflow (PoC) PHP - 'PHP_gd2.dll' imagepsloadfont Local Buffer Overflow (PoC) VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write Exploit VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution VMware Inc 6.0.0 - 'vielib.dll 2.2.5.42958' Remode Code Execution CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Insecure Method CHILKAT ASP String - 'CkString.dll 1.1' SaveToFile() Insecure Method 2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow 2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow NVR SP2 2.0 (nvUnifiedControl.dll 1.1.45.0) - SetText() Remote Exploit NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Insecure Method NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - DeleteXMLFile() Insecure Method NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - SetText() Remote Exploit NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - SaveXMLFile() Insecure Method NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - DeleteXMLFile() Insecure Method Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) Buffer Overflow Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit Norman Virus Control - 'nvcoaft51.sys' ioctl BF672028 Exploit PPStream - (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow PPStream - 'PowerPlayer.dll 2.0.1.3829' ActiveX Remote Overflow Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX Buffer Overflow Yahoo! Messenger - 'YVerInfo.dll 2007.8.27.1' ActiveX Buffer Overflow GlobalLink 2.7.0.8 - glItemCom.dll SetInfo() Heap Overflow Trend Micro ServerProtect - eng50.dll Remote Stack Overflow GlobalLink 2.7.0.8 - 'glItemCom.dll' SetInfo() Heap Overflow Trend Micro ServerProtect - 'eng50.dll' Remote Stack Overflow GlobalLink 2.7.0.8 - glitemflat.dll SetClientInfo() Heap Overflow GlobalLink 2.7.0.8 - 'glitemflat.dll' SetClientInfo() Heap Overflow BaoFeng2 - mps.dll ActiveX Multiple Remote Buffer Overflow PoCs BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Insecure Method Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow Ultra Crypto Component - 'CryptoX.dll 2.0' SaveToFile() Insecure Method Ultra Crypto Component - 'CryptoX.dll 2.0' Remote Buffer Overflow Microsoft Visual Studio 6.0 - (VBTOVSI.dll 1.0.0.0) File Overwrite Microsoft Visual Studio 6.0 - 'VBTOVSI.dll 1.0.0.0' File Overwrite HP ActiveX - (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow (PoC) HP ActiveX - 'hpqutil.dll' ListFiles Remote Heap Overflow (PoC) EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Buffer Overflow EB Design Pty Ltd - (EBCRYPT.dll 2.0) Multiple Remote Vulnerabilities EB Design Pty Ltd - 'EBCRYPT.dll 2.0' Multiple Remote Vulnerabilities ActiveKB KnowledgeBase 2.x - (catId) SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection actSite 1.991 Beta - (base.php) Remote File Inclusion actSite 1.991 Beta - 'base.php' Remote File Inclusion GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow GOM Player 2.1.6.3499 - 'GomWeb3.dll 1.0.0.12' Remote Overflow Media Player Classic 6.4.9 MP4 - File Stack Overflow Microsoft Windows Media Player 6.4 MP4 - File Stack Overflow (PoC) Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow Media Player Classic 6.4.9 - '.MP4' File Stack Overflow Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow (PoC) Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote Buffer Overflow (PoC) Online Media Technologies 'AVSMJPEGFILE.DLL 1.1' - Remote Buffer Overflow (PoC) AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit AuraCMS 2.2 - Remote Add Administrator IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow Macrovision Installshield - isusweb.dll Overwrite (SEH) IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Buffer Overflow Macrovision Installshield - 'isusweb.dll' Overwrite (SEH) IBM Domino Web Access Upload Module - 'dwa7w.dll' Buffer Overflow 0DayDB 2.3 - 'delete id' Remote Authentication Bypass photokron 1.7 - (update script) Remote Database Disclosure 0DayDB 2.3 - 'id' Parameter Remote Authentication Bypass photokron 1.7 - Remote Database Disclosure NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow Binn SBuilder - (nid) Blind SQL Injection NUVICO DVR NVDV4 / PdvrAtl Module 'PdvrAtl.DLL 1.0.1.25' - Buffer Overflow Binn SBuilder - 'nid' Parameter Blind SQL Injection Xforum 1.4 - (topic) SQL Injection Xforum 1.4 - 'topic' Parameter SQL Injection RichStrong CMS - 'showproduct.asp cat' SQL Injection RichStrong CMS - 'cat' Parameter SQL Injection LulieBlog 1.0.1 - (delete id) Remote Authentication Bypass Macrovision FlexNet - isusweb.dll DownloadAndExecute Method Exploit FaScript FaMp3 1.0 - (show.php) SQL Injection FaScript FaName 1.0 - (page.php) SQL Injection FaScript FaPersian Petition - 'show.php' SQL Injection FaScript FaPersianHack 1.0 - (show.php) SQL Injection RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) Buffer Overflow Blog:CMS 4.2.1b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Aria 0.99-6 - 'effect.php' Local File Inclusion MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure LulieBlog 1.0.1 - Remote Authentication Bypass Macrovision FlexNet - 'isusweb.dll' DownloadAndExecute Method Exploit FaScript FaMp3 1.0 - SQL Injection FaScript FaName 1.0 - SQL Injection FaScript FaPersian Petition - SQL Injection FaScript FaPersianHack 1.0 - SQL Injection RTS Sentry Digital Surveillance - 'CamPanel.dll 2.1.0.2' Buffer Overflow Blog:CMS 4.2.1b - SQL Injection / Cross-Site Scripting Aria 0.99-6 - 'page' Parameter Local File Inclusion MailBee WebMail Pro 4.1 - Remote File Disclosure PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection PHP-RESIDENCE 0.7.2 - 'Search' Parameter SQL Injection Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow AuraCMS 1.62 - (stat.php) Remote Code Execution Digital Data Communications - 'RtspVaPgCtrl' Class Remote Buffer Overflow AuraCMS 1.62 - 'stat.php' Remote Code Execution OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service OpenBSD 4.2 - 'rtlabel_id2name()' Local Null Pointer Dereference Dos Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow Toshiba Surveillance - 'MeIpCamX.dll 1.0.0.4' Remote Buffer Overflow LulieBlog 1.02 - (voircom.php id) SQL Injection LulieBlog 1.02 - SQL Injection Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Exploit Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method Exploit MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit MailBee Objects 5.5 - 'MailBee.dll' Remote Insecure Method Exploit SafeNet IPSecDrv.sys 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method Exploit Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit Chilkat FTP ActiveX 2.0 - 'ChilkatCert.dll' Insecure Method Exploit Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' ActiveX Buffer Overflow Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow Yahoo! JukeBox MediaGrid - ActiveX 'mediagrid.dll' AddBitmap() Buffer Overflow AuraCMS 2.2 - (gallery_data.php) SQL Injection AuraCMS 2.2 - 'albums' Pramater SQL Injection DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel Ring0 link list zero (PoC) DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC) DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM Exploit DESlock+ <= 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Buffer Overflow KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow (PoC) KingSoft - 'UpdateOcx2.dll' SetUninstallName() Heap Overflow (PoC) AuraCMS 2.2.1 - (online.php) Blind SQL Injection AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection AuraCMS 2.x - (user.php) Security Code Bypass / Add Administrator Exploit AuraCMS 2.x - 'user.php' Security Code Bypass / Add Administrator Real Player - rmoc3260.dll ActiveX Control Remote Code Execution Real Player - 'rmoc3260.dll' ActiveX Control Remote Code Execution Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service (PoC) Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC) 5th Avenue Shopping Cart - (category_id) SQL Injection 5th Avenue Shopping Cart - 'category_id' SQL Injection HP Software Update - (Hpufunction.dll 4.0.0.1) Insecure Method (PoC) HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method (PoC) Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow Miniweb 2.0 - (historymonth) SQL Injection Miniweb 2.0 - 'historymonth' Parameter SQL Injection Admidio 1.4.8 - (getfile.php) Remote File Disclosure Admidio 1.4.8 - 'getfile.php' Remote File Disclosure muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow muvee autoProducer 6.1 - 'TextOut.dll' ActiveX Remote Buffer Overflow Deterministic Network Enhancer - dne2000.sys kernel Ring0 SYSTEM Exploit Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM Exploit Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow (PoC) Visual Basic Enterprise Edition SP6 - 'vb6skit.dll' Buffer Overflow (PoC) AcmlmBoard 1.A2 - (pow) SQL Injection AcmlmBoard 1.A2 - 'pow' SQL Injection CMailServer 5.4.6 - (CMailCOM.dll) Remote Overwrite (SEH) CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH) AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit AuraCMS 2.2.2 - 'pages_data.php' Arbitrary Edit/Add/Delete Exploit NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow ABG Blocking Script 1.0a - (abg_path) Remote File Inclusion ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion VMware Workstation - (hcmon.sys 6.0.0.45731) Local Denial of Service VMware Workstation - 'hcmon.sys 6.0.0.45731' Local Denial of Service ACG-PTP 1.0.6 - (adid) SQL Injection ACG-PTP 1.0.6 - 'adid' SQL Injection Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow (MS08-053) Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) x10media mp3 search engine 1.5.5 - Remote File Inclusion X10media Mp3 Search Engine 1.5.5 - Remote File Inclusion addalink 4 - (category_id) SQL Injection addalink 4 - 'category_id' SQL Injection 6rbScript 3.3 - (singerid) SQL Injection 6rbScript 3.3 - 'singerid' SQL Injection DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service AdMan 1.1.20070907 - (campaignId) SQL Injection AdMan 1.1.20070907 - 'campaignId' SQL Injection Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection MW6 Datamatrix - ActiveX (Datamatrix.dll) Insecure Method Exploit MW6 PDF417 - ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method Exploit MW6 PDF417 - ActiveX 'MW6PDF417.dll' Remote Insecure Method Exploit Article Publisher PRO 1.5 - (SQL Injection) Authentication Bypass Article Publisher PRO 1.5 - (Authentication Bypass) SQL Injection AJ ARTICLE - (SQL Injection) Remote Authentication Bypass AJ ARTICLE - (Authentication Bypass) SQL Injection Apoll 0.7b - (SQL Injection) Remote Authentication Bypass Apoll 0.7b - (Authentication Bypass) SQL Injection WEBBDOMAIN Petition 1.02/2.0/3.0 - (SQL Injection) Authentication Bypass WEBBDOMAIN Polls 1.01 - (SQL Injection) Authentication Bypass WEBBDOMAIN Petition 1.02/2.0/3.0 - (Authentication Bypass) SQL Injection WEBBDOMAIN Polls 1.01 - (Authentication Bypass) SQL Injection WEBBDOMAIN Webshop 1.02 - (SQL Injection) Authentication Bypass WEBBDOMAIN Webshop 1.02 - (Authentication Bypass) SQL Injection WEBBDOMAIN Post Card 1.02 - (SQL Injection) Authentication Bypass WEBBDOMAIN Post Card 1.02 - (Authentication Bypass) SQL Injection Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Anti-Keylogger Elite 3.3.0 - 'AKEProtect.sys' Privilege Escalation Active Price Comparison 4 - (ProductID) Blind SQL Injection Active Price Comparison 4 - 'ProductID' Blind SQL Injection Active Test 2.1 - (QuizID) Blind SQL Injection Active Test 2.1 - 'QuizID' Blind SQL Injection EasyMail ActiveX - (emmailstore.dll 6.5.0.3) Buffer Overflow EasyMail ActiveX - 'emmailstore.dll 6.5.0.3' Buffer Overflow ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation ESET Smart Security 3.0.672 - 'epfw.sys' Privilege Escalation PowerStrip 3.84 - (pstrip.sys) Privilege Escalation PowerStrip 3.84 - 'pstrip.sys' Privilege Escalation PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service PGP Desktop 9.0.6 - 'PGPwded.sys' Local Denial of Service Miniweb 2.0 - (Authentication Bypass) SQL Injection Miniweb 2.0 - SQL Injection (Authentication Bypass) MW6 Barcode ActiveX - (Barcode.dll) Remote Heap Overflow (PoC) MW6 Barcode ActiveX - 'Barcode.dll' Remote Heap Overflow (PoC) A Better Member-Based ASP Photo Gallery - (entry) SQL Injection A Better Member-Based ASP Photo Gallery - 'entry' SQL Injection mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation mks_vir 9b < 1.2.0.0b297 - 'mksmonen.sys' Privilege Escalation Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method Exploit CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Privilege Escalation AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure AdaptBB 1.0 - 'topic_id' SQL Injection / Credentials Disclosure X10Media Mp3 - Search Engine < 1.6.2 Admin Access X10media Mp3 Search Engine < 1.6.2 Admin Access Microsoft Media Player - (quartz.dll .mid) Denial of Service Microsoft Media Player - 'quartz.dll .mid' Denial of Service Microsoft Media Player - (quartz.dll .wav) Multiple Remote Denial of Service Vulnerabilities Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Privilege Escalation ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Privilege Escalation Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow Roxio CinePlayer 3.2 - 'SonicMediaPlayer.dll' Remote Buffer Overflow Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow (heap spray) Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray) AdaptBB 1.0 - (forumspath) Remote File Inclusion AdaptBB 1.0 - 'forumspath' Remote File Inclusion Online Armor < 3.5.0.12 - (OAmon.sys) Privilege Escalation Online Armor < 3.5.0.12 - 'OAmon.sys' Privilege Escalation McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution DESlock+ 4.0.2 - 'dlpcrypt.sys' Local Kernel Ring0 Code Execution Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow (SEH) Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (SEH) Miniweb 2.0 Module Publisher - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Miniweb 2.0 Module Survey Pro - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow (PoC) GDivX Zenith Player AviFixer Class - 'fix.dll 1.0.0.1' Buffer Overflow (PoC) Accommodation Hotel Booking Portal - (hotel_id) SQL Injection Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - (jar50.dll) Null Pointer Dereference Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - 'jar50.dll' Null Pointer Dereference Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption SAP GUI for Windows - sapirrfc.dll ActiveX Overflow SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow Authentium SafeCentral 2.6 - shdrv.sys Local kernel Ring0 SYSTEM Exploit Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM Exploit Microsoft Internet Explorer - iepeers.dll Use-After-Free Exploit (Metasploit) Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free Exploit (Metasploit) Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) Denial of Service (Crash) SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Multiple Vendor librpc.dll Signedness Error - Remote Code Execution Multiple Vendor 'librpc.dll' Signedness Error - Remote Code Execution Micropoint ProActive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Privilege Escalation iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow iMesh 7.1.0.x - 'IMWeb.dll 7.0.0.x' Remote Heap Overflow avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities avtech software 'avc781viewer.dll' ActiveX - Multiple Vulnerabilities HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC) HP Operations Manager 8.16 - 'srcvw4.dll' LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC) ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow ZipGenius 6.3.1.2552 - 'zgtips.dll' Stack Buffer Overflow Avast! 4.7 - aavmker4.sys Privilege Escalation Avast! 4.7 - 'aavmker4.sys' Privilege Escalation Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow Bigant Messenger 2.52 - 'AntCore.dll' RegisterCom() Remote Heap Overflow Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion Apple Safari 4.0.5 - 'JavaScriptCore.dll' Stack Exhaustion 724CMS Enterprise 4.59 - (section.php) Local File Inclusion 724CMS Enterprise 4.59 - (section.php) SQL Injection 724CMS Enterprise 4.59 - 'section.php' Local File Inclusion 724CMS Enterprise 4.59 - 'section.php' SQL Injection MiniWebsvr 0.0.10 - Directory Traversal/Listing Exploits MiniWebsvr 0.0.10 - Directory Traversal / Listing 4Images 1.7.7 - (image_utils.php) Remote Command Execution 4Images 1.7.7 - 'image_utils.php' Remote Command Execution CommuniCrypt Mail 1.16 - (ANSMTP.dll/AOSMTP.dll) ActiveX CommuniCrypt Mail 1.16 - 'ANSMTP.dll/AOSMTP.dll' ActiveX Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - OpenSession() Buffer Overflow Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes) AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion AdaptCMS 2.0.0 Beta - 'init.php' Remote File Inclusion Microsoft - MSHTML.dll CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak Microsoft - 'MSHTML.dll' CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / Denial of Service Adobe Reader 9.3.2 - 'CoolType.dll' Remote Memory Corruption / Denial of Service Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Privilege Escalation Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption Avast! Internet Security 5.0 - 'aswFW.sys' Kernel Driver IOCTL Memory Pool Corruption QQ Computer Manager - TSKsp.sys Local Denial of Service QQ Computer Manager - 'TSKsp.sys' Local Denial of Service SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service SmartCode ServerX VNC Server ActiveX 1.1.5.0 - 'scvncsrvx.dll' Denial of Service Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Microsoft Vista - (fveapi.dll) BitLocker Drive Encryption API Hijacking Exploit Microsoft Vista - 'fveapi.dll' BitLocker Drive Encryption API Hijacking Exploit Nvidia Driver - 'nview.dll' DLL Hijacking Nvidia Driver - 'nview.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking LeadTools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL) Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Exploit A-Blog 2.0 - (sources/search.php) SQL Injection A-Blog 2.0 - 'sources/search.php' SQL Injection Microsoft DRM Technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities Microsoft DRM Technology 'msnetobj.dll' ActiveX - Multiple Vulnerabilities Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow (PoC) Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Buffer Overflow (PoC) VMware Workstation 7.1.1 - VMkbd.sys Denial of Service VMware Workstation 7.1.1 - 'VMkbd.sys' Denial of Service AuraCMS - 'pfd.php' SQL Injection AuraCMS 1.62 - 'pfd.php' SQL Injection Rising - RSNTGDI.sys Local Denial of Service Rising - 'RSNTGDI.sys' Local Denial of Service CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow CA Internet Security Suite 2010 - 'KmxSbx.sys' Kernel Pool Overflow Crystal Reports Viewer 12.0.0.549 - ActiveX Exploit (PrintControl.dll) Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX Exploit Irfanview 4.27 - JP2000.dll plugin Denial of Service Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service Kingsoft AntiVirus 2011 SP5.2 'KisKrnl.sys' 2011.1.13.89 - Local Kernel Mode Denial of Service Oracle Document Capture - empop3.dll Insecure Methods Oracle Document Capture - 'empop3.dll' Insecure Methods DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM Exploit DESlock+ <= 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit Microsoft IIS - ISAPI w3who.dll Query String Overflow (Metasploit) Microsoft IIS - ISAPI nsiislog.dll ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage fp30reg.dll Chunked Overflow (Metasploit) Microsoft IIS - ISAPI 'w3who.dll' Query String Overflow (Metasploit) Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit) Microsoft Services - nwwks.dll (MS06-066) Microsoft Services - 'nwwks.dll' (MS06-066) Microsoft Services - nwapi32.dll (MS06-066) Microsoft Services - 'nwapi32.dll' (MS06-066) ISS - PAM.dll ICQ Parser Buffer Overflow (Metasploit) ISS - 'PAM.dll' ICQ Parser Buffer Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV ntdll.dll Path Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit) RealPlayer - ierpplug.dll ActiveX Control Playlist Name Buffer Overflow (Metasploit) RealPlayer - 'ierpplug.dll' ActiveX Control Playlist Name Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow (Metasploit) Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit) Yahoo! Messenger - 'YVerInfo.dll' ActiveX Control Buffer Overflow (Metasploit) WinDVD7 - IASystemInfo.dll ActiveX Control Buffer Overflow (Metasploit) WinDVD7 - 'IASystemInfo.dll' ActiveX Control Buffer Overflow (Metasploit) SonicWALL Aventail - epi.dll AuthCredential Format String (Metasploit) SonicWALL Aventail - 'epi.dll' AuthCredential Format String (Metasploit) BaoFeng Storm - mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit) BaoFeng Storm - 'mps.dll' ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit) Ask.com Toolbar - askBar.dll ActiveX Control Buffer Overflow (Metasploit) Ask.com Toolbar - 'askBar.dll' ActiveX Control Buffer Overflow (Metasploit) Tumbleweed FileTransfer - vcst_eu.dll ActiveX Control Buffer Overflow (Metasploit) Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) Juniper SSL-VPN IVE - JuniperSetupDLL.dll ActiveX Control Buffer Overflow (Metasploit) Juniper SSL-VPN IVE - 'JuniperSetupDLL.dll' ActiveX Control Buffer Overflow (Metasploit) RealPlayer - rmoc3260.dll ActiveX Control Heap Corruption (Metasploit) RealPlayer - 'rmoc3260.dll' ActiveX Control Heap Corruption (Metasploit) WebEx UCF - atucfobj.dll ActiveX NewObject Method Buffer Overflow (Metasploit) WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Buffer Overflow (Metasploit) DjVu - DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow (Metasploit) DjVu - 'DjVu_ActiveX_MSOffice.dll' ActiveX ComponentBuffer Overflow (Metasploit) Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit (Metasploit) Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX Exploit (Metasploit) AASync 2.2.1.0 - (Windows x86) Stack Buffer Overflow 'LIST' (Metasploit) AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit) BadBlue 2.5 - ext.dll Buffer Overflow (Metasploit) BadBlue 2.5 - 'ext.dll' Buffer Overflow (Metasploit) Amlibweb NetOpacs - webquery.dll Stack Buffer Overflow (Metasploit) Amlibweb NetOpacs - 'webquery.dll' Stack Buffer Overflow (Metasploit) Microsoft Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview Denial of Service (PoC) Microsoft Windows Explorer 6.0.2900.5512 - 'Shmedia.dll 6.0.2900.5512' AVI Preview Denial of Service (PoC) Microsoft Windows XP - afd.sys Local Kernel Denial of Service Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service Microsoft Visio - VISIODWG.dll DXF File Handling (Metasploit) Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit) Microsoft Windows 7 SP1 - mrxdav.sys WebDav Privilege Escalation (MS16-016) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll GDI+ - 'gdiplus.dll' CreateDashedPath Integer Overflow Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow (PoC) Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC) VideoLAN VLC Media Player 1.1.11 - (libav) libavcodec_plugin.dll Denial of Service VideoLAN VLC Media Player 1.1.11 - (libav) 'libavcodec_plugin.dll' Denial of Service HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow (Metasploit) HP OpenView Network Node Manager - 'ov.dll' _OVBuildPath Buffer Overflow (Metasploit) VideoLAN VLC Media Player 1.2.0 - (libtaglib_pluggin.dll) Denial of Service VideoLAN VLC Media Player 1.2.0 - 'libtaglib_pluggin.dll' Denial of Service Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH) Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH) ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow (Metasploit) ASUS Net4Switch - 'ipswcom.dll' ActiveX Stack Buffer Overflow (Metasploit) Quest Toad for Oracle Explain Plan Display ActiveX Control - (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite (PoC) Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite (PoC) Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC) Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC) RealPlayer .mp4 - file handling memory Corruption RealPlayer - '.mp4' file handling memory Corruption D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution D-Link DCS-5605 Network Surveillance - ActiveX Control 'DcsCliCtrl.dll' lstrcpyW Remote Buffer Overflow Quest InTrust 10.4.x - Annotation Objects ActiveX Control 'AnnotateX.dll' Uninitialized Pointer Remote Code Execution Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow (Metasploit) Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit) HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service MDAC 2.1.2.4202.3 / ms Win NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution (Metasploit) AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Microsoft Internet Explorer 4 / Outlook 2000/5.5 - MSHTML.dll Crash Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation Working Resources BadBlue 1.7 - ext.dll Cross-Site Scripting Working Resources BadBlue 1.7 - 'ext.dll' Cross-Site Scripting QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite (PoC) QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC) Microsoft Windows XP/95/98/2000/NT 4 - Riched20.dll Attribute Buffer Overflow Microsoft Windows XP/95/98/2000/NT 4 - 'Riched20.dll' Attribute Buffer Overflow Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (4) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (4) Working Resources 1.7.x/2.15 BadBlue - ext.dll Command Execution Working Resources 1.7.x/2.15 BadBlue - 'ext.dll' Command Execution Microsoft Shlwapi.dll 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service Microsoft Internet Explorer 5 - Remote URLMON.dll Buffer Overflow Microsoft Internet Explorer 5 - Remote 'URLMON.dll' Buffer Overflow Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - 'auth.dll' pa_modify_accounts() Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - 'ldapagnt.dll' ldapagnt_eval() Perl Code Evaluation Remote Code Execution Microsoft Windows 2000/NT 4 Media Services - nsiislog.dll Remote Buffer Overflow Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin IN_MIDI.dll Track Data Size Buffer Overflow NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow myServer 0.4.x - cgi-lib.dll Remote Buffer Overflow myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow Nvidia Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow (PoC) Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC) Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun Microsoft ListBox/ComboBox Control - 'User32.dll' Function Buffer Overrun Irfanview 4.33 - IMXCF.dll Plugin Code Execution Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow YaSoft Switch Off 2.3 - 'swnet.dll' Remote Buffer Overflow Symantec Client Firewall Products 5 - SYMNDIS.SYS Driver Remote Denial of Service Symantec Client Firewall Products 5 - 'SYMNDIS.SYS' Driver Remote Denial of Service Panda ActiveScan 5.0 - ascontrol.dll Remote Heap Overflow Panda ActiveScan 5.0 - ascontrol.dll Denial of Service Panda ActiveScan 5.0 - 'ascontrol.dll' Remote Heap Overflow Panda ActiveScan 5.0 - 'ascontrol.dll' Denial of Service Foxit Reader 5.4.4.1128 Firefox Plugin - npFoxitReaderPlugin.dll Stack Buffer Overflow Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow Yahoo! Messenger 5.6 - YInsthelper.dll Multiple Buffer Overflow Vulnerabilities Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities Novell Groupwise Client - gwcls1.dll ActiveX Remote Code Execution (Metasploit) Novell Groupwise Client - 'gwcls1.dll' ActiveX Remote Code Execution (Metasploit) F-Secure Policy Manager 5.11 - FSMSH.dll CGI Application Installation Full Path Disclosure F-Secure Policy Manager 5.11 - 'FSMSH.dll' CGI Application Installation Full Path Disclosure Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll Denial of Service Easy DVD Player 3.5.1 - (libav) 'libavcodec_plugin.dll' Denial of Service Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow WPS Office - Wpsio.dll Stack Buffer Overflow WPS Office - 'Wpsio.dll' Stack Buffer Overflow AN HTTPD - CMDIS.dll Remote Buffer Overflow AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server 300 - Crash (PoC) Sigma ISP Manager 6.6 - Sigmaweb.dll SQL Injection Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Based Overflow Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service Oracle WebCenter Content - CheckOutAndOpen.dll ActiveX Remote Code Execution (Metasploit) Oracle WebCenter Content - 'CheckOutAndOpen.dll' ActiveX Remote Code Execution (Metasploit) Microsoft Visual Studio .NET - msdds.dll Remote Code Execution Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution TP-Link PS110U Print Server TL - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration Novell Client 2 SP3 - nicm.sys Privilege Escalation (Metasploit) Novell Client 2 SP3 - 'nicm.sys' Privilege Escalation (Metasploit) StarUML - WinGraphviz.dll ActiveX Buffer Overflow StarUML - 'WinGraphviz.dll' ActiveX Buffer Overflow MiniWeb (Build 300) - Arbitrary File Upload (Metasploit) MiniWeb 300 - Arbitrary File Upload (Metasploit) Yahoo! Messenger 7.0/7.5 - jscript.dll Non-ASCII Character Denial of Service Yahoo! Messenger 7.0/7.5 - 'jscript.dll' Non-ASCII Character Denial of Service Microsoft PowerPoint 2003 - mso.dll PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Agnitum Outpost Firewall 3.5.631 - FiltNT.SYS Local Denial of Service Agnitum Outpost Firewall 3.5.631 - 'FiltNT.SYS' Local Denial of Service Microsoft Internet Explorer 6 - IMSKDIC.dll Denial of Service Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service Microsoft Internet Explorer 6 - MSOE.dll Denial of Service Microsoft Internet Explorer 6 - 'MSOE.dll' Denial of Service Microsoft Internet Explorer 6 - TSUserEX.dll ActiveX Control Memory Corruption Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxfw.sys' Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxstart.sys' Privilege Escalation Avira Internet Security - avipbb.sys Filter Bypass / Privilege Escalation Avira Internet Security - 'avipbb.sys' Filter Bypass / Privilege Escalation Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver 'fortknoxfw.sys' Memory Corruption Kerio Personal Firewall 4.3 - IPHLPAPI.dll Privilege Escalation Kerio Personal Firewall 4.3 - 'IPHLPAPI.dll' Privilege Escalation PrecisionID Barcode - PrecisionID_Barcode.dll ActiveX 1.9 Control Arbitrary File Overwrite PrecisionID Barcode - 'PrecisionID_Barcode.dll' ActiveX 1.9 Control Arbitrary File Overwrite CA Multiple Products Console Server and InoCore.dll - Remote Code Execution Vulnerabilities CA Multiple Products Console Server and 'InoCore.dll' - Remote Code Execution Vulnerabilities SSC DiskAccess NFS Client - DAPCNFSD.dll Stack Buffer Overflow SSC DiskAccess NFS Client - 'DAPCNFSD.dll' Stack Buffer Overflow Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities Comodo Firewall 2.3.6 - 'CMDMon.SYS' Multiple Denial of Service Vulnerabilities Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service Symantec SYMTDI.SYS Device Driver - Local Denial of Service Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service eSellerate SDK 3.6.5 - eSellerateControl365.dll ActiveX Control Buffer Overflow eSellerate SDK 3.6.5 - 'eSellerateControl365.dll' ActiveX Control Buffer Overflow NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting NextPage LivePublish 2.02 - 'LPEXT.dll' Cross-Site Scripting Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow Roxio CinePlayer 3.2 - SonicDVDDashVRNav.dll ActiveX Control Remote Buffer Overflow Roxio CinePlayer 3.2 - 'SonicDVDDashVRNav.dll' ActiveX Control Remote Buffer Overflow Dart ZipLite Compression 1.8.5.3 - DartZipLite.dll ActiveX Control Buffer Overflow Dart ZipLite Compression 1.8.5.3 - 'DartZipLite.dll' ActiveX Control Buffer Overflow F-Secure Policy Manager 7.00 - FSMSH.dll Remote Denial of Service Apple Safari 3.0.1 for Windows - Corefoundation.dll Denial of Service F-Secure Policy Manager 7.00 - 'FSMSH.dll' Remote Denial of Service Apple Safari 3.0.1 for Windows - 'Corefoundation.dll' Denial of Service VMware Tools 3.1 - HGFS.Sys Privilege Escalation VMware Tools 3.1 - 'HGFS.Sys' Privilege Escalation Microsoft Windows Kernel win32k.sys - Integer Overflow (MS13-101) Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101) Baidu Soba Search Bar 5.4 - BaiduBar.dll ActiveX Control Remote Code Execution Baidu Soba Search Bar 5.4 - 'BaiduBar.dll' ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - TBLinf32.dll ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - Vector Markup Language VGX.dll Remote Buffer Overflow Microsoft Internet Explorer 5.0.1 - Vector Markup Language 'VGX.dll' Remote Buffer Overflow Yahoo! Messenger 8.1 - KDU_V32M.DLL Remote Denial of Service Yahoo! Messenger 8.1 - 'KDU_V32M.DLL' Remote Denial of Service BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free BitDefender AntiVirus 2008 - 'bdelev.dll' ActiveX Control Double-Free AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Based Buffer Overflow Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow Microsoft Agent - 'agentdpv.dll' ActiveX Control Malformed URL Stack Buffer Overflow Macrovision SafeDisc - SecDRV.SYS Method_Neither Privilege Escalation SpeedFan - Speedfan.sys Privilege Escalation Macrovision SafeDisc - 'SecDRV.SYS' Method_Neither Privilege Escalation SpeedFan - 'Speedfan.sys' Privilege Escalation RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow RealPlayer 10.0/10.5/11 - 'ierpplug.dll' ActiveX Control Import Playlist Name Stack Buffer Overflow GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities RealMedia RealPlayer 10.5/11 - ierpplug.dll PlayerProperty ActiveX Control Buffer Overflow RealMedia RealPlayer 10.5/11 - 'ierpplug.dll' PlayerProperty ActiveX Control Buffer Overflow AuraCMS 2.2 - 'lihatberita' Module 'id' Parameter SQL Injection AuraCMS 2.2 - 'lihatberita' Module SQL Injection Panda Internet Security/AntiVirus+Firewall 2008 - CPoint.sys Memory Corruption Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter Cross-Site Scripting SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate 'wgate.dll' ~service Parameter Cross-Site Scripting Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow Symantec Multiple Products - Client Proxy ActiveX 'CLIproxy.dll' Remote Overflow Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation (Metasploit) VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit) AuraCMS 1.62 - 'pdf.php' SQL Injection VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit Microsoft Windows 8.1 (x86/x64) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation Microsoft Windows 8.1 (x86/x64) - 'ahcache.sys' NtApphelpCacheControl Privilege Escalation JetAudio 8.1.3 - (Corrupted mp4) Crash (PoC) JetAudio 8.1.3 - '.mp4' Crash (PoC) Microsoft Windows - HTTP.sys PoC (MS15-034) Microsoft Windows - 'HTTP.sys' PoC (MS15-034) MS Windows (HTTP.sys) - HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052) FinePlayer 2.20 (.mp4) - Crash (PoC) FinePlayer 2.20 - '.mp4' Crash (PoC) Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081) Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080) Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081) Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081) Microsoft Office 2007 - 'wwlib.dll' fcPlcfFldMom Uninitialized Heap Usage Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081) Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080) Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081) Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081) Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table Microsoft Windows - ATMFD.dll CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access Microsoft Windows - ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to - Malformed CFF Table Microsoft Windows - 'ATMFD.dll' CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads Microsoft Office 2007 - msxml5.dll Crash (PoC) Microsoft Office 2007 - 'msxml5.dll' Crash (PoC) Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097) Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097) Microsoft Windows - Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Office / COM Object - els.dll DLL Planting (MS15-134) Microsoft Office / COM Object - 'els.dll' DLL Planting (MS15-134) Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132) Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132) Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007) Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS16-007) Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007) Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007) QuickHeal 16.00 - webssx.sys Driver Denial of Service QuickHeal 16.00 - 'webssx.sys' Driver Denial of Service Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Elevation Exploit Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Stack Corruption (MS16-026) Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026) Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow Hyper-V - 'vmswitch.sys' VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow Microsoft Windows - Kernel win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Adobe Flash - MP4 File Stack Corruption Adobe Flash - .MP4 File Stack Corruption Microsoft Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) Microsoft Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) Microsoft Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074) Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074) VMware Virtual Machine Communication Interface (VMCI) vmci.sys - (PoC) VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys' (PoC) Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067) Microsoft Windows - 'NetAPI32.dll' Code Execution (Python) (MS08-067) SAP Adaptive Server Enterprise 16 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Boonex Dolphin 7.3.2 - Authentication Bypass SmallFTPd 1.0.3 - 'mkd' Command Denial of Service Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure	2016-10-27 05:01:19 +00:00
Offensive Security	f1ca42d762	DB: 2016-10-26 ... 1 new exploits WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python) WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl) Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) (PoC) Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) Apple QuickTime 7.2/7.3 - RTSP Response Universal Exploit (Internet Explorer 7 / Firefox / Opera) Apple QuickTime 7.2/7.3 (Internet Explorer 7 / Firefox / Opera) - RTSP Response Universal Exploit PHP-CON 1.3 - (include.php) Remote File Inclusion PHP-CON 1.3 - 'include.php' Remote File Inclusion RealPlayer 11 - Malformed AU File Denial of Service RealPlayer 11 - '.au' Denial of Service VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization (PoC) VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization Nullsoft Winamp 5.32 - MP4 tags Stack Overflow Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion ViArt CMS/Shop/Helpdesk 3.3.2 - Remote File Inclusion Samba 3.0.27a - send_mailslot() Remote Buffer Overflow (PoC) Samba 3.0.27a - send_mailslot() Remote Buffer Overflow Horde Web-Mail 3.x - (go.php) Remote File Disclosure CuteNews 1.1.1 - (html.php) Remote Code Execution Horde Web-Mail 3.x - 'go.php' Remote File Disclosure CuteNews 1.1.1 - 'html.php' Remote Code Execution TUTOS 1.3 - (cmd.php) Remote Command Execution TUTOS 1.3 - 'cmd.php' Remote Command Execution PHP Webquest 2.6 - (id_actividad) SQL Injection Move Networks Quantum Streaming Player - Overwrite (SEH) Gateway Weblaunch - ActiveX Control Insecure Method Exploit PHP Webquest 2.6 - 'id_actividad' Parameter SQL Injection Move Networks Quantum Streaming Player - SEH Overflow Gateway Weblaunch - ActiveX Control Insecure Method Microsoft FoxServer - (vfp6r.dll 6.0.8862.0) ActiveX Command Execution Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method Microsoft FoxServer - 'vfp6r.dll 6.0.8862.0' ActiveX Command Execution Microsoft Rich Textbox Control 6.0-SP6 - 'SaveFile()' Insecure Method McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC) McAfee E-Business Server 8.5.2 - Remote Unauthenticated Code Execution / Denial of Service (PoC) Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow StreamAudio ChainCast ProxyManager - ccpm_0237.dll Buffer Overflow StreamAudio ChainCast ProxyManager - 'ccpm_0237.dll' Buffer Overflow XnView 1.92.1 - Slideshow (FontName) Buffer Overflow XnView 1.92.1 - (FontName) Slideshow Buffer Overflow Phaos R4000 Version (file) - Remote File Disclosure Phaos R4000 Version - 'file' Remote File Disclosure ASPPortal Free Version (Topic_Id) - SQL Injection ASPPortal Free Version - 'Topic_Id' SQL Injection Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection Alibaba Clone Tritanium Version - 'news_desc.html' SQL Injection XnView 1.97.4 - MBM File Remote Heap Buffer Overflow XnView 1.97.4 - '.MBM' File Remote Heap Buffer Overflow Fortigate OS Version 4.x < 5.0.7 - SSH Backdoor Fortigate OS 4.x < 5.0.7 - SSH Backdoor Network Scanner Version 4.0.0.0 - SEH Crash (PoC) Network Scanner 4.0.0.0 - SEH Crash (PoC) Ruby on Rails - Dynamic Render File Upload Remote Code Execution Ruby on Rails - Dynamic Render File Upload / Remote Code Execution Network Scanner 4.0.0 - SEH Local Buffer Overflow	2016-10-26 05:01:17 +00:00
Offensive Security	8330920f32	DB: 2016-10-25 ... 4 new exploits ATutor 1.5.3.1 - (links) Blind SQL Injection ATutor 1.5.3.1 - 'links' Blind SQL Injection Mihalism Multi Host 2.0.7 - download.php Remote File Disclosure Mihalism Multi Host 2.0.7 - 'download.php' Remote File Disclosure IBM Domino Web Access Upload Module - inotes6.dll Buffer Overflow IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow WebPortal CMS 0.6.0 - (index.php m) SQL Injection WebPortal CMS 0.6.0 - 'index.php' SQL Injection samPHPweb - 'db.php commonpath' Remote File Inclusion samPHPweb 4.2.2 - 'db.php' Remote File Inclusion samPHPweb - 'songinfo.php' SQL Injection samPHPweb 4.2.2 - 'songinfo.php' SQL Injection ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion ATutor 1.6.1-pl1 - 'import.php' Remote File Inclusion The Matt Wright Guestbook.pl 2.3.1 - Server Side Include The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include html2ps - 'include file' Server Side Include Directive Directory Traversal html2ps - 'include file' Server-Side Include Directive Directory Traversal ClanSphere 2011.3 - (cs_lang cookie Parameter) Local File Inclusion ClanSphere 2011.3 - 'cs_lang' Cookie Parameter Local File Inclusion Imatix Xitami 2.5 - Server Side Includes Cross-Site Scripting Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting Flatnux CMS 2013-01.17 - (index.php theme Parameter) Local File Inclusion Flatnux CMS 2013-01.17 - 'index.php' Local File Inclusion Network Weathermap 0.97a - (editor.php) Persistent Cross-Site Scripting Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting ATutor 1.4.3 - browse.php show_course Parameter Cross-Site Scripting ATutor 1.4.3 - contact.php subject Parameter Cross-Site Scripting ATutor 1.4.3 - content.php cid Parameter Cross-Site Scripting ATutor 1.4.3 - send_message.php l Parameter Cross-Site Scripting ATutor 1.4.3 - search.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - inbox/index.php view Parameter Cross-Site Scripting ATutor 1.4.3 - tile.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - subscribe_forum.php us Parameter Cross-Site Scripting ATutor 1.4.3 - Directory.php Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'browse.php' show_course Parameter Cross-Site Scripting ATutor 1.4.3 - 'contact.php' subject Parameter Cross-Site Scripting ATutor 1.4.3 - 'content.php' cid Parameter Cross-Site Scripting ATutor 1.4.3 - 'send_message.php' l Parameter Cross-Site Scripting ATutor 1.4.3 - 'search.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'inbox/index.php' view Parameter Cross-Site Scripting ATutor 1.4.3 - 'tile.php' Multiple Parameter Cross-Site Scripting ATutor 1.4.3 - 'subscribe_forum.php' us Parameter Cross-Site Scripting ATutor 1.4.3 - 'Directory.php' Multiple Parameter Cross-Site Scripting Cuppa CMS - 'alertConfigField.php urlConfig Parameter' Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php' Remote / Local File Inclusion Novell Zenworks Mobile Device Managment - Local File Inclusion (Metasploit) Novell Zenworks Mobile Device Managment 2.6.1 / 2.7.0 - Local File Inclusion (Metasploit) Weathermap 0.97c - (editor.php mapname Parameter) Local File Inclusion Weathermap 0.97c - 'mapname' Parameter Local File Inclusion ATutor 1.5.1 - password_reminder.php SQL Injection ATutor 1.5.1 - 'password_reminder.php' SQL Injection ATutor 1.x - forum.inc.php Arbitrary Command Execution ATutor 1.x - body_header.inc.php section Parameter Local File Inclusion ATutor 1.x - print.php section Parameter Remote File Inclusion ATutor 1.x - 'forum.inc.php' Arbitrary Command Execution ATutor 1.x - 'body_header.inc.php' section Parameter Local File Inclusion ATutor 1.x - 'print.php' section Parameter Remote File Inclusion ATutor 1.5.x - create_course.php Multiple Parameter Cross-Site Scripting ATutor 1.5.x - documentation/admin/index.php Cross-Site Scripting ATutor 1.5.x - password_reminder.php forgot Parameter Cross-Site Scripting ATutor 1.5.x - users/browse.php cat Parameter Cross-Site Scripting ATutor 1.5.x - 'create_course.php' Multiple Parameter Cross-Site Scripting ATutor 1.5.x - 'documentation/admin/index.php' Cross-Site Scripting ATutor 1.5.x - 'password_reminder.php' forgot Parameter Cross-Site Scripting ATutor 1.5.x - 'users/browse.php' cat Parameter Cross-Site Scripting Zimbra - Privilegie Escalation (via Local File Inclusion) Zimbra 2009-2013 - Local File Inclusion Zimbra Collaboration Server - Local File Inclusion (Metasploit) Zimbra Collaboration Server 7.2.2 / 8.0.2 - Local File Inclusion (Metasploit) Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file Parameter) Local File Inclusion Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion Cart Engine 3.0.0 - (task.php) Local File Inclusion Cart Engine 3.0.0 - 'task.php' Local File Inclusion Kemana Directory 1.5.6 - (run Parameter) Local File Inclusion Kemana Directory 1.5.6 - 'task.php' Local File Inclusion Railo - Remote File Inclusion (Metasploit) Railo 4.2.1 - Remote File Inclusion (Metasploit) LittleSite 0.1 - 'file' Parameter Local File Inclusion LittleSite 0.1 - 'index.php' Local File Inclusion OSClass 3.4.1 - (index.php file Parameter) Local File Inclusion OSClass 3.4.1 - 'index.php' Local File Inclusion Magento Server MAGMI Plugin - Remote File Inclusion Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion Cacti Superlinks Plugin 1.4-2 - Remote Code Execution (via Local File Inclusion + SQL Injection) Cacti Superlinks Plugin 1.4-2 - SQL Injection / Local File Inclusion Lotus Mail Encryption Server (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit) u5CMS 3.9.3 - (thumb.php) Local File Inclusion u5CMS 3.9.3 - 'thumb.php' Local File Inclusion openSIS - 'modname' Parameter Local File Inclusion ATutor - 'tool_file' Parameter Local File Inclusion openSIS 5.1 - 'ajax.php' Local File Inclusion ATutor 2.1 - 'tool_file' Parameter Local File Inclusion Fork CMS - 'file' Parameter Local File Inclusion Fork CMS - 'js.php' Local File Inclusion HP Insight Diagnostics - Local File Inclusion HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion phpVibe - Information Disclosure / Remote File Inclusion phpVibe 3.1 - Information Disclosure / Remote File Inclusion CakePHP - AssetDispatcher Class Local File Inclusion CakePHP 2.2.8 / 2.3.7 - AssetDispatcher Class Local File Inclusion TomatoCart - 'install/rpc.php' Local File Inclusion TomatoCart 1.1.8.2 - 'class' Parameter Local File Inclusion NeoBill - /install/index.php language Parameter Traversal Local File Inclusion NeoBill 0.9-alpha - 'language' Parameter Local File Inclusion iScripts AutoHoster - /websitebuilder/showtemplateimage.php tmpid Parameter Traversal Local File Inclusion iScripts AutoHoster - /admin/downloadfile.php fname Parameter Traversal Local File Inclusion iScripts AutoHoster - /support/admin/csvdownload.php id Parameter Traversal Local File Inclusion iScripts AutoHoster - 'tmpid' Parameter Local File Inclusion iScripts AutoHoster - 'fname' Parameter Local File Inclusion iScripts AutoHoster - 'id' Parameter Local File Inclusion AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion AFCommerce - 'adblock.php' Remote File Inclusion AFCommerce - 'adminpassword.php' Remote File Inclusion AFCommerce - 'controlheader.php' Remote File Inclusion xBoard - 'post' Parameter Local File Inclusion xBoard 5.0 / 5.5 / 6.0 - 'view.php' Local File Inclusion BloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion BloofoxCMS 0.5.0 - 'fileurl' Parameter Local File Inclusion Rips Scanner 0.5 - (code.php) Local File Inclusion Rips Scanner 0.5 - 'code.php' Local File Inclusion MeiuPic - 'ctl' Parameter Local File Inclusion MeiuPic 2.1.2 - 'ctl' Parameter Local File Inclusion qEngine - 'run' Parameter Local File Inclusion qEngine 4.1.6 / 6.0.0 - 'task.php' Local File Inclusion WordPress Plugin BookX - 'includes/bookx_export.php' Local File Inclusion WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion Alfresco - /proxy endpoint Parameter Server Side Request Forgery Alfresco - /cmisbrowser url Parameter Server Side Request Forgery Alfresco - /proxy endpoint Parameter Server-Side Request Forgery Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery CMSimple - Remote file Inclusion CMSimple 4.4.4 - Remote file Inclusion VoipSwitch - 'action' Parameter Local File Inclusion VoipSwitch - 'user.php' Local File Inclusion Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion Concrete5 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062) EC-CUBE 2.12.6 - Server-Side Request Forgery Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration Management	2016-10-25 05:01:17 +00:00
Offensive Security	506182d72d	DB: 2016-10-22 ... 7 new exploits RealSecure / Blackice - iss_pam1.dll Remote Overflow RealSecure / Blackice - 'iss_pam1.dll' Remote Overflow Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Exploit Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Mozilla Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll) Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll) TeamViewer 5.0.8703 - (dwmapi.dll) DLL Hijacking Exploit Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Exploit Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Exploit Microsoft Address Book 6.00.2900.5512 - (wab32res.dll) DLL Hijacking Exploit Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking Exploit TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking Exploit Mozilla Firefox 3.6.8 - 'dwmapi.dll' DLL Hijacking Microsoft Windows Movie Maker 2.6.4038.0 - 'hhctrl.ocx' DLL Hijacking Opera 10.61 - 'dwmapi.dll' DLL Hijacking Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Microsoft Address Book 6.00.2900.5512 - 'wab32res.dll' DLL Hijacking Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking BS.Player 2.56 build 1043 - (mfc71loc.dll) DLL Hijacking Exploit Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll) Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Exploit BS.Player 2.56 build 1043 - 'mfc71loc.dll' DLL Hijacking Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Exploit VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Exploit Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll) InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Exploit Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Exploit Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Exploit Ettercap NG-0.7.3 - (wpcap.dll) DLL Hijacking Exploit Microsoft Group Convertor - 'imm.dll' DLL Hijacking Exploit Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Ettercap NG-0.7.3 - 'wpcap.dll' DLL Hijacking Microsoft Group Convertor - 'imm.dll' DLL Hijacking TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking Exploit MediaPlayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll) Skype 4.2.0.169 - (wab32.dll) DLL Hijacking Exploit TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Exploit Nvidia Driver - DLL Hijacking Exploit (nview.dll) Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Exploit Cisco Packet Tracer 5.2 - (wintab32.dll) DLL Hijacking Exploit Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Exploit Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Nvidia Driver - 'nview.dll' DLL Hijacking Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Cisco Packet Tracer 5.2 - 'wintab32.dll' DLL Hijacking Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Exploit Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Exploit Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Exploit Mozilla Thunderbird - DLL Hijacking Exploit (dwmapi.dll) Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit (dwmapi.dll) Adobe ExtendedScript Toolkit CS5 3.5.0.52 - DLL Hijacking Exploit (dwmapi.dll) CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Media Player Classic 6.4.9.1 - (iacenc.dll) DLL Hijacking Exploit Nullsoft Winamp 5.581 - DLL Hijacking Exploit (wnaspi32.dll) Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll) Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Exploit Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Mozilla Thunderbird - 'dwmapi.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Adobe ExtendedScript Toolkit CS5 3.5.0.52 - 'dwmapi.dll' DLL Hijacking CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Media Player Classic 6.4.9.1 - 'iacenc.dll' DLL Hijacking Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Exploit Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Edge - 'Array.map' Heap Overflow (MS16-119) Microsoft Edge - Array.join Info Leak (MS16-119) Microsoft Edge - 'Array.join' Infomation Leak (MS16-119) Adobe Flash - Transform.colorTranform Getter Info Leak Adobe Flash - Transform.colorTranform Getter Infomation Leak Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124) Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123) Microsoft Windows - DeviceApi CMApi PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124) Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Windows - 'win32k.sys' TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Microsoft Windows - 'win32k.sys' TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Microsoft Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Infomation Leak (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access) Just Dial Clone Script - SQL Injection FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID) Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)	2016-10-22 05:01:17 +00:00
Offensive Security	07fdc778ee	DB: 2016-10-21 ... 24 new exploits NetAuctionHelp 4.1 - search.asp SQL Injection Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow Microsoft Edge - Array.join Info Leak (MS16-119) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) HikVision Security Systems - Activex Buffer Overflow Oracle Netbeans IDE 8.1 - Directory Traversal MiCasa VeraLite - Remote Code Execution Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection Classifieds Rental Script - SQL Injection SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Event Calendar PHP 1.5 - SQL Injection SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal SPIP 3.1.2 - Cross-Site Request Forgery Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Edge - Spread Operator Stack Overflow (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)	2016-10-21 05:01:17 +00:00
Offensive Security	77b46b2163	DB: 2016-10-20 ... 13 new exploits PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit PHP FFI Extension 5.0.5 - Local Safe_mode Bypass PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC) PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC) Apple QuickTime < 7.2 - SMIL Remote Integer Overflow Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC) Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow Integramod nederland 1.4.2 - Remote File Inclusion Integramod Nederland 1.4.2 - Remote File Inclusion CNDSOFT 2.3 - Cross-Site Request Forgery / Arbitrary File Upload NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation The Unarchiver 3.11.1 - '.tar.Z' Crash PoC XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege Escalation Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted Service Path Privilege Escalation Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path Privilege Escalation PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege Escalation	2016-10-20 05:01:17 +00:00
Offensive Security	557f116d02	DB: 2016-10-19 ... 8 new exploits TikiWiki 1.9 Sirius - (jhot.php) Remote Command Execution TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution TikiWiki 1.9.5 Sirius - (sort_mode) Information Disclosure TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution TikiWiki 1.9.8 - 'tiki-graph_formula.php' Command Execution TikiWiki < 1.9.9 - tiki-listmovies.php Directory Traversal TikiWiki < 1.9.9 - 'tiki-listmovies.php' Directory Traversal TikiWiki Project 1.8 - tiki-switch_theme.php theme Parameter Cross-Site Scripting TikiWiki Project 1.8 - img/wiki_up Arbitrary File Upload TikiWiki Project 1.8 - tiki-map.phtml Traversal Arbitrary File / Directory Enumeration TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload TikiWiki Project 1.8 - 'tiki-map.phtml' Traversal Arbitrary File / Directory Enumeration TikiWiki Project 1.8 - categorize.php Direct Request Full Path Disclosure TikiWiki Project 1.8 - messu-mailbox.php Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - messu-read.php Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-browse_categories.php parentId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-index.php comments_threshold Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-list_file_gallery.php galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure TikiWiki Project 1.8 - 'messu-mailbox.php' Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'messu-read.php' Multiple Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-read_article.php' articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-browse_categories.php' parentId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-index.php' comments_threshold Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-print_article.php' articleId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-upload_file.php galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-view_faq.php faqId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-view_chart.php chartId Parameter Cross-Site Scripting TikiWiki Project 1.8 - tiki-usermenu.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - tiki-list_file_gallery.php sort_mode Parameter SQL Injection TikiWiki Project 1.8 - 'tiki-upload_file.php' galleryID Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-view_faq.php' faqId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-view_chart.php' chartId Parameter Cross-Site Scripting TikiWiki Project 1.8 - 'tiki-usermenu.php' sort_mode Parameter SQL Injection TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' sort_mode Parameter SQL Injection Symantec pcAnywhere 12.5.0 Windows (x86) - Remote Code Execution Symantec pcAnywhere 12.5.0 (Windows x86) - Remote Code Execution Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046) Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page) LanSpy 2.0.0.155 - Local Buffer Overflow ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure Cgiemail 1.6 - Source Code Disclosure Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)	2016-10-19 05:01:18 +00:00
Offensive Security	558ab1fc67	DB: 2016-10-18 ... 24 new exploits Entrepreneur Job Portal Script - SQL Injection Entrepreneur Job Portal Script 2.06 - SQL Injection NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation HP Client - Automation Command Injection / Remote Code Execution HP Client 9.1/9.0/8.1/7.9 - Command Injection NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation NO-IP DUC 4.1.1 - Unquoted Service Path Privilege Escalation Wondershare PDFelement 5.2.9 - Unquoted Service Path Privilege Escalation Firefox 49.0.1 - Denial of Service Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation Student Information System (SIS) 0.1 - Authentication Bypass Web Based Alumni Tracking System 0.1 - SQL Injection Simple Dynamic Web 0.1 - SQL Injection Learning Management System 0.1 - Authentication Bypass Fashion Shopping Cart 0.1 - SQL Injection Health Record System 0.1 - Authentication Bypass Windows x64 - WinExec() Shellcode (93 bytes) Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation PHP Telephone Directory - Multiple Vulnerabilities Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting PHP Image Database - Multiple Vulnerabilities Simple Shopping Cart Application 0.1 - SQL Injection PHP NEWS 1.3.0 - Cross-Site Request Forgery (Add Admin) School Full CBT 0.1 - SQL Injection PHP Business Directory - Multiple Vulnerabilities Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes) Ruby on Rails - Dynamic Render File Upload Remote Code Execution Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)	2016-10-18 05:01:18 +00:00
Offensive Security	113ab3e40e	DB: 2016-10-15 ... 4 new exploits Open-Xchange App Suite 7.8.2 - Cross Site Scripting Open-Xchange App Suite 7.8.2 - Cross-Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vifi Radio v1 - Cross-Site Request Forgery Vifi Radio 1.0 - Cross-Site Request Forgery b374k Web Shell - Cross-Site Request Forgery / Command Injection b374k Web Shell 3.2.3 / 2.8 - Cross-Site Request Forgery / Command Injection PHP Press Release - Stored Cross Site Scripting PHP Press Release - Persistent Cross-Site Scripting ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting ApPHP MicroBlog 1.0.2 - Persistent Cross-Site Scripting ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting OpenCimetiere v3.0.0-a5 - Blind SQL Injection ApPHP MicroCMS 3.9.5 - Persistent Cross-Site Scripting OpenCimetiere 3.0.0-a5 - Blind SQL Injection Colorful Blog - Stored Cross Site Scripting Colorful Blog - Persistent Cross-Site Scripting Simple Forum PHP 2.4 - SQL Injection Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options) NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting	2016-10-15 05:01:17 +00:00
Offensive Security	f49abcf00f	DB: 2016-10-14 ... 13 new exploits Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) Linux Kernel 4.6.3 - 'Netfilter' Privilege Escalation (Metasploit) ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation Thatware 0.4.6 - SQL Injection InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation Simple Blog PHP 2.0 - Multiple Vulnerabilities Simple Blog PHP 2.0 - SQL Injection Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow) Linux Kernel (Ubuntu 14.04.3) - 'perf_event_open()' Can Race with execve() (Access /etc/shadow) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) PHP Press Release - (Add Admin) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery BirdBlog 1.4.0 - Cross-Site Request Forgery (Add New Post) phpEnter 4.2.7 - Cross-Site Request Forgery (Add New Post) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery ApPHP MicroCMS 3.9.5 - Cross-Site Request Forgery (Add Admin) ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation VOX Music Player 2.8.8 - '.pls' Denial of Service IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation Colorful Blog - Stored Cross Site Scripting Colorful Blog - Cross-Site Request Forgery (Change Admin Password) Hotspot Shield 6.0.3 - Unquoted Service Path Privilege Escalation RSS News AutoPilot Script 1.0.1 / 3.1.0 - Admin Panel Authentication Bypass JonhCMS 4.5.1 - SQL Injection	2016-10-14 05:01:16 +00:00
Offensive Security	01eb066d9d	DB: 2016-10-13 ... 11 new exploits IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) PHP Press Release - (Add Admin) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery Subversion 1.6.6 / 1.6.12 - Code Execution Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption Categorizator 0.3.1 - SQL Injection NetBilletterie 2.8 - Multiple Vulnerabilities ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting OpenCimetiere v3.0.0-a5 - Blind SQL Injection Android - Binder Generic ASLR Leak ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery	2016-10-13 05:01:17 +00:00
Offensive Security	f8b17d14a1	DB: 2016-10-12 ... 12 new exploits Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection Android - 'gpsOneXtra' Data Files Denial of Service Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)	2016-10-12 05:01:17 +00:00
Offensive Security	a3dbf3113e	DB: 2016-10-11 ... 9 new exploits ShoreTel Connect ONSITE - Blind SQL Injection Leap Service - Unquoted Service Path Privilege Escalation Wacom Consumer Service - Unquoted Service Path Privilege Escalation Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation Zend Studio IDE 13.5.1 - Insecure File Permissions Privilege Escalation HP Client - Automation Command Injection / Remote Code Execution Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)	2016-10-11 05:01:15 +00:00
Offensive Security	8ea4614148	DB: 2016-10-10 ... 4 new exploits miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) Fitbit Connect Service - Unquoted Service Path Privilege Escalation PHP Press Release - Cross-Site Request Forgery (Add Admin) PHP Press Release - Stored Cross Site Scripting	2016-10-10 05:01:16 +00:00
Offensive Security	cda049fa54	DB: 2016-10-08 ... 4 new exploits MLM Unilevel Plan Script v1.0.2 - SQL Injection MLM Unilevel Plan Script 1.0.2 - SQL Injection Comodo Dragon Browser - Unquoted Service Path Privilege Escalation Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) Entrepreneur Job Portal Script - SQL Injection BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation Waves Audio Service - Unquoted Service Path Privilege Escalation	2016-10-08 05:01:18 +00:00
Offensive Security	cd9e638108	DB: 2016-10-07 ... 12 new exploits phpBB 2.0.10 - Remote Command Execution (CGI) Advance MLM Script - SQL Injection Picosafe Web Gui - Multiple Vulnerabilities Witbe - Remote Code Execution PHP Classifieds Rental Script - Blind SQL Injection B2B Portal Script - Blind SQL Injection MLM Unilevel Plan Script v1.0.2 - SQL Injection Just Dial Clone Script - SQL Injection Comodo Dragon Browser - Unquoted Service Path Privilege Escalation Billion Router 7700NR4 - Remote Command Execution Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Exagate WEBPack Management System - Multiple Vulnerabilities	2016-10-07 05:01:18 +00:00
Offensive Security	5fbed83086	DB: 2016-10-06 ... 10 new exploits Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials Bind 9 DNS Server - Denial of Service ISC BIND 9 - Denial of Service Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution VX Search Enterprise 9.0.26 - Buffer Overflow Sync Breeze Enterprise 8.9.24 - Buffer Overflow Dup Scout Enterprise 9.0.28 - Buffer Overflow Disk Sorter Enterprise 9.0.24 - Buffer Overflow Disk Savvy Enterprise 9.0.32 - Buffer Overflow Abyss Web Server X1 2.11.1 - Unquoted Service Path Privilege Escalation Fortitude HTTP 1.0.4.0 - Unquoted Service Path Privilege Escalation	2016-10-06 05:01:22 +00:00
Offensive Security	77681134f4	DB: 2016-10-05 ... 3 new exploits CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion E-SMARTCART 1.0 - (Product_ID) SQL Injection E-Smart Cart 1.0 - 'Product_ID' SQL Injection E-SMART CART - 'productsofcat.asp' SQL Injection E-Smart Cart - 'productsofcat.asp' SQL Injection CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection E-Smartcart - SQL Injection E-Smart Cart - SQL Injection CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection CubeCart PHP 4.3.x - 'shipkey' SQL Injection CS Cart 1.3.3 - (install.php) Cross-Site Scripting CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting dansie shopping cart 3.0.4 - Multiple Vulnerabilities Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities Sendmail 8.11.6 - Address Prescan Memory Corruption Joomla! Component RSfiles (cid parameter) - SQL Injection Joomla! Component RSfiles - (cid parameter) SQL Injection Dovecot with Exim sender_address Parameter - Remote Command Execution Dovecot with Exim - sender_address Parameter Remote Command Execution Exim sender_address Parameter - Remote Code Execution Exim - sender_address Parameter Remote Code Execution PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection AJ Classifieds 'listingid' Parameter - SQL Injection AJ Classifieds - 'listingid' Parameter SQL Injection PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Bind 9 DNS Server - Denial of Service Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC) OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution Disk Pulse Enterprise 9.0.34 - Buffer Overflow	2016-10-05 05:01:18 +00:00
Offensive Security	d9bdc2e376	DB: 2016-10-04 ... 7 new exploits maplab ms4w 2.2.1 - Remote File Inclusion MapLab MS4W 2.2.1 - Remote File Inclusion Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow Grandsteam GXV3611_HD - SQL Injection Glassfish Server - Unquoted Service Path Privilege Escalation Windows Firewall Control - Unquoted Service Path Privilege Escalation Android - Insufficient Binder Message Verification Pointer Leak DWebPro 8.4.2 - Multiple Vulnerabilities Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)	2016-10-04 05:01:17 +00:00
Offensive Security	2963ce32a0	DB: 2016-10-01 ... 1 new exploits Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege	2016-10-01 05:01:16 +00:00
Offensive Security	fa1b17f699	DB: 2016-09-30 ... 1 new exploits Microsoft Windows - RPC DCOM Remote Exploit (18 Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (48 Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (1) Microsoft Windows - 'RPC DCOM' Remote Exploit (2) Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal Targets) Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal) Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate Get Request Remote Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow PMSoftware Simple Web Server - GET Request Remote Buffer Overflow CUPS Server 1.1 - (Get Request) Denial of Service CUPS Server 1.1 - GET Request Denial of Service BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC) TFTPD32 2.81 - GET Request Format String Denial of Service (PoC) Fenice Oms 1.10 - (long get request) Remote Buffer Overflow Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow Multi-Threaded TFTP 1.1 - (Long Get Request) Denial of Service Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service Essentia Web Server 2.15 - (GET Request) Remote Denial of Service Essentia Web Server 2.15 - GET Request Remote Denial of Service webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Buffer Overflow webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield) webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (dnsname) Microsoft Windows Message Queuing Service - RPC Buffer Overflow Netgear WGR614v9 - Wireless Router Get Request Denial of Service Netgear WGR614v9 Wireless Router - GET Request Denial of Service XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow (PoC) XBMC 8.10 (Windows) - (GET Request) Remote Buffer Overflow XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC) XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow (SEH) httpdx 0.5b - FTP Server (USER) Remote Buffer Overflow (SEH) Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC) Mereo 1.8.0 - (Get Request) Remote Denial of Service Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC) Mereo 1.8.0 - GET Request Remote Denial of Service httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow (SEH) httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH) httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit ARD-9808 DVR Card Security Camera - (GET Request) Remote Denial of Service ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service Kolibri+ WebServer 2 - (Get Request) Denial of Service Kolibri+ WebServer 2 - GET Request Denial of Service Kolibri+ WebServer 2 - (GET Request) Remote Overwrite (SEH) Kolibri+ WebServer 2 - GET Request Remote Overwrite (SEH) httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service httpdx 1.4 - Get Request Buffer Overflow httpdx 1.4 - GET Request Buffer Overflow Httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC) httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC) HTTPDX - tolog() Function Format String (1) httpdx - tolog() Function Format String (1) HTTPDX - tolog() Function Format String (2) httpdx - tolog() Function Format String (2) HTTPDX - h_handlepeer() Function Buffer Overflow (Metasploit) httpdx - h_handlepeer() Function Buffer Overflow (Metasploit) glibc LD_AUDIT Arbitrary DSO - Load Privilege Escalation glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) httpdx 1.5.4 - Remote HTTP Server Denial of Service httpdx 1.5.4 - HTTP Server Remote Denial of Service Working Resources BadBlue 1.7.3 - Get Request Denial of Service Working Resources BadBlue 1.7.3 - GET Request Denial of Service KeepNote 0.7.8 - Command Execution My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service Snowblind Web Server 1.0/1.1 - (GET Request) Buffer Overflow Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow Proxomitron Proxy Server - Long Get Request Remote Denial of Service Proxomitron Proxy Server - Long GET Request Remote Denial of Service	2016-09-30 05:01:16 +00:00
Offensive Security	d86bdf5f80	DB: 2016-09-29 ... 2 new exploits Symantec Messaging Gateway 10.6.1 - Directory Traversal VLC Media Player 2.2.1 - Buffer Overflow	2016-09-29 05:01:16 +00:00
Offensive Security	35000196e1	DB: 2016-09-27 ... 11 new exploits Berlios gpsd 2.7.x - Remote Format String Berlios GPSD 2.7.x - Remote Format String bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1) boastMachine 3.1 - (mail.php id) SQL Injection BoastMachine 3.1 - 'mail.php' id SQL Injection BIGACE 2.4 - Multiple Remote File Inclusion BigACE 2.4 - Multiple Remote File Inclusion attachmax dolphin 2.1.0 - Multiple Vulnerabilities Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH) AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH) BIGACE CMS 2.5 - 'Username' SQL Injection BigACE CMS 2.5 - 'Username' SQL Injection BIGACE CMS 2.6 - (cmd) Local File Inclusion BigACE CMS 2.6 - (cmd) Local File Inclusion Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (1) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1) Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption bitrix site manager 4.0.5 - Remote File Inclusion Bitrix Site Manager 4.0.5 - Remote File Inclusion boastMachine 3.1 - Arbitrary File Upload BoastMachine 3.1 - Arbitrary File Upload blog system 1.5 - Multiple Vulnerabilities Blog System 1.5 - Multiple Vulnerabilities b2b gold script - 'id' SQL Injection B2B Gold Script - 'id' SQL Injection TinyBrowser - Arbitrary File Upload Wordpress Plugin TinyBrowser - Arbitrary File Upload Nginx http server 0.6.36 - Directory Traversal Nginx 0.6.36 - Directory Traversal atomic photo album 1.0.2 - Multiple Vulnerabilities Atomic Photo Album 1.0.2 - Multiple Vulnerabilities Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1) Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) bitweaver 2.8.1 - Persistent Cross-Site Scripting Bitweaver 2.8.1 - Persistent Cross-Site Scripting bitweaver 2.8.0 - Multiple Vulnerabilities Bitweaver 2.8.0 - Multiple Vulnerabilities Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2) DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (2) Bigace 2.7.5 - Arbitrary File Upload BigACE 2.7.5 - Arbitrary File Upload atutor 2.0.2 - Multiple Vulnerabilities ATutor 2.0.2 - Multiple Vulnerabilities boastMachine 3.1 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin) Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111) atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution Macro Expert 4.0 - Multiple Privilege Escalations axigen mail server 8.0.1 - Persistent Cross-Site Scripting Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation Joomla! Component Event Booking 2.10.1 - SQL Injection NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation bitweaver 2.8.1 - Multiple Vulnerabilities Bitweaver 2.8.1 - Multiple Vulnerabilities Contrexx CMS egov Module 1.0.0 - SQL Injection Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting atutor 1.2 - Multiple Vulnerabilities ATutor 1.2 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection Clockstone and other CMSMasters Theme - Arbitrary File Upload Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload Nginx HTTP Server 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) BuilderEngine 3.5.0 - Arbitrary File Upload PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution Bigace CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - admin.php Cross-Site Scripting BoastMachine 3.1 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (1) Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery boastMachine 2.8 - 'index.php' Local File Inclusion BoastMachine 2.8 - 'index.php' Local File Inclusion TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting boastMachine 3.1 - 'key' Parameter Cross-Site Scripting BoastMachine 3.1 - 'key' Parameter Cross-Site Scripting Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Creative Contact Form 0.9.7 - Arbitrary File Upload Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Paid Memberships Pro 1.7.14.2 - Directory Traversal Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal DukaPress 2.5.2 - Directory Traversal Wordpress Plugin DukaPress 2.5.2 - Directory Traversal Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Duplicator 0.5.8 - Privilege Escalation Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Shareaholic 7.6.0.3 - Cross-Site Scripting Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting Paypal Currency Converter Basic For WooCommerce - File Read Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (2) Multiple WordPress Themes WPScientist - Arbitrary File Upload Multiple WordPress WPScientist Themes - Arbitrary File Upload EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Avast AntiVirus - X.509 Error Rendering Command Execution Avast! AntiVirus - X.509 Error Rendering Command Execution Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Avast - OOB Write Decrypting PEncrypt Packed executables Avast - JetDb::IsExploited4x Performs Unbounded Search on Input Avast - Heap Overflow Unpacking MoleBox Archives Avast - Integer Overflow Verifying numFonts in TTC Header Avast! - OOB Write Decrypting PEncrypt Packed executables Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input Avast! - Heap Overflow Unpacking MoleBox Archives Avast! - Integer Overflow Verifying numFonts in TTC Header BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal Simple Ads Manager 2.9.4.116 - SQL Injection Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation Avast - Authenticode Parsing Memory Corruption Avast! - Authenticode Parsing Memory Corruption Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Job Script by Scubez - Remote Code Execution Wordpress Plugin Job Script by Scubez - Remote Code Execution Premium SEO Pack 1.9.1.3 - wp_options Overwrite Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite Ocomon 2.0 - SQL Injection	2016-09-27 05:01:25 +00:00
Offensive Security	102574cb3e	DB: 2016-09-24 ... 5 new exploits EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Adobe Acrobat Reader 7<9 - U3D Buffer Overflow Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit) Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit) Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Adobe Flash - Crash When Freeing Memory After AVC decoding Adobe Flash - Video Decompression Memory Corruption Linux - SELinux W+X Protection Bypass via AIO Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass Microsoft Excel 95<2004 - Malformed Graphic File Code Execution Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution Git-1.9.5 - ssh-agent.exe Buffer Overflow Git 1.9.5 - ssh-agent.exe Buffer Overflow Skybox Platform <=7.0.611 - Multiple Vulnerabilities Skybox Platform <= 7.0.611 - Multiple Vulnerabilities SOLIDserver <=5.0.4 - Local File Inclusion SOLIDserver <= 5.0.4 - Local File Inclusion WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)	2016-09-24 05:05:07 +00:00
Offensive Security	12047d93f1	DB: 2016-09-23 ... 9 new exploits Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Slackware Linux 3.5 - Missing /etc/group Privilege Escalation Matrimonial Website Script 1.0.2 - SQL Injection Metasploit Web UI - Diagnostic Console Command Execution Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Exponent CMS 2.3.9 - Blind SQL Injection JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101) phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - 'PHPWS_SOURCE_DIR' Parameter Multiple Remote File Inclusion Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Microix Timesheet Module - SQL Injection Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities	2016-09-23 05:05:20 +00:00
Offensive Security	b8ebed3824	DB: 2016-09-22 ... 6 new exploits Setuid perl - PerlIO_Debug() Root owned file creation Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation Kaltura 11.1.0-2 - Remote Code Execution (Metasploit) Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1) VideoCache 1.9.2 - vccleaner Root VideoCache 1.9.2 - 'vccleaner' Privilege Escalation UK One Media CMS - 'id' Error Based SQL Injection UK One Media CMS - 'id' Error-Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) Ultimate eShop - Error Based SQL Injection Ultimate eShop - Error-Based SQL Injection WordPress Plugin Multiple - timthumb.php Vulnerabilities Multiple WordPress Plugins - timthumb.php File Upload Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service Slackware Linux 3.5 - /etc/group missing results in Root access Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service Sudo 1.6.3 - Unclean Environment Variable Root Program Execution Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure Microsoft Office PowerPoint 2010 - Invalid Pointer Reference Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass Microweber 0.905 - Error Based SQL Injection Microweber 0.905 - Error-Based SQL Injection WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution	2016-09-22 05:06:28 +00:00
Offensive Security	235761b103	DB: 2016-09-20 ... 12 new exploits OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs ZineBasic 1.1 - Arbitrary File Disclosure SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities MyBB 1.8.6 - SQL Injection Kajona 4.7 - Cross-Site Scripting / Directory Traversal Docker Daemon - Privilege Escalation (Metasploit) SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow	2016-09-20 05:07:15 +00:00
Offensive Security	f1e68e0b1d	DB: 2016-09-15 ... 3 new exploits Android - getpidcon Usage binder Service Replacement Race Condition PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure Apache Mina 2.0.13 - Remote Command Execution	2016-09-15 05:07:49 +00:00
Offensive Security	d5138d6962	DB: 2016-09-14 ... 17 new exploits Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script Cherry Music 0.35.1 - Arbitrary File Disclosure Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation Windows x86 - Password Protected TCP Bind Shell (637 bytes) wdCalendar 2 - SQL Injection Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change Open-Xchange App Suite 7.8.2 - Cross Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting Multiple Icecream Apps - Insecure File Permissions Privilege Escalation WinSMS 3.43 - Insecure File Permissions Privilege Escalation Microsoft Internet Explorer 11.0.9600.18482 - Use After Free AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure AIOCP 1.3.x - Multiple Vulnerabilities ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change COMTREND ADSL Router CT-5367 C01_R12_ CT-5624 C01_R03 - Unauthenticated DNS Change Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change PIKATEL 96338WS_ 96338L-2M-8M - Unauthenticated DNS Change Inteno EG101R1 VoIP Router - Unauthenticated DNS Change	2016-09-14 05:08:39 +00:00
Offensive Security	0be1ea959a	DB: 2016-09-09 ... 11 new exploits Samba 3.0.4 - SWAT Authorization Buffer Overflow Samba 3.0.4 SWAT - Authorisation Buffer Overflow Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2) HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit) HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit) WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC) WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC) FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service Multiple Applications - Local Credentials Disclosure Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2) Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2) IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC) Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC) Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC) Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC) Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC) Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC) SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC) MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow Joomla Component JPad 1.0 - Post-Authentication SQL Injection Joomla Component JPad 1.0 - Authenticated SQL Injection CMS Made Simple 1.2.4 - (FileManager module) File Upload CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication) freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated) freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection AvailScript Jobs Portal Script - (Post-Authentication) File Upload AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service Serv-U 7.3 - (Authenticated) Remote FTP File Replacement Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC) Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC) Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC AJ Auction Authentication - Bypass Exploit AJ Auction - Authentication Bypass Simple Directory Listing 2 - Cross-Site File Upload Simple Directory Listing 2 - Cross-Site Arbitrary File Upload Mini File Host 1.x - Arbitrary PHP File Upload Mini File Host 1.x - Arbitrary .PHP File Upload Memberkit 1.0 - Remote PHP File Upload Memberkit 1.0 - Remote Arbitrary .PHP File Upload WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC) Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC) WikkiTikkiTavi 1.11 - Remote PHP File Upload WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation zFeeder 1.6 - 'admin.php' Pre-Authentication zFeeder 1.6 - 'admin.php' Unauthenticated Addonics NAS Adapter - Post-Authentication Denial of Service Addonics NAS Adapter - Authenticated Denial of Service Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Hannon Hill Cascade Server - (Post-Authentication) Command Execution Hannon Hill Cascade Server - (Authenticated) Command Execution Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC) XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC) Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal Adobe JRun 4 - (logfile) Authenticated Directory Traversal FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service NetAccess IP3 - (Post-Authentication) (ping option) Command Injection NetAccess IP3 - (Authenticated) (ping option) Command Injection Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC) httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC) httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC) Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC) Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) uTorrent WebUI 0.370 - Authorization header Denial of Service uTorrent WebUI 0.370 - Authorisation Header Denial of Service Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass) ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass) Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass) BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass) dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting) dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting) Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit) UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow Achievo 1.4.3 - Multiple Authorization Flaws Achievo 1.4.3 - Multiple Authorisation Flaws PHPMotion 1.62 - 'FCKeditor' File Upload PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal Home FTP Server 1.11.1.149 - Authenticated Directory Traversal News Script PHP Pro - 'FCKeditor' File Upload News Script PHP Pro - 'FCKeditor' Arbitrary File Upload Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow MailEnable - Authorization Header Buffer Overflow MailEnable - Authorisation Header Buffer Overflow ColdFusion 8.0.1 - Arbitrary File Upload and Execution Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution ColdFusion 8.0.1 - Arbitrary File Upload / Execution Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution OpenX - banner-edit.php File Upload PHP Code Execution OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution Joomla 1.5.12 - tinybrowser File Upload Code Execution Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit If-CMS 2.07 - Pre-Authentication Local File Inclusion (1) If-CMS 2.07 - Unauthenticated Local File Inclusion (1) IPComp - encapsulation Pre-Authentication kernel memory Corruption IPComp - encapsulation Unauthenticated kernel memory Corruption SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass) Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass) Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow ActFax Server FTP - (Authenticated) Remote Buffer Overflow If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2) If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2) DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass) DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass) DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit TomatoCart 1.1 - Post-Authentication Local File Inclusion TomatoCart 1.1 - Authenticated Local File Inclusion BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass QuiXplorer 2.3 - Bugtraq File Upload QuiXplorer 2.3 - Bugtraq Arbitrary File Upload QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit) QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit) Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter) Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter) BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection Dolibarr ERP & CRM 3 - Authenticated OS Command Injection V-CMS - PHP File Upload and Execution V-CMS - Arbitrary .PHP File Upload / Execution WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection WebCalendar 1.2.4 - Unauthenticated Remote Code Injection appRain CMF - Arbitrary PHP File Upload appRain CMF - Arbitrary .PHP File Upload EGallery - PHP File Upload EGallery - Arbitrary .PHP File Upload SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload WebPageTest - Arbitrary PHP File Upload WebPageTest - Arbitrary .PHP File Upload XODA 0.4.5 - Arbitrary PHP File Upload XODA 0.4.5 - Arbitrary .PHP File Upload Elcom CMS 7.4.10 - Community Manager Insecure File Upload Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1) OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2) Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1) Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit qdPM 7.0 - Arbitrary PHP File Upload qdPM 7.0 - Arbitrary .PHP File Upload Oracle Database - Authentication Protocol Security Bypass Oracle Database - Protocol Authentication Bypass Mod_NTLM 0.x - Authorization Heap Overflow Mod_NTLM 0.x - Authorisation Heap Overflow Mod_NTLM 0.x - Authorization Format String Mod_NTLM 0.x - Authorisation Format String Geeklog 1.3.x - Authentication SQL Injection Geeklog 1.3.x - Authenticated SQL Injection NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution MySQL - Remote Pre-Authentication User Enumeration MySQL - Remote Unauthenticated User Enumeration vbPortal 2.0 alpha 8.1 - Authentication SQL Injection vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3) WordPress WP-Property Plugin - PHP File Upload WordPress Asset-Manager Plugin - PHP File Upload WordPress WP-Property Plugin - Arbitrary .PHP File Upload WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2) Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun Novell NCP - Pre-Authentication Remote Root Exploit Novell NCP - Unauthenticated Remote Root Exploit Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass Polar Helpdesk 3.0 - Cookie Based Authentication Bypass IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution IRIS Citations Management Tool - (Authenticated) Remote Command Execution Polycom HDX - Telnet Authorization Bypass (Metasploit) Polycom HDX - Telnet Authentication Bypass (Metasploit) OpenEMR - PHP File Upload OpenEMR - Arbitrary .PHP File Upload PolarPearCMS - PHP File Upload PolarPearCMS - Arbitrary .PHP File Upload Apache 2.0.x - mod_ssl Remote Denial of Service Apache/mod_ssl 2.0.x - Remote Denial of Service phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal MoinMoin - twikidraw Action Traversal File Upload MoinMoin - twikidraw Action Traversal Arbitrary File Upload Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow FlexWATCH 3.0 - AIndex.asp Authorization Bypass FlexWATCH 3.0 - AIndex.asp Authentication Bypass HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload WordPress Curvo Themes - Cross-Site Request Forgery File Upload WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass PHPBB2 - Admin_Ug_Auth.php Administrative Bypass Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass Castripper 2.50.70 - '.pls' DEP Exploit Castripper 2.50.70 - '.pls' DEP Bypass Exploit Google Urchin 5.7.3 - Report.cgi Authorization Bypass Google Urchin 5.7.3 - Report.cgi Authentication Bypass Adobe Flash - Method Calls Use-After-Free Adobe Flash - Transform.colorTranform Getter Info Leak RSA Authentication Agent for Web 5.3 - URI redirection RSA Authentication Agent for Web 5.3 - URI Redirection Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow Zabbix 2.0 - 3.0.3 - SQL Injection ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload Katello (Red Hat Satellite) - users/update_roles Missing Authorization Katello (Red Hat Satellite) - users/update_roles Missing Authorisation Freepbx 13.0.x < 13.0.154 - Remote Command Execution FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution Jobberbase 2.0 - Multiple Vulnerabilities Windows x86 - Bind Shell TCP Shellcode WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution Moab < 7.2.9 - Authorization Bypass Moab < 7.2.9 - Authentication Bypass Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection Drupal Core < 7.32 - Pre-Authentication SQL Injection Drupal Core < 7.32 - Unauthenticated SQL Injection Tincd - Post-Authentication Remote TCP Stack Buffer Overflow Tincd - Authenticated Remote TCP Stack Buffer Overflow PMB 4.1.3 - Post-Authentication SQL Injection PMB 4.1.3 - Authenticated SQL Injection Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution ManageEngine Multiple Products - Authenticated File Upload ManageEngine Multiple Products - Authenticated Arbitrary File Upload Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass) Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass) Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection Symantec Web Gateway 5 - restore.php Authenticated Command Injection JBoss Seam 2 - Arbitrary File Upload and Execution JBoss Seam 2 - Arbitrary File Upload / Execution Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit) Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass JibberBook 2.3 - 'Login_form.php' Authentication Bypass Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Zenoss 3.2.1 - Remote Post-Authentication Command Execution Zenoss 3.2.1 - Remote Authenticated Command Execution Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution Magento CE < 1.9.0.1 - Authenticated Remote Code Execution Netsweeper 4.0.9 - Arbitrary File Upload and Execution Netsweeper 4.0.9 - Arbitrary File Upload / Execution Netsweeper 4.0.8 - Arbitrary File Upload and Execution Netsweeper 4.0.8 - Arbitrary File Upload / Execution EasyITSP - 'customers_edit.php' Authentication Security Bypass EasyITSP - 'customers_edit.php' Authentication Bypass Wolf CMS - Arbitrary File Upload and Execution Wolf CMS - Arbitrary File Upload / Execution Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass) GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution vBulletin 5.1.x - Pre-Authentication Remote Code Execution vBulletin 5.1.x - Unauthenticated Remote Code Execution WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass WordPress WP to Twitter Plugin - Authorization Bypass WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass WordPress WP to Twitter Plugin - Authentication Bypass Novell ServiceDesk - Authenticated File Upload Novell ServiceDesk - Authenticated Arbitrary File Upload Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass) Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass) phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers) vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit) phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution phpMyAdmin 4.6.2 - Authenticated Remote Code Execution vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF) vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF) ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass	2016-09-09 05:09:09 +00:00
Offensive Security	2aa9d941de	DB: 2016-09-08 ... 6 new exploits Too many to list!	2016-09-08 05:08:29 +00:00
Offensive Security	d36011b4f9	DB: 2016-09-07 ... 3 new exploits Too many to list!	2016-09-07 05:09:19 +00:00
Offensive Security	479ae86249	DB: 2016-09-06 ... 5 new exploits ProFTPD 1.2.9RC1 - (mod_sql) SQL Injection ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection PHPBB 2.0.4 - PHP Remote File Inclusion Exploit phpBB 2.0.4 - PHP Remote File Inclusion Exploit wu-ftpd 2.6.2 - Off-by-One Remote Root Exploit WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit wu-ftpd 2.6.2 - Remote Root Exploit WU-FTPD 2.6.2 - Remote Root Exploit ProFTPD 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service wu-ftpd 2.6.0 - Remote Root Exploit WU-FTPD 2.6.0 - Remote Root Exploit OpenBSD 2.6 / 2.7ftpd - Remote Exploit OpenBSD 2.6 / 2.7 ftpd - Remote Exploit wu-ftpd 2.6.0 - Remote Format Strings Exploit WU-FTPD 2.6.0 - Remote Format Strings Exploit ProFTPD 1.2.0 (rc2) - memory leakage example Exploit ProFTPd 1.2.0 (rc2) - memory leakage example Exploit ProFTPD 1.2.0pre10 - Remote Denial of Service ProFTPd 1.2.0pre10 - Remote Denial of Service wu-ftpd 2.6.1 - Remote Root Exploit WU-FTPD 2.6.1 - Remote Root Exploit OpenFTPD 0.30.2 - Remote Exploit OpenFTPD 0.30.1 - (message system) Remote Shell Exploit OpenFTPd 0.30.2 - Remote Exploit OpenFTPd 0.30.1 - (message system) Remote Shell Exploit PHP - (PHP-exec-dir) Patch Command Access Restriction Bypass PHP - (php-exec-dir) Patch Command Access Restriction Bypass ProFTPd (ftpdctl) - Local pr_ctrls_connect ProFTPd - (ftpdctl) Local pr_ctrls_connect ProFTPD 1.2.10 - Remote Users Enumeration Exploit ProFTPd 1.2.10 - Remote Users Enumeration Exploit PHPBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit PHP 4.3.9 + PHPBB 2.x - unserialize() Remote Exploit (Compiled) PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled) Apple QuickTime 6.5.2.10 - '.qtif'Image Parsing Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing wu-ftpd 2.6.2 - File Globbing Denial of Service WU-FTPD 2.6.2 - File Globbing Denial of Service RealPlayer 10 - '.smil'Local Buffer Overflow RealPlayer 10 - '.smil' Local Buffer Overflow PHPBB 2.0.13 - 'downloads.php' mod Remote Exploit phpBB 2.0.13 - 'downloads.php' mod Remote Exploit PHPPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting Invision Power Board 2.0.3 - login.php SQL Injection Invision Power Board 2.0.3 - login.php SQL Injection (tutorial) Invision Power Board 2.0.3 - 'login.php' SQL Injection Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) Invision Power Board 1.3.1 - login.php SQL Injection Invision Power Board 1.3.1 - 'login.php' SQL Injection PHPBB 2.0.15 - (highlight) Remote PHP Code Execution phpBB 2.0.15 - (highlight) Remote PHP Code Execution Solaris SPARC / x86 - Local Socket Hijack Exploit Solaris (SPARC / x86) - Local Socket Hijack Exploit PHPBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) Microsoft Windows XP SP2 - 'rdpwd.sys'Remote Kernel Denial of Service Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service PHPBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit FreeFTPD 1.0.8 - (USER) Remote Buffer Overflow freeFTPd 1.0.8 - (USER) Remote Buffer Overflow FreeFTPD 1.0.10 - (PORT Command) Denial of Service freeFTPd 1.0.10 - (PORT Command) Denial of Service Tftpd32 2.81 - (GET Request) Format String Denial of Service (PoC) TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC) Microsoft HTML Help Workshop - '.hhp'Denial of Service Microsoft HTML Help Workshop - '.hhp' Denial of Service PHPWebSite 0.10.0-full - (topics.php) SQL Injection phpWebSite 0.10.0-full - (topics.php) SQL Injection Microsoft Visual Studio 6.0 sp6 - '.dbp'Buffer Overflow Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow PHPBookingCalendar 1.0c - (details_view.php) SQL Injection phpBookingCalendar 1.0c - (details_view.php) SQL Injection Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure Microsoft Internet Explorer 6 - 'Internet.HHCtrl'Heap Overflow Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow PHPBB 3 - 'memberlist.php' SQL Injection phpBB 3 - 'memberlist.php' SQL Injection WoW Roster 1.70 - (/lib/PHPbb.php) Remote File Inclusion WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion PHPBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion phpBB XS 0.58a - (phpBB_root_path) Remote File Inclusion phpBB Static Topics 1.0 - phpbb_root_path File Include phpBB Static Topics 1.0 - phpBB_root_path File Include PHPBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpBB_root_path) Remote File Inclusions PHP News Reader 2.6.4 - (PHPbb.inc.php) Remote File Inclusion Exploit PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exploit PHPBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit PHPBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit PHPBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit PHPBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit PHPBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit PGOSD - 'misc/function.php3'Remote File Inclusion PGOSD - 'misc/function.php3' Remote File Inclusion HP-UX 11i - (LIBC TZ enviroment variable) Privilege Escalation HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPD 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit Yrch 1.0 - (plug.inc.php path variable) Remote File Inclusion Exploit Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Exploit Vizayn Haber - 'haberdetay.asp id variable'SQL Injection Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection newsCMSlite - 'newsCMS.mdb'Remote Password Disclosure newsCMSlite - 'newsCMS.mdb' Remote Password Disclosure iG Calendar 1.0 - (user.php id variable) SQL Injection iG Calendar 1.0 - (user.php id Variable) SQL Injection uniForum 4 - 'wbsearch.aspx'SQL Injection uniForum 4 - 'wbsearch.aspx' SQL Injection MGB 0.5.4.5 - (email.php id variable) SQL Injection MGB 0.5.4.5 - (email.php id Variable) SQL Injection Microsoft Help Workshop 4.03.0002 - '.CNT'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow Microsoft Visual C++ - '.RC Resource Files'Local Buffer Overflow Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow Phpbb Tweaked 3 - (phpbb_root_path) Remote File Inclusion phpBB Tweaked 3 - (phpBB_root_path) Remote File Inclusion phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit phpBB++ Build 100 - (phpBB_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpBB_root_path) Remote File Inclusion Exploit ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) News Bin Pro 5.33 - '.NBI'Local Buffer Overflow News Bin Pro 5.33 - '.nbi' Local Buffer Overflow Extreme PHPBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite'Local Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit Microsoft Windows - '.doc'Malformed Pointers Denial of Service Microsoft Windows - '.doc' Malformed Pointers Denial of Service GestArt Beta 1 - 'aide.php aide'Remote File Inclusion GestArt Beta 1 - 'aide.php aide' Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path'Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion Corel Wordperfect X3 13.0.0.565 - '.PRS'Local Buffer Overflow Corel Wordperfect X3 13.0.0.565 - '.prs' Local Buffer Overflow ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) Winamp 5.3 - '.WMV'Remote Denial of Service Winamp 5.3 - '.wmv' Remote Denial of Service ACDSee 9.0 - '.XPM'Local Buffer Overflow XnView 1.90.3 - '.XPM'Local Buffer Overflow WEBInsta FM 0.1.4 - login.php absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.CLP'Buffer Overflow ACDSee 9.0 - '.xpm' Local Buffer Overflow XnView 1.90.3 - '.xpm' Local Buffer Overflow WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow ABC-View Manager 1.42 - '.PSP'Buffer Overflow FreshView 7.15 - '.PSP'Buffer Overflow ABC-View Manager 1.42 - '.psp' Buffer Overflow FreshView 7.15 - '.psp' Buffer Overflow Gimp 2.2.14 - '.ras'SUNRAS Plugin Buffer Overflow Gimp 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow IrfanView 4.00 - '.iff'Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png'Buffer Overflow Exploit IrfanView 4.00 - '.iff' Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit RealPlayer 10 - '.ra'Remote Denial of Service RealPlayer 10 - '.ra' Remote Denial of Service Winamp 5.34 - '.mp4'Code Execution Exploit Winamp 5.34 - '.mp4' Code Execution Exploit Wikivi5 - 'show.php sous_rep'Remote File Inclusion Wikivi5 - 'show.php sous_rep' Remote File Inclusion LeadTools Raster Thumbnail Object Library - 'LTRTM14e.DLL'Buffer Overflow Exploit LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow Exploit Scallywag - 'template.php path'Remote File Inclusion Scallywag - 'template.php path' Remote File Inclusion Simple Invoices 2007 05 25 - 'index.php submit'SQL Injection Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection Traffic Stats - 'referralUrl.php offset'SQL Injection Traffic Stats - 'referralUrl.php offset' SQL Injection BBS E-Market - 'postscript.php p_mode'Remote File Inclusion BBS E-Market - 'postscript.php p_mode' Remote File Inclusion PHPBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion bwired - 'index.php newsID'SQL Injection bwired - 'index.php newsID' SQL Injection CrystalPlayer 1.98 - '.mls'Local Buffer Overflow CrystalPlayer 1.98 - '.mls' Local Buffer Overflow PHP123 Top Sites - 'category.php cat'SQL Injection PHP123 Top Sites - 'category.php cat' SQL Injection Live for Speed S1/S2/Demo - '.mpr replay'Buffer Overflow Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe'Stack Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow Live for Speed S1/S2/Demo - '.ply'Buffer Overflow Live for Speed S1/S2/Demo - '.spr'Buffer Overflow CartWeaver - 'Details.cfm ProdID'SQL Injection Prozilla Pub Site Directory - 'directory.php cat'SQL Injection Live for Speed S1/S2/Demo - '.ply' Buffer Overflow Live for Speed S1/S2/Demo - '.spr' Buffer Overflow CartWeaver - 'Details.cfm ProdID' SQL Injection Prozilla Pub Site Directory - 'directory.php cat' SQL Injection Prozilla Webring Website Script - 'category.php cat'SQL Injection Prozilla Webring Website Script - 'category.php cat' SQL Injection GetMyOwnArcade - 'search.php query'SQL Injection GetMyOwnArcade - 'search.php query' SQL Injection ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow Sisfo Kampus 2006 - 'dwoprn.php f'Remote File Download Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download Gelato - 'index.php post'SQL Injection Gelato - 'index.php post' SQL Injection modifyform - 'modifyform.html'Remote File Inclusion modifyform - 'modifyform.html' Remote File Inclusion phpBB Plus 1.53 - (phpbb_root_path) Remote File Inclusion phpBB Plus 1.53 - (phpBB_root_path) Remote File Inclusion Black Lily 2007 - 'products.php class'SQL Injection Black Lily 2007 - 'products.php class' SQL Injection PHPBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion wzdftpd 0.8.0 - (USER) Remote Denial of Service WzdFTPD 0.8.0 - (USER) Remote Denial of Service Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc) Solaris 10 (sparc/x86) - sysinfo Kernel Memory Disclosure Exploit Solaris (sparc/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit Mcms Easy Web Make - 'index.php template'Local File Inclusion Mcms Easy Web Make - 'index.php template' Local File Inclusion MOG-WebShop - 'index.php group'SQL Injection MOG-WebShop - 'index.php group' SQL Injection ClipShare - 'uprofile.php UID'SQL Injection ClipShare - 'uprofile.php UID' SQL Injection samPHPweb - 'db.php commonpath'Remote File Inclusion samPHPweb - 'db.php commonpath' Remote File Inclusion RichStrong CMS - 'showproduct.asp cat'SQL Injection RichStrong CMS - 'showproduct.asp cat' SQL Injection Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr'File Handling Buffer Overflow Exploit Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit IrfanView 4.10 - '.fpx'Memory Corruption Exploit IrfanView 4.10 - '.fpx' Memory Corruption Exploit Fully Modded PHPBB - 'kb.php' SQL Injection Fully Modded phpBB - 'kb.php' SQL Injection ASPapp - 'links.asp CatId'SQL Injection ASPapp - 'links.asp CatId' SQL Injection HIS-Webshop - 'his-webshop.pl t'Remote File Disclosure HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure Easynet Forum Host - 'forum.php forum'SQL Injection Easynet Forum Host - 'forum.php forum' SQL Injection Blog PixelMotion - 'index.php categorie'SQL Injection Blog PixelMotion - 'index.php categorie' SQL Injection Prozilla Forum Service - 'forum.php forum'SQL Injection Prozilla Forum Service - 'forum.php forum' SQL Injection Ksemail - 'index.php language'Local File Inclusion Ksemail - 'index.php language' Local File Inclusion RX Maxsoft - 'popup_img.php fotoID'SQL Injection RX Maxsoft - 'popup_img.php fotoID' SQL Injection Apartment Search Script - 'listtest.php r'SQL Injection Apartment Search Script - 'listtest.php r' SQL Injection Jokes Site Script - 'jokes.php?catagorie'SQL Injection Jokes Site Script - 'jokes.php?catagorie' SQL Injection Anserv Auction XL - 'viewfaqs.php cat'SQL Injection Anserv Auction XL - 'viewfaqs.php cat' SQL Injection fipsCMS - 'print.asp lg'SQL Injection fipsCMS - 'print.asp lg' SQL Injection PostcardMentor - 'step1.asp cat_fldAuto'SQL Injection PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection HispaH Model Search - 'cat.php cat'SQL Injection HispaH Model Search - 'cat.php cat' SQL Injection EMO Realty Manager - 'news.php ida'SQL Injection The Real Estate Script - 'dpage.php docID'SQL Injection EMO Realty Manager - 'news.php ida' SQL Injection The Real Estate Script - 'dpage.php docID' SQL Injection GLLCTS2 - 'listing.php sort'Blind SQL Injection GLLCTS2 - 'listing.php sort' Blind SQL Injection PHPMyCart - 'shop.php cat'SQL Injection PHPMyCart - 'shop.php cat' SQL Injection BaSiC-CMS - 'index.php r'SQL Injection BaSiC-CMS - 'index.php r' SQL Injection Mybizz-Classifieds - 'index.php cat'SQL Injection Mybizz-Classifieds - 'index.php cat' SQL Injection Carscripts Classifieds - 'index.php cat'SQL Injection BoatScripts Classifieds - 'index.php type'SQL Injection Carscripts Classifieds - 'index.php cat' SQL Injection BoatScripts Classifieds - 'index.php type' SQL Injection RSS-Aggregator - 'display.php path'Remote File Inclusion RSS-Aggregator - 'display.php path' Remote File Inclusion MyBlog: PHP and MySQL Blog/CMS software - SQL / Cross-Site Scripting MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting CodeDB - 'list.php lang'Local File Inclusion CodeDB - 'list.php lang' Local File Inclusion HRS Multi - 'picture_pic_bv.asp key'Blind SQL Injection HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo'Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo'Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo'Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection Youtuber Clone - 'ugroups.php UID'SQL Injection Youtuber Clone - 'ugroups.php UID' SQL Injection ZeeReviews - 'comments.php ItemID'SQL Injection ZeeReviews - 'comments.php ItemID' SQL Injection Acoustica Beatcraft 1.02 Build 19 - '.bcproj'Local Buffer Overflow Exploit Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow Exploit Living Local Website - 'listtest.php r'SQL Injection Living Local Website - 'listtest.php r' SQL Injection AWStats Totals - 'AWStatstotals.php sort'Remote Code Execution Exploit AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Exploit Pre Real Estate Listings - 'search.php c'SQL Injection Pre Real Estate Listings - 'search.php c' SQL Injection Hotel reservation System - 'city.asp city'Blind SQL Injection Hotel reservation System - 'city.asp city' Blind SQL Injection Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward'Local Denial of Service Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service Availscript Article Script - 'view.php v'SQL Injection Availscript Article Script - 'view.php v' SQL Injection JETIK-WEB Software - 'sayfa.php kat'SQL Injection JETIK-WEB Software - 'sayfa.php kat' SQL Injection Microsoft Windows GDI+ - '.ico'Remote Division By Zero Exploit Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit ArabCMS - 'rss.php rss'Local File Inclusion ArabCMS - 'rss.php rss' Local File Inclusion Easynet4u faq Host - 'faq.php faq'SQL Injection Easynet4u faq Host - 'faq.php faq' SQL Injection Real Estate Scripts 2008 - 'index.php cat'SQL Injection Real Estate Scripts 2008 - 'index.php cat' SQL Injection RaidenFTPD 2.4 build 3620 - Remote Denial of Service RaidenFTPd 2.4 build 3620 - Remote Denial of Service XOOPS Module xhresim - 'index.php no'SQL Injection XOOPS Module xhresim - 'index.php no' SQL Injection Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit DorsaCMS - 'ShowPage.aspx'SQL Injection YDC - 'kdlist.php cat'SQL Injection DorsaCMS - 'ShowPage.aspx' SQL Injection YDC - 'kdlist.php cat' SQL Injection Aj RSS Reader - 'EditUrl.php url'SQL Injection Aj RSS Reader - 'EditUrl.php url' SQL Injection Aiocp 1.4 - (poll_id) SQL Injection AIOCP 1.4 - 'poll_id' SQL Injection SFS EZ Auction - 'viewfaqs.php cat'Blind SQL Injection SFS EZ Career - 'content.php topic'SQL Injection SFS EZ Top Sites - 'topsite.php ts'SQL Injection SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection SFS EZ Career - 'content.php topic' SQL Injection SFS EZ Top Sites - 'topsite.php ts' SQL Injection SFS EZ Pub Site - 'directory.php cat'SQL Injection SFS EZ Pub Site - 'directory.php cat' SQL Injection AJ ARTICLE - 'featured_article.php mode'SQL Injection AJ ARTICLE - 'featured_article.php mode' SQL Injection YourFreeWorld Shopping Cart - 'index.php c'Blind SQL Injection Maran PHP Shop - 'prod.php cat'SQL Injection YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection Maran PHP Shop - 'prod.php cat' SQL Injection PHP Auto Listings - 'moreinfo.php pg'SQL Injection PHP Auto Listings - 'moreinfo.php pg' SQL Injection VLC Media Player < 0.9.6 - '.rt'Stack Buffer Overflow VLC Media Player < 0.9.6 - '.rt' Stack Buffer Overflow Minigal b13 - 'index.php list'Remote File Disclosure Exploit Minigal b13 - 'index.php list' Remote File Disclosure Exploit VCalendar - 'VCalendar.mdb'Remote Database Disclosure VCalendar - 'VCalendar.mdb' Remote Database Disclosure VideoGirls BiZ - 'view_snaps.php type'Blind SQL Injection VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection ParsBlogger - 'blog.asp wr'SQL Injection ParsBlogger - 'blog.asp wr' SQL Injection BaSiC-CMS - 'acm2000.mdb'Remote Database Disclosure BaSiC-CMS - 'acm2000.mdb' Remote Database Disclosure cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp'Stack Overflow cpCommerce 1.2.6 - (URL Rewrite) Input Variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp' Stack Overflow Ocean12 Mailing List Manager Gold - DD / SQL / Cross-Site Scripting Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting Cain & Abel 4.9.23 - '.rdp'Buffer Overflow Exploit Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Exploit User Engine Lite ASP - 'users.mdb'Database Disclosure User Engine Lite ASP - 'users.mdb' Database Disclosure Easy News Content Management - 'News.mdb'Database Disclosure Easy News Content Management - 'News.mdb' Database Disclosure RankEm - 'rankup.asp siteID'SQL Injection RankEm - 'rankup.asp siteID' SQL Injection Cold BBS - 'cforum.mdb'Remote Database Disclosure Cold BBS - 'cforum.mdb' Remote Database Disclosure ASP PORTAL - 'xportal.mdb'Remote Database Disclosure ASP PORTAL - 'xportal.mdb' Remote Database Disclosure Webmaster Marketplace - 'member.php u'SQL Injection Webmaster Marketplace - 'member.php u' SQL Injection CF_Calendar - 'calendarevent.cfm'SQL Injection CF_Calendar - 'calendarevent.cfm' SQL Injection CFMBLOG - 'index.cfm categorynbr'Blind SQL Injection CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection MyCal Personal Events Calendar - 'mycal.mdb'Database Disclosure MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure ASPired2Quote - 'quote.mdb'Remote Database Disclosure ASPired2Quote - 'quote.mdb' Remote Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb'Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb'Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb'Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb'Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb'Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure CFAGCMS 1 - 'right.php title'SQL Injection CFAGCMS 1 - 'right.php title' SQL Injection click&rank - SQL / Cross-Site Scripting click&rank - SQL Injection / Cross-Site Scripting Liberum Help Desk 0.97.3 - SQL / DD Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb'Database Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure MyPHPsite - 'index.php mod'Local File Inclusion MyPHPsite - 'index.php mod' Local File Inclusion MyPBS - 'index.php seasonID'SQL Injection MyPBS - 'index.php seasonID' SQL Injection Extract Website - 'download.php filename'File Disclosure Extract Website - 'download.php filename' File Disclosure CoolPlayer 2.19 - '.Skin'Local Buffer Overflow CoolPlayer 2.19 - '.Skin' Local Buffer Overflow Sepcity Shopping Mall - 'shpdetails.asp ID'SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID'SQL Injection Sepcity Shopping Mall - 'shpdetails.asp ID' SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID' SQL Injection Sepcity Classified - 'classdis.asp ID'SQL Injection Sepcity Classified - 'classdis.asp ID' SQL Injection Ayemsis Emlak Pro - 'acc.mdb'Database Disclosure Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure VUPlayer 2.49 - '.wax'Local Buffer Overflow VUPlayer 2.49 - '.wax' Local Buffer Overflow BlogHelper - 'common_db.inc'Remote Config File Disclosure PollHelper - 'poll.inc'Remote Config File Disclosure BlogHelper - 'common_db.inc' Remote Config File Disclosure PollHelper - 'poll.inc' Remote Config File Disclosure Audacity 1.6.2 - '.aup'Remote Off-by-One Crash Exploit Audacity 1.6.2 - '.aup' Remote Off-by-One Crash Exploit QuoteBook - 'poll.inc'Remote Config File Disclosure QuoteBook - 'poll.inc' Remote Config File Disclosure XOOPS Module tadbook2 - 'open_book.php book_sn'SQL Injection XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection Social Engine - 'browse_classifieds.php s'SQL Injection Social Engine - 'browse_classifieds.php s' SQL Injection Realtor 747 - 'define.php INC_DIR'Remote File Inclusion Realtor 747 - 'define.php INC_DIR' Remote File Inclusion OTSTurntables 1.00.027 - '.ofl'Local Stack Overflow OTSTurntables 1.00.027 - '.ofl' Local Stack Overflow SCMS 1 - 'index.php p'Local File Inclusion SCMS 1 - 'index.php p' Local File Inclusion Graugon Gallery 1.0 - Cross-Site Scripting / SQL / Cookie Bypass Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / Cross-Site Scripting / CM Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / CM pHNews Alpha 1 - 'header.php mod'SQL Injection pHNews Alpha 1 - 'header.php mod' SQL Injection i-dreams GB Server - 'admin.dat'File Disclosure i-dreams GB Server - 'admin.dat' File Disclosure VUplayer 2.49 - '.cue'Local Buffer Overflow VUplayer 2.49 - '.cue' Local Buffer Overflow VUPlayer 2.49 - '.cue'Universal Buffer Overflow VUPlayer 2.49 - '.cue' Universal Buffer Overflow Chasys Media Player 1.1 - '.cue'Stack Overflow Chasys Media Player 1.1 - '.cue' Stack Overflow Chasys Media Player - '.lst Playlist'Local Buffer Overflow Chasys Media Player - '.lst Playlist' Local Buffer Overflow BS.Player 2.34 - '.bsl'Universal SEH Overwrite BS.Player 2.34 - '.bsl' Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml'Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite Abee Chm Maker 1.9.5 - '.CMP'Stack Overflow Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow ActiveKB Knowledgebase - 'loadpanel.php Panel'Local File Inclusion ActiveKB Knowledgebase - 'loadpanel.php Panel' Local File Inclusion ftpdmin 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) ftpdmin 0.96 - Arbitrary File Disclosure Exploit FTPDMIN 0.96 - Arbitrary File Disclosure Exploit Jamroom - 'index.php t'Local File Inclusion Jamroom - 'index.php t' Local File Inclusion W2B phpEmployment - 'conf.inc'File Disclosure W2B phpEmployment - 'conf.inc' File Disclosure phpAdBoard - 'conf.inc'Remote Config File Disclosure phpGreetCards - 'conf.inc'Config File Disclosure phpAdBoard - 'conf.inc' Remote Config File Disclosure phpGreetCards - 'conf.inc' Config File Disclosure phpAdBoardPro - 'config.inc'Config File Disclosure phpDatingClub - 'conf.inc'File Disclosure Job2C - 'conf.inc'Config File Disclosure phpAdBoardPro - 'config.inc' Config File Disclosure phpDatingClub - 'conf.inc' File Disclosure Job2C - 'conf.inc' Config File Disclosure Star Downloader Free 1.45 - '.dat'Universal SEH Overwrite Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite Destiny Media Player 1.61 - '.rdl'Local Buffer Overflow Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow Thickbox Gallery 2 - 'index.php ln'Local File Inclusion Thickbox Gallery 2 - 'index.php ln' Local File Inclusion Symantec Fax Viewer Control 10 - 'DCCFAXVW.DLL'Remote Buffer Overflow Exploit Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit Mercury Audio Player 1.21 - '.b4s'Local Stack Overflow Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow RM Downloader - '.smi'Local Stack Overflow RM Downloader - '.smi' Local Stack Overflow RM Downloader - '.smi'Universal Local Buffer Overflow RM Downloader - '.smi' Universal Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM'Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM'Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF'Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM'Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM' Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM'Local Buffer Overflow Exploit Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Exploit MPLAB IDE 8.30 - '.mcp'Universal Seh Overwrite MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite Pinnacle Studio 12 - '.hfz'Directory Traversal Pinnacle Studio 12 - '.hfz' Directory Traversal COWON America jetCast 2.0.4.1109 - '.mp3'Local Overflow COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow R2 Newsletter Lite/Pro/Stats - 'admin.mdb'Database Disclosure R2 Newsletter Lite/Pro/Stats - 'admin.mdb' Database Disclosure phpDatingClub 3.7 - SQL / Cross-Site Scripting Injection phpDatingClub 3.7 - SQL Injection / Cross-Site Scripting Injection ClearContent - 'image.php url'Remote File Inclusion / Local File Inclusion ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion DJ Calendar - 'DJcalendar.cgi TEMPLATE'File Disclosure DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure Icarus 2.0 - '.ICP'Local Stack Overflow Exploit Icarus 2.0 - '.ICP' Local Stack Overflow Exploit MixSense 1.0.0.1 DJ Studio - '.mp3'Crash Exploit MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit htmldoc 1.8.27.1 - '.html'Universal Stack Overflow htmldoc 1.8.27.1 - '.html' Universal Stack Overflow Acoustica MP3 Audio Mixer 2.471 - '.sgp'Crash Exploit Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash Exploit PHP Paid 4 Mail Script - 'paidbanner.php ID'SQL Injection PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection Microsoft Windows XP - 'win32k.sys'Privilege Escalation Microsoft Windows XP - 'win32k.sys' Privilege Escalation Portel 2008 - 'decide.php patron'Blind SQL Injection Portel 2008 - 'decide.php patron' Blind SQL Injection Microsoft Windows 2003 - '.EOT'BSOD Crash Exploit Microsoft Windows 2003 - '.EOT' BSOD Crash Exploit THOMSON ST585 - 'user.ini'Arbitrary Download THOMSON ST585 - 'user.ini' Arbitrary Download PHP Email Manager - 'remove.php ID'SQL Injection PHP Email Manager - 'remove.php ID' SQL Injection WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service War-FTPD 1.65 - (MKD/CD Requests) Denial of Service EMO Breader Manager - 'video.php movie'SQL Injection EMO Breader Manager - 'video.php movie' SQL Injection Invisible Browsing 5.0.52 - '.ibkey'Local Buffer Overflow Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow HotWeb Rentals - 'details.asp PropId'Blind SQL Injection HotWeb Rentals - 'details.asp PropId' Blind SQL Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend'Command Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection Blender 2.49b - '.blend'Remote Command Execution Blender 2.49b - '.blend' Remote Command Execution Aiocp 1.4.001 - File Inclusion AIOCP 1.4.001 - File Inclusion BibTeX - '.bib'File Handling Memory Corruption BibTeX - '.bib' File Handling Memory Corruption PHP 5.0.0 - domxml_open_file() Local Denial of Service PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service PHP 5.0.0 - simplexml_load_file() Local Denial of Service PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows Audacity 1.2.6 - '.gro'Buffer Overflow Audacity 1.2.6 - '.gro' Buffer Overflow gAlan - '.galan'Universal Buffer Overflow gAlan - '.galan' Universal Buffer Overflow ASPGuest - 'edit.asp ID'Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam'Blind SQL Injection ASPGuest - 'edit.asp ID' Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection dblog - 'dblog.mdb'Remote Database Disclosure dblog - 'dblog.mdb' Remote Database Disclosure PHP 5.0.0 - xmldocfile() Local Denial of Service PHP 5.0.0 - 'xmldocfile()' Local Denial of Service Apollo Player 37.0.0.0 - '.aap'Buffer Overflow Denial of Service Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service OpenOffice - '.slk'Parsing Null Pointer OpenOffice - '.slk' Parsing Null Pointer crownweb - 'page.cfm'SQL Injection crownweb - 'page.cfm' SQL Injection OtsTurntables Free 1.00.047 - '.olf'Universal Buffer Overflow OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg'Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow Orbital Viewer 1.04 - '.orb'Local Universal SEH Overflow Orbital Viewer 1.04 - '.orb' Local Universal SEH Overflow iPhone / iTouch FTPDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service JAD java decompiler 1.5.8g - '.class'Stack Overflow Denial of Service JAD java decompiler 1.5.8g - '.class' Stack Overflow Denial of Service Media Player 6.4.9.1 with K-Lite Codec Pack - Denial of Service/Crash '.avi' Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' Denial of Service/Crash no$gba 2.5c - '.nds'Local crash no$gba 2.5c - '.nds' Local crash Xilisoft Blackberry Ring Tone Maker - '.wma'Local Crash Xilisoft Blackberry Ring Tone Maker - '.wma' Local Crash Dualis 20.4 - '.bin'Local Daniel Of Service Dualis 20.4 - '.bin' Local Daniel Of Service DSEmu 0.4.10 - '.nds'Local Crash Exploit DSEmu 0.4.10 - '.nds' Local Crash Exploit MP3 Wav Editor 3.80 - '.mp3'Local Denial of Service MP3 Wav Editor 3.80 - '.mp3' Local Denial of Service FontForge - .BDF Font File Stack-Based Buffer Overflow FontForge - .BDF Font File Stack Based Buffer Overflow Dolphin 2.0 - '.elf'Local Daniel Of Service Dolphin 2.0 - '.elf' Local Daniel Of Service e-webtech - 'new.asp?id='SQL Injection e-webtech - 'new.asp?id=' SQL Injection SmallFTPD FTP Server 1.0.3 - DELE Command Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service RahnemaCo - page.php PageID Remote File Inclusion RahnemaCo - 'page.php' PageID Remote File Inclusion goffgrafix - Design's SQL Injection goffgrafix - Design's - SQL Injection Spaceacre - SQL / Cross-Site Scripting / HTML Injection Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection ZipExplorer 7.0 - '.zar'Denial of Service ZipExplorer 7.0 - '.zar' Denial of Service ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation iOS - Version-independent shellcode iOS - Version-independent Shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 Shellcode Win32 - SEH omelet shellcode Win32 - SEH omelet Shellcode Win32 - Connectback_ receive_ save and execute shellcode Win32 - Connectback_ receive_ save and execute Shellcode Windows XP - download and exec source shellcode Windows XP - download and exec source Shellcode Win32 XP SP3 - ShellExecuteA shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode Win32 XP SP3 - ShellExecuteA Shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) Shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 Shellcode Win32 - JITed stage-0 shellcode Win32 - JITed stage-0 Shellcode Windows - JITed egg-hunter stage-0 shellcode Windows - JITed egg-hunter stage-0 Shellcode Linux/x86 - nc -lvve/bin/sh -p13377 shellcode Linux/x86 - nc -lvve/bin/sh -p13377 Shellcode Corel VideoStudio Pro X3 - '.mp4'Buffer Overflow Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow Boat Classifieds - 'printdetail.asp?Id'SQL Injection Boat Classifieds - 'printdetail.asp?Id' SQL Injection PHPBB MOD 2.0.19 - Invitation Only (PassCode Bypass) phpBB MOD 2.0.19 - Invitation Only (PassCode Bypass) SnoGrafx - 'cat.php?cat'SQL Injection SnoGrafx - 'cat.php?cat' SQL Injection Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Mediacoder 0.7.5.4710 - ' Universal' SEH Buffer Overflow PlayPad Music Player 1.12 - '.mp3'Denial of Service PlayPad Music Player 1.12 - '.mp3' Denial of Service Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscal'l Emulation Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation xt:Commerce Gambio 2008 - 2010 - ERROR Based SQL Injection 'reviews.php' xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection CuteNews - 'index.php?page'Local File Inclusion CuteNews - 'index.php?page' Local File Inclusion Hanso Converter 1.4.0 - '.ogg'Denial of Service Hanso Converter 1.4.0 - '.ogg' Denial of Service ARM - Bindshell port 0x1337 shellcode ARM - Bind Connect UDP Port 68 shellcode ARM - Loader Port 0x1337 shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode ARM - Bindshell port 0x1337 Shellcode ARM - Bind Connect UDP Port 68 Shellcode ARM - Loader Port 0x1337 Shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode SmallFTPD 1.0.3 - Remote Directory Traversal SmallFTPd 1.0.3 - Remote Directory Traversal HtaEdit 3.2.3.0 - '.hta'Buffer Overflow HtaEdit 3.2.3.0 - '.hta' Buffer Overflow ProFTPD IAC 1.3.x - Remote Root Exploit ProFTPd IAC 1.3.x - Remote Root Exploit VbsEdit 4.7.2.0 - '.vbs'Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda'Denial of Service VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda' Denial of Service Sitefinity CMS - 'ASP.NET'Arbitrary File Upload Sitefinity CMS - 'ASP.NET' Arbitrary File Upload Native Instruments Traktor Pro 1.2.6 - Stack-based Buffer Overflow Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow ProFTPD 1.3.3c - Compromised Source Remote Root Trojan ProFTPd 1.3.3c - Compromised Source Remote Root Trojan Dejcom Market CMS - 'showbrand.aspx'SQL Injection Dejcom Market CMS - 'showbrand.aspx' SQL Injection Aesop GIF Creator 2.1 - '.aep'Buffer Overflow Aesop GIF Creator 2.1 - '.aep' Buffer Overflow Apple iPhone Safari - 'JS .'Remote Crash Apple iPhone Safari - 'JS .' Remote Crash Microsoft Windows Fax Services Cover Page Editor - '.cov'Memory Corruption Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption Win32 - speaking shellcode Win32 - speaking Shellcode ProFTPD mod_sftp - Integer Overflow Denial of Service (PoC) ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC) BWMeter 5.4.0 - '.csv'Denial of Service BWMeter 5.4.0 - '.csv' Denial of Service Magic Music Editor - '.cda'Denial of Service Magic Music Editor - '.cda' Denial of Service wu-ftpd - SITE EXEC/INDEX Format String WU-FTPD - SITE EXEC/INDEX Format String Samba - trans2open Overflow (Solaris SPARC) Samba (Solaris SPARC) - trans2open Overflow FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow Microsoft IIS 4.0 - '.htr'Path Overflow Microsoft IIS 4.0 - '.htr' Path Overflow VariCAD 2010-2.05 EN - '.DWB'Stack Buffer Overflow VariCAD 2010-2.05 EN - '.DWB' Stack Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack-based Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPD 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow PHPBB - viewtopic.php Arbitrary Code Execution phpBB - viewtopic.php Arbitrary Code Execution ProFTPD-1.3.3c - Backdoor Command Execution ProFTPd-1.3.3c - Backdoor Command Execution ABBS Electronic Flash Cards 2.1 - '.fcd'Buffer Overflow ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj'Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow Wordtrainer 3.0 - '.ord'Buffer Overflow Wordtrainer 3.0 - '.ord' Buffer Overflow PlaylistMaker 1.5 - '.txt'Buffer Overflow PlaylistMaker 1.5 - '.txt' Buffer Overflow libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow (PoC) libmodplug 0.8.8.2 - (.abc) Stack Based Buffer Overflow (PoC) MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m'Stack Buffer Overflow MJM Core Player 2011 - '.s3m'Stack Buffer Overflow MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow MJM Core Player 2011 - '.s3m' Stack Buffer Overflow Magix Musik Maker 16 - '.mmm'Stack Buffer Overflow Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow Smallftpd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 FTP Server - Denial of Service FreeAmp 2.0.7 - '.fat'Buffer Overflow FreeAmp 2.0.7 - '.fat' Buffer Overflow VSFTPD 2.3.4 - Backdoor Command Execution vsftpd 2.3.4 - Backdoor Command Execution OS-X - Universal ROP shellcode OS-X - Universal ROP Shellcode Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow Citrix XenApp / XenDesktop - Stack Based Buffer Overflow World Of Warcraft - 'chat-cache.txt'Local Stack Overflow Denial of Service World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service Wav Player 1.1.3.6 - '.pll'Buffer Overflow Wav Player 1.1.3.6 - '.pll' Buffer Overflow Norman Security Suite 8 - 'nprosec.sys'Privilege Escalation Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation Ashampoo Burning Studio Elements 10.0.9 - '.ashprj'Heap Overflow Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow Cytel Studio 9.0 - '.CY3'Stack Buffer Overflow Cytel Studio 9.0 - '.CY3' Stack Buffer Overflow Xion Audio Player 1.0.127 - '.aiff'Denial of Service Xion Audio Player 1.0.127 - '.aiff' Denial of Service SnackAmp 3.1.3 - '.aiff'Denial of Service SnackAmp 3.1.3 - '.aiff' Denial of Service PHP Ticket System Beta 1 - 'index.php p parameter'SQL Injection PHP Ticket System Beta 1 - 'index.php p parameter' SQL Injection Nokia PC Suite Video Manager 7.1.180.64 - '.mp4'Denial of Service Nokia PC Suite Video Manager 7.1.180.64 - '.mp4' Denial of Service Multimedia Builder 4.9.8 - '.mef'Denial of Service Multimedia Builder 4.9.8 - '.mef' Denial of Service Tftpd32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf'FileOpen Crash TFTPD32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf' FileOpen Crash Microsoft Wordpad 5.1 - '.doc'Null Pointer Dereference Microsoft Wordpad 5.1 - '.doc' Null Pointer Dereference Lattice Semiconductor PAC-Designer 6.21 - '.PAC'Exploit Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (1) wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (2) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (1) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (2) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPD 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Washington University wu-ftpd 2.5.0 - message Buffer Overflow Washington University WU-FTPD 2.5.0 - message Buffer Overflow GlFtpd 1.17.2 - Exploit glFTPd 1.17.2 - Exploit Oracle Outside-In - .LWP File Parsing Stack-Based Buffer Overflow Oracle Outside-In - .LWP File Parsing Stack Based Buffer Overflow wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw'Cross-Site Scripting Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw' Cross-Site Scripting Microsoft Windows Media Player 7.0 - '.wms'Arbitrary Script Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit ProFTPD 1.2 - SIZE Remote Denial of Service ProFTPd 1.2 - SIZE Remote Denial of Service Microsoft Windows Media Player 7.0 - '.wmz'Arbitrary Java Applet Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet wu-ftpd 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion Wu-Ftpd 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String Joe Text Editor 2.8 - '.joerc'Arbitrary Command Execution Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal WhitSoft slimserve ftpd 1.0/2.0 - Directory Traversal wu-ftpd 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPD 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion freebsd 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities FreeBSD 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities raidenftpd 2.1 - Directory Traversal RaidenFTPd 2.1 - Directory Traversal AV Arcade Free Edition - 'add_rating.php id parameter'Blind SQL Injection AV Arcade Free Edition - 'add_rating.php id parameter' Blind SQL Injection Solaris 2.6/7/8 - SPARC xlock Heap Overflow Solaris 2.6/7/8 -(SPARC) xlock Heap Overflow glFTPD 1.x - LIST Denial of Service glFTPd 1.x - 'LIST' Denial of Service Wu-Ftpd 2.6 - File Globbing Heap Corruption WU-FTPD 2.6 - File Globbing Heap Corruption Joomla RokModule Component - 'index.php module parameter'Blind SQL Injection Joomla RokModule Component - 'index.php module parameter' Blind SQL Injection PHPWebsite 0.8.2 - PHP File Include phpWebSite 0.8.2 - PHP File Include PHPWebSite 0.8.3 - News Message HTML Injection phpWebSite 0.8.3 - News Message HTML Injection PHPWebSite 0.8.3 - article.php Cross-Site Scripting phpWebSite 0.8.3 - article.php Cross-Site Scripting PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion phpBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion PHPBB 2.0.3 - search.php Cross-Site Scripting phpBB 2.0.3 - search.php Cross-Site Scripting ProFTPD 1.2.x - STAT Command Denial of Service ProFTPd 1.2.x - STAT Command Denial of Service Joomla Tags - 'index.php tag parameter'SQL Injection Joomla Tags - 'index.php tag parameter' SQL Injection Joomla Commedia Plugin - 'index.php task parameter'SQL Injection Joomla Kunena Component - 'index.php search parameter'SQL Injection Joomla Commedia Plugin - 'index.php task parameter' SQL Injection Joomla Kunena Component - 'index.php search parameter' SQL Injection PHPBB 2.0.3 - privmsg.php SQL Injection phpBB 2.0.3 - privmsg.php SQL Injection Joomla Spider Catalog - 'index.php product_id parameter'SQL Injection Joomla Spider Catalog - 'index.php product_id parameter' SQL Injection Battleaxe Software BTTLXE Forum - login.asp SQL Injection Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection SudBox Boutique 1.2 - login.php Authentication Bypass SudBox Boutique 1.2 - 'login.php' Authentication Bypass friendsinwar FAQ Manager - 'view_faq.php question parameter'SQL Injection friendsinwar FAQ Manager - 'view_faq.php question parameter' SQL Injection GuildFTPD 0.999.8 - CWD Command Denial of Service GuildFTPd 0.999.8 - CWD Command Denial of Service ProductCart 1.5/1.6/2.0 - login.asp SQL Injection ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection SmartCMS - 'index.php idx parameter'SQL Injection SmartCMS - 'index.php idx parameter' SQL Injection mcrypt 2.6.8 - stack-based Buffer Overflow (PoC) mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC) wu-ftpd 2.6.2 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 - realpath() Off-by-One Buffer Overflow wu-ftpd 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow freeBSD 4.8 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow SmartCMS - 'index.php menuitem parameter'SQL Injection / Cross-Site Scripting SmartCMS - 'index.php menuitem parameter' SQL Injection / Cross-Site Scripting FreeFTPD - Remote Authentication Bypass Exploit freeFTPd - Remote Authentication Bypass Exploit PHPBB 2.0.6 - URL BBCode HTML Injection phpBB 2.0.6 - URL BBCode HTML Injection wzdftpd 0.1 rc5 - Login Remote Denial of Service ProFTPD 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun WzdFTPD 0.1 rc5 - Login Remote Denial of Service ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun PHPBB 2.0.x - profile.php SQL Injection phpBB 2.0.x - profile.php SQL Injection PHPBB 2.0.6 - privmsg.php Cross-Site Scripting phpBB 2.0.6 - privmsg.php Cross-Site Scripting Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET'Arbitrary File Upload Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload MyBB AwayList Plugin - 'index.php id parameter'SQL Injection MyBB AwayList Plugin - 'index.php id parameter' SQL Injection SmallFTPD 1.0.3 - Remote Denial of Service SmallFTPd 1.0.3 - Remote Denial of Service MyBB - 'editpost.php posthash'SQL Injection Joomla Spider Calendar - 'index.php date parameter'Blind SQL Injection MyBB - 'editpost.php posthash' SQL Injection Joomla Spider Calendar - 'index.php date parameter' Blind SQL Injection Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting PHPBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection phpBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection Inmatrix Ltd. Zoom Player 8.5 - '.jpeg'Exploit Inmatrix Ltd. Zoom Player 8.5 - '.jpeg' Exploit PHPBB 2.0.x - album_portal.php Remote File Inclusion phpBB 2.0.x - album_portal.php Remote File Inclusion PHPBB 2.0.x - viewtopic.php PHP Script Injection phpBB 2.0.x - viewtopic.php PHP Script Injection JShop E-Commerce Suite 3.0 - page.php Cross-Site Scripting JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting NullSoft Winamp 2-5 - '.wsz'Remote Code Execution NullSoft Winamp 2-5 - '.wsz' Remote Code Execution phpWebsite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting Scripts Genie Gallery Personals - 'gallery.php L parameter'SQL Injection Scripts Genie Gallery Personals - 'gallery.php L parameter' SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter'SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter' SQL Injection Scripts Genie Games Site Script - 'index.php id parameter'SQL Injection Scripts Genie Games Site Script - 'index.php id parameter' SQL Injection Photodex ProShow Producer 5.0.3297 - '.pxs'Memory Corruption Exploit Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit Scripts Genie Top Sites - 'out.php id parameter'SQL Injection Scripts Genie Top Sites - 'out.php id parameter' SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter'SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter' SQL Injection W-Agora 4.1.6 - a login.php loginuser Parameter Cross-Site Scripting W-Agora 4.1.6 - a 'login.php' loginuser Parameter Cross-Site Scripting PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack-Based Buffer Overflow Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Based Buffer Overflow PHPBB 2.0.x - admin_cash.php Remote PHP File Include phpBB 2.0.x - admin_cash.php Remote PHP File Include UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter Cross-Site Scripting UBBCentral UBB.threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Newlanguage Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting Rebus:list - 'list.php list_id parameter'SQL Injection Rebus:list - 'list.php list_id parameter' SQL Injection SynConnect Pms - 'index.php loginid parameter'SQL Injection SynConnect Pms - 'index.php loginid parameter' SQL Injection Groovy Media Player 3.2.0 - '.mp3'Buffer Overflow Groovy Media Player 3.2.0 - '.mp3' Buffer Overflow glFTPD 1.x/2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities PHPWebSite 0.x - Image File Processing Arbitrary PHP File Upload phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload PHPBB 2.0.x - Authentication Bypass (1) PHPBB 2.0.x - Authentication Bypass (2) PHPBB 2.0.x - Authentication Bypass (3) phpBB 2.0.x - Authentication Bypass (1) phpBB 2.0.x - Authentication Bypass (2) phpBB 2.0.x - Authentication Bypass (3) PHPCOIN 1.2 - login.php Multiple Parameter Cross-Site Scripting PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow PHPBB 2.0.13 DLMan Pro Module - SQL Injection PHPBB 2.0.13 Linkz Pro Module - SQL Injection phpBB 2.0.13 DLMan Pro Module - SQL Injection phpBB 2.0.13 Linkz Pro Module - SQL Injection PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting phpBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter'SQL Injection Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter' SQL Injection PHPBB Remote - mod.php SQL Injection Datenbank Module For PHPBB - Remote mod.php Cross-Site Scripting phpBB Remote - mod.php SQL Injection Datenbank Module For phpBB - Remote mod.php Cross-Site Scripting PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection RaidenFTPD 2.4 - Unauthorized File Access RaidenFTPd 2.4 - Unauthorized File Access CartWIZ 1.10 - login.asp Redirect Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting CartWIZ 1.10 - login.asp Message Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting PHPBB 2.0.x - profile.php Cross-Site Scripting PHPBB 2.0.x - viewtopic.php Cross-Site Scripting phpBB 2.0.x - profile.php Cross-Site Scripting phpBB 2.0.x - viewtopic.php Cross-Site Scripting Notes Module for PHPBB - SQL Injection Notes Module for phpBB - SQL Injection PHPCOIN 1.2 - login.php PHPcoinsessid Parameter SQL Injection PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection CodetoSell ViArt Shop Enterprise 2.1.6 - page.php page Parameter Cross-Site Scripting CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting PHPBB 2.0.x - URL Tag BBCode.php phpBB 2.0.x - URL Tag BBCode.php Active News Manager - login.asp SQL Injection Active News Manager - 'login.asp' SQL Injection FunkyASP AD Systems 1.1 - login.asp SQL Injection FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow OS4E - login.asp SQL Injection OS4E - 'login.asp' SQL Injection JiRo's Upload System 1.0 - login.asp SQL Injection NEXTWEB - (i)Site login.asp SQL Injection JiRo's Upload System 1.0 - 'login.asp' SQL Injection NEXTWEB - (i)Site 'login.asp' SQL Injection Livingcolor Livingmailing 1.3 - login.asp SQL Injection Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection WWWeb Concepts Events System 1.0 - login.asp SQL Injection WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection Cool Cafe Chat 1.2.1 - login.asp SQL Injection Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection LaGarde StoreFront 5.0 Shopping Cart - login.asp SQL Injection LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection PHPWebsite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal phpWebSite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal Cuppa CMS - 'alertConfigField.php urlConfig parameter'Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php urlConfig parameter' Remote / Local File Inclusion VBZoom 1.0/1.11 - login.php UserID Parameter Cross-Site Scripting VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting PHP Lite Calendar Express 2.2 - login.php cid Parameter SQL Injection PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection ATutor 1.5.1 - login.php course Parameter Cross-Site Scripting ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting Adrenalin Player 2.2.5.3 - '.wax'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow PHPwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access PHPwcms 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access AVS Media Player 4.1.11.100 - '.ac3'Denial of Service AVS Media Player 4.1.11.100 - '.ac3' Denial of Service Adrenalin Player 2.2.5.3 - '.wvx'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow WinAmp 5.63 - Stack-based Buffer Overflow WinAmp 5.63 - Stack Based Buffer Overflow PHPX 3.5.x - Admin login.php SQL Injection PHPX 3.5.x - Admin 'login.php' SQL Injection DRZES Hms 3.2 - login.php Cross-Site Scripting DRZES Hms 3.2 - 'login.php' Cross-Site Scripting PortalApp 3.3/4.0 - login.asp Cross-Site Scripting SiteEnable 3.3 - login.asp Cross-Site Scripting IntranetApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting PortalApp 3.3/4.0 - 'login.asp' Cross-Site Scripting SiteEnable 3.3 - 'login.asp' Cross-Site Scripting IntranetApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting VbsEdit 5.9.3 - '.smi'Buffer Overflow VbsEdit 5.9.3 - '.smi' Buffer Overflow Artweaver 3.1.5 - '.awd'Buffer Overflow Artweaver 3.1.5 - '.awd' Buffer Overflow XnView 2.03 - '.pct'Buffer Overflow XnView 2.03 - '.pct' Buffer Overflow aoblogger 2.3 - login.php username Field SQL Injection aoblogger 2.3 - 'login.php' username Field SQL Injection WebspotBlogging 3.0 - login.php SQL Injection WebspotBlogging 3.0 - 'login.php' SQL Injection miniBloggie 1.0 - login.php SQL Injection miniBloggie 1.0 - 'login.php' SQL Injection ASPThai Forums 8.0 - login.asp SQL Injection ASPThai Forums 8.0 - 'login.asp' SQL Injection Windows RT ARM - Bind Shell (Port 4444) shellcode Windows RT ARM - Bind Shell (Port 4444) Shellcode Virtual Hosting Control System 2.2/2.4 - login.php check_login() Function Authentication Bypass Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass Siteframe Beaumont 5.0.1/5.0.2 - page.php HTML Injection Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection Ginkgo CMS - 'index.php rang parameter'SQL Injection Ginkgo CMS - 'index.php rang parameter' SQL Injection Game-Panel 2.6 - login.php Cross-Site Scripting Game-Panel 2.6 - 'login.php' Cross-Site Scripting QwikiWiki 1.4/1.5 - login.php Multiple Parameter Cross-Site Scripting QwikiWiki 1.4/1.5 - 'login.php' Multiple Parameter Cross-Site Scripting PHPWebsite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection PHPWebsite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection PhxContacts 0.93 - login.php Cross-Site Scripting PhxContacts 0.93 - 'login.php' Cross-Site Scripting MLMAuction Script - 'gallery.php id parameter'SQL Injection MLMAuction Script - 'gallery.php id parameter' SQL Injection RedCMS 0.1 - login.php Multiple Parameter SQL Injection RedCMS 0.1 - 'login.php' Multiple Parameter SQL Injection ShopWeezle 2.0 - login.php itemID Parameter SQL Injection ShopWeezle 2.0 - 'login.php' itemID Parameter SQL Injection ContentBoxx - login.php Cross-Site Scripting ContentBoxx - 'login.php' Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter SQL Injection phpBB Chart Mod 1.1 - charts.php id Parameter SQL Injection PHPBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion JSBoard 2.0.10/2.0.11 - login.php Cross-Site Scripting JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting CyberBuild - login.asp SessionID Parameter SQL Injection CyberBuild - 'login.asp' SessionID Parameter SQL Injection CyberBuild - login.asp SessionID Parameter Cross-Site Scripting CyberBuild - 'login.asp' SessionID Parameter Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting phpBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting PHPBB 2.0.20 - Unauthorized HTTP Proxy phpBB 2.0.20 - Unauthorized HTTP Proxy PHPBB 2.0.x - template.php Remote File Inclusion phpBB 2.0.x - template.php Remote File Inclusion PHPBB - BBRSS.php Remote File Inclusion RahnemaCo - page.php Remote File Inclusion phpBB - BBRSS.php Remote File Inclusion RahnemaCo - 'page.php' Remote File Inclusion BlueDragon Server 6.2.1 - '.cfm'Denial of Service BlueDragon Server 6.2.1 - '.cfm' Denial of Service MyMail 1.0 - login.php Cross-Site Scripting MyMail 1.0 - 'login.php' Cross-Site Scripting Woltlab Burning Board FLVideo Addon - 'video.php value parameter'SQL Injection Woltlab Burning Board FLVideo Addon - 'video.php value parameter' SQL Injection PHPBB 1.2.4 For Mambo - Multiple Remote File Inclusion phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion PHPbb-auction 1.x - auction_room.php ar Parameter SQL Injection PHPbb-auction 1.x - auction_store.php u Parameter SQL Injection phpBB-auction 1.x - auction_room.php ar Parameter SQL Injection phpBB-auction 1.x - auction_store.php u Parameter SQL Injection Linux/x86 - Multi-Egghunter shellcode Linux/x86 - Multi-Egghunter Shellcode Jamroom 3.0.16 - login.php Cross-Site Scripting Jamroom 3.0.16 - 'login.php' Cross-Site Scripting DCP-Portal 6.0 - login.php username Parameter SQL Injection DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection PhpBB XS 0.58 - Multiple Remote File Inclusion phpBB XS 0.58 - Multiple Remote File Inclusion AckerTodo 4.2 - login.php Multiple SQL Injection AckerTodo 4.2 - 'login.php' Multiple SQL Injection PHPWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion PHPBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico'Buffer Overflow phpBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico' Buffer Overflow Evandor Easy notesManager 0.0.1 - login.php username Parameter SQL Injection Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php Multiple Parameter Cross-Site Scripting AIOCP 1.3.x - cp_dpage.php choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - cp_show_ec_products.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_links_search.php orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion AIOCP 1.3.x - cp_dpage.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_edit_user.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_contact_us.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_login.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_users_online.php order_field Parameter SQL Injection AIOCP 1.3.x - cp_codice_fiscale.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_links_search.php orderdir Parameter SQL Injection AIOCP 1.3.x - cp_dpage.php Full Path Disclosure AIOCP 1.3.x - cp_show_ec_products.php Full Path Disclosure AIOCP 1.3.x - cp_show_page_help.php Full Path Disclosure AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting Windows x86 - Persistent Reverse Shell TCP (494 Bytes) AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure INFINICART - login.asp Multiple Parameter Cross-Site Scripting INFINICART - 'login.asp' Multiple Parameter Cross-Site Scripting Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion SIAP CMS - login.asp SQL Injection SIAP CMS - 'login.asp' SQL Injection AppIntellect SpotLight CRM - login.asp SQL Injection AppIntellect SpotLight CRM - 'login.asp' SQL Injection DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection PHPBB 2.0.21 - privmsg.php HTML Injection phpBB 2.0.21 - privmsg.php HTML Injection Indexu 5.0/5.3 - login.php error_msg Parameter Cross-Site Scripting Indexu 5.0/5.3 - 'login.php' error_msg Parameter Cross-Site Scripting myBloggie 2.1.5 - login.php PATH_INFO Parameter Cross-Site Scripting myBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Avira Secure Backup 1.0.0.1 Build 3616 - '.reg'Buffer Overflow Avira Secure Backup 1.0.0.1 Build 3616 - '.reg' Buffer Overflow Boilsoft RM TO MP3 Converter 1.72 - Crash PoC '.wav' Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC Tyger Bug Tracking System 1.1.3 - login.php PATH_INFO Parameter Cross-Site Scripting Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Horde Framework 3.1.3 - login.php Cross-Site Scripting Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting PHPStats 0.1.9 - Multiple SQL Injections PHPStats 0.1.9 - PHP-Stats-options.php Remote Code Execution phpStats 0.1.9 - Multiple SQL Injections phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion Free File Hosting System 1.1 - 'login.php' AD_BODY_TEMP Parameter Remote File Inclusion DeskPro 2.0.1 - login.php HTML Injection DeskPro 2.0.1 - 'login.php' HTML Injection plesk 8.1.1 - login.php3 Directory Traversal plesk 8.1.1 - 'login.php3' Directory Traversal Ahhp Portal - page.php Multiple Remote File Inclusion Ahhp Portal - 'page.php' Multiple Remote File Inclusion Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion PHPPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting Maia Mailguard 1.0.2 - login.php Multiple Local File Inclusion Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusion Nukedit 4.9.x - login.asp Cross-Site Scripting Nukedit 4.9.x - 'login.asp' Cross-Site Scripting Pay Roll Time Sheet and Punch Card Application With Web UI - login.asp SQL Injection Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp'Version Attribute Buffer Overflow RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow PHPGedView 4.1 - login.php Cross-Site Scripting PHPGedView 4.1 - 'login.php' Cross-Site Scripting E-Smart Cart 1.0 - login.asp SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow E-Smart Cart 1.0 - 'login.asp' SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection AfterLogic MailBee WebMail Pro 3.x - login.php mode Parameter Cross-Site Scripting AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting JiRo's Banner System 2.0 - login.asp Multiple SQL Injection JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection WinUAE 1.4.4 - 'zfile.c' Stack-Based Buffer Overflow WinUAE 1.4.4 - 'zfile.c' Stack Based Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color() MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color() Android Web Browser - GIF File Heap-Based Buffer Overflow Android Web Browser - GIF File Heap Based Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP'Project File Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow PHPstats 0.1_alpha - 'PHPstats.php' Cross-Site Scripting phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting Publish-It 3.6d - '.pui'SEH Buffer Overflow Publish-It 3.6d - '.pui' SEH Buffer Overflow LeadTools Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities PHPBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion LeadTools Multimedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion PHPBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion EsContacts 1.0 - login.php msg Parameter Cross-Site Scripting EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting NASA Ames Research Center BigView 1.8 - '.PNM'Stack-Based Buffer Overflow NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter'SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter' SQL Injection VCDGear 3.50 - '.cue'Stack Buffer Overflow VCDGear 3.50 - '.cue' Stack Buffer Overflow FaName 1.0 - page.php name Parameter Cross-Site Scripting FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - login.php Multiple Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - 'login.php' Multiple Parameter Cross-Site Scripting Claroline 1.8.9 - PHPbb/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/reply.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/viewtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting Trixbox - 'endpoint_aastra.php mac parameter'Remote Code Injection Trixbox - 'endpoint_aastra.php mac parameter' Remote Code Injection Free Download Manager - Stack-based Buffer Overflow Free Download Manager - Stack Based Buffer Overflow XRms 1.99.2 - login.php target Parameter Cross-Site Scripting XRms 1.99.2 - 'login.php' target Parameter Cross-Site Scripting Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service Microsoft DebugDiag 1.0 - ' CrashHangExt.dll' ActiveX Control Remote Denial of Service PHPWebSite 0.9.3 - 'links.php' SQL Injection phpWebSite 0.9.3 - 'links.php' SQL Injection Easyedit CMS - page.php intPageID Parameter SQL Injection Easyedit CMS - 'page.php' intPageID Parameter SQL Injection aMSN - '.ctt'Remote Denial of Service aMSN - '.ctt' Remote Denial of Service 68 Classifieds 4.1 - login.php goto Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting ProFTPD 1.3 - 'mod_sql' Username SQL Injection ProFTPd 1.3 - 'mod_sql' Username SQL Injection LinPHA 1.3.2/1.3.3 - login.php Cross-Site Scripting LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting Recover Data for Novell Netware 1.0 - '.sav'Remote Denial of Service Recover Data for Novell Netware 1.0 - '.sav' Remote Denial of Service J. River Media Jukebox 12 - '.mp3'Remote Heap Buffer Overflow J. River Media Jukebox 12 - '.mp3' Remote Heap Buffer Overflow Invision Power Board 3.0.3 - '.txt'MIME-Type Cross-Site Scripting Invision Power Board 3.0.3 - '.txt' MIME-Type Cross-Site Scripting OpenOffice 3.1 - '.csv'Remote Denial of Service OpenOffice 3.1 - '.csv' Remote Denial of Service OpenOffice 3.1 - '.slk'NULL Pointer Dereference Remote Denial of Service OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service BS.Player 2.51 - '.mp3'Buffer Overflow BS.Player 2.51 - '.mp3' Buffer Overflow netKar PRO 1.1 - '.nkuser'File Creation NULL Pointer Denial Of Service netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service Aqua Real Screensaver - '.ar'Buffer Overflow Aqua Real Screensaver - '.ar' Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3'Remote Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow Sonique 2.0 - '.xpl'Remote Stack-Based Buffer Overflow Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow Property Watch - login.php redirect Parameter Cross-Site Scripting Property Watch - 'login.php' redirect Parameter Cross-Site Scripting Xilisoft Video Converter 3.1.8.0720b - '.ogg'Buffer Overflow Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow Mulitple Wordpress Themes - 'admin-ajax.php img parameter'Arbitrary File Download Mulitple Wordpress Themes - 'admin-ajax.php img parameter' Arbitrary File Download Crystal Player 1.98 - '.mls'Buffer Overflow Crystal Player 1.98 - '.mls' Buffer Overflow Wordpress Acento Theme - 'view-pdf.php file parameter'Arbitrary File Download Wordpress Acento Theme - 'view-pdf.php file parameter' Arbitrary File Download GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution DragDropCart - login.php redirect Parameter Cross-Site Scripting DragDropCart - 'login.php' redirect Parameter Cross-Site Scripting Microsoft Bluetooth Personal Area Networking - 'BthPan.sys'Privilege Escalation Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation WordPress RB Agency Plugin 2.4.7 - Local File Disclosure Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'Buffer Overflow/Denial of Service EIP Overwrite Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite Wireshark 1.4.3 - '.pcap'Memory Corruption Wireshark 1.4.3 - '.pcap' Memory Corruption Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'SEH Buffer Overflow Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf'Remote Buffer Overflow DivX Player 6.x - '.dps'Remote Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow DivX Player 6.x - '.dps' Remote Buffer Overflow VLC Media Player 1.0.5 - '.ape'Denial of Service VLC Media Player 1.0.5 - '.ape' Denial of Service RealPlayer 11 - '.rmp'Remote Buffer Overflow RealPlayer 11 - '.rmp' Remote Buffer Overflow Advantech AdamView 4.30.003 - '.gni'SEH Buffer Overflow Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f'Remote Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow eXPert PDF 7.0.880.0 - '.pj'Heab-based Buffer Overflow eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack Based Buffer Overflow PHPWebSite 1.7.1 - 'upload.php' Arbitrary File Upload phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution PHPWebSite 1.7.1 - 'mod.php' SQL Injection phpWebSite 1.7.1 - 'mod.php' SQL Injection Linux/x86 - custom execve-shellcode Encoder/Decoder Linux/x86 - custom execve-Shellcode Encoder/Decoder ProFTPd 1.3.5 (mod_copy) - Remote Command Execution ProFTPd 1.3.5 - (mod_copy) Remote Command Execution ProFTPD 1.3.5 - Mod_Copy Command Execution ProFTPd 1.3.5 - 'Mod_Copy' Command Execution Linux/x86 - Download & Execute shellcode Linux/x86 - Download & Execute Shellcode Adobe Flash - Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File Valhala Honeypot 1.8 - Stack-Based Buffer Overflow Valhala Honeypot 1.8 - Stack Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass WebKit Cross-Site Scripting Filter - ' Cross-Site ScriptingAuditor.cpp' Security Bypass Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow Mpxplay Multimedia Commander 2.00a - .m3u Stack Based Buffer Overflow Linux/x86-64 - /bin/sh shellcode Linux/x86-64 - /bin/sh Shellcode Last PassBroker 3.2.16 - Stack-Based Buffer Overflow Last PassBroker 3.2.16 - Stack Based Buffer Overflow C2 WebResource - 'File' Parameter Cross-Site Scripting C2 WebResource - ' File' Parameter Cross-Site Scripting SmallFTPD - Unspecified Denial of Service SmallFTPd - Unspecified Denial of Service VLC 2.2.1 libvlccore - '.mp3'Stack Overflow VLC 2.2.1 libvlccore - '.mp3' Stack Overflow FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read FBZX 2.10 - Local Stack-Based Buffer Overflow FBZX 2.10 - Local Stack Based Buffer Overflow TACK 1.07 - Local Stack-Based Buffer Overflow TACK 1.07 - Local Stack Based Buffer Overflow Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp Multiple Field SQL Injection Authentication Bypass Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass Wireshark - iseries_parse_packet Heap-Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow Wireshark - iseries_parse_packet Heap Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow Wireshark - find_signature Stack-Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow Wireshark - getRate Stack-Based Out-of-Bounds Read Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow Wireshark - find_signature Stack Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow Wireshark - getRate Stack Based Out-of-Bounds Read Adobe Flash TextField.variable Setter - Use-After-Free Adobe Flash TextField.Variable Setter - Use-After-Free Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read eshtery CMS - 'FileManager.aspx' Local File Disclosure eshtery CMS - ' FileManager.aspx' Local File Disclosure pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read pdfium CPDF_Function::Call - Stack-Based Buffer Overflow pdfium CPDF_Function::Call - Stack Based Buffer Overflow MySQL 5.5.45 (64bit) - Local Credentials Disclosure pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read Tftpd32 and Tftpd64 - Denial Of Service TFTPD32 and Tftpd64 - Denial Of Service glibc - getaddrinfo Stack-Based Buffer Overflow glibc - getaddrinfo Stack Based Buffer Overflow Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow libxml2 - xmlDictAddString Heap-Based Buffer Overread libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread libxml2 - htmlCurrentChar Heap-Based Buffer Overread Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow libxml2 - xmlDictAddString Heap Based Buffer Overread libxml2 - xmlParseEndTag2 Heap Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap Based Buffer Overread libxml2 - htmlCurrentChar Heap Based Buffer Overread Kamailio 4.3.4 - Heap-Based Buffer Overflow Kamailio 4.3.4 - Heap Based Buffer Overflow Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow Wireshark - dissect_2008_16_security_4 Stack Based Buffer Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow NRSS Reader 0.3.9 - Local Stack-Based Overflow NRSS Reader 0.3.9 - Local Stack Based Overflow Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap-Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads Graphite2 - GlyphCache::GlyphCache Heap Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Based Memory Corruption Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) PHP 5.0.0 - imap_mail() Local Denial of Service PHP 5.0.0 - 'imap_mail()' Local Denial of Service PHP 5.0.0 - html_doc_file() Local Denial of Service PHP 5.0.0 - 'html_doc_file()' Local Denial of Service	2016-09-06 05:08:08 +00:00
Offensive Security	5e2fc10125	DB: 2016-09-03	2016-09-03 13:13:25 +00:00
Offensive Security	31a21bb68d	DB: 2016-09-03 ... 14 new exploits Too many to list!	2016-09-03 05:08:42 +00:00
Offensive Security	f96ddba143	DB: 2016-09-02 ... 2 new exploits SAPID Blog beta 2 - (root_path) Remote File Inclusion SAPID Gallery 1.0 - (root_path) Remote File Inclusion SAPID Shop 1.2 - (root_path) Remote File Inclusion SAPID Blog beta 2 - (root_path) Remote File Inclusion SAPID Gallery 1.0 - (root_path) Remote File Inclusion SAPID Shop 1.2 - (root_path) Remote File Inclusion PHPCodeCabinet 0.5 - (Core.php) Remote File Inclusion phNNTP 1.3 - (article-raw.php) Remote File Inclusion Cwfm 0.9.1 - (Language) Remote File Inclusion PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow PoC Cwfm 0.9.1 - (Language) Remote File Inclusion PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow PoC PgMarket 2.2.3 - (CFG[libdir]) Remote File Inclusion PHPMyRing 4.2.0 - (view_com.php) SQL Injection SAPID CMS 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit phpwcms 1.1-RC4 - (spaw) Remote File Inclusion Spaminator 1.7 - (page) Remote File Inclusion Thatware 0.4.6 - (root_path) Remote File Inclusion Spaminator 1.7 - (page) Remote File Inclusion Thatware 0.4.6 - (root_path) Remote File Inclusion phpPrintAnalyzer 1.2 - Remote File Inclusion Wheatblog 1.1 - (session.php) Remote File Inclusion phPay 2.02 - (nu_mail.inc.php) Remote mail() Injection Exploit WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload FortiClient SSLVPN 5.4 - Credentials Disclosure	2016-09-02 05:08:35 +00:00
Offensive Security	3a2154afbd	DB: 2016-09-01 ... 15 new exploits WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload PHP 5.0.0 - snmpwalkoid() Local Denial of Service PHP 5.0.0 - fbird_[p]connect() Local Denial of Service PHP 5.0.0 - snmpwalk() Local Denial of Service PHP 5.0.0 - snmprealwalk() Local Denial of Service PHP 5.0.0 - snmpset() Local Denial of Service PHP 7.0 - AppendIterator::append Local Denial of Service ZKTeco ZKTime.Net 3.0.1.6 - Insecure File Permissions Privilege Escalation ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery ZKTeco ZKBioSecurity 3.0 - Directory Traversal ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service	2016-09-01 05:08:40 +00:00
Offensive Security	1f0c845486	DB: 2016-08-31 ... 3 new exploits Too many to list!	2016-08-31 05:07:37 +00:00
Offensive Security	760d823bc8	DB: 2016-08-30 ... 18 new exploits Too many to list!	2016-08-30 05:08:40 +00:00
Offensive Security	4011b4f053	DB: 2016-08-27	2016-08-27 05:08:40 +00:00
Offensive Security	4c43b1da2b	DB: 2016-08-25	2016-08-25 05:07:18 +00:00
Offensive Security	32bd251480	DB: 2016-08-20 ... 17 new exploits Too many to list!	2016-08-20 05:06:28 +00:00
Offensive Security	5be2377b41	DB: 2016-08-18 ... 4 new exploits Apache 2.0.44 (Linux) - Remote Denial of Service Exploit Apache 2.0.44 (Linux) - Remote Denial of Service Chindi Server 1.0 - Denial of Service Exploit Chindi Server 1.0 - Denial of Service Xeneo Web Server 2.2.9.0 - Denial of Service Exploit Xeneo Web Server 2.2.9.0 - Denial of Service Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service Exploit Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service Cisco IOS - IPv4 Packets Denial of Service Exploit Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit Microsoft Windows 2000 - RPC DCOM Interface DoS Exploit Cisco IOS - (using hping) Remote Denial of Service Exploit Cisco IOS - IPv4 Packets Denial of Service Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Microsoft Windows 2000 - RPC DCOM Interface Denial of Service Cisco IOS - (using hping) Remote Denial of Service Linux Kernel 2.4.20 - decode_fh Denial of Service Exploit Linux Kernel 2.4.20 - decode_fh Denial of Service Trillian 0.74 - Remote Denial of Service Exploit Trillian 0.74 - Remote Denial of Service Piolet Client 1.05 - Remote Denial of Service Exploit Piolet Client 1.05 - Remote Denial of Service Microsoft Windows Messenger Service - Denial of Service Exploit (MS03-043) Microsoft Windows Messenger Service - Denial of Service (MS03-043) wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Eznet 3.5.0 - Remote Stack Overflow / Denial of Service Exploit Eznet 3.5.0 - Remote Stack Overflow / Denial of Service Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote DoS Exploit Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service Microsoft Windows IIS - SSL Remote Denial of Service Exploit (MS04-011) Microsoft Windows IIS - SSL Remote Denial of Service (MS04-011) Microsoft Windows - 'Jolt2.c' Denial of Service Exploit Microsoft Windows - 'Jolt2.c' Denial of Service ProFTPD 1.2.0pre10 - Remote Denial of Service Exploit ProFTPD 1.2.0pre10 - Remote Denial of Service APC UPS 3.7.2 - (apcupsd) Local Denial of Service Exploit APC UPS 3.7.2 - (apcupsd) Local Denial of Service Novell BorderManager Enterprise Edition 3.5 - Denial of Service Exploit Novell BorderManager Enterprise Edition 3.5 - Denial of Service Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service Exploit Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service Emule 0.42e Remote Denial of Service Exploit Emule 0.42e Remote Denial of Service Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local Denial of Service Ping of Death Remote Denial of Service Exploit Ping of Death Remote Denial of Service Microsoft Windows NT Crash with an Extra Long Username DoS Exploit Microsoft Windows NT Crash with an Extra Long Username Denial of Service TCP SYN - 'bang.c' Denial of Service Exploit UDP Stress Tester Denial of Service Exploit TCP SYN - 'bang.c' Denial of Service UDP Stress Tester Denial of Service OverByte ICS FTP Server Remote Denial of Service Exploit OverByte ICS FTP Server Remote Denial of Service Xitami Web Server Denial of Service Exploit Xitami Web Server Denial of Service Microsoft Internet Explorer - Denial of Service Exploit (11 bytes) Microsoft Windows SMS 2.0 - Denial of Service Exploit Microsoft Internet Explorer - Denial of Service (11 bytes) Microsoft Windows SMS 2.0 - Denial of Service Citadel/UX Remote Denial of Service Exploit (PoC) Citadel/UX Remote Denial of Service (PoC) psyBNC 2.3 - Denial of Service Exploit psyBNC 2.3 - Denial of Service Microsoft Messenger - Denial of Service Exploit (MS03-043) (Linux) Microsoft Messenger - Denial of Service (MS03-043) (Linux) BadBlue 2.52 Web Server - Multiple Connections Denial of Service Exploit BadBlue 2.52 Web Server - Multiple Connections Denial of Service Painkiller 1.3.1 - Denial of Service Exploit Easy File Sharing Webserver 1.25 - Denial of Service Exploit Painkiller 1.3.1 - Denial of Service Easy File Sharing Webserver 1.25 - Denial of Service WFTPD Pro Server 3.21 MLST Remote Denial of Service Exploit CesarFTP Server Long Command Denial of Service Exploit Ground Control 1.0.0.7 - (Server/Client) Denial of Service Exploit WFTPD Pro Server 3.21 MLST Remote Denial of Service CesarFTP Server Long Command Denial of Service Ground Control 1.0.0.7 - (Server/Client) Denial of Service Call of Duty 1.4 - Denial of Service Exploit Call of Duty 1.4 - Denial of Service Serv-U < 5.2 - Remote Denial of Service Exploit Serv-U < 5.2 - Remote Denial of Service Pigeon Server 3.02.0143 - Denial of Service Exploit Pigeon Server 3.02.0143 - Denial of Service Emulive Server4 7560 - Remote Denial of Service Exploit Emulive Server4 7560 - Remote Denial of Service PopMessenger 1.60 - Remote Denial of Service Exploit PopMessenger 1.60 - Remote Denial of Service MyServer 0.7.1 - (POST) Denial of Service Exploit MyServer 0.7.1 - (POST) Denial of Service MSSQL 7.0 - Remote Denial of Service Exploit MSSQL 7.0 - Remote Denial of Service Microsoft Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036) Microsoft Windows NNTP Service (XPAT) Denial of Service (MS04-036) Microsoft Windows IIS - WebDAV XML Denial of Service Exploit (MS04-030) Microsoft Windows IIS - WebDAV XML Denial of Service (MS04-030) BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service Exploit BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service BaSoMail - Multiple Buffer Overflow Denial of Service Exploit BaSoMail - Multiple Buffer Overflow Denial of Service Master of Orion III 1.2.5 - Denial of Service Exploit Master of Orion III 1.2.5 - Denial of Service Alpha Black Zero 1.04 - Remote Denial of Service Exploit Alpha Black Zero 1.04 - Remote Denial of Service Flash Messaging 5.2.0g - Remote Denial of Service Exploit Flash Messaging 5.2.0g - Remote Denial of Service WinFTP Server 1.6 - Denial of Service Exploit Kerio Personal Firewall 4.1.1 - Multiple IP Options DoS Exploit WinFTP Server 1.6 - Denial of Service Kerio Personal Firewall 4.1.1 - Multiple IP Options Denial of Service NetNote Server 2.2 build 230 - Crafted String DoS Exploit NetNote Server 2.2 build 230 - Crafted String Denial of Service Secure Network Messenger 1.4.2 - Denial of Service Exploit Secure Network Messenger 1.4.2 - Denial of Service Soldier of Fortune II 1.3 Server/Client - Denial of Service Exploit Soldier of Fortune II 1.3 Server/Client - Denial of Service Star Wars Battlefront 1.1 - Fake Players Denial of Service Exploit Star Wars Battlefront 1.1 - Fake Players Denial of Service 3Dmax 6.x backburner Manager 2.2 - Denial of Service Exploit 3Dmax 6.x backburner Manager 2.2 - Denial of Service Jana Server 2.4.4 - (http/pna) Denial of Service Exploit Jana Server 2.4.4 - (http/pna) Denial of Service Neverwinter Nights special Fake Players Denial of Service Exploit Kreed 1.05 - Format String / Denial of Service Exploit Neverwinter Nights special Fake Players Denial of Service Kreed 1.05 - Format String / Denial of Service Codename Eagle 1.42 - Socket Unreacheable DoS Exploit Codename Eagle 1.42 - Socket Unreacheable Denial of Service Linux Kernel 2.4.28 / 2.6.9 - scm_send Local DoS Exploit Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit Linux Kernel 2.4.28 / 2.6.9 - scm_send Local Denial of Service Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service Exploit Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service SOLDNER Secret Wars 30830 - Denial of Service Exploit SOLDNER Secret Wars 30830 - Denial of Service iWebNegar 1.1 - Configuration Nullification Denial of Service Exploit iWebNegar 1.1 - Configuration Nullification Denial of Service Gore 1.50 - Socket Unreacheable Denial of Service Exploit Gore 1.50 - Socket Unreacheable Denial of Service TinyWeb 1.9 - Denial of Service Exploit TinyWeb 1.9 - Denial of Service ngIRCd 0.8.1 - Remote Denial of Service Exploit (2) ngIRCd 0.8.1 - Remote Denial of Service (2) Foxmail 2.0 - (MAIL FROM:) Denial of Service Exploit Foxmail 2.0 - (MAIL FROM:) Denial of Service Mac OS X AppleFileServer Remote Denial of Service Exploit Mac OS X AppleFileServer Remote Denial of Service webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service Exploit webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service wu-ftpd 2.6.2 - File Globbing Denial of Service Exploit Knet 1.04c - Buffer Overflow Denial of Service Exploit wu-ftpd 2.6.2 - File Globbing Denial of Service Knet 1.04c - Buffer Overflow Denial of Service Scrapland 1.0 - Server Termination Denial of Service Exploit Scrapland 1.0 - Server Termination Denial of Service Apache 2.0.52 - HTTP GET request Denial of Service Exploit Apache 2.0.52 - HTTP GET request Denial of Service Microsoft Windows 2003/XP - Remote Denial of Service Exploit Microsoft Windows 2003/XP - Remote Denial of Service OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service Exploit OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service Freeciv Server 2.0.0beta8 - Denial of Service Exploit Freeciv Server 2.0.0beta8 - Denial of Service PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Exploit MailEnable 1.8 - Remote Format String Denial of Service Exploit phpDEV5 - System-Call Local Denial of Service Exploit PlatinumFTP 1.0.18 - Multiple Remote Denial of Service MailEnable 1.8 - Remote Format String Denial of Service phpDEV5 - System-Call Local Denial of Service MCPWS Personal WebServer 1.3.21 - Denial of Service Exploit MCPWS Personal WebServer 1.3.21 - Denial of Service Ocean FTP Server 1.00 - Denial of Service Exploit Ocean FTP Server 1.00 - Denial of Service SPECTral Personal SMTP Server 0.4.2 - Denial of Service Exploit SPECTral Personal SMTP Server 0.4.2 - Denial of Service Linux Kernel 2.6.10 - Local Denial of Service Exploit Linux Kernel 2.6.10 - Local Denial of Service ArGoSoft FTP Server 1.4.2.8 - Denial of Service Exploit ArGoSoft FTP Server 1.4.2.8 - Denial of Service Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service Exploit Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service MailEnable Enterprise 1.x - SMTP Remote Denial of Service Exploit MailEnable Enterprise 1.x - SMTP Remote Denial of Service Yager 5.24 - Multiple Denial of Service Exploit Microsoft Windows - Malformed IP Options DoS Exploit (MS05-019) Yager 5.24 - Multiple Denial of Service Microsoft Windows - Malformed IP Options Denial of Service (MS05-019) PostgreSQL 8.01 - Remote Reboot Denial of Service Exploit PostgreSQL 8.01 - Remote Reboot Denial of Service Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service Exploit Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service Exploit Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service Exploit Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop DoS Exploit Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop Denial of Service Ashley's Web Server Denial of Service Exploit Ashley's Web Server Denial of Service DataTrac Activity Console Denial of Service Exploit Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service Exploit DataTrac Activity Console Denial of Service Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service Remote File Manager 1.0 - Denial of Service Exploit Remote File Manager 1.0 - Denial of Service Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Exploit Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Exploit Microsoft Windows 2003/XP - IPv6 Remote Denial of Service TCP TIMESTAMPS Denial of Service Exploit TCP TIMESTAMPS Denial of Service FutureSoft TFTP Server 2000 - Remote Denial of Service Exploit FutureSoft TFTP Server 2000 - Remote Denial of Service Tcpdump bgp_update_print Remote Denial of Service Exploit Tcpdump bgp_update_print Remote Denial of Service TCP-IP Datalook 1.3 - Local Denial of Service Exploit TCP-IP Datalook 1.3 - Local Denial of Service UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection Exploit UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection Exploit TCP Chat (TCPX) 1.0 - Denial of Service Exploit TCP Chat (TCPX) 1.0 - Denial of Service PrivaShare 1.3 - Denial of Service Exploit AnalogX SimpleServer:WWW 1.05 - Denial of Service Exploit PrivaShare 1.3 - Denial of Service AnalogX SimpleServer:WWW 1.05 - Denial of Service Remote File Explorer 1.0 - Denial of Service Exploit wMailServer 1.0 - Remote Denial of Service Exploit Remote File Explorer 1.0 - Denial of Service wMailServer 1.0 - Remote Denial of Service Microsoft Windows Netman Service Local Denial of Service Exploit NetPanzer 0.8 - Remote Denial of Service Exploit Microsoft Windows Netman Service Local Denial of Service NetPanzer 0.8 - Remote Denial of Service Remote Control Server 1.6.2 - Denial of Service Exploit Remote Control Server 1.6.2 - Denial of Service DzSoft PHP Editor 3.1.2.8 - Denial of Service Exploit DzSoft PHP Editor 3.1.2.8 - Denial of Service Intruder Client 1.00 - Remote Command Execution & DoS Exploit Intruder Client 1.00 - Remote Command Execution & Denial of Service FTPshell Server 3.38 - Remote Denial of Service Exploit FTPshell Server 3.38 - Remote Denial of Service BusinessMail Server 4.60.00 - Remote Denial of Service Exploit BusinessMail Server 4.60.00 - Remote Denial of Service Quick 'n EasY 3.0 FTP Server Remote Denial of Service Exploit Quick 'n EasY 3.0 FTP Server Remote Denial of Service Acunetix HTTP Sniffer - Denial of Service Exploit Acunetix HTTP Sniffer - Denial of Service Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel DoS Exploit Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel Denial of Service Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Chris Moneymakers World Poker Championship 1.0 DoS Exploit GTChat 0.95 Alpha - Remote Denial of Service Exploit Chris Moneymakers World Poker Championship 1.0 Denial of Service GTChat 0.95 Alpha - Remote Denial of Service GoodTech SMTP Server 5.14 - Denial of Service Exploit IA eMailServer Corporate Edition 5.2.2 - DoS Exploit GoodTech SMTP Server 5.14 - Denial of Service IA eMailServer Corporate Edition 5.2.2 - Denial of Service GTChat 0.95 Alpha - (adduser) Remote Denial of Service Exploit Ventrilo 2.3.0 - Remote Denial of Service Exploit (all platforms) GTChat 0.95 Alpha - (adduser) Remote Denial of Service Ventrilo 2.3.0 - Remote Denial of Service (all platforms) Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/DoS Exploit Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service P2P Pro 1.0 - (command) Denial of Service Exploit P2P Pro 1.0 - (command) Denial of Service CUPS Server 1.1 - (Get Request) Denial of Service Exploit CUPS Server 1.1 - (Get Request) Denial of Service BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service Exploit BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service COOL! Remote Control 1.12 - Remote Denial of Service Exploit Snort 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit COOL! Remote Control 1.12 - Remote Denial of Service Snort 2.4.0 SACK TCP Option Error Handling Denial of Service Stoney FTPd Denial of Service Exploit (rxBot mods ftpd) Stoney FTPd Denial of Service (rxBot mods ftpd) Fastream NETFile Web Server 7.1.2 - (HEAD) DoS Exploit Fastream NETFile Web Server 7.1.2 - (HEAD) Denial of Service MCCS (Multi-Computer Control Systems) Command DoS Exploit MCCS (Multi-Computer Control Systems) Command Denial of Service Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service Exploit Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service Virtools Web Player 3.0.0.100 - Buffer Overflow DoS Exploit Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service RBExplorer 1.0 - (Hijacking Command) Denial of Service Exploit RBExplorer 1.0 - (Hijacking Command) Denial of Service Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) Denial of Service Exploit Opera 8.02 - Remote Denial of Service Exploit (1) Opera 8.02 - Remote Denial of Service Exploit (2) Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) Denial of Service Opera 8.02 - Remote Denial of Service (1) Opera 8.02 - Remote Denial of Service (2) Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) Denial of Service Exploit Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) Denial of Service Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) Microsoft Windows Plug-and-Play (Umpnpmgr.dll) Denial of Service (MS05-047) Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2) Microsoft Windows Plug-and-Play (Umpnpmgr.dll) Denial of Service (MS05-047) (2) Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service Exploit Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service Battle Carry .005 Socket Termination Denial of Service Exploit Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit FlatFrag 0.3 - Buffer Overflow / Denial of Service Exploit Battle Carry .005 Socket Termination Denial of Service Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service FlatFrag 0.3 - Buffer Overflow / Denial of Service Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak DoS Exploit Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service Exploit Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit FreeFTPD 1.0.10 - (PORT Command) Denial of Service Exploit Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service FreeFTPD 1.0.10 - (PORT Command) Denial of Service Microsoft Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053) Xaraya 1.0.0 RC4 - create() Denial of Service Exploit Microsoft Windows Metafile - (mtNoObjects) Denial of Service Exploit (MS05-053) Microsoft Windows Metafile (gdi32.dll) Denial of Service (MS05-053) Xaraya 1.0.0 RC4 - create() Denial of Service Microsoft Windows Metafile - (mtNoObjects) Denial of Service (MS05-053) SugarSuite Open Source 4.0beta Remote Code Execution Exploit SugarSuite Open Source 4.0beta - Remote Code Execution Exploit Macromedia Flash Media Server 2 - Remote Denial of Service Exploit Macromedia Flash Media Server 2 - Remote Denial of Service Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl) Microsoft Windows IIS - Malformed HTTP Request Denial of Service Microsoft Windows IIS - Malformed HTTP Request Denial of Service (Perl) BZFlag 2.0.4 - (undelimited string) Denial of Service Exploit BZFlag 2.0.4 - (undelimited string) Denial of Service Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service Exploit Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp) Microsoft Windows IIS - Malformed HTTP Request Denial of Service (cpp) BlueCoat WinProxy 6.0 R1c (GET Request) Denial of Service Exploit BlueCoat WinProxy 6.0 R1c (GET Request) Denial of Service Cisco IP Phone 7940 - (Reboot) Denial of Service Exploit Cisco IP Phone 7940 - (Reboot) Denial of Service Cerberus FTP Server 2.32 - Denial of Service Exploit Cerberus FTP Server 2.32 - Denial of Service Arescom NetDSL-1000 - (telnetd) Remote Denial of Service Exploit Arescom NetDSL-1000 - (telnetd) Remote Denial of Service Sony/Ericsson Bluetooth (Reset Display) Denial of Service Exploit Sony/Ericsson Bluetooth (Reset Display) Denial of Service Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service Exploit Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service Invision Power Board 2.1.4 - (Register Users) Denial of Service Exploit Invision Power Board 2.1.4 - (Register Users) Denial of Service D-Link Wireless Access Point (Fragmented UDP) DoS Exploit D-Link Wireless Access Point (Fragmented UDP) Denial of Service PunBB 2.0.10 - (Register Multiple Users) Denial of Service Exploit PunBB 2.0.10 - (Register Multiple Users) Denial of Service Lansuite 2.1.0 Beta (fid) SQL Injection Exploit Lansuite 2.1.0 Beta - (fid) SQL Injection Exploit FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service LieroX 0.62b Remote Server/Client Denial of Service Exploit LieroX 0.62b Remote Server/Client Denial of Service Guppy 4.5.11 - (Delete Databases) Remote Denial of Service Exploit Guppy 4.5.11 - (Delete Databases) Remote Denial of Service Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service Exploit Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007) Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007) (2) Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2) Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service Exploit csDoom 0.7 - Multiple Vulnerabilities/Denial of Service Exploit Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service csDoom 0.7 - Multiple Vulnerabilities/Denial of Service Plogger Beta 2.1 Administrative Credentials Disclosure Exploit Plogger Beta 2.1 - Administrative Credentials Disclosure Exploit Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service Exploit Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service Neon Responder 5.4 - (Clock Synchronization) Denial of Service Exploit Neon Responder 5.4 - (Clock Synchronization) Denial of Service Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure / Denial of Service OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit OCE 3121/3122 Printer (parser.exe) Denial of Service phpMyAgenda 3.0 Final - (rootagenda) Remote Include phpMyAgenda 3.0 Final - (rootagenda) Remote File Inclusion Empire 4.3.2 - (strncat) Denial of Service Exploit Genecys 0.2 - (BoF/NULL pointer) Denial of Service Exploit Empire 4.3.2 - (strncat) Denial of Service Genecys 0.2 - (BoF/NULL pointer) Denial of Service GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service Exploit phpBazar 2.1.0 - Remote File Include / Auth Bypass Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service phpBazar 2.1.0 - Remote File Inclusion / Auth Bypass portmap 5 beta (Set/Dump) Local Denial of Service Exploit portmap 5 beta - (Set/Dump) Local Denial of Service Back-End CMS 0.7.2.2 - (BE_config.php) Remote Include Back-End CMS 0.7.2.2 - (BE_config.php) Remote File Inclusion tinyBB 0.3 - Remote File Include / SQL Injection tinyBB 0.3 -Remote File Inclusion / SQL Injection F@cile Interactive Web 0.8x - Remote File Include / XSS F@cile Interactive Web 0.8x - Remote File Inclusion / XSS PHP-Nuke 7.9 Final (phpbb_root_path) Remote File Inclusions PHP-Nuke 7.9 Final - (phpbb_root_path) Remote File Inclusions LifeType 1.0.4 - Multiple Vulnerabilities LifeType 1.0.4 - SQL Injection Back-End CMS 0.7.2.1 - (jpcache.php) Remote Include Back-End CMS 0.7.2.1 - (jpcache.php) Remote File Inclusion Opera Web Browser 9.00 - (iframe) Remote Denial of Service Exploit Opera Web Browser 9.00 - (iframe) Remote Denial of Service ImgSvr 0.6.5 - (long http post) Denial of Service Exploit ImgSvr 0.6.5 - (long http post) Denial of Service SimpleBoard Mambo Component 1.1.0 - Remote Include com_forum Mambo Component 1.2.4RC3 - Remote Include SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion com_videodb Mambo Component 0.3en Remote Include com_videodb Mambo Component 0.3en Remote File Inclusion HTMLArea3 Mambo Module 1.5 - Remote Include Sitemap Mambo Component 2.0.0 - Remote Include pollxt Mambo Component 1.22.07 - Remote Include HTMLArea3 Mambo Module 1.5 - Remote File Inclusion Sitemap Mambo Component 2.0.0 - Remote File Inclusion pollxt Mambo Component 1.22.07 - Remote File Inclusion D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC) D-Link Router UPNP Stack Overflow Denial of Service (PoC) MoSpray Mambo Component 18RC1 - Remote Include ArticlesOne 07232006 - (page) Remote Include Mam-Moodle Mambo Component alpha Remote Inclusion MoSpray Mambo Component 18RC1 - Remote File Inclusion ArticlesOne 07232006 - (page) Remote File Inclusion Mam-Moodle Mambo Component alpha - Remote Inclusion Mambo User Home Pages Component 0.5 - Remote Include Mambo User Home Pages Component 0.5 - Remote File Inclusion Joomla LMO Component 1.0b2 - Remote Include Joomla LMO Component 1.0b2 - Remote File Inclusion SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote Include XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (PHP) Joomla JD-Wiki Component 1.0.2 - Remote Include SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote File Inclusion XChat 2.6.7 - (Windows) Remote Denial of Service (PHP) Joomla JD-Wiki Component 1.0.2 - Remote File Inclusion phpCC 4.2 beta (base_dir) Remote File Inclusion phpCC 4.2 beta - (base_dir) Remote File Inclusion Visual Events Calendar 1.1 - (cfg_dir) Remote Include Visual Events Calendar 1.1 - (cfg_dir) Remote File Inclusion XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (Perl) XChat 2.6.7 - (Windows) Remote Denial of Service (Perl) See-Commerce 1.0.625 - (owimg.php3) Remote Include PocketPC Mms Composer (WAPPush) Denial of Service Exploit See-Commerce 1.0.625 - (owimg.php3) Remote File Inclusion PocketPC Mms Composer (WAPPush) Denial of Service Mambo Remository Component 3.25 - Remote Include Mambo Remository Component 3.25 - Remote File Inclusion Joomla Webring Component 1.0 - Remote Include Joomla Webring Component 1.0 - Remote File Inclusion Opera 9 - IRC Client Remote Denial of Service Exploit Opera 9 IRC Client - Remote Denial of Service Exploit (Python) Opera 9 - IRC Client Remote Denial of Service Opera 9 IRC Client - Remote Denial of Service (Python) Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC Microsoft Windows PNG File IHDR Block Denial of Service PoC Mambo CopperminePhotoGalery Component Remote Include Mambo CopperminePhotoGalery Component Remote File Inclusion WTcom 0.2.4-alpha (torrents.php) SQL Injection WTcom 0.2.4-alpha - (torrents.php) SQL Injection Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1) Microsoft Windows - PNG File IHDR Block Denial of Service PoC (1) Joomla Artlinks Component 1.0b4 - Remote Include Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2) PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote Include Joomla Artlinks Component 1.0b4 - Remote File Inclusion Microsoft Windows - PNG File IHDR Block Denial of Service PoC (2) PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote File Inclusion Mambo MamboWiki Component 0.9.6 - Remote Include Joomla Link Directory Component 1.0.3 - Remote Include Mambo MamboWiki Component 0.9.6 - Remote File Inclusion Joomla Link Directory Component 1.0.3 - Remote File Inclusion PHlyMail Lite 3.4.4 - (folderprops.php) Remote Include (2) PHlyMail Lite 3.4.4 - (folderprops.php) Remote File Inclusion (2) Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service Exploit Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service 2Wire Modems/Routers CRLF - Denial of Service Exploit 2Wire Modems/Routers CRLF - Denial of Service Integramod Portal 2.x - (functions_portal.php) Remote Include Exploit VistaBB 2.x - (functions_mod_user.php) Remote Include Exploit Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion Exploit VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion Exploit phpCOIN 1.2.3 - (session_set.php) Remote Include phpCOIN 1.2.3 - (session_set.php) Remote File Inclusion Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote Include Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote Include PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote File Inclusion Web Server Creator 0.1 - (l) Remote Include Web Server Creator 0.1 - (l) Remote File Inclusion Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service Exploit Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service mcGalleryPRO 2006 - (path_to_folder) Remote Include MiniPort@l 0.1.5 beta (skiny) Remote File Inclusion OPENi-CMS 1.0.1beta (config) Remote File Inclusion mcGalleryPRO 2006 - (path_to_folder) Remote File Inclusion MiniPort@l 0.1.5 beta - (skiny) Remote File Inclusion OPENi-CMS 1.0.1beta - (config) Remote File Inclusion Microsoft Internet Explorer (VML) Remote Denial of Service Exploit PoC Microsoft Internet Explorer (VML) Remote Denial of Service PoC OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service Exploit OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service VAMP Webmail 2.0beta1 - (yesno.phtml) Remote Include VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion TribunaLibre 3.12 Beta (ftag.php) Remote File Inclusion TribunaLibre 3.12 Beta - (ftag.php) Remote File Inclusion FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service Exploit FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service Exploit FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service Exploit FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service phpBB News Defilante Horizontale 4.1.1 - Remote Include Exploit phpBB News Defilante Horizontale 4.1.1 - Remote File Inclusion Exploit NuralStorm Webmail 0.98b (process.php) Remote Include NuralStorm Webmail 0.98b (process.php) Remote File Inclusion DigitalHive 2.0 RC2 - (base_include.php) Remote Include DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion Xfire 1.6.4 - Remote Denial of Service Exploit (Perl) Osprey 1.0 GetRecord.php Remote File Inclusion Xfire 1.6.4 - Remote Denial of Service (Perl) Osprey 1.0 - GetRecord.php Remote File Inclusion MambWeather Mambo Module 1.8.1 - Remote Include MambWeather Mambo Module 1.8.1 - Remote File Inclusion QK SMTP 3.01 - (RCPT TO) Remote Denial of Service Exploit QK SMTP 3.01 - (RCPT TO) Remote Denial of Service FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service Exploit FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service Exploit RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service PHPMyDesk 1.0beta (viewticket.php) Local File Inclusion Exploit PHPMyDesk 1.0 beta - (viewticket.php) Local File Inclusion Exploit Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote Denial of Service Microsoft Windows NAT Helper Components Remote DoS Exploit (perl) Microsoft Windows NAT Helper Components Remote Denial of Service (perl) GEPI 1.4.0 gestion/savebackup.php Remote File Inclusion GEPI 1.4.0 - gestion/savebackup.php Remote File Inclusion Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote DoS Exploit Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote Denial of Service Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion Drake CMS < 0.2.3 ALPHA rev.916 - Remote File Inclusion XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service Exploit Essentia Web Server 2.15 - (GET Request) Remote DoS Exploit XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service Essentia Web Server 2.15 - (GET Request) Remote Denial of Service OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit) OpenLDAP 2.2.29 - Remote Denial of Service (Metasploit) WarFTPd 1.82.00-RC11 - Remote Denial of Service Exploit WarFTPd 1.82.00-RC11 - Remote Denial of Service WORK System E-Commerce 3.0.1 - Remote Include WORK System E-Commerce 3.0.1 - Remote File Inclusion CMSmelborp Beta (user_standard.php) Remote File Inclusion Exploit CMSmelborp Beta - (user_standard.php) Remote File Inclusion Exploit phpPeanuts 1.3 Beta (Inspect.php) Remote File Inclusion phpPeanuts 1.3 Beta - (Inspect.php) Remote File Inclusion UniversalFTP 1.0.50 - (MKD) Remote Denial of Service Exploit UniversalFTP 1.0.50 - (MKD) Remote Denial of Service Microsoft Windows spoolss GetPrinterData() Remote DoS Exploit (0Day) Microsoft Windows spoolss GetPrinterData() Remote Denial of Service (0Day) awrate.com Message Board 1.0 - (search.php) Remote Include awrate.com Message Board 1.0 - (search.php) Remote File Inclusion F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service Exploit Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service Exploit D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service Exploit Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service Exploit Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Exploit Windows Media Player 9/10 - (.MID) Denial of Service Exploit Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Windows Media Player 9/10 - (.MID) Denial of Service Star FTP Server 1.10 - (RETR) Remote Denial of Service Exploit Star FTP Server 1.10 - (RETR) Remote Denial of Service Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service Exploit wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service Exploit Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service WinFtp Server 2.0.2 - (PASV) Remote Denial of Service Exploit WinFtp Server 2.0.2 - (PASV) Remote Denial of Service RealPlayer 10.5 - (ActiveX Control) Denial of Service Exploit RealPlayer 10.5 - (ActiveX Control) Denial of Service DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Exploit DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service inertianews 0.02b (inertianews_main.php) Remote Include inertianews 0.02b (inertianews_main.php) Remote File Inclusion XM Easy Personal FTP Server 5.2.1 - (USER) Format String DoS Exploit XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service Exploit acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service Microsoft Windows NetrWkstaUserEnum() Remote DoS Exploit (0Day) Microsoft Windows NetrWkstaUserEnum() Remote Denial of Service (0Day) RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service Exploit RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service Durian Web Application Server 3.02 - Denial of Service Exploit Durian Web Application Server 3.02 - Denial of Service Formbankserver 1.9 - (Name) Remote Denial of Service Exploit Formbankserver 1.9 - (Name) Remote Denial of Service Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit Microsoft Windows - Explorer (WMF) CreateBrushIndirect Denial of Service VLC Media Player 0.8.6a Unspecified Denial of Service Exploit VLC Media Player 0.8.6a Unspecified Denial of Service WFTPD Pro Server 3.25 SITE ADMN Remote Denial of Service Exploit WFTPD Pro Server 3.25 SITE ADMN Remote Denial of Service Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service Exploit Colloquy 2.1.3545 - (INVITE) Format String Denial of Service Exploit Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service Colloquy 2.1.3545 - (INVITE) Format String Denial of Service CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service Exploit CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) DoS Exploit Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service Microsoft Windows - Explorer (AVI) Unspecified Denial of Service Exploit Microsoft Windows - Explorer (AVI) Unspecified Denial of Service Apple CFNetwork - HTTP Response Denial of Service Exploit (Ruby) Apple CFNetwork - HTTP Response Denial of Service (Ruby) CVSTrac 2.0.0 - Post-Attack Database Resurrection DoS Exploit CVSTrac 2.0.0 - Post-Attack Database Resurrection Denial of Service Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service Exploit phpBB2 MODificat 0.2.0 - (functions.php) Remote Include Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service phpBB2 MODificat 0.2.0 - (functions.php) Remote File Inclusion CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server DoS Exploit CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service Exploit Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow DoS Exploit SmartFTP Client 2.0.1002 - Remote Heap Overflow DoS Exploit FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service Axigen 2.0.0b1 - Remote Denial of Service Exploit Axigen 2.0.0b1 - Remote Denial of Service Exploit (2) Axigen 2.0.0b1 - Remote Denial of Service Axigen 2.0.0b1 - Remote Denial of Service (2) phpCC 4.2 beta (nickpage.php npid) SQL Injection Exploit phpCC 4.2 beta - (nickpage.php npid) SQL Injection Exploit MiniWebsvr 0.0.6 - Remote Resource Consumption DoS Exploit MiniWebsvr 0.0.6 - Remote Resource Consumption Denial of Service MailEnable Professional/Enterprise 2.35 Out of Bounds DoS Exploit MailEnable Professional/Enterprise 2.35 Out of Bounds Denial of Service MailEnable Professional/Enterprise 2.37 - Denial of Service Exploit MailEnable Professional/Enterprise 2.37 - Denial of Service TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote DoS Exploit TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote Denial of Service PHP-Nuke 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql) PHP-Nuke 8.0 Final (INSERT) SQL Injection Exploit PHP-Nuke 8.0 Final (HTTP Referers) SQL Injection Exploit FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote DoS Exploit PHP-Nuke 8.0 Final - (INSERT) Blind SQL Injection Exploit (mysql) PHP-Nuke 8.0 Final - (INSERT) SQL Injection Exploit PHP-Nuke 8.0 Final - (HTTP Referers) SQL Injection Exploit FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote Denial of Service BrowseDialog Class - (ccrpbds6.dll) Multiple Methods DoS Exploit BrowseDialog Class - (ccrpbds6.dll) Multiple Methods Denial of Service Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Denial of Service XM Easy Personal FTP Server 5.30 - (ABOR) Format String DoS Exploit XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service Exploit DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service Asterisk 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Exploit Asterisk 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) DoS Exploit Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) Denial of Service Microsoft Windows - (.doc) Malformed Pointers Denial of Service Exploit Microsoft Windows - (.doc) Malformed Pointers Denial of Service TFTPDWIN Server 0.4.2 - (UDP) Denial of Service Exploit Rediff Toolbar ActiveX Control Remote Denial of Service Exploit Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote DoS Exploit TFTPDWIN Server 0.4.2 - (UDP) Denial of Service Rediff Toolbar ActiveX Control Remote Denial of Service Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote Denial of Service Microsoft Internet Explorer - (FTP Server Response) DoS Exploit (MS07-016) Microsoft Internet Explorer - (FTP Server Response) Denial of Service (MS07-016) TFTP Server 1.3 - Remote Buffer Overflow Denial of Service Exploit TFTP Server 1.3 - Remote Buffer Overflow Denial of Service MetaForum 0.513 Beta Remote File Upload Exploit MetaForum 0.513 Beta - Remote File Upload Exploit Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Exploit Mercur IMAPD 5.00.14 - Remote Denial of Service Exploit (Win32) Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Mercur IMAPD 5.00.14 - Remote Denial of Service (Win32) Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit Grandstream Budge Tone-200 IP Phone (Digest domain) Denial of Service 0irc-client 1345 build20060823 - Denial of Service Exploit 0irc-client 1345 build20060823 - Denial of Service Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service Exploit Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service Exploit sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion Exploit IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service Exploit Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Exploit Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit Gran Paradiso 3.0a3 non-existent applet Denial of Service Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit Sami HTTP Server 2.0.1 POST Request Denial of Service Ettercap-NG 0.7.3 - Remote Denial of Service Exploit Ettercap-NG 0.7.3 - Remote Denial of Service Mozzers SubSystem final (subs.php) Remote Code Execution Mozzers SubSystem final - (subs.php) Remote Code Execution Winamp 5.3 - (.WMV) Remote Denial of Service Exploit Winamp 5.3 - (.WMV) Remote Denial of Service Foxit Reader 2.0 - (PDF) Remote Denial of Service Exploit Foxit Reader 2.0 - (PDF) Remote Denial of Service Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion Winamp 5.33 - (.AVI) Remote Denial of Service Exploit Joomla 1.5.0 Beta - (pcltar.php) Remote File Inclusion Winamp 5.33 - (.AVI) Remote Denial of Service Opera 9.2 - (.torrent) Remote Denial of Service Exploit Opera 9.2 - (.torrent) Remote Denial of Service Linksys SPA941 \377 character Remote Denial of Service Exploit Linksys SPA941 - (remote reboot) Remote Denial of Service Exploit Linksys SPA941 \377 character Remote Denial of Service Linksys SPA941 - (remote reboot) Remote Denial of Service RealPlayer 10 - (.ra) Remote Denial of Service Exploit RealPlayer 10 - (.ra) Remote Denial of Service PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service Exploit PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Word Viewer OCX 3.2 - Remote Denial of Service Exploit Word Viewer OCX 3.2 - Remote Denial of Service Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Exploit Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote DoS Exploit Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote Denial of Service Opera 9.10 alert() Remote Denial of Service Exploit Opera 9.10 alert() Remote Denial of Service SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service Exploit SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service SimpleNews 1.0.0 FINAL (print.php news_id) SQL Injection Exploit SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection Exploit Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service PrecisionID Barcode ActiveX 1.3 - Denial of Service Exploit PrecisionID Barcode ActiveX 1.3 - Denial of Service ID Automation Linear Barcode ActiveX Denial of Service Exploit ID Automation Linear Barcode ActiveX Denial of Service Microsoft Windows Vista - Forged ARP packet Network Stack DoS Exploit Microsoft Windows Vista - Forged ARP packet Network Stack Denial of Service BitsCast 0.13.0 - (invalid string) Remote Denial of Service Exploit NewzCrawler 1.8 - (invalid string) Remote Denial of Service Exploit BitsCast 0.13.0 - (invalid string) Remote Denial of Service NewzCrawler 1.8 - (invalid string) Remote Denial of Service PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service Exploit PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service Exploit CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Mambo com_yanc 1.4 beta (id) SQL Injection Mambo com_yanc 1.4 beta - (id) SQL Injection Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service Exploit Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote DoS Exploit LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote DoS Exploit Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote Denial of Service EDraw Office Viewer Component Denial of Service Exploit EDraw Office Viewer Component Denial of Service SNMPc 7.0.18 - Remote Denial of Service Exploit (Metasploit) SNMPc 7.0.18 - Remote Denial of Service (Metasploit) Microsoft Windows GDI+ - ICO File Remote Denial of Service Exploit Microsoft Windows GDI+ - ICO File Remote Denial of Service MiniWeb Http Server 0.8.x - Remote Denial of Service Exploit MiniWeb Http Server 0.8.x - Remote Denial of Service Safari 3 for Windows Beta Remote Command Execution PoC Safari 3 for Windows Beta - Remote Command Execution PoC BitchX 1.1-final (EXEC) Remote Command Execution Exploit BitchX 1.1-final - (EXEC) Remote Command Execution Exploit PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service Exploit PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service PHP 5.2.3 - glob() Denial of Service Exploit PHP 5.2.3 - glob() Denial of Service TeamSpeak 2.0 - (Windows Release) Remote Denial of Service Exploit TeamSpeak 2.0 - (Windows Release) Remote Denial of Service Microsoft Windows - Explorer.exe Gif Image Denial of Service Exploit Xserver 0.1 Alpha Post Request Remote Buffer Overflow Exploit Microsoft Windows - Explorer.exe Gif Image Denial of Service Xserver 0.1 Alpha - Post Request Remote Buffer Overflow Exploit Microsoft Internet Explorer 6 DirectX Media Remote Overflow DoS Exploit Microsoft Internet Explorer 6 DirectX Media Remote Overflow Denial of Service Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service Exploit Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service WengoPhone 2.x - SIP Phone Remote Denial of Service Exploit WengoPhone 2.x - SIP Phone Remote Denial of Service CounterPath X-Lite 3.x - SIP phone Remote Denial of Service Exploit CounterPath X-Lite 3.x - SIP phone Remote Denial of Service WireShark < 0.99.6 Mms Remote Denial of Service Exploit Easy Chat Server 2.2 - Remote Denial of Service Exploit WireShark < 0.99.6 Mms Remote Denial of Service Easy Chat Server 2.2 - Remote Denial of Service Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service Exploit Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service Exploit eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BoF Exploit Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote BoF Exploit Thomson SIP phone ST 2030 - Remote Denial of Service Exploit Thomson SIP phone ST 2030 - Remote Denial of Service Microsoft Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046) Microsoft Windows - (GDI32.DLL) Denial of Service (MS07-046) JetCast Server 2.0.0.4308 - Remote Denial of Service Exploit JetCast Server 2.0.0.4308 - Remote Denial of Service actSite 1.991 Beta (base.php) Remote File Inclusion actSite 1.991 Beta - (base.php) Remote File Inclusion wzdftpd 0.8.0 - (USER) Remote Denial of Service Exploit wzdftpd 0.8.0 - (USER) Remote Denial of Service LiveAlbum 0.9.0 common.php Remote File Inclusion LiveAlbum 0.9.0 - common.php Remote File Inclusion eXtremail 2.1.1 memmove() Remote Denial of Service Exploit eXtremail 2.1.1 memmove() Remote Denial of Service GCALDaemon 1.0-beta13 - Remote Denial of Service Exploit GCALDaemon 1.0-beta13 - Remote Denial of Service Mozilla Firefox 2.0.0.7 - Remote Denial of Service Exploit Mozilla Firefox 2.0.0.7 - Remote Denial of Service Firefly Media Server 0.2.4 - Remote Denial of Service Exploit Ubuntu 6.06 DHCPd - Remote Denial of Service Exploit Firefly Media Server 0.2.4 - Remote Denial of Service Ubuntu 6.06 DHCPd - Remote Denial of Service patBBcode 1.0 bbcodeSource.php Remote File Inclusion patBBcode 1.0 - bbcodeSource.php Remote File Inclusion RealPlayer 11 Malformed AU File Denial of Service Exploit RealPlayer 11 Malformed AU File Denial of Service Cisco Phone 7940 - Remote Denial of Service Exploit Cisco Phone 7940 - Remote Denial of Service Simple HTTPD 1.41 - (/aux) Remote Denial of Service Exploit Simple HTTPD 1.41 - (/aux) Remote Denial of Service SurgeMail 38k4 - webmail Host header Denial of Service Exploit SurgeMail 38k4 - webmail Host header Denial of Service Blakord Portal Beta 1.3.A (all modules) SQL Injection Blakord Portal Beta 1.3.A - (all modules) SQL Injection WebPortal CMS 0.6-beta Remote Password Change Exploit WebPortal CMS 0.6-beta - Remote Password Change Exploit Half-Life CSTRIKE Server 1.6 - Denial of Service Exploit (no-steam) Half-Life CSTRIKE Server 1.6 - Denial of Service (no-steam) Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote DoS Exploit Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service PHP-Nuke 8.0 Final (sid) SQL Injection Exploit PHP-Nuke 8.0 Final - (sid) SQL Injection Exploit Apple iPhone 1.1.2 - Remote Denial of Service Exploit Apple iPhone 1.1.2 - Remote Denial of Service MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service Exploit MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service Joomla Component MCQuiz 0.9 Final (tid) SQL Injection Joomla Component MCQuiz 0.9 Final - (tid) SQL Injection Apple iPhoto 4.0.3 DPAP Server Denial of Service Exploit Apple iPhoto 4.0.3 DPAP Server Denial of Service MyServer 0.8.11 - (204 No Content) error Remote Denial of Service Exploit MyServer 0.8.11 - (204 No Content) error Remote Denial of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) DoS Exploit Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service ICQ Toolbar 2.3 - ActiveX Remote Denial of Service Exploit ICQ Toolbar 2.3 - ActiveX Remote Denial of Service Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win) Apple Safari (webkit) Remote Denial of Service (iphone/osx/win) Home FTP Server 1.4.5 - Remote Denial of Service Exploit Home FTP Server 1.4.5 - Remote Denial of Service PacketTrap Networks pt360 2.0.39 TFTPD - Remote DoS Exploit PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion Exploit Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Exploit Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Noticeware Email Server 4.6.1.0 - Denial of Service Exploit Noticeware Email Server 4.6.1.0 - Denial of Service Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service Exploit Novel eDirectory HTTP - Denial of Service Exploit Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service Novel eDirectory HTTP - Denial of Service XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service Exploit XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection e-107 Plugin zogo-shop 1.16 Beta 13 - SQL Injection AlkalinePHP 0.80.00 beta (thread.php id) SQL Injection Exploit AlkalinePHP 0.80.00 beta - (thread.php id) SQL Injection Exploit Mambo Component mambads 1.0 RC1 Beta SQL Injection Mambo Component mambads 1.0 RC1 Beta - SQL Injection I-Pos Internet Pay Online Store 1.3 Beta SQL Injection I-Pos Internet Pay Online Store 1.3 Beta - SQL Injection P2P Foxy Out of Memory Denial of Service Exploit P2P Foxy Out of Memory Denial of Service uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header Denial of Service Simple DNS Plus 5.0/4.1 - Remote Denial of Service Exploit Simple DNS Plus 5.0/4.1 - Remote Denial of Service Yahoo Messenger 8.1 - ActiveX Remote Denial of Service Exploit Yahoo Messenger 8.1 - ActiveX Remote Denial of Service WinRemotePC Full+Lite 2008 r.2server Denial of Service Exploit WinRemotePC Full+Lite 2008 r.2server Denial of Service Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit Bea Weblogic Apache Connector - Code Execution / Denial of Service Oracle Internet Directory 10.1.4 - Remote Preauth DoS Exploit Oracle Internet Directory 10.1.4 - Remote Preauth Denial of Service F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop DoS Exploit F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service Xerox Phaser 8400 - (reboot) Remote Denial of Service Exploit Xerox Phaser 8400 - (reboot) Remote Denial of Service HydraIrc 0.3.164 - (last) Remote Denial of Service Exploit HydraIrc 0.3.164 - (last) Remote Denial of Service txtSQL 2.2 Final (startup.php) Remote File Inclusion txtSQL 2.2 Final - (startup.php) Remote File Inclusion Ventrilo 3.0.2 - NULL pointer Remote DoS Exploit Ventrilo 3.0.2 - NULL pointer Remote Denial of Service Google Chrome Browser 0.2.149.27 A HREF Denial of Service Exploit Google Chrome Browser 0.2.149.27 A HREF Denial of Service Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit Google Chrome Browser 0.2.149.27 Inspect Element Denial of Service Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service Exploit Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service Adobe Acrobat 9 - ActiveX Remote Denial of Service Exploit Adobe Acrobat 9 - ActiveX Remote Denial of Service The Personal FTP Server 6.0f RETR Denial of Service Exploit The Personal FTP Server 6.0f RETR Denial of Service Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local DoS Exploit Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local Denial of Service WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit) WonderWare SuiteLink 2.0 - Remote Denial of Service (Metasploit) Femitter FTP Server 1.03 - (RETR) Remote Denial of Service Exploit PoC Femitter FTP Server 1.03 - (RETR) Remote Denial of Service PoC fhttpd 0.4.2 un64() - Remote Denial of Service Exploit fhttpd 0.4.2 un64() - Remote Denial of Service DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service Exploit DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service Vikingboard 0.2 Beta (task) Local File Inclusion Vikingboard 0.2 Beta - (task) Local File Inclusion Vikingboard 0.2 Beta SQL Column Truncation Vikingboard 0.2 Beta - SQL Column Truncation WinFTP Server 2.3.0 - (NLST) Denial of Service Exploit WinFTP Server 2.3.0 - (NLST) Denial of Service Chilkat IMAP ActiveX 7.9 - File Execution / IE DoS Exploit Chilkat IMAP ActiveX 7.9 - File Execution / IE Denial of Service Google Chrome 0.2.149.30 Window Object Suppressing DoS Exploit Google Chrome 0.2.149.30 Window Object Suppressing Denial of Service Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit Microsoft Windows Explorer - (.zip) Denial of Service Exploit Opera 9.52 Window Object Suppressing Remote Denial of Service Microsoft Windows Explorer - (.zip) Denial of Service Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit VBA32 Personal Antivirus 3.12.8.x - (malformed archive) DoS Exploit VBA32 Personal Antivirus 3.12.8.x - (malformed archive) Denial of Service Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing Skype extension for Firefox BETA 2.2.0.95 - Clipboard Writing WinFTP 2.3.0 - (PASV mode) Remote Denial of Service Exploit WinFTP 2.3.0 - (PASV mode) Remote Denial of Service NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth DoS Exploit NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth Denial of Service GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/DoS Exploit GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service Exploit RaidenFTPD 2.4 build 3620 - Remote Denial of Service Exploit XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service RaidenFTPD 2.4 build 3620 - Remote Denial of Service Titan FTP server 6.26 build 630 - Remote Denial of Service Exploit Titan FTP server 6.26 build 630 - Remote Denial of Service Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote Denial of Service Dart Communications PowerTCP FTP module Remote BoF Exploit Dart Communications PowerTCP FTP module - Remote BoF Exploit SilverSHielD 1.0.2.34 - (opendir) Denial of Service Exploit SilverSHielD 1.0.2.34 - (opendir) Denial of Service vicFTP 5.0 - (LIST) Remote Denial of Service Exploit vicFTP 5.0 - (LIST) Remote Denial of Service PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit) PumpKIN TFTP Server 2.7.2.0 - Denial of Service (Metasploit) PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection ExoPHPDesk 1.2 Final - (Auth Bypass) SQL Injection Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service Exploit Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit LoveCMS 1.6.2 Final (Simple Forum 3.1d) - Change Admin Password Exploit Microsoft Office Communicator (SIP) Remote Denial of Service Exploit Microsoft Office Communicator (SIP) Remote Denial of Service OpenForum 0.66 Beta Remote Reset Admin Password Exploit OpenForum 0.66 Beta - Remote Reset Admin Password Exploit Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service Exploit Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local DoS Exploit Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service Exploit Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service Linksys Wireless ADSL Router (WAG54G v2) - httpd DoS Exploit Linksys Wireless ADSL Router (WAG54G v2) - httpd Denial of Service Psi Jabber Client (8010/tcp) Remote Denial of Service Exploit (win/lin) PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service Exploit Psi Jabber Client (8010/tcp) Remote Denial of Service (win/lin) PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service VMware 2.5.1 - (Vmware-authd) Remote Denial of Service Exploit VMware 2.5.1 - (Vmware-authd) Remote Denial of Service SeaMonkey 1.1.14 - (marquee) Denial of Service Exploit SeaMonkey 1.1.14 - (marquee) Denial of Service Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service Exploit Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service Winamp 5.541 - (mp3/aiff) Multiple Denial of Service Exploits Winamp 5.541 - (mp3/aiff) Multiple Denial of Services Cisco VLAN Trunking Protocol Denial of Service Exploit Cisco VLAN Trunking Protocol Denial of Service Novell Netware 6.5 - (ICEbrowser) Remote System DoS Exploit Novell Netware 6.5 - (ICEbrowser) Remote System Denial of Service D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service Exploit D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service TxtBlog 1.0 Alpha Remote Command Execution Exploit TxtBlog 1.0 Alpha - Remote Command Execution Exploit GR Note 0.94 beta (Auth Bypass) Remote Database Backup GR Note 0.94 beta - (Auth Bypass) Remote Database Backup Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service Exploit Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service BlueBird Pre-Release (Auth Bypass) SQL Injection BlueBird Pre-Release - (Auth Bypass) SQL Injection Got All Media 7.0.0.3 - (t00t) Remote Denial of Service Exploit Got All Media 7.0.0.3 - (t00t) Remote Denial of Service HTC Touch vCard over IP Denial of Service Exploit HTC Touch vCard over IP Denial of Service Yaws < 1.80 - (multiple headers) Remote Denial of Service Exploit Yaws < 1.80 - (multiple headers) Remote Denial of Service Multiple Vendors libc:fts_*() - Local Denial of Service Exploit Multiple Vendors libc:fts_*() - Local Denial of Service Addonics NAS Adapter Post-Auth Denial of Service Exploit Addonics NAS Adapter Post-Auth Denial of Service Serv-U 7.4.0.1 - (SMNT) Denial of Service Exploit (post auth) VLC 0.9.8a Web UI (input) Remote Denial of Service Exploit Serv-U 7.4.0.1 - (SMNT) Denial of Service (post auth) VLC 0.9.8a Web UI (input) Remote Denial of Service SW-HTTPD Server 0.x - Remote Denial of Service Exploit SW-HTTPD Server 0.x - Remote Denial of Service XM Easy Personal FTP Server 5.7.0 - (NLST) DoS Exploit XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service Sami HTTP Server 2.x - (HEAD) Remote Denial of Service Exploit Sami HTTP Server 2.x - (HEAD) Remote Denial of Service IBM DB2 < 9.5 pack 3a - Connect Denial of Service Exploit IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service Exploit IBM DB2 < 9.5 pack 3a - Connect Denial of Service IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service Steamcast 0.9.75b Remote Denial of Service Exploit OpenBSD 4.5 IP datagram Null Pointer Deref DoS Exploit Steamcast 0.9.75b Remote Denial of Service OpenBSD 4.5 IP datagram Null Pointer Deref Denial of Service Microsoft Media Player - (quartz.dll .mid) Denial of Service Exploit Microsoft Media Player - (quartz.dll .mid) Denial of Service Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth) Addonics NAS Adapter (bts.cgi) Remote Denial of Service (post-auth) Zervit Web Server 0.3 - Remote Denial of Service Exploit Zervit Web Server 0.3 - Remote Denial of Service Xitami Web Server 5.0 - Remote Denial of Service Exploit Xitami Web Server 5.0 - Remote Denial of Service iodined 0.4.2-2 - (forged DNS packet) Denial of Service Exploit iodined 0.4.2-2 - (forged DNS packet) Denial of Service Addonics NAS Adapter FTP Remote Denial of Service Exploit Addonics NAS Adapter FTP Remote Denial of Service Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service TYPSoft FTP Server 1.11 - (ABORT) Remote DoS Exploit TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service Mereo 1.8.0 - (Get Request) Remote Denial of Service Exploit Mereo 1.8.0 - (Get Request) Remote Denial of Service DGNews 3.0 Beta (id) SQL Injection DGNews 3.0 Beta - (id) SQL Injection Mozilla Firefox (unclamped loop) Denial of Service Exploit Mozilla Firefox (unclamped loop) Denial of Service Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service Exploit Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service Apache mod_dav / svn Remote Denial of Service Exploit Apache mod_dav / svn Remote Denial of Service OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote Denial of Service LinkLogger 2.4.10.15 - (syslog) Denial of Service Exploit LinkLogger 2.4.10.15 - (syslog) Denial of Service ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit ARD-9808 DVR Card Security Camera (GET Request) Remote Denial of Service FreeBSD 6/8 - (ata device) Local Denial of Service Exploit FreeBSD 6/8 - (ata device) Local Denial of Service Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all) Multiple Web Browsers Denial of Service (1 bug to rule them all) FreeBSD 7.2 - (pecoff executable) Local Denial of Service Exploit FreeBSD 7.2 - (pecoff executable) Local Denial of Service E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection OpenH323 Opal SIP Protocol Remote Denial of Service Exploit Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit WzdFTPD 8.0 - Remote Denial of Service Exploit OpenH323 Opal SIP Protocol Remote Denial of Service Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service WzdFTPD 8.0 - Remote Denial of Service FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Exploit FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service Exploit Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit TheGreenBow VPN Client tgbvpn.sys Local Denial of Service HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service Exploit HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service KSP 2006 FINAL (.M3U) Universal Local Buffer Exploit (SEH) KSP 2006 FINAL - (.M3U) Universal Local Buffer Exploit (SEH) Xerox WorkCentre Multiple Models Denial of Service Exploit Cerberus FTP 3.0.1 - (ALLO) Remote Overflow DoS Exploit (Metasploit) Xerox WorkCentre Multiple Models Denial of Service Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit) TFTPUtil GUI 1.3.0 - Remote Denial of Service Exploit TFTPUtil GUI 1.3.0 - Remote Denial of Service SolarWinds TFTP Server 9.2.0.111 - Remote DoS Exploit SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service Re-Script 0.99 Beta (listings.php op) SQL Injection Re-Script 0.99 Beta - (listings.php op) SQL Injection Novell eDirectory 8.8 SP5 - Remote Denial of Service Exploit Novell eDirectory 8.8 SP5 - Remote Denial of Service Safari 3.2.3 - (Win32) JavaScript (eval) Remote DoS Exploit Safari 3.2.3 - (Win32) JavaScript (eval) Remote Denial of Service WarFTPd 1.82.00-RC12 - (LIST command) Format String DoS Exploit WarFTPd 1.82.00-RC12 - (LIST command) Format String Denial of Service FreeRadius < 1.1.8 - Zero-length Tunnel-Password DoS Exploit FreeRadius < 1.1.8 - Zero-length Tunnel-Password Denial of Service httpdx Web Server 1.4 - (Host Header) Remote Format String DoS Exploit httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service FtpXQ FTP Server 3.0 - Remote Denial of Service Exploit (Auth) FtpXQ FTP Server 3.0 - Remote Denial of Service (Auth) Cerberus FTP Server 3.0.3 - Remote Denial of Service Exploit Cerberus FTP Server 3.0.3 - Remote Denial of Service FTPDMIN 0.96 - (LIST) Remote Denial of Service Exploit FTPDMIN 0.96 - (LIST) Remote Denial of Service Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit Safari 4.0.3 - (Win32) CSS Remote Denial of Service PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python) PHP < 5.3.1 - 'multipart/form-data' Denial of Service (Python) Drupal Sections Module XSS Drupal Sections Module - XSS 3Com OfficeConnect Routers - Remote DoS Exploit 3Com OfficeConnect Routers - Remote Denial of Service TFTP Daemon 1.9 - Denial of Service Exploit TFTP Daemon 1.9 - Denial of Service SimplePlayer 0.2 - (.wav) Overflow DoS Exploit (0Day) SimplePlayer 0.2 - (.wav) Overflow Denial of Service (0Day) Joomla Component com_abbrev Local File Inclusion Joomla Component com_abbrev - Local File Inclusion iOS Udisk FTP Basic Edition - Remote DoS Exploit (0Day) iOS Udisk FTP Basic Edition - Remote Denial of Service (0Day) P2GChinchilla HTTP Server 1.1.1 - Denial of Service Exploit P2GChinchilla HTTP Server 1.1.1 - Denial of Service iOS Serversman 3.1.5 - HTTP Remote DoS Exploit iOS Serversman 3.1.5 - HTTP Remote Denial of Service Opera 10.10 - Remote Code Execution DoS Exploit Opera 10.10 - Remote Code Execution Denial of Service Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service Exploit Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service Exploit Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service iOS My DBLite Edition - Remote DoS Exploit (0Day) iOS My DBLite Edition - Remote Denial of Service (0Day) iOS FileApp 1.7 - Remote DoS Exploit iOS FileApp 1.7 - Remote Denial of Service iOS iFTPStorage 1.2 - Remote DoS Exploit iOS iFTPStorage 1.2 - Remote Denial of Service Winamp 5.57 - (Browser) IE Denial of Service Exploit Winamp 5.57 - (Browser) IE Denial of Service VKPlayer 1.0 - (.mid) Denial of Service Exploit VKPlayer 1.0 - (.mid) Denial of Service iPhone FTP Server By Zhang Boyang Remote DoS Exploit iPhone FTP Server By Zhang Boyang Remote Denial of Service Mozilla Firefox 3.6 - Denial of Service Exploit Mozilla Firefox 3.6 - Denial of Service Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote Include Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusion PowieSys 0.7.7 alpha index.php (shownews) SQL Injection PowieSys 0.7.7 alpha - index.php (shownews) SQL Injection BitComet 1.19 - Remote DoS Exploit BitComet 1.19 - Remote Denial of Service ALPHA CMS Local File Inclusion ALPHA CMS - Local File Inclusion uTorrent WebUI 0.370 - Authorization header DoS Exploit uTorrent WebUI 0.370 - Authorization header Denial of Service Microsoft Office (2010 beta) Communicator SIP Denial of Service Exploit Foxit Reader 3.2.1.0401 - Denial of Service Exploit Microsoft Office (2010 beta) Communicator SIP Denial of Service Foxit Reader 3.2.1.0401 - Denial of Service Joomla Component JTM Reseller 1.9 Beta SQL Injection Joomla Component JTM Reseller 1.9 Beta - SQL Injection EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote DoS Exploit (IE) EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote Denial of Service (IE) Webmoney Advisor ActiveX Remote DoS Exploit Webmoney Advisor ActiveX Remote Denial of Service Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service Press Release Script (page.php id) SQL Injection Press Release Script - (page.php id) SQL Injection dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 - admin/editconfig.php Multiple Parameter Remote File Inclusion HomeFTP Server r1.10.3 - (build 144) Denial of Service Exploit HomeFTP Server r1.10.3 - (build 144) Denial of Service Solarwinds 10.4.0.13 - Denial of Service Exploit Solarwinds 10.4.0.13 - Denial of Service EZPX Photoblog 1.2 beta Remote File Inclusion Exploit EZPX Photoblog 1.2 beta - Remote File Inclusion Exploit Drupal Sections 5.x-1.2/6.x-1.2 Module HTML Injection Drupal Sections 5.x-1.2/6.x-1.2 Module - HTML Injection MP3 Cutter 1.5 - DoS Exploit MP3 Cutter 1.5 - Denial of Service Really Simple IM 1.3beta DoS Proof of Concept Really Simple IM 1.3beta - DoS Proof of Concept QQ Computer Manager TSKsp.sys Local Denial of Service Exploit QQ Computer Manager TSKsp.sys Local Denial of Service SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) DoS Exploit SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service VMware Workstation 7.1.1 - VMkbd.sys Denial of Service Exploit VMware Workstation 7.1.1 - VMkbd.sys Denial of Service iOS FileApp < 2.0 - FTP Remote Denial of Service Exploit iOS FileApp < 2.0 - FTP Remote Denial of Service AVG Internet Security 9.0.851 - Local Denial of Service Exploit AVG Internet Security 9.0.851 - Local Denial of Service GSPlayer 1.83a Win32 Release Buffer Overflow GSPlayer 1.83a Win32 Release - Buffer Overflow Sami HTTP Server 2.0.1 - GET Request Denial of Service Exploit Sami HTTP Server 2.0.1 - GET Request Denial of Service PCSX2 0.9.7 beta Binary Denial of Service PCSX2 0.9.7 beta - Binary Denial of Service HttpBlitz Web Server Denial of Service Exploit HttpBlitz Web Server Denial of Service Xynph 1.0 USER Denial of Service Exploit Xynph 1.0 USER Denial of Service Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode DoS Exploit Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service Solar FTP 2.1 - Denial of Service Exploit Solar FTP 2.1 - Denial of Service Victory FTP Server 5.0 - Denial of Service Exploit Victory FTP Server 5.0 - Denial of Service TWiki History TWikiUsers rev Parameter Command Execution TWiki History TWikiUsers - rev Parameter Command Execution AVIPreview 0.26 Alpha Denial of Service AVIPreview 0.26 Alpha - Denial of Service Microsoft Windows XP - afd.sys Local Kernel DoS Exploit Microsoft Windows XP - afd.sys Local Kernel Denial of Service Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service Adobe Reader/Acrobat 10.0.1 DoS Exploit Adobe Reader/Acrobat 10.0.1 Denial of Service Omnicom Alpha 4.0e LPD Server DoS Omnicom Alpha 4.0e LPD Server - DoS OpenSLP 1.2.1 / < 1647 trunk - Denial of Service Exploit OpenSLP 1.2.1 / < 1647 trunk - Denial of Service World Of Warcraft Local Stack Overflow DoS Exploit (chat-cache.txt) World Of Warcraft Local Stack Overflow Denial of Service (chat-cache.txt) TOWeb 3.0 - Local Format String DoS Exploit (TOWeb.MO file corruption) TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file corruption) 1024 CMS 1.1.0 Beta force_download.php Local File Inclusion 1024 CMS 1.1.0 Beta - force_download.php Local File Inclusion FleaHttpd Remote Denial of Service Exploit FleaHttpd Remote Denial of Service ComSndFTP Server 1.3.7 Beta Remote Format String Overflow ComSndFTP Server 1.3.7 Beta - Remote Format String Overflow Play [EX] 2.1 - Playlist File (M3U/PLS/LST) DoS Exploit Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service Windows OpenType Font - File Format DoS Exploit Windows OpenType Font - File Format Denial of Service HP JetAdmin 1.0.9 Rev. D symlink HP JetAdmin 1.0.9 Rev. D - symlink Microsoft Site Server Commerce Edition 3.0 alpha AdSamples Microsoft Site Server Commerce Edition 3.0 alpha - AdSamples Sensitive Information Daniel Beckham The Finger Server 0.82 BETA Pipe Daniel Beckham The Finger Server 0.82 BETA - Pipe Sambar Server 4.2 beta 7 Batch CGI Sambar Server 4.2 beta 7 - Batch CGI DomsHttpd 1.0 - Remote Denial of Service Exploit DomsHttpd 1.0 - Remote Denial of Service Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (1) Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (2) Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (3) Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (1) Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (2) Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (3) Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha DNS Decode (1) Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha DNS Decode (2) Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha - DNS Decode (1) Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha - DNS Decode (2) Real Networks Real Server 7.0/7.0.1/8.0 Beta View-Source DoS Real Networks Real Server 7.0/7.0.1/8.0 Beta - View-Source DoS Omnicron OmniHTTPD 1.1/2.0 Alpha 1 visiadmin.exe Denial of Service Omnicron OmniHTTPD 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service Sun Java Web Server 1.1 Beta Viewable .jhtml Source Sun Java Web Server 1.1 Beta - Viewable .jhtml Source HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A LCD Display Modification HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A - LCD Display Modification Sambar Server 4.1 beta Admin Access Sambar Server 4.1 beta - Admin Access Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure Cisco IOS 12 UDP Denial of Service Cisco IOS 12 - UDP Denial of Service XMB Forum 1.6 pre-beta Image Tag Script Injection XMB Forum 1.6 pre-beta - Image Tag Script Injection DCShop Beta 1.0 Form Manipulation DCShop Beta 1.0 - Form Manipulation Cisco IOS 11.x/12.0 ICMP Redirect Denial of Service Cisco IOS 11.x/12.0 - ICMP Redirect Denial of Service SmartMail Server 1.0 BETA 10 Oversized Request Denial of Service SmartMail Server 1.0 BETA 10 - Oversized Request Denial of Service Ultimate PHP Board 1.0 final beta ViewTopic.php Directory Contents Browsing Ultimate PHP Board Board 1.0 final beta ViewTopic.php Cross-Site Scripting Ultimate PHP Board 1.0 final beta - ViewTopic.php Directory Contents Browsing Ultimate PHP Board Board 1.0 final beta - ViewTopic.php Cross-Site Scripting N/X Web Content Management System 2002 Prerelease 1 datasets.php c_path Parameter LFI N/X Web Content Management System 2002 Prerelease 1 - datasets.php c_path Parameter LFI PHPOutsourcing Zorum 3.x - Remote Include Command Execution PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution Sage 1.0 beta 3 Content Management System Path Disclosure Sage 1.0 beta 3 Content Management System Cross-Site Scripting Sage 1.0 beta 3 - Content Management System Path Disclosure Sage 1.0 beta 3 - Content Management System Cross-Site Scripting E-theni Remote Include Command Execution E-theni Remote File Inclusion Command Execution BZFlag 1.7 g0 Reconnect Denial of Service BZFlag 1.7 g0 - Reconnect Denial of Service Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module Integer Overflow Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module - Integer Overflow PMachine 2.2.1 Lib.Inc.php Remote Include Command Execution PMachine 2.2.1 Lib.Inc.php Remote File Inclusion Command Execution PHPForum 2.0 RC1 Mainfile.php Remote File Inclusion PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion IdealBB 1.4.9 Beta HTML Injection IdealBB 1.4.9 Beta - HTML Injection Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Cross-Site Scripting Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Path Disclosure Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Path Disclosure Koch Roland Rolis Guestbook 1.0 $path Remote File Inclusion Koch Roland Rolis Guestbook 1.0 - $path Remote File Inclusion My_EGallery Module 3.1.1 - Remote Include Command Injection My_EGallery Module 3.1.1 - Remote File Inclusion Command Injection Apache 2.0.4x mod_php Module File Descriptor Leakage (1) Apache 2.0.4x mod_php Module File Descriptor Leakage (2) Apache 2.0.4x mod_php Module - File Descriptor Leakage (1) Apache 2.0.4x mod_php Module - File Descriptor Leakage (2) Apache 2.0.4x mod_perl Module File Descriptor Leakage Apache 2.0.4x mod_perl Module - File Descriptor Leakage Laurent Adda Les Commentaires 2.0 PHP Script fonctions.lib.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 PHP Script derniers_commentaires.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 PHP Script admin.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script fonctions.lib.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion NewsTraXor Website Management Script 2.9 beta Database Disclosure NewsTraXor Website Management Script 2.9 beta - Database Disclosure Adam Webb NukeJokes 1.7/2.0 Module modules.php jokeid Parameter SQL Injection Adam Webb NukeJokes 1.7/2.0 Module - modules.php jokeid Parameter SQL Injection PHP 4/5 Input/Output Wrapper Remote Include Function Command Execution Weakness PHP 4/5 Input/Output Wrapper Remote File Inclusion Function Command Execution Weakness Sambar Server 6.1 beta 2 show.asp show Parameter XSS Sambar Server 6.1 beta 2 showperf.asp title Parameter XSS Sambar Server 6.1 beta 2 showini.asp Arbitrary File Access Sambar Server 6.1 beta 2 - show.asp show Parameter XSS Sambar Server 6.1 beta 2 - showperf.asp title Parameter XSS Sambar Server 6.1 beta 2 - showini.asp Arbitrary File Access EasyWeb 1.0 FileManager Module Directory Traversal EasyWeb 1.0 FileManager Module - Directory Traversal EasyIns Stadtportal 4.0 Site Parameter Remote File Inclusion EasyIns Stadtportal 4.0 - Site Parameter Remote File Inclusion Free Web Chat Initial Release UserManager.java Null Pointer DoS Free Web Chat Initial Release Connection Saturation DoS Free Web Chat Initial Release - UserManager.java Null Pointer DoS Free Web Chat Initial Release - Connection Saturation DoS Cerulean Studios Trillian Client 0.74 MSN Module Remote Buffer Overflow Cerulean Studios Trillian Client 0.74 MSN Module - Remote Buffer Overflow TP-Link TL-WR740N Wireless Router - Denial of Service Exploit TP-Link TL-WR740N Wireless Router - Denial of Service Singapore 0.9.11 beta Image Gallery Index.php Cross-Site Scripting Singapore 0.9.11 beta Image Gallery - Index.php Cross-Site Scripting Datenbank Module For PHPBB Remote Mod.php Cross-Site Scripting Datenbank Module For PHPBB - Remote Mod.php Cross-Site Scripting Convert-UUlib 1.04/1.05 Perl Module Buffer Overflow Convert-UUlib 1.04/1.05 Perl Module - Buffer Overflow Atomic Photo Album 0.x/1.0 Apa_PHPInclude.INC.php Remote File Inclusion Atomic Photo Album 0.x/1.0 - Apa_PHPInclude.INC.php Remote File Inclusion Comdev ECommerce 3.0 Config.php Remote File Inclusion Comdev ECommerce 3.0 - Config.php Remote File Inclusion PHPTB Topic Board 2.0 admin_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 board_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 dev_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 file_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 tech_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 - admin_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 - board_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 - dev_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 - file_o.php absolutepath Parameter Remote File Inclusion PHPTB Topic Board 2.0 - tech_o.php absolutepath Parameter Remote File Inclusion PHPWebNotes 2.0 Api.php Remote File Inclusion PHPWebNotes 2.0 - Api.php Remote File Inclusion CMS Made Simple 0.10 Lang.php Remote File Inclusion CMS Made Simple 0.10 - Lang.php Remote File Inclusion MusicBee 2.0.4663 - (.m3u) Denial of Service Exploit MusicBee 2.0.4663 - (.m3u) Denial of Service Help Center Live 1.0/1.2/2.0 Module.php Local File Inclusion Help Center Live 1.0/1.2/2.0 - Module.php Local File Inclusion Edgewall Software Trac 0.9 Ticket Query Module SQL Injection Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection Thwboard Beta 2.8 calendar.php year Parameter SQL Injection Thwboard Beta 2.8 v_profile.php user Parameter SQL Injection Thwboard Beta 2.8 misc.php userid Parameter SQL Injection Thwboard Beta 2.8 - calendar.php year Parameter SQL Injection Thwboard Beta 2.8 - v_profile.php user Parameter SQL Injection Thwboard Beta 2.8 - misc.php userid Parameter SQL Injection Bitweaver 1.1.1 beta list_galleries.php sort_mode Parameter XSS Bitweaver 1.1.1 beta - list_galleries.php sort_mode Parameter XSS OABoard 1.0 Forum Script Remote File Inclusion OABoard 1.0 Forum - Script Remote File Inclusion InTouch 0.5.1 Alpha User Variable SQL Injection InTouch 0.5.1 Alpha - User Variable SQL Injection LinPHA 0.9.x/1.0 install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 sec_stage_install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 forth_stage_install.php language Variable POST Method Local File Inclusion LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion Dotproject 2.0 /includes/db_connect.php baseDir Remote File Inclusion Dotproject 2.0 /includes/session.php baseDir Parameter Remote File Inclusion Dotproject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion Dotproject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion Dotproject 2.0 /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion Dotproject 2.0 /modules/public/date_format.php baseDir Parameter Remote File Inclusion Dotproject 2.0 /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion Dotproject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion Dotproject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion Dotproject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion Dotproject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion Web Host Automation Ltd. Helm 3.2.10 beta domains.asp txtDomainName Parameter XSS Web Host Automation Ltd. Helm 3.2.10 beta default.asp Multiple Parameter XSS Web Host Automation Ltd. Helm 3.2.10 beta - domains.asp txtDomainName Parameter XSS Web Host Automation Ltd. Helm 3.2.10 beta - default.asp Multiple Parameter XSS CutePHP CuteNews 1.4.1 Editnews Module Cross-Site Scripting CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting RadScripts RadLance 7.0 Popup.php Local File Inclusion RadScripts RadLance 7.0 - Popup.php Local File Inclusion dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 admin/articles.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 admin/index.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 - showcatpicks.php file_path Parameter Remote File Inclusion dotWidget for articles 2.0 - showarticle.php file_path Parameter Remote File Inclusion dotWidget for articles 2.0 - admin/authors.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 - admin/articles.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 - admin/index.php Multiple Parameter Remote File Inclusion dotWidget for articles 2.0 - admin/categories.php Multiple Parameter Remote File Inclusion CrisoftRicette 1.0 Cookbook.php Remote File Inclusion CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion MF Piadas 1.0 Admin.php Remote File Inclusion MF Piadas 1.0 - Admin.php Remote File Inclusion ExtCalendar 2.0 ExtCalendar.php Remote File Inclusion ExtCalendar 2.0 - ExtCalendar.php Remote File Inclusion Calendar Module 1.5.7 For Mambo Com_Calendar.php Remote File Inclusion Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion Lussumo Vanilla 1.0 RootDirectory Remote File Inclusion Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion Bosdates 3.x/4.0 Payment.php Remote File Inclusion Bosdates 3.x/4.0 - Payment.php Remote File Inclusion Liga Manager Online 2.0 Joomla! Component Remote File Inclusion Liga Manager Online 2.0 Joomla! Component - Remote File Inclusion Knusperleicht FAQ 1.0 Script Index.php Remote File Inclusion Knusperleicht FAQ 1.0 Script - Index.php Remote File Inclusion MyWebland miniBloggie 1.0 Fname Remote File Inclusion MyWebland miniBloggie 1.0 - Fname Remote File Inclusion PHP-Nuke 2.0 AutoHTML Module Local File Inclusion PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion Reporter 1.0 Mambo Component Reporter.sql.php Remote File Inclusion Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Inclusion Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion Headline Portal Engine 0.x/1.0 HPEInc Parameter Multiple Remote File Inclusion Headline Portal Engine 0.x/1.0 - HPEInc Parameter Multiple Remote File Inclusion Mambo/Joomla Com_comprofiler 1.0 Plugin.class.php Remote File Inclusion Mambo/Joomla Com_comprofiler 1.0 Plugin.- class.php Remote File Inclusion PHP-Proxima 6.0 BB_Smilies.php Local File Inclusion PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion Hitweb 3.0 REP_CLASS Multiple Remote File Inclusion Hitweb 3.0 - REP_CLASS Multiple Remote File Inclusion php_news 2.0 user_user.php language Parameter Remote File Inclusion php_news 2.0 admin/news.php language Parameter Remote File Inclusion php_news 2.0 admin/catagory.php language Parameter Remote File Inclusion php_news 2.0 creat_news_all.php language Parameter Remote File Inclusion php_news 2.0 - user_user.php language Parameter Remote File Inclusion php_news 2.0 - admin/news.php language Parameter Remote File Inclusion php_news 2.0 - admin/catagory.php language Parameter Remote File Inclusion php_news 2.0 - creat_news_all.php language Parameter Remote File Inclusion CommunityPortals 1.0 Bug.php Remote File Inclusion CommunityPortals 1.0 - Bug.php Remote File Inclusion PHPTreeView 1.0 TreeViewClass.php Remote File Inclusion PHPTreeView 1.0 - TreeViewClass.php Remote File Inclusion NewP News Publishing System 1.0 Class.Database.php Remote File Inclusion NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion Boonex 2.0 Dolphin Index.php Remote File Inclusion Boonex 2.0 Dolphin - Index.php Remote File Inclusion Apple Mac OS X 10.4.8 UDIF Disk Image Remote Denial of Service Apple Mac OS X 10.4.8 -UDIF Disk Image Remote Denial of Service Apple Mac OS X 10.4.8 UDTO Disk Image Remote Denial of Service Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service eCardMAX HotEditor 4.0 Keyboard.php Local File Inclusion eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion Comus 2.0 Accept.php Remote File Inclusion Comus 2.0 - Accept.php Remote File Inclusion Active PHP Bookmarks 1.0 APB.php Remote File Inclusion Active PHP Bookmarks 1.0 - APB.php Remote File Inclusion ABC Excel Parser Pro 4.0 Parser_Path Remote File Inclusion ABC Excel Parser Pro 4.0 - Parser_Path Remote File Inclusion PHP-Nuke 8.0 autohtml.php Local File Inclusion PHP-Nuke 8.0 - autohtml.php Local File Inclusion Drupal Ajax Checklist 5.x-1.0 Module Multiple SQL Injection Drupal Ajax Checklist 5.x-1.0 Module - Multiple SQL Injection EagleGet 1.1.8.1 - Denial of Service Exploit EagleGet 1.1.8.1 - Denial of Service Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection Jeebles Technology Jeebles Directory 2.9.60 Download.php Local File Inclusion Jeebles Technology Jeebles Directory 2.9.60 - Download.php Local File Inclusion CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL Injection Phpbasic basicFramework 1.0 Includes.php Remote File Inclusion CodeWidgets Web Based Alpha Tabbed Address Book - Index.ASP SQL Injection Phpbasic basicFramework 1.0 - Includes.php Remote File Inclusion Download Management 1.00 for PHP-Fusion Multiple Local File Inclusion Download Management 1.00 for PHP-Fusion - Multiple Local File Inclusion PlutoStatus Locator 1.0pre alpha 'index.php' Local File Inclusion PlutoStatus Locator 1.0pre alpha - 'index.php' Local File Inclusion Microsoft Internet Explorer 7/8 Beta 1 Frame Location Cross Domain Security Bypass Microsoft Internet Explorer 7/8 Beta 1 - Frame Location Cross Domain Security Bypass miniBB RSS 2.0 Plugin Multiple Remote File Inclusion miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion phpKF-Portal 1.10 baslik.php tema_dizin Parameter Traversal Local File Inclusion phpKF-Portal 1.10 anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion phpKF-Portal 1.10 - baslik.php tema_dizin Parameter Traversal Local File Inclusion phpKF-Portal 1.10 - anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion Couchdb 1.5.0 - uuids DoS Exploit Couchdb 1.5.0 - uuids Denial of Service CuteNews 1.4.6 editnews Module doeditnews Action Admin Moderation Bypass CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass ZTE and TP-Link RomPager - DoS Exploit ZTE and TP-Link RomPager - Denial of Service C99Shell 1.0 pre-release buil 'Ch99.php' Cross-Site Scripting C99Shell 1.0 pre-release build 16 - 'Ch99.php' Cross-Site Scripting Percha Gallery Component 1.6 Beta for Joomla! index.php controller Parameter Traversal Arbitrary File Access Percha Gallery Component 1.6 Beta for Joomla! - index.php controller Parameter Traversal Arbitrary File Access log1 CMS 2.0 Session Handling Remote Security Bypass and Remote File Inclusion log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion Miniwork Studio Canteen 1.0 Component for Joomla! SQL Injection and Local File Inclusion Miniwork Studio Canteen 1.0 Component for Joomla! - SQL Injection / Local File Inclusion CMS Made Simple Download Manager 1.4.1 Module Arbitrary File Upload CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload CMS Made Simple Antz Toolkit 1.02 Module Arbitrary File Upload CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload TWiki 5.0 bin/view rev Parameter XSS TWiki 5.0 - bin/view rev Parameter XSS slickMsg 0.7-alpha 'top.php' Cross-Site Scripting slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting Drupal CAPTCHA Module Security Bypass Drupal CAPTCHA Module - Security Bypass WordPress 4.0 - Denial of Service Exploit WordPress 4.0 - Denial of Service Cradlepoint MBR1400 and MBR1200 Local File Inclusion Cradlepoint MBR1400 and MBR1200 - Local File Inclusion mIRC 'projects.php' Cross-Site Scripting mIRC - 'projects.php' Cross-Site Scripting Apache 'mod_wsgi' Module Information Disclosure Apache 'mod_wsgi' Module - Information Disclosure Microsoft Windows 7 x64 - afd.sys Privilege Escalation (MS14-040) Microsoft Windows 7 (x64) - afd.sys Privilege Escalation (MS14-040) SIEMENS IP-Camera CVMS2025-IR_ CCMS2025 - Credentials Disclosure Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097) Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097)	2016-08-18 05:02:07 +00:00
Offensive Security	29076928d8	DB: 2016-08-17 ... 10 new exploits Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service Exploit Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service LifeType 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit LifeType 1.0.4 - Multiple Vulnerabilities Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote DoS Exploit Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote Denial of Service cms-bandits 2.5 - (spaw_root) Remote File Inclusion Enterprise Payroll Systems 1.1 - (footer) Remote Include CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion 0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash Exploit empris r20020923 - (phormationdir) Remote Include aePartner 0.8.3 - (dir[data]) Remote Include 0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash PoC empris r20020923 - (phormationdir) Remote File Inclusion aePartner 0.8.3 - (dir[data]) Remote File Inclusion SmartSiteCMS 1.0 - (root) Remote File Inclusion Opera 9 - (long href) Remote Denial of Service Exploit SmartSite CMS 1.0 - (root) Remote File Inclusion Opera 9 - (long href) Remote Denial of Service w-Agora 4.2.0 - (inc_dir) Remote File Inclusion Exploit w-Agora 4.2.0 - (inc_dir) Remote File Inclusion BitchX 1.1-final do_hook() Remote Denial of Service Exploit BitchX 1.1-final - do_hook() Remote Denial of Service BLOG:CMS 4.0.0k SQL Injection Exploit BLOG:CMS 4.0.0k - SQL Injection Sun Board 1.00.00 alpha Remote File Inclusion Sun Board 1.00.00 alpha - Remote File Inclusion Mailist 3.0 Insecure Backup/Local File Inclusion Mailist 3.0 - Insecure Backup/Local File Inclusion AdaptCMS 2.0.0 Beta (init.php) Remote File Inclusion AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion VisualShapers ezContents 1.x/2.0 - db.php Arbitrary File Inclusion VisualShapers ezContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion VoteBox 2.0 Votebox.php Remote File Inclusion VoteBox 2.0 - Votebox.php Remote File Inclusion TRG News 3.0 Script Remote File Inclusion TRG News 3.0 Script - Remote File Inclusion Vortex Portal 2.0 content.php act Parameter Remote File Inclusion Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion Shoutbox 1.0 Shoutbox.php Remote File Inclusion Shoutbox 1.0 - Shoutbox.php Remote File Inclusion Ajaxmint Gallery 1.0 Local File Inclusion Ajaxmint Gallery 1.0 - Local File Inclusion Zabbix 2.2.x_ 3.0.x - SQL Injection Microsoft Office Word 2013_2016 - sprmSdyaTop Denial of Service (MS16-099) Zabbix 2.2.x / 3.0.x - SQL Injection Microsoft Office Word 2013/2016 - sprmSdyaTop Denial of Service (MS16-099) Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use After Free PoC Windows x86 - MessageBoxA Shellcode (242 bytes) Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes) Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist Nagios Log Server 1.4.1 - Multiple Vulnerabilities Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV	2016-08-17 05:02:47 +00:00
Offensive Security	52c4bb1e58	DB: 2016-08-14 ... 5 new exploits AWStats (5.0-6.3) Input Validation Hole in 'logfile' AWStats 5.0-6.3 - Input Validation Hole in 'logfile' Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross-Site Scripting Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow WorldMail imapd 3.0 SEH Overflow (egg hunter) WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter) e107 website system 0.7.5 contact.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 download.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 admin.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 fpw.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 news.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - contact.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - download.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - admin.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - fpw.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - news.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 signup.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 submitnews.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - signup.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - submitnews.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 user.php Query String (PATH_INFO) Parameter XSS e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter XSS Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (1) PHP-Nuke Sarkilar Module 'id' Parameter SQL Injection PHP-Nuke Sarkilar Module - 'id' Parameter SQL Injection PHP-Nuke Nuke League Module 'tid' Parameter Cross-Site Scripting PHP-Nuke Nuke League Module - 'tid' Parameter Cross-Site Scripting Kimson CMS 'id' Parameter Cross-Site Scripting Kimson CMS - 'id' Parameter Cross-Site Scripting Ocean12 FAQ Manager Pro 'Keyword' Parameter Cross-Site Scripting Multiple Ocean12 Products 'Admin_ID' Parameter SQL Injection Ocean12 FAQ Manager Pro - 'Keyword' Parameter Cross-Site Scripting Multiple Ocean12 Products - 'Admin_ID' Parameter SQL Injection LinksPro 'OrderDirection' Parameter SQL Injection LinksPro - 'OrderDirection' Parameter SQL Injection PHP-Nuke Downloads Module 'url' Parameter SQL Injection PHP-Nuke Downloads Module - 'url' Parameter SQL Injection PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass PuterJam\'s Blog PJBlog3 3.0.6 \'action.asp\' SQL Injection PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection PHP-Nuke 8.0 Downloads Module 'query' Parameter Cross-Site Scripting PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting Oracle 10g Secure Enterprise Search 'search_p_groups' Parameter Cross-Site Scripting Oracle 10g Secure Enterprise Search - 'search_p_groups' Parameter Cross-Site Scripting Scriptsez Easy Image Downloader 'id' Parameter Cross-Site Scripting Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting XOOPS 2.3.3 \\\'op\\\' Parameter Multiple Cross-Site Scripting Vulnerabilities XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities Joomla! CB Resume Builder 'group_id' Parameter SQL Injection X-Cart Email Subscription 'email' Parameter Cross-Site Scripting Joomla! CB Resume Builder - 'group_id' Parameter SQL Injection X-Cart Email Subscription - 'email' Parameter Cross-Site Scripting RunCMS 'forum' Parameter SQL Injection RunCMS - 'forum' Parameter SQL Injection Multiple JiRo's Products 'files/login.asp' Multiple SQL Injection Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection Elxis 'filename' Parameter Directory Traversal Elxis - 'filename' Parameter Directory Traversal Ez Cart 'sid' Parameter Cross-Site Scripting Ez Cart - 'sid' Parameter Cross-Site Scripting Joomla! iF Portfolio Nexus 'controller' Parameter Remote File Inclusion Joomla! iF Portfolio Nexus - 'controller' Parameter Remote File Inclusion Joomla! Jobads 'type' Parameter SQL Injection Joomla! Jobads - 'type' Parameter SQL Injection Jamit Job Board 'post_id' Parameter Cross-Site Scripting Jamit Job Board - 'post_id' Parameter Cross-Site Scripting Tribisur 'cat' Parameter Cross-Site Scripting Tribisur - 'cat' Parameter Cross-Site Scripting Extreme Mobster 'login' Parameter Cross-Site Scripting Extreme Mobster - 'login' Parameter Cross-Site Scripting Subex Nikira Fraud Management System GUI 'message' Parameter Cross-Site Scripting Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-Site Scripting Softbiz Jobs 'sbad_type' Parameter Cross-Site Scripting Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting HD FLV Player Component for Joomla! 'id' Parameter SQL Injection HD FLV Player Component for Joomla! - 'id' Parameter SQL Injection Spectrum Software WebManager CMS 'pojam' Parameter Cross-Site Scripting Saskia's Shopsystem 'id' Parameter Local File Inclusion Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting Saskia's Shopsystem - 'id' Parameter Local File Inclusion Pars CMS 'RP' Parameter Multiple SQL Injection Pars CMS - 'RP' Parameter Multiple SQL Injection Kasseler CMS News Module 'id' Parameter SQL Injection Kasseler CMS News Module - 'id' Parameter SQL Injection Ziggurat Farsi CMS 'id' Parameter Unspecified Cross-Site Scripting Ziggurat Farsi CMS - 'id' Parameter Unspecified Cross-Site Scripting Vana CMS 'filename' Parameter Remote File Download Vana CMS - 'filename' Parameter Remote File Download Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal Ziggurrat Farsi CMS - 'bck' Parameter Directory Traversal Viennabux Beta! 'cat' Parameter SQL Injection Viennabux Beta! - 'cat' Parameter SQL Injection HP System Management Homepage 'RedirectUrl' Parameter URI Redirection HP System Management Homepage - 'RedirectUrl' Parameter URI Redirection Sterlite SAM300 AX Router 'Stat_Radio' Parameter Cross-Site Scripting Sterlite SAM300 AX Router - 'Stat_Radio' Parameter Cross-Site Scripting Last Wizardz 'id' Parameter SQL Injection Last Wizardz - 'id' Parameter SQL Injection Plesk Server Administrator (PSA) 'locale' Parameter Local File Inclusion Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion VideoWhisper PHP 2 Way Video Chat 'r' Parameter Cross-Site Scripting VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting KubeSupport 'lang' Parameter SQL Injection KubeSupport - 'lang' Parameter SQL Injection ReCMS 'users_lang' Parameter Directory Traversal ReCMS - 'users_lang' Parameter Directory Traversal jCore 'search' Parameter Cross-Site Scripting jCore - 'search' Parameter Cross-Site Scripting PHP168 Template Editor 'filename' Parameter Directory Traversal PHP168 Template Editor - 'filename' Parameter Directory Traversal uzbl \'uzbl-core\' \'@SELECTED_URI\' Mouse Button Bindings Command Injection uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection SyntaxCMS 'rows_per_page' Parameter SQL Injection Edit-X PHP CMS 'search_text' Parameter Cross-Site Scripting SyntaxCMS - 'rows_per_page' Parameter SQL Injection Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting Nasim Guest Book 'page' Parameter Cross-Site Scripting Nasim Guest Book - 'page' Parameter Cross-Site Scripting FreeSchool 'key_words' Parameter Cross-Site Scripting FreeSchool - 'key_words' Parameter Cross-Site Scripting tourismscripts HotelBook 'hotel_id' Parameter Multiple SQL Injection tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection Spiceworks 'query' Parameter Cross-Site Scripting Spiceworks - 'query' Parameter Cross-Site Scripting NWS-Classifieds 'cmd' Parameter Local File Inclusion NWS-Classifieds - 'cmd' Parameter Local File Inclusion WebAsyst Shop-Script PREMIUM 'searchstring' Parameter Cross-Site Scripting WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting Web TV 'chn' Parameter Cross-Site Scripting Web TV - 'chn' Parameter Cross-Site Scripting Honest Traffic 'msg' Parameter Cross-Site Scripting Honest Traffic - 'msg' Parameter Cross-Site Scripting PHP Photo Vote 1.3F 'page' Parameter Cross-Site Scripting PHP Photo Vote 1.3F - 'page' Parameter Cross-Site Scripting Wap-motor 'image' Parameter Directory Traversal Wap-motor - 'image' Parameter Directory Traversal QuarkMail 'tf' Parameter Directory Traversal QuarkMail - 'tf' Parameter Directory Traversal Microsoft Windows VISTA 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution Microsoft Windows VISTA - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution LES PACKS 'ID' Parameter SQL Injection LES PACKS - 'ID' Parameter SQL Injection PHPShop 2.1 EE 'name_new' Parameter Cross-Site Scripting PHPShop 2.1 EE - 'name_new' Parameter Cross-Site Scripting IBM OmniFind 'command' Parameter Cross-Site Scripting IBM OmniFind - 'command' Parameter Cross-Site Scripting Joomla Store Directory 'id' Parameter SQL Injection Joomla Store Directory - 'id' Parameter SQL Injection PHP State 'id' Parameter SQL Injection Joomla Jeformcr 'id' Parameter SQL Injection JExtensions Property Finder Component for Joomla! 'sf_id' Parameter SQL Injection PHP State - 'id' Parameter SQL Injection Joomla Jeformcr - 'id' Parameter SQL Injection JExtensions Property Finder Component for Joomla! - 'sf_id' Parameter SQL Injection Social Share 'postid' Parameter SQL Injection Social Share - 'postid' Parameter SQL Injection Openfiler 'device' Parameter Cross-Site Scripting Openfiler - 'device' Parameter Cross-Site Scripting Social Share 'username' Parameter SQL Injection Social Share - 'username' Parameter SQL Injection Social Share 'search' Parameter Cross-Site Scripting HotWeb Scripts HotWeb Rentals 'PageId' Parameter SQL Injection Social Share - 'search' Parameter Cross-Site Scripting HotWeb Scripts HotWeb Rentals - 'PageId' Parameter SQL Injection SnapProof 'retPageID' Parameter Cross-Site Scripting SnapProof - 'retPageID' Parameter Cross-Site Scripting VidiScript 'vp' Parameter Cross-Site Scripting VidiScript - 'vp' Parameter Cross-Site Scripting PHP-Fusion 'article_id' Parameter SQL Injection PHP-Fusion - 'article_id' Parameter SQL Injection Qianbo Enterprise Web Site Management System 'Keyword' Parameter Cross-Site Scripting RunCMS 'partners' Module 'id' Parameter SQL Injection Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-Site Scripting RunCMS 'partners' Module - 'id' Parameter SQL Injection Technicolor THOMSON TG585v7 Wireless Router 'url' Parameter Cross-Site Scripting Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-Site Scripting SyCtel Design 'menu' Parameter Multiple Local File Inclusion SyCtel Design - 'menu' Parameter Multiple Local File Inclusion phpGraphy 0.9.13 b 'theme_dir' Parameter Cross-Site Scripting phpGraphy 0.9.13 b - 'theme_dir' Parameter Cross-Site Scripting Web Auction 0.3.6 'lang' Parameter Cross-Site Scripting Web Auction 0.3.6 - 'lang' Parameter Cross-Site Scripting Multiple GoT.MY Products 'theme_dir' Parameter Cross-Site Scripting Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting Flash Tag Cloud And MT-Cumulus Plugin 'tagcloud' Parameter Cross-Site Scripting Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting Joomla! 'com_cbcontact' Component 'contact_id' Parameter SQL Injection Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection Joomla! 'com_maplocator' Component 'cid' Parameter SQL Injection Joomla! 'com_maplocator' Component - 'cid' Parameter SQL Injection Tolinet Agencia 'id' Parameter SQL Injection Tolinet Agencia - 'id' Parameter SQL Injection WebFileExplorer 3.6 'user' and 'pass' SQL Injection WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection Sitemagic CMS 'SMTpl' Parameter Directory Traversal Sitemagic CMS - 'SMTpl' Parameter Directory Traversal Nodesforum '_nodesforum_node' Parameter SQL Injection Joomla! 'com_morfeoshow' Component 'idm' Parameter SQL Injection Nodesforum - '_nodesforum_node' Parameter SQL Injection Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection Joomla! 'com_jr_tfb' Component 'controller' Parameter Local File Inclusion Joomla! 'com_jr_tfb' Component - 'controller' Parameter Local File Inclusion eTAWASOL 'id' Parameter SQL Injection eTAWASOL - 'id' Parameter SQL Injection Prontus CMS 'page' Parameter Cross-Site Scripting ICMusic '1.2 music_id' Parameter SQL Injection Prontus CMS - 'page' Parameter Cross-Site Scripting ICMusic 1.2 - 'music_id' Parameter SQL Injection Flowplayer 3.2.7 linkUrl' Parameter Cross-Site Scripting Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting Easy Estate Rental 's_location' Parameter SQL Injection Joomla Foto Component 'id_categoria' Parameter SQL Injection Easy Estate Rental - 's_location' Parameter SQL Injection Joomla Foto Component - 'id_categoria' Parameter SQL Injection Joomla Juicy Gallery Component 'picId' Parameter SQL Injection Joomla Juicy Gallery Component - 'picId' Parameter SQL Injection Joomla Controller Component 'Itemid' Parameter SQL Injection Joomla Controller Component - 'Itemid' Parameter SQL Injection Synergy Software 'id' Parameter SQL Injection Godly Forums 'id' Parameter SQL Injection Synergy Software - 'id' Parameter SQL Injection Godly Forums - 'id' Parameter SQL Injection MyBB MyTabs Plugin 'tab' Parameter SQL Injection MyBB MyTabs Plugin - 'tab' Parameter SQL Injection mt LinkDatenbank 'b' Parameter Cross-Site Scripting mt LinkDatenbank - 'b' Parameter Cross-Site Scripting Joomla! Slideshow Gallery Component 'id' Parameter SQL Injection Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection Joomla! 'com_community' Component 'userid' Parameter SQL Injection Joomla! 'com_community' Component - 'userid' Parameter SQL Injection phpWebSite 'page_id' Parameter Cross-Site Scripting phpWebSite - 'page_id' Parameter Cross-Site Scripting Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection VicBlog 'tag' Parameter SQL Injection Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection VicBlog - 'tag' Parameter SQL Injection Kisanji 'gr' Parameter Cross-Site Scripting Kisanji - 'gr' Parameter Cross-Site Scripting Joomla! 'com_biitatemplateshop' Component 'groups' Parameter SQL Injection Joomla! 'com_biitatemplateshop' Component - 'groups' Parameter SQL Injection Vanira CMS 'vtpidshow' Parameter SQL Injection Vanira CMS - 'vtpidshow' Parameter SQL Injection Joomla! 'com_expedition' Component 'id' Parameter SQL Injection Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection Joomla! 'com_tree' Component 'key' Parameter SQL Injection Joomla! 'com_br' Component 'state_id' Parameter SQL Injection Joomla! 'com_shop' Component 'id' Parameter SQL Injection Joomla! 'com_tree' Component - 'key' Parameter SQL Injection Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection Joomla! 'com_shop' Component - 'id' Parameter SQL Injection Splunk 4.1.6 'segment' Parameter Cross-Site Scripting Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting Multiple Cisco Products 'file' Parameter Directory Traversal Multiple Cisco Products - 'file' Parameter Directory Traversal IBSng B1.34(T96) 'str' Parameter Cross-Site Scripting IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting SmartJobBoard 'keywords' Parameter Cross-Site Scripting SmartJobBoard - 'keywords' Parameter Cross-Site Scripting Joomla Content Component 'year' Parameter SQL Injection Joomla Content Component - 'year' Parameter SQL Injection Webistry 1.6 'pid' Parameter SQL Injection Webistry 1.6 - 'pid' Parameter SQL Injection WordPress Skysa App Bar Plugin 'idnews' Parameter Cross-Site Scripting WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting Video Community Portal 'userID' Parameter SQL Injection Video Community Portal - 'userID' Parameter SQL Injection PHP Booking Calendar 10e 'page_info_message' Parameter Cross-Site Scripting Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection Joomla! 'com_caproductprices' Component 'id' Parameter SQL Injection Joomla! 'com_caproductprices' Component - 'id' Parameter SQL Injection GraphicsClone Script 'term' parameter Cross-Site Scripting GraphicsClone Script - 'term' parameter Cross-Site Scripting PostNuke pnAddressbook Module 'id' Parameter SQL Injection PostNuke pnAddressbook Module - 'id' Parameter SQL Injection Joomla! 'com_br' Component 'controller' Parameter Local File Inclusion Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion Joomla! Full 'com_full' Component 'id' Parameter SQL Injection Joomla! Full 'com_full' Component - 'id' Parameter SQL Injection Joomla! 'com_xball' Component 'team_id' Parameter SQL Injection Joomla! 'com_boss' Component 'controller' Parameter Local File Inclusion Joomla! 'com_xball' Component - 'team_id' Parameter SQL Injection Joomla! 'com_boss' Component - 'controller' Parameter Local File Inclusion Joomla! 'com_some' Component 'controller' Parameter Local File Inclusion Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Inclusion Joomla! 'com_kp' Component 'controller' Parameter Local File Inclusion Joomla! 'com_some' Component - 'controller' Parameter Local File Inclusion Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion Ultimate Locator 'radius' Parameter SQL Injection Joomla! 'com_jesubmit' Component 'index.php' Arbitrary File Upload Ultimate Locator - 'radius' Parameter SQL Injection Joomla! 'com_jesubmit' Component - 'index.php' Arbitrary File Upload Joomla! 'com_motor' Component 'cid' Parameter SQL Injection Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection Joomla! 'com_firmy' Component 'Id' Parameter SQL Injection Joomla! 'com_firmy' Component - 'Id' Parameter SQL Injection Joomla! 'com_crhotels' Component 'catid' Parameter SQL Injection Joomla! 'com_propertylab' Component 'id' Parameter SQL Injection Joomla! 'com_crhotels' Component - 'catid' Parameter SQL Injection Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection Joomla! 'com_cmotour' Component 'id' Parameter SQL Injection Joomla! 'com_cmotour' Component - 'id' Parameter SQL Injection Joomla! 'com_bnf' Component 'seccion_id' Parameter SQL Injection Joomla! 'com_bnf' Component - 'seccion_id' Parameter SQL Injection Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting Joomla! Currency Converter Component - 'from' Parameter Cross-Site Scripting RabbitWiki 'title' Parameter Cross-Site Scripting RabbitWiki - 'title' Parameter Cross-Site Scripting Zimbra 'view' Parameter Cross-Site Scripting Zimbra - 'view' Parameter Cross-Site Scripting SMW+ 1.5.6 'target' Parameter HTML Injection SMW+ 1.5.6 - 'target' Parameter HTML Injection ProWiki 'id' Parameter Cross-Site Scripting ProWiki - 'id' Parameter Cross-Site Scripting Tiki Wiki CMS Groupware 'url' Parameter URI Redirection Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection Impulsio CMS 'id' Parameter SQL Injection Impulsio CMS - 'id' Parameter SQL Injection Joomla! X-Shop Component 'idd' Parameter SQL Injection Joomla! X-Shop Component - 'idd' Parameter SQL Injection Joomla! 'com_xvs' Component 'controller' Parameter Local File Inclusion Joomla! 'com_xvs' Component - 'controller' Parameter Local File Inclusion starCMS 'q' Parameter URI Cross-Site Scripting starCMS - 'q' Parameter URI Cross-Site Scripting JPM Article Script 6 'page2' Parameter SQL Injection JPM Article Script 6 - 'page2' Parameter SQL Injection LeKommerce 'id' Parameter SQL Injection LeKommerce - 'id' Parameter SQL Injection Event Calendar PHP 'cal_year' Parameter Cross-Site Scripting Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting XM Forum 'id' Parameter Multiple SQL Injection Uiga FanClub 'p' Parameter SQL Injection XM Forum - 'id' Parameter Multiple SQL Injection Uiga FanClub - 'p' Parameter SQL Injection WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross-Site Scripting WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting Ramui Forum Script 'query' Parameter Cross-Site Scripting Ramui Forum Script - 'query' Parameter Cross-Site Scripting GD Star Rating 1.9.16 'tpl_section' Parameter Cross-Site Scripting GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting LongTail JW Player 'debug' Parameter Cross-Site Scripting LongTail JW Player - 'debug' Parameter Cross-Site Scripting Small-Cms 'hostname' Parameter Remote PHP Code Injection Small-Cms - 'hostname' Parameter Remote PHP Code Injection Joomla! Alphacontent Component 'limitstart' Parameter SQL Injection Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection Flogr 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities Flogr - 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities e107 Image Gallery Plugin 'name' Parameter Remote File Disclosure e107 Image Gallery Plugin - 'name' Parameter Remote File Disclosure Joomla! 'com_szallasok' Component 'id' Parameter SQL Injection Joomla! 'com_szallasok' Component - 'id' Parameter SQL Injection SWFUpload 'movieName' Parameter Cross-Site Scripting SWFUpload - 'movieName' Parameter Cross-Site Scripting WordPress SocialFit Plugin 'msg' Parameter Cross-Site Scripting WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting WordPress church_admin Plugin 'id' parameter Cross-Site Scripting WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting WordPress church_admin Plugin - 'id' parameter Cross-Site Scripting sflog! 'section' Parameter Local File Inclusion sflog! - 'section' Parameter Local File Inclusion WebsitePanel 'ReturnUrl' Parameter URI Redirection WebsitePanel - 'ReturnUrl' Parameter URI Redirection WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Inclusion web@all 'name' Parameter Cross-Site Scripting WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion web@all - 'name' Parameter Cross-Site Scripting Joomla! 'com_hello' Component 'controller' Parameter Local File Inclusion Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion REDAXO 'subpage' Parameter Cross-Site Scripting Joomla Odudeprofile component 'profession' Parameter SQL Injection REDAXO - 'subpage' Parameter Cross-Site Scripting Joomla Odudeprofile component - 'profession' Parameter SQL Injection BarCodeWiz 'BarcodeWiz.dll' ActiveX Control 'Barcode' Method Remote Buffer Overflow BarCodeWiz 'BarcodeWiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow JW Player 'playerready' Parameter Cross-Site Scripting eNdonesia 'cid' Parameter SQL Injection JW Player - 'playerready' Parameter Cross-Site Scripting eNdonesia - 'cid' Parameter SQL Injection ntop 'arbfile' Parameter Cross-Site Scripting ntop - 'arbfile' Parameter Cross-Site Scripting Elefant CMS 'id' Parameter Cross-Site Scripting Elefant CMS - 'id' Parameter Cross-Site Scripting YT-Videos Script 'id' Parameter SQL Injection YT-Videos Script - 'id' Parameter SQL Injection GetSimple 'path' Parameter Local File Inclusion GetSimple - 'path' Parameter Local File Inclusion LISTSERV 16 'SHOWTPL' Parameter Cross-Site Scripting LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting JPM Article Blog Script 6 'tid' Parameter Cross-Site Scripting JPM Article Blog Script 6 - 'tid' Parameter Cross-Site Scripting KindEditor 'name' Parameter Cross-Site Scripting KindEditor - 'name' Parameter Cross-Site Scripting PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Inclusion PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion JW Player 'logo.link' Parameter Cross-Site Scripting JW Player - 'logo.link' Parameter Cross-Site Scripting PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion Joomla! Komento Component 'cid' Parameter SQL Injection PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion Joomla! Komento Component - 'cid' Parameter SQL Injection WordPress Cloudsafe365 Plugin 'file' Parameter Remote File Disclosure WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure Wiki Web Help 'configpath' Parameter Remote File Inclusion Wiki Web Help - 'configpath' Parameter Remote File Inclusion LiteSpeed Web Server 'gtitle' parameter Cross-Site Scripting LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting WordPress Download Monitor Plugin 'dlsearch' Parameter Cross-Site Scripting WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting FBDj 'id' Parameter SQL Injection FBDj - 'id' Parameter SQL Injection vBSEO 'u' parameter Cross-Site Scripting vBSEO - 'u' parameter Cross-Site Scripting WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Inclusion WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion TAGWORX.CMS 'cid' Parameter SQL Injection TAGWORX.CMS - 'cid' Parameter SQL Injection WordPress Video Lead Form Plugin 'errMsg' Parameter Cross-Site Scripting WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting WordPress ABC Test Plugin 'id' Parameter Cross-Site Scripting WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting Open Realty 'select_users_lang' Parameter Local File Inclusion Open Realty - 'select_users_lang' Parameter Local File Inclusion FirePass 7.0 SSL VPN 'refreshURL' Parameter URI Redirection FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection SMF 'view' Parameter Cross-Site Scripting SMF - 'view' Parameter Cross-Site Scripting Gramophone 'rs' Parameter Cross-Site Scripting Gramophone - 'rs' Parameter Cross-Site Scripting Joomla! com_parcoauto Component 'idVeicolo' Parameter SQL Injection Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection OrangeHRM 'sortField' Parameter SQL Injection WordPress FLV Player Plugin 'id' Parameter SQL Injection OrangeHRM - 'sortField' Parameter SQL Injection WordPress FLV Player Plugin - 'id' Parameter SQL Injection WordPress Kakao Theme 'ID' Parameter SQL Injection WordPress PHP Event Calendar Plugin 'cid' Parameter SQL Injection WordPress Eco-annu Plugin 'eid' Parameter SQL Injection WordPress Kakao Theme - 'ID' Parameter SQL Injection WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection WordPress Dailyedition-mouss Theme 'id' Parameter SQL Injection WordPress Tagged Albums Plugin 'id' Parameter SQL Injection WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection Omni-Secure 'dir' Parameter Multiple File Disclosure Vulnerabilities Friends in War The FAQ Manager 'question' Parameter SQL Injection Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities Friends in War The FAQ Manager - 'question' Parameter SQL Injection openSIS 'modname' Parameter Local File Inclusion openSIS - 'modname' Parameter Local File Inclusion WordPress Madebymilk Theme 'id' Parameter SQL Injection WordPress Madebymilk Theme - 'id' Parameter SQL Injection WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload WordPress Webplayer Plugin 'id' Parameter SQL Injection WordPress Plg Novana Plugin 'id' Parameter SQL Injection WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload WordPress Webplayer Plugin - 'id' Parameter SQL Injection WordPress Plg Novana Plugin - 'id' Parameter SQL Injection WordPress Magazine Basic Theme 'id' Parameter SQL Injection WordPress Magazine Basic Theme - 'id' Parameter SQL Injection WordPress Ads Box Plugin 'count' Parameter SQL Injection WordPress Ads Box Plugin - 'count' Parameter SQL Injection Forescout CounterACT 'a' Parameter Open Redirection WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection Forescout CounterACT - 'a' Parameter Open Redirection WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection WordPress Toolbox Theme 'mls' Parameter SQL Injection Elastix 'page' Parameter Cross-Site Scripting TinyMCPUK 'test' Parameter Cross-Site Scripting WordPress Toolbox Theme - 'mls' Parameter SQL Injection Elastix - 'page' Parameter Cross-Site Scripting TinyMCPUK - 'test' Parameter Cross-Site Scripting WordPress Zingiri Forums Plugin 'language' Parameter Local File Inclusion WordPress Nest Theme 'codigo' Parameter SQL Injection Sourcefabric Newscoop 'f_email' Parameter SQL Injection WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion WordPress Nest Theme - 'codigo' Parameter SQL Injection Sourcefabric Newscoop - 'f_email' Parameter SQL Injection FOOT Gestion 'id' Parameter SQL Injection FOOT Gestion - 'id' Parameter SQL Injection PHP Address Book 'group' Parameter Cross-Site Scripting PHP Address Book - 'group' Parameter Cross-Site Scripting Joomla! ZT Autolinks Component 'controller' Parameter Local File Inclusion Joomla! Bit Component 'controller' Parameter Local File Inclusion Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion Joomla! Bit Component - 'controller' Parameter Local File Inclusion MyBB Transactions Plugin 'transaction' Parameter SQL Injection MyBB Transactions Plugin - 'transaction' Parameter SQL Injection WHM 'filtername' Parameter Cross-Site Scripting WHM - 'filtername' Parameter Cross-Site Scripting Havalite CMS 'comment' Parameter HTML Injection Havalite CMS - 'comment' Parameter HTML Injection WordPress NextGEN Gallery Plugin 'test-head' Parameter Cross-Site Scripting WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting WordPress Gallery Plugin 'filename_1' Parameter Remote Arbitrary File Access WordPress Gallery Plugin - 'filename_1' Parameter Remote Arbitrary File Access phpLiteAdmin 'table' Parameter SQL Injection IP.Gallery 'img' Parameter SQL Injection phpLiteAdmin - 'table' Parameter SQL Injection IP.Gallery - 'img' Parameter SQL Injection gpEasy CMS 'section' Parameter Cross-Site Scripting gpEasy CMS - 'section' Parameter Cross-Site Scripting iCart Pro 'section' Parameter SQL Injection iCart Pro - 'section' Parameter SQL Injection WordPress WP-Table Reloaded Plugin 'id' Parameter Cross-Site Scripting WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross-Site Scripting WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting WordPress Audio Player Plugin 'playerID' Parameter Cross-Site Scripting WordPress Pinboard Theme 'tab' Parameter Cross-Site Scripting WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting Squirrelcart 'table' Parameter Cross-Site Scripting Squirrelcart - 'table' Parameter Cross-Site Scripting OpenEMR 'site' Parameter Cross-Site Scripting OpenEMR - 'site' Parameter Cross-Site Scripting WordPress Uploader Plugin 'blog' Parameter Cross-Site Scripting WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting WordPress Count Per Day Plugin 'daytoshow' Parameter Cross-Site Scripting WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting WordPress podPress Plugin 'playerID' Parameter Cross-Site Scripting WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting Jaow CMS 'add_ons' Parameter Cross-Site Scripting Jaow CMS - 'add_ons' Parameter Cross-Site Scripting WordPress Feedweb Plugin 'wp_post_id' Parameter Cross-Site Scripting WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting Symphony 'sort' Parameter SQL Injection Symphony - 'sort' Parameter SQL Injection WordPress Traffic Analyzer Plugin 'aoid' Parameter Cross-Site Scripting WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting WordPress Spiffy XSPF Player Plugin 'playlist_id' Parameter SQL Injection WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection WordPress Spider Video Player Plugin 'theme' Parameter SQL Injection Request Tracker 'ShowPending' Parameter SQL Injection WordPress Spider Video Player Plugin - 'theme' Parameter SQL Injection Request Tracker - 'ShowPending' Parameter SQL Injection Fork CMS 'file' Parameter Local File Inclusion Fork CMS - 'file' Parameter Local File Inclusion WordPress wp-FileManager Plugin 'path' Parameter Arbitrary File Download Open Flash Chart 'get-data' Parameter Cross-Site Scripting WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download Open Flash Chart - 'get-data' Parameter Cross-Site Scripting Jojo CMS 'search' Parameter Cross-Site Scripting Jojo CMS - 'search' Parameter Cross-Site Scripting WordPress Ambience Theme 'src' Parameter Cross-Site Scripting WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting TaxiMonger for Android 'name' Parameter HTML Injection TaxiMonger for Android - 'name' Parameter HTML Injection ZamFoo 'date' Parameter Remote Command Injection ZamFoo - 'date' Parameter Remote Command Injection Xorbin Analog Flash Clock 'widgetUrl' Parameter Cross-Site Scripting Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting WordPress WP Feed Plugin 'nid' Parameter SQL Injection WordPress Category Grid View Gallery Plugin 'ID' Parameter Cross-Site Scripting WordPress WP Feed Plugin - 'nid' Parameter SQL Injection WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting WordPress FlagEm Plugin 'cID' Parameter Cross-Site Scripting WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting Xibo 'layout' Parameter HTML Injection Xibo - 'layout' Parameter HTML Injection Flo CMS 'archivem' Parameter SQL Injection Flo CMS - 'archivem' Parameter SQL Injection eTransfer Lite 'file name' Parameter HTML Injection WordPress mukioplayer4wp Plugin 'cid' Parameter SQL Injection eTransfer Lite - 'file name' Parameter HTML Injection WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection Monstra CMS 'login' Parameter SQL Injection Monstra CMS - 'login' Parameter SQL Injection Joomla! JVideoClip Component 'uid' Parameter SQL Injection Joomla! JVideoClip Component - 'uid' Parameter SQL Injection WordPress WP-Realty Plugin 'listing_id' Parameter SQL Injection WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload Joomla! Maian15 Component - 'name' Parameter Arbitrary Shell Upload Nagios XI 'tfPassword' Parameter SQL Injection Nagios XI - 'tfPassword' Parameter SQL Injection Enorth Webpublisher CMS 'thisday' Parameter SQL Injection Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection WordPress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection eduTrac 'showmask' Parameter Directory Traversal eduTrac - 'showmask' Parameter Directory Traversal Veno File Manager 'q' Parameter Arbitrary File Download Veno File Manager - 'q' Parameter Arbitrary File Download Leed 'id' Parameter SQL Injection Leed - 'id' Parameter SQL Injection xBoard 'post' Parameter Local File Inclusion xBoard - 'post' Parameter Local File Inclusion i-doit Pro 'objID' Parameter SQL Injection i-doit Pro - 'objID' Parameter SQL Injection Joomla! Sexy Polling Extension 'answer_id' Parameter SQL Injection Joomla! Sexy Polling Extension - 'answer_id' Parameter SQL Injection XOS Shop 'goto' Parameter SQL Injection XOS Shop - 'goto' Parameter SQL Injection Eventum 'hostname' Parameter Remote Code Execution Eventum - 'hostname' Parameter Remote Code Execution WordPress Relevanssi Plugin 'category_name' Parameter SQL Injection WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection Professional Designer E-Store 'id' Parameter Multiple SQL Injection Professional Designer E-Store - 'id' Parameter Multiple SQL Injection MeiuPic 'ctl' Parameter Local File Inclusion MeiuPic - 'ctl' Parameter Local File Inclusion Jorjweb 'id' Parameter SQL Injection qEngine 'run' Parameter Local File Inclusion Jorjweb - 'id' Parameter SQL Injection qEngine - 'run' Parameter Local File Inclusion Seo Panel 'file' Parameter Directory Traversal Seo Panel - 'file' Parameter Directory Traversal ZeusCart 'prodid' Parameter SQL Injection ZeusCart - 'prodid' Parameter SQL Injection VoipSwitch 'action' Parameter Local File Inclusion VoipSwitch - 'action' Parameter Local File Inclusion Joomla! Spider Video Player Extension 'theme' Parameter SQL Injection Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042) Microsoft Office Excel - Out-of-Bounds Read Remote Code Execution (MS16-042) Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099) FreePBX 13 / 14 - Remote Code Execution Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (2) Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit	2016-08-14 05:06:43 +00:00
Offensive Security	832f9cf8b5	DB: 2016-08-11 ... 10 new exploits Nagios Network Analyzer 2.2.1 - Multiple CSRF Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes) Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes) Microsoft Office Word 2007_2010_2013_2016 - Out-of-Bounds Read Remote Code Execution (MS16-099) vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF) EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation EyeLock nano NXT 3.5 - Local File Disclosure EyeLock nano NXT 3.5 - Remote Root Exploit WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities SAP SAPCAR - Multiple Vulnerabilities	2016-08-11 05:08:59 +00:00
Offensive Security	9821fd03b3	DB: 2016-08-09 ... 4 new exploits VMware 5.5.1 COM Object Arbitrary Partition Table Delete Exploit VMware 5.5.1 - COM Object Arbitrary Partition Table Delete Exploit VMware Inc 6.0.0 CreateProcess Remote Code Execution Exploit VMware Inc 6.0.0 - CreateProcess Remote Code Execution Exploit VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS VMware Workstation - (hcmon.sys 6.0.0.45731) Local DoS VMware COM API ActiveX Remote Buffer Overflow PoC VMware - COM API ActiveX Remote Buffer Overflow PoC RoundCube Webmail 0.2-3 beta Code Execution RoundCube Webmail 0.2-3 beta - Code Execution VMWare Fusion 2.0.5 - vmx86 kext Kernel Local Root Exploit VMware Fusion 2.0.5 - vmx86 kext Kernel Local Root Exploit VMWare Fusion 2.0.5 vmx86 kext Local PoC VMware Fusion 2.0.5 - vmx86 kext Local PoC VMware Remote Console e.x.p build-158248 - format string VMware Remote Console e.x.p build-158248 - Format String VMware Workstation 7.1.1 VMkbd.sys Denial of Service Exploit VMware Workstation 7.1.1 - VMkbd.sys Denial of Service Exploit VMware Tools update OS Command Injection VMware Tools - Update OS Command Injection VMware Update Manager Directory Traversal VMware - Update Manager Directory Traversal VMWare 1.0.1 - Buffer Overflow VMware 1.0.1 - Buffer Overflow VMWare GSX Server 2.0 - Authentication Server Buffer Overflow VMware GSX Server 2.0 - Authentication Server Buffer Overflow VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload VMware vCenter - Chargeback Manager ImageUploadServlet Arbitrary File Upload VMware Player 1.0.1 Build 19317 Malformed VMX File Denial of Service VMware Player 1.0.1 Build 19317 - Malformed VMX File Denial of Service VMware 5.5.1 Partition Table Deletion Denial of Service VMware 5.5.1 - Partition Table Deletion Denial of Service VMware Server 2.0.1_ESXi Server 3.5 - Directory Traversal VMware Server 2.0.1 / ESXi Server 3.5 - Directory Traversal VMware View 3.1.x URL Processing Cross-Site Scripting VMware View 3.1.x - URL Processing Cross-Site Scripting PHPCollab 2.5 - SQL Injection PHPCollab 2.5 - (deletetopics.php) SQL Injection phpCollab 2.5 Database Backup Information Disclosure phpCollab 2.5 - Database Backup Information Disclosure phpCollab 2.5 uploadfile.php Crafted Request Arbitrary Non-PHP File Upload phpCollab 2.5 - uploadfile.php Crafted Request Arbitrary Non-PHP File Upload phpCollab 2.5 Unauthenticated Direct Request Multiple Protected Page Access phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service Wireshark 1.12.0 - 1.12.12 - NDS Dissector Denial of Service Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - WSP Dissector Denial of Service Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - RLC Dissector Denial of Service Wireshark 2.0.0 - 2.0.4 - CORBA IDL Dissectors Denial of Service Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - PacketBB Dissector Denial of Service Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - WSP Dissector Denial of Service Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - RLC Dissector Denial of Service Navis WebAccess - SQL Injection phpCollab CMS 2.5 - (emailusers.php) SQL Injection Microsoft Windows Group Policy - Privilege Escalation (MS16-072) WordPress Add From Server Plugin < 3.3.2 - (File Upload) CSRF	2016-08-09 05:02:52 +00:00
Offensive Security	e161127711	DB: 2016-08-07 ... 8 new exploits Kodi Web Server 16.1 - Denial of Service NUUO NVRmini 2 3.0.8 - Remote Root Exploit NUUO NVRmini 2 3.0.8 - (Add Admin) CSRF NUUO NVRmini 2 3.0.8 - Local File Disclosure NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection NUUO NVRmini 2 3.0.8 - ShellShock Remote Code Execution NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access	2016-08-07 05:06:35 +00:00