exploit-db-mirror

Author	SHA1	Message	Date
g0tmi1k	1d549a3241	Merge pull request #69 from g0tmi1k/searchsploit Fixes for #64, #66 & #67 (Take 2)	2016-12-20 14:31:55 +00:00
g0tmi1k	688cd13e96	Fix for #67 - Show result when their’s only 1 for nmap’s XML mode	2016-12-20 14:30:14 +00:00
g0tmi1k	c00b72665a	Fix for #66 - Process the last port in nmap’s XML mode	2016-12-20 14:12:29 +00:00
g0tmi1k	2b92095822	Better solution for #64	2016-12-20 11:14:28 +00:00
Offensive Security	62dddb2f49	DB: 2016-12-20 9 new exploits Apache 2.2 - (Windows) Local Denial of Service Apache 2.2 (Windows) - Local Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x (Mod_JK) - Chunked Encoding Denial of Service Apache 2.4.7 mod_status - Scoreboard Handling Race Condition Apache 2.4.7 (mod_status) - Scoreboard Handling Race Condition Google Chrome < 31.0.1650.48 - HTTP 1xx base::StringTokenizerT<...>::QuickGetNext Out-of-Bounds Read Apache 1.3.31 mod_include - Local Buffer Overflow Apache 1.3.31 (mod_include) - Local Buffer Overflow Gopher 3.0.9 - (+VIEWS) Remote Client Side Buffer Overflow Gopher 3.0.9 - (+VIEWS) Remote Client-Side Buffer Overflow Apache 'Mod_Auth_OpenID' - Session Stealing Apache (Mod_Auth_OpenID) - Session Stealing Apache 2.0.4x mod_php Module - File Descriptor Leakage (1) Apache 2.0.4x mod_php Module - File Descriptor Leakage (2) Apache 2.0.4x (mod_php) - File Descriptor Leakage (1) Apache 2.0.4x (mod_php) - File Descriptor Leakage (2) Apache 2.0.4x mod_perl Module - File Descriptor Leakage (3) Apache 2.0.4x (mod_perl) - File Descriptor Leakage (3) Apache 1.3.x mod_include - Local Buffer Overflow Apache 1.3.x (mod_include) - Local Buffer Overflow Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command Execution Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) Google Chrome + Fedora 25 / Ubuntu 16.04 - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download Apache 1.3.x mod_mylo - Remote Code Execution Apache 1.3.x (mod_mylo) - Remote Code Execution Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure Apache 1.3.x < 2.0.48 (mod_userdir) - Remote Users Disclosure Apache mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2) Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Exploit (2) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (2) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting Apache (mod_perl) - 'Apache::Status' / 'Apache2::Status' Cross-Site Scripting Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit Apache 2.2.14 (mod_isapi) - Dangling Pointer Remote SYSTEM Exploit Apache (Windows x86) - (Windows x86) Chunked Encoding (Metasploit) Apache (Windows x86) - Chunked Encoding (Metasploit) Apache mod_proxy - Reverse Proxy Exposure (PoC) Apache (mod_proxy) - Reverse Proxy Exposure (PoC) Apache 1.3.20 - Win32 PHP.exe Remote File Disclosure Apache 1.3.20 (Win32) - 'PHP.exe' Remote File Disclosure Apache mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1) Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Exploit (1) Joomla! Component 'com_media' - Arbitrary File Upload (Metasploit) Joomla! Component Media Manager - Arbitrary File Upload (Metasploit) Apache 2.2.6 - 'mod_negotiation' HTML Injection and HTTP Response Splitting Apache 2.2.6 (mod_negotiation) - HTML Injection and HTTP Response Splitting Apache 7.0.x 'mod_proxy'- Reverse Proxy Security Bypass Apache 7.0.x (mod_proxy) - Reverse Proxy Security Bypass Apache 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass Apache 2.2.15 (mod_proxy) - Reverse Proxy Security Bypass Apache 'mod_wsgi' Module - Information Disclosure Apache (mod_wsgi) - Information Disclosure Joomla! Component 'com_jp_jobs' 1.4.1 - SQL Injection Joomla! Component JP Jobs 1.4.1 - SQL Injection Joomla! Component 'com_joomlapicasa' 2.0 - Local File Inclusion Joomla! Component Picasa 2.0 - Local File Inclusion Joomla! Component 'com_jinventory' - Local File Inclusion Joomla! Component JInventory 1.23.02 - Local File Inclusion Joomla! Component 'com_loginbox' - Local File Inclusion Joomla! Component LoginBox - Local File Inclusion Joomla! Component 'com_Joomlaupdater' - Local File Inclusion Joomla! Component Magic Updater - Local File Inclusion Joomla! Component 'com_news_portal' 1.5.x - Local File Inclusion Joomla! Component 'com_fss' 1.3 - 'faqid' Parameter SQL Injection Joomla! Component News Portal 1.5.x - Local File Inclusion Joomla! Component Freestyle FAQ Lite 1.3 - 'faqid' Parameter SQL Injection Joomla! Component 'com_jwhmcs' 1.5.0 - Local File Inclusion Joomla! Component 'com_jukebox' 1.7 - Local File Inclusion Joomla! Component 'com_Joomlaflickr' 1.0 - Local File Inclusion Joomla! Component 'com_hsconfig' 1.5 - Local File Inclusion Joomla! Component 'com_fabrik' 2.0 - Local File Inclusion Joomla! Component 'com_datafeeds' 880 - Local File Inclusion Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion Joomla! Component Juke Box 1.7 - Local File Inclusion Joomla! Component Joomla Flickr 1.0 - Local File Inclusion Joomla! Component Highslide 1.5 - Local File Inclusion Joomla! Component Fabrik 2.0 - Local File Inclusion Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion Joomla! Component 'com_foobla_suggestions' 1.5.1.2 - Local File Inclusion Joomla! Component 'com_javoice' - Local File Inclusion Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion Joomla! Component JA Voice 2.0 - Local File Inclusion Joomla! Component 'com_jfeedback' - Local File Inclusion Joomla! Component 'com_jprojectmanager' - Local File Inclusion Joomla! Component Jfeedback 1.2 - Local File Inclusion Joomla! Component JProject Manager 1.0 - Local File Inclusion Joomla! Component 'com_mv_restaurantmenumanager' 1.5.2 - SQL Injection Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection Joomla! Component 'com_horoscope' - Local File Inclusion Joomla! Component Horoscope 1.5.0 - Local File Inclusion Joomla! Component 'com_market' - Local File Inclusion Joomla! Component Online Market 2.x - Local File Inclusion Joomla! Component 'com_jvehicles' - 'aid' Parameter SQL Injection Joomla! Component 'com_jp_jobs' 1.2.0 - 'id' Parameter SQL Injection Joomla! Component Jvehicles 1.0/2.0 - 'aid' Parameter SQL Injection Joomla! Component JP Jobs 1.2.0 - 'id' Parameter SQL Injection Joomla! Component 'com_mtfireeagle' - Local File Inclusion Joomla! Component 'com_mediamall' - Blind SQL Injection Joomla! Component 'com_lovefactory' - Local File Inclusion Joomla! Component 'com_jacomment' - Local File Inclusion Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion Joomla! Component Media Mall Factory 1.0.4 - Blind SQL Injection Joomla! Component Love Factory 1.3.4 - Local File Inclusion Joomla! Component JA Comment - Local File Inclusion Joomla! Component 'com_iproperty' 1.5.3 - 'id' Parameter SQL Injection Joomla! Component Intellectual Property 1.5.3 - 'id' Parameter SQL Injection Joomla! Component 'com_joltcard' - SQL Injection Joomla! Component JoltCard 1.2.1 - SQL Injection Joomla! Component 'com_gadgetfactory' - Local File Inclusion Joomla! Component 'com_matamko' - Local File Inclusion Joomla! Component 'com_multiroot' - Local File Inclusion Joomla! Component 'com_multimap' - Local File Inclusion Joomla! Component 'com_drawroot' - Local File Inclusion Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion Joomla! Component Matamko 1.01 - Local File Inclusion Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion Joomla! Component 'com_if_surfalert' - Local File Inclusion Joomla! Component iF surfALERT 1.2 - Local File Inclusion Joomla! Component 'com_gbufacebook' 1.0.5 - SQL Injection Joomla! Component GBU Facebook 1.0.5 - SQL Injection Joomla! Component 'com_jnewspaper' - 'cid' Parameter SQL Injection Joomla! Component 'com_jtm' 1.9 Beta - SQL Injection Joomla! Component Online News Paper Manager 1.0 - 'cid' Parameter SQL Injection Joomla! Component JTM Reseller 1.9 Beta - SQL Injection Joomla! Component 'com_mmsblog' - Local File Inclusion Joomla! Component MMS Blog 2.3.0 - Local File Inclusion Joomla! Component 'com_noticeboard' - Local File Inclusion Joomla! Component NoticeBoard 1.3 - Local File Inclusion Joomla! Component 'com_graphics' 1.0.6 - Local File Inclusion Joomla! Component Graphics 1.0.6 - Local File Inclusion Joomla! Component 'com_newsfeeds' - SQL Injection Joomla! Component Newsfeeds - SQL Injection Joomla! Component 'com_konsultasi' - 'sid' Parameter SQL Injection Joomla! Component Komento 1.0.0 - 'sid' Parameter SQL Injection Joomla! Component 'com_dioneformwizard' - Local File Inclusion Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion Joomla! Component 'com_jejob' 1.0 - Local File Inclusion Joomla! Component JE Job 1.0 - Local File Inclusion Joomla! Component 'com_jequoteform' - Local File Inclusion Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion Joomla! Component 'com_mscomment' 0.8.0b - Local File Inclusion Joomla! Component MS Comment 0.8.0b - Local File Inclusion Apache Axis2 Administration console - Authenticated Cross-Site Scripting Apache Axis2 Administration Console - Authenticated Cross-Site Scripting Joomla! Component 'com_mycar' - Multiple Vulnerabilities Joomla! Component My Car 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jejob' 1.0 - 'catid' Parameter SQL Injection Joomla! Component JE Job 1.0 - 'catid' Parameter SQL Injection Joomla! Component 'com_jsjobs' - SQL Injection Joomla! Component JS Jobs 1.0.5.8 - SQL Injection Joomla! Component 'com_djartgallery' - Multiple Vulnerabilities Joomla! Component DJ-ArtGallery 0.9.1 - Multiple Vulnerabilities Joomla! Component 'com_gamesbox' 1.0.2 - 'id' SQL Injection Joomla! Component Gamesbox 1.0.2 - 'id' Parameter SQL Injection Joomla! Component 'com_eventcal' 1.6.4 - Blind SQL Injection Joomla! Component eventCal 1.6.4 - Blind SQL Injection Joomla! Component 'com_ninjamonials' - Blind SQL Injection Joomla! Component NinjaMonials - Blind SQL Injection Joomla! Component 'com_neorecruit' - 'Itemid' Parameter Blind SQL Injection Joomla! Component NeoRecruit 1.6.4 - 'Itemid' Parameter Blind SQL Injection Joomla! Component 'com_golfcourseguide' 0.9.6.0 - SQL Injection Joomla! Component 'com_huruhelpdesk' - SQL Injection Joomla! Component Golf Course Guide 0.9.6.0 - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection Joomla! Component 'com_joomdle' 0.24 - SQL Injection Joomla! Component Joomdle 0.24 - SQL Injection Joomla! Component 'com_Joomla-visites' - Remote File Inclusion Joomla! Component Visites 1.1 RC2 - Remote File Inclusion Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injection Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion Joomla! Component iJoomla Magazine 3.0.1 - Remote File Inclusion Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection Joomla! Component Gantry 3.0.10 - Blind SQL Injection Joomla! Component 'com_jphone' - Local File Inclusion Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion Joomla! Component 'com_jgen' - SQL Injection Joomla! Component JGen 0.9.33 - SQL Injection Joomla! Component 'com_ezautos' - SQL Injection Joomla! Component Joostina - SQL Injection Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities Joomla! Component JE Guestbook 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jedirectory' - SQL Injection Joomla! Component JE Directory 1.0 - SQL Injection Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities Joomla! Component JS Calendar 1.5.1 - Multiple Vulnerabilities Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection Joomla! Component JE Ajax Event Calendar - SQL Injection Joomla! Component 'com_flipwall' - SQL Injection Joomla! Component Pulse Infotech Flip Wall - SQL Injection Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection Joomla! Component 'com_jsupport' - Cross-Site Scripting Joomla! Component 'com_jsupport' - SQL Injection Joomla! Component JSupport 1.5.6 - Cross-Site Scripting Joomla! Component JSupport 1.5.6 - SQL Injection Joomla! Component 'com_jimtawl' - Local File Inclusion Joomla! Component Jimtawl 1.0.2 - Local File Inclusion phpMyAdmin - Client Side Code Injection / Redirect Link Falsification phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification Joomla! Component 'com_jeauto' 1.0 - SQL Injection Joomla! Component JE Auto 1.0 - SQL Injection Joomla! Component 'com_jradio' - Local File Inclusion Joomla! Component JRadio - Local File Inclusion Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion Joomla! Component JotLoader 2.2.1 - Local File Inclusion Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities Joomla! Component HM Community - Multiple Vulnerabilities Joomla! Component 'com_estateagent' - SQL Injection Joomla! Component Estate Agent - SQL Injection EPortfolio 1.0 - Client Side Input Validation EPortfolio 1.0 - Client-Side Input Validation ActiveWeb Contentserver 5.6.2929 CMS - Client Side Filtering Bypass ActiveWeb Contentserver 5.6.2929 CMS - Client-Side Filtering Bypass Joomla! Component 'com_komento' 1.7.2 - Persistent Cross-Site Scripting Joomla! Component 'com_jvcomment' 3.0.2 - 'id' Parameter SQL Injection Joomla! Component Komento 1.7.2 - Persistent Cross-Site Scripting Joomla! Component JV Comment 3.0.2 - 'id' Parameter SQL Injection Joomla! Component 'com_jcomments' 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component JComments 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion Joomla! Component Jstore - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_ecommercewd' 1.2.5 - SQL Injection Joomla! Component ECommerce-WD 1.2.5 - SQL Injection Joomla! Component 'com_contactformmaker' 1.0.1 - SQL Injection Joomla! Component Contact Form Maker 1.0.1 - SQL Injection Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_helpdeskpro' < 1.4.0 - Multiple Vulnerabilities Joomla! Component Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection ntop-ng 2.5.160805 - Username Enumeration	2016-12-20 05:01:16 +00:00
Offensive Security	50a756ae83	DB: 2016-12-19	2016-12-19 06:56:09 +00:00
Offensive Security	18d8085c6d	DB: 2016-12-18 13 new exploits Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055) Orthanc DICOM Server 1.1.0 - Memory Corruption Microsoft Internet Explorer 9 - MSHTML CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 - IEFRAME CMarkup::RemovePointerPos Use-After-Free (MS13-055) OsiriX DICOM Viewer 8.0.1 - Memory Corruption ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow DCMTK 3.6.0 storescp - Stack Buffer Overflow Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service Microsoft Internet Explorer 9 IEFRAME - CMarkupPointer::MoveToGap Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CView::EnsureSize Use-After-Free (MS13-021) Nagios < 4.2.4 - Privilege Escalation iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking Use-After-Free Alienvault OSSIM - SQL Injection / Remote Code Execution (Metasploit) Alienvault Open Source SIEM (OSSIM) - SQL Injection / Remote Code Execution (Metasploit) Alienvault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution Alienvault Open Source SIEM (OSSIM) < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution Alienvault OSSIM - av-centerd Command Injection (Metasploit) Alienvault Open Source SIEM (OSSIM) - av-centerd Command Injection (Metasploit) Horos 2.1.0 Web Portal - Directory Traversal Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes) Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities Alienvault Open Source SIEM (OSSIM) 3.1 - Multiple Security Vulnerabilities Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault OSSIM 4.1.2 - Multiple SQL Injections Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities Alienvault Open Source SIEM (OSSIM) 4.1 - Multiple SQL Vulnerabilities Alienvault 4.3.1 - Unauthenticated SQL Injection Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting Alienvault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit) Alienvault Open Source SIEM (OSSIM) 4.6.1 - Authenticated SQL Injection (Metasploit) Alienvault OSSIM 4.3 - Cross-Site Request Forgery Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery WHMCS Addon VMPanel 2.7.4 - SQL Injection WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery	2016-12-18 05:01:16 +00:00
Offensive Security	89c8b47b83	DB: 2016-12-17 1 new exploits Nagios Core < 4.2.4 - Privilege Escalation Nagios < 4.2.4 - Privilege Escalation Nagios Core < 4.2.2 - Curl Command Injection / Remote Code Execution Nagios < 4.2.2 - Arbitrary Code Execution Joomla! Component 'com_clantools' 1.5 - Blind SQL Injection Joomla! Component 'com_clantools' 1.2.3 - Multiple Blind SQL Injection Joomla! Component Clantools 1.5 - Blind SQL Injection Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection Joomla! Component 'com_ccinvoices' - SQL Injection Joomla! Component ccInvoices - SQL Injection Joomla! Component 'com_ckforms' - Local File Inclusion Joomla! Component Cookex Agency CKForms - Local File Inclusion Joomla! Component 'com_civicrm' 4.2.2 - Remote Code Injection Joomla! Component com_civicrm 4.2.2 - Remote Code Injection	2016-12-17 08:08:43 +00:00
Offensive Security	24bf161ca6	DB: 2016-12-16 5 new exploits HydraIrc 0.3.164 - (last) Remote Denial of Service Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow (PoC) HydraIrc 0.3.164 - Remote Denial of Service Download Accelerator Plus DAP 8.6 - 'AniGIF.ocx' Buffer Overflow (PoC) Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055) Nidesoft MP3 Converter 2.6.18 - SEH Local Buffer Overflow Nagios Core < 4.2.4 - Privilege Escalation Nagios Core < 4.2.2 - Curl Command Injection / Remote Code Execution Quicksilver Forums 1.2.1 - (set) Remote File Inclusion Quicksilver Forums 1.2.1 - Remote File Inclusion e-Vision CMS 2.0 - (all_users.php) SQL Injection e-Vision CMS 2.0 - 'all_users.php' SQL Injection LetterIt 2.0 - (inc/session.php) Remote File Inclusion LetterIt 2.0 - 'session.php' Remote File Inclusion e107 0.7.8 - (mailout.php) Access Escalation Exploit (Admin needed) e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed) PHPMyRealty 1.0.x - (search.php type) SQL Injection PHPMyRealty 1.0.x - 'search.php' SQL Injection pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection Pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection LetterIt 2 - 'Language' Local File Inclusion phpMyRealty - (location) SQL Injection LetterIt 2 - 'Language' Parameter Local File Inclusion phpMyRealty 2.0.0 - 'location' Parameter SQL Injection ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion E-topbiz Dating 3 PHP Script - (mail_id) SQL Injection Scripts24 iTGP 1.0.4 - 'id' SQL Injection Scripts24 iPost 1.0.1 - 'id' SQL Injection eStoreAff 0.1 - 'cid' SQL Injection GreenCart PHP Shopping Cart - 'id' SQL Injection ABG Blocking Script 1.0a - 'abg_path' Parameter Remote File Inclusion E-topbiz Dating 3 PHP Script - 'mail_id' Parameter SQL Injection Scripts24 iTGP 1.0.4 - 'id' Parameter SQL Injection Scripts24 iPost 1.0.1 - 'id' Parameter SQL Injection eStoreAff 0.1 - 'cid' Parameter SQL Injection GreenCart PHP Shopping Cart - 'id' Parameter SQL Injection e-vision CMS 2.02 - (SQL Injection / Arbitrary File Upload / Information Gathering) Multiple Vulnerabilities e-vision CMS 2.02 - SQL Injection / Arbitrary File Upload / Information Gathering E-Store Kit-1 <= 2 PayPal Edition - 'pid' SQL Injection E-Store Kit-1 <= 2 PayPal Edition - 'pid' Parameter SQL Injection iges CMS 2.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities iges CMS 2.0 - Cross-Site Scripting / SQL Injection Multiple Wsn Products - (Local File Inclusion) Code Execution Multiple Wsn Products - Local File Inclusion / Code Execution Discuz! 6.0.1 - (searchid) SQL Injection pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities Discuz! 6.0.1 - 'searchid' Parameter SQL Injection pPIM 1.0 - Arbitrary File Delete / Cross-Site Scripting Vacation Rental Script 3.0 - 'id' SQL Injection Quicksilver Forums 1.4.1 - forums[] SQL Injection txtSQL 2.2 Final - (startup.php) Remote File Inclusion Vacation Rental Script 3.0 - 'id' Parameter SQL Injection Quicksilver Forums 1.4.1 - SQL Injection txtSQL 2.2 Final - 'startup.php' Remote File Inclusion OpenImpro 1.1 - (image.php id) SQL Injection ZeeBuddy 2.1 - (bannerclick.php adid) SQL Injection pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities Ovidentia 6.6.5 - (item) SQL Injection BBlog 0.7.6 - (mod) SQL Injection OpenImpro 1.1 - 'image.php' SQL Injection ZeeBuddy 2.1 - 'adid' Parameter SQL Injection pPIM 1.0 - upload/change Password Ovidentia 6.6.5 - 'item' Parameter SQL Injection BBlog 0.7.6 - 'mod' Parameter SQL Injection pPIM 1.01 - (notes.php id) Local File Inclusion pPIM 1.01 - 'notes.php' Local File Inclusion e107 plugin fm pro 1 - (File Disclosure / Arbitrary File Upload / Directory Traversal) Multiple Vulnerabilities e107 plugin fm pro 1 - File Disclosure / Arbitrary File Upload / Directory Traversal Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload Coppermine Photo Gallery 1.4.19 - Remote File Upload pPIM 1.01 - (notes.php id) Remote Command Execution pPIM 1.01 - 'notes.php' Remote Command Execution moziloCMS 1.11 - (Local File Inclusion / Full Path Disclosure / Cross-Site Scripting) Multiple Vulnerabilities moziloCMS 1.11 - Local File Inclusion / Full Path Disclosure / Cross-Site Scripting Joomla! Component 'com_agenda' 1.0.1 - 'id' Parameter SQL Injection Joomla! Component Agenda Address Book 1.0.1 - 'id' Parameter SQL Injection Joomla! Component 'com_alphauserpoints' 1.5.5 - Local File Inclusion Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion Joomla! Component 'com_arcadegames' - Local File Inclusion Joomla! Component Arcade Games 1.0 - Local File Inclusion Joomla! Component 'com_AddressBook' - Local File Inclusion Joomla! Component 'com_advertising' - Local File Inclusion Joomla! Component Address Book 1.5.0 - Local File Inclusion Joomla! Component Advertising 0.25 - Local File Inclusion Joomla! Component 'com_blogfactory' - Local File Inclusion Joomla! Component 'com_beeheard' - Local File Inclusion Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion Joomla! Component BeeHeard 1.0 - Local File Inclusion Joomla! Component 'com_archeryscores' 1.0.6 - Local File Inclusion Joomla! Component Archery Scores 1.0.6 - Local File Inclusion Joomla! Component 'com_abc' - SQL Injection Joomla! Component ABC 1.1.7 - SQL Injection Joomla! Component 'com_bfquiztrial' - SQL Injection (1) Joomla! Component BF Quiz 1.3.0 - SQL Injection (1) Joomla! Component 'com_bfquiztrial' - SQL Injection (2) Joomla! Component BF Quiz 1.0 - SQL Injection (2) e107 0.7.21 full - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities e107 0.7.21 full - Remote File Inclusion / Cross-Site Scripting Joomla! Component 'com_awd_song' - Persistent Cross-Site Scripting Joomla! Component JE Awd Song - Persistent Cross-Site Scripting Joomla! Component 'com_addressbook' - Blind SQL Injection Joomla! Component Address Book - Blind SQL Injection Joomla! Component 'com_autartimonial' - SQL Injection Joomla! Component AutarTimonial 1.0.8 - SQL Injection Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection Joomla! Component CamelcityDB 2.2 - SQL Injection Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections Joomla! Component Amblog 1.0 - Multiple SQL Injections Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection Joomla! Component Aardvertiser 2.1 - Blind SQL Injection Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution Joomla! Component Community Builder Enhanced (CBE) 1.4.8/1.4.9/1.4.10 - Local File Inclusion / Remote Code Execution Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection Joomla! Component allCineVid 1.0.0 - Blind SQL Injection Joomla! Component 'com_alameda' 1.0 - SQL Injection Joomla! Component Alameda 1.0 - SQL Injection Free Hosting Manager 2.0 - (packages.php id Parameter) SQL Injection Free Hosting Manager 2.0 - 'id' Parameter SQL Injection Coppermine Photo Gallery 1.x - menu.inc.php CPG_URL Parameter Cross-Site Scripting Coppermine Photo Gallery 1.x - modules.php startdir Parameter Traversal Arbitrary File Access Coppermine Photo Gallery 1.x - init.inc.php Remote File Inclusion Coppermine Photo Gallery 1.x - theme.php Multiple Parameter Remote File Inclusion Coppermine Photo Gallery 1.2.2b - 'menu.inc.php' Cross-Site Scripting Coppermine Photo Gallery 1.2.0 RC4 - 'startdir' Parameter Traversal Arbitrary File Access Coppermine Photo Gallery 1.2.0 RC4 - 'init.inc.php' Remote File Inclusion Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion BBlog 0.7.4 - PostID Parameter SQL Injection BBlog 0.7.4 - 'PostID' Parameter SQL Injection Coppermine Photo Gallery 1.x - Albmgr.php SQL Injection Coppermine Photo Gallery 1.4.11 - SQL Injection LoveCMS 1.4 - install/index.php step Parameter Remote File Inclusion LoveCMS 1.4 - install/index.php step Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'index.php' load Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'index.php' id Parameter Cross-Site Scripting LoveCMS 1.4 - 'step' Parameter Remote File Inclusion LoveCMS 1.4 - 'step' Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'load' Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'id' Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.x - mode.php referer Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.x - viewlog.php log Parameter Local File Inclusion Coppermine Photo Gallery 1.4.12 - 'referer' Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.12 - 'log' Parameter Local File Inclusion Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection Joomla! / Mambo Component Showroom Joomlearn LMS - 'cat' Parameter SQL Injection Blog Manager - inc_webblogmanager.asp ItemID Parameter SQL Injection Blog Manager - inc_webblogmanager.asp categoryId Parameter Cross-Site Scripting Blog Manager - 'ItemID' Parameter SQL Injection Blog Manager - 'categoryId' Parameter Cross-Site Scripting e107 0.7.x - (CAPTCHA Security Bypass / Cross-Site Scripting) Multiple Vulnerabilities e107 0.7.x - CAPTCHA Security Bypass / Cross-Site Scripting Joomla! Component 'com_canteen' 1.0 - Local File Inclusion Joomla! Component Canteen 1.0 - Local File Inclusion Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - searchnew.php picfile_* Parameter Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - 'help.php' Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - 'searchnew.php' Cross-Site Scripting	2016-12-16 05:01:19 +00:00
Offensive Security	32e86030d5	DB: 2016-12-15 3 new exploits minix 3.1.2a - tty panic Local Denial of Service minix 3.1.2a - tty panic Remote Denial of Service Minix 3.1.2a - tty panic Local Denial of Service Minix 3.1.2a - tty panic Remote Denial of Service Microsoft IIS 5.0 - WebDav Lock Method Memory Leak Denial of Service Microsoft IIS 5.0 - WebDAV Lock Method Memory Leak Denial of Service MINIX 3.3.0 - Local Denial of Service (PoC) Minix 3.3.0 - Local Denial of Service (PoC) MINIX 3.3.0 - Remote TCP/IP Stack Denial of Service Minix 3.3.0 - Remote TCP/IP Stack Denial of Service Apache 2.4.23 (mod_http2) - Denial of Service Adobe Animate 15.2.1.95 - Memory Corruption CoolPlayer - m3u File Local Buffer Overflow CoolPlayer 2.18 - '.m3u' File Local Buffer Overflow Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDAV Privilege Escalation (MS16-016) (Metasploit) Apache Tomcat (WebDAV) - Remote File Disclosure Apache Tomcat - (WebDAV) Remote File Disclosure Apache Tomcat (WebDAV) - Remote File Disclosure (SSL) Apache Tomcat - (WebDAV) Remote File Disclosure (SSL) APT - Repository Signing Bypass via Memory Allocation Failure PHPFootball 1.6 - (show.php) Remote Database Disclosure PHPFootball 1.6 - Remote Database Disclosure Aprox CMS Engine 5 (1.0.4) - Local File Inclusion Aprox CMS Engine 5.1.0.4 - Local File Inclusion PHP Help Agent 1.1 - (content) Local File Inclusion PHP Help Agent 1.1 - 'content' Parameter Local File Inclusion Alstrasoft Affiliate Network Pro - (pgm) SQL Injection Alstrasoft Affiliate Network Pro - 'pgm' Parameter SQL Injection PHPHoo3 <= 5.2.6 - (PHPHoo3.php viewCat) SQL Injection Alstrasoft Video Share Enterprise 4.5.1 - (UID) SQL Injection PHPHoo3 <= 5.2.6 - 'viewCat' Parameter SQL Injection Alstrasoft Video Share Enterprise 4.5.1 - 'UID' Parameter SQL Injection Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Aprox CMS Engine 5.(1.0.4) - 'index.php' SQL Injection Siteframe - 'folder.php id' SQL Injection PHPFootball 1.6 - (show.php) SQL Injection DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection Siteframe CMS 3.2.3 - 'folder.php' SQL Injection PHPFootball 1.6 - SQL Injection DigiLeave 1.2 - 'book_id' Parameter Blind SQL Injection HRS Multi - 'key' Parameter Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection EZWebAlbum (dlfilename) - Remote File Disclosure Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection ShopCartDx 4.30 - 'pid' SQL Injection MojoPersonals - Blind SQL Injection MojoJobs - Blind SQL Injection MojoAuto - Blind SQL Injection EZWebAlbum - Remote File Disclosure Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection ShopCartDx 4.30 - 'pid' Parameter SQL Injection YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Pre Survey Poll - 'default.asp catid' SQL Injection Atom Photoblog 1.1.5b1 - (photoId) SQL Injection ibase 2.03 - 'download.php' Remote File Disclosure YouTube blog 0.1 - Remote File Inclusion / SQL Injection / Cross-Site Scripting Pre Survey Poll - 'catid' Parameter SQL Injection Atom Photoblog 1.1.5b1 - 'photoId' Parameter SQL Injection ibase 2.03 - Remote File Disclosure Live Music Plus 1.1.0 - 'id' SQL Injection xrms 1.99.2 - (Remote File Inclusion / Cross-Site Scripting / Information Gathering) Multiple Vulnerabilities Live Music Plus 1.1.0 - 'id' Parameter SQL Injection XRms 1.99.2 - Remote File Inclusion / Cross-Site Scripting / Information Gathering FizzMedia 1.51.2 - (comment.php mid) SQL Injection PHPTest 0.6.3 - (picture.php image_id) SQL Injection FizzMedia 1.51.2 - SQL Injection PHPTest 0.6.3 - SQL Injection Mobius 1.4.4.1 - (browse.php id) SQL Injection EPShop < 3.0 - 'pid' SQL Injection Mobius 1.4.4.1 - SQL Injection EPShop < 3.0 - 'pid' Parameter SQL Injection TriO 2.1 - (browse.php id) SQL Injection CMScout 2.05 - (common.php bit) Local File Inclusion Getacoder clone - (sb_protype) SQL Injection GC Auction Platinum - (cate_id) SQL Injection SiteAdmin CMS - (art) SQL Injection TriO 2.1 - 'browse.php' SQL Injection CMScout 2.05 - 'bit' Parameter Local File Inclusion Getacoder clone - 'sb_protype' Parameter SQL Injection GC Auction Platinum - 'cate_id' Parameter SQL Injection SiteAdmin CMS - 'art' Parameter SQL Injection Youtuber Clone - 'ugroups.php UID' SQL Injection Youtuber Clone - SQL Injection PixelPost 1.7.1 - (language_full) Local File Inclusion PixelPost 1.7.1 - 'language_full' Parameter Local File Inclusion ViArt Shop 3.5 - (category_id) SQL Injection Minishowcase 09b136 - 'lang' Local File Inclusion ViArt Shop 3.5 - 'category_id' Parameter SQL Injection Minishowcase 09b136 - 'lang' Parameter Local File Inclusion Gregarius 0.5.4 - rsargs[] SQL Injection PHP Hosting Directory 2.0 - (admin.php rd) Remote File Inclusion HIOX Random Ad 1.3 - (hioxRandomAd.php hm) Remote File Inclusion hiox browser Statistics 2.0 - Remote File Inclusion Gregarius 0.5.4 - SQL Injection PHP Hosting Directory 2.0 - Remote File Inclusion HIOX Random Ad 1.3 - Remote File Inclusion HIOX Browser Statistics 2.0 - Remote File Inclusion nzFotolog 0.4.1 - (action_file) Local File Inclusion ZeeReviews - 'comments.php ItemID' SQL Injection nzFotolog 0.4.1 - 'action_file' Parameter Local File Inclusion ZeeReviews - SQL Injection Article Friendly Pro/Standard - (Cat) SQL Injection Article Friendly Pro/Standard - SQL Injection PozScripts Classified Ads Script - 'cid' SQL Injection TubeGuru Video Sharing Script - (UID) SQL Injection PozScripts Classified Ads Script - 'cid' Parameter SQL Injection TubeGuru Video Sharing Script - 'UID' Parameter SQL Injection pligg 9.9.0 - (Cross-Site Scripting / Local File Inclusion / SQL Injection) Multiple Vulnerabilities pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection camera life 2.6.2b4 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting Alstrasoft Article Manager Pro - (Authentication Bypass) SQL Injection Alstrasoft Article Manager Pro 1.6 - Authentication Bypass viart shopping cart 3.5 - Multiple Vulnerabilities Viart shopping cart 3.5 - Multiple Vulnerabilities PHPFootball 1.6 - (filter.php) Remote Hash Disclosure PHPFootball 1.6 - Remote Hash Disclosure talkback 2.3.14 - Multiple Vulnerabilities Siteframe CMS 3.2.x - (SQL Injection / phpinfo()) Multiple Vulnerabilities TalkBack 2.3.14 - Multiple Vulnerabilities Siteframe CMS 3.2.x - SQL Injection / phpinfo() CMScout - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities CMScout - Cross-Site Scripting / HTML Injection ShopCartDx 4.30 - (products.php) Blind SQL Injection ShopCartDx 4.30 - 'products.php' Blind SQL Injection viart shop 4.0.5 - Multiple Vulnerabilities ViArt Shop 4.0.5 - Multiple Vulnerabilities Siteframe 3.2.3 - (user.php) SQL Injection Siteframe CMS 3.2.3 - 'user.php' SQL Injection viart shop 4.0.5 - Cross-Site Request Forgery ViArt Shop 4.0.5 - Cross-Site Request Forgery Siteframe 2.2.4 - search.php Cross-Site Scripting Siteframe 2.2.4 - download.php Information Disclosure Siteframe CMS 2.2.4 - 'download.php' Information Disclosure phpx 3.2.3 - Multiple Vulnerabilities PHPX 3.2.3 - Multiple Vulnerabilities PHPX 3.x - admin/page.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/news.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/user.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/images.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/forums.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'page.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'news.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'user.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'images.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'forums.php' Cross-Site Request Forgery / Arbitrary Command Execution Alstrasoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion Alstrasoft Video Share Enterprise 4.x - 'MyajaxPHP.php' Remote File Inclusion Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - merchants/temp.php rowid Parameter Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php uploadProducts Action pgmid Parameter SQL Injection Alstrasoft Affiliate Network Pro 8.0 - 'index.php' Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - 'temp.php' Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - 'pgmid' Parameter SQL Injection PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection PHPX 3.5.15/3.5.16 - users.php user_id Parameter SQL Injection PHPX 3.5.15/3.5.16 - news.php Multiple Parameter SQL Injection PHPX 3.5.15/3.5.16 - gallery.php Multiple Parameter SQL Injection PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection XRms 1.99.2 - activities/some.php title Parameter Cross-Site Scripting XRms 1.99.2 - companies/some.php company_name Parameter Cross-Site Scripting XRms 1.99.2 - contacts/some.php last_name Parameter Cross-Site Scripting XRms 1.99.2 - campaigns/some.php campaign_title Parameter Cross-Site Scripting XRms 1.99.2 - opportunities/some.php opportunity_title Parameter Cross-Site Scripting XRms 1.99.2 - cases/some.php case_title Parameter Cross-Site Scripting XRms 1.99.2 - files/some.php file_id Parameter Cross-Site Scripting XRms 1.99.2 - reports/custom/mileage.php starting Parameter Cross-Site Scripting XRms 1.99.2 - 'title' Parameter Cross-Site Scripting XRms 1.99.2 - 'company_name' Parameter Cross-Site Scripting XRms 1.99.2 - 'last_name' Parameter Cross-Site Scripting XRms 1.99.2 - 'campaign_title' Parameter Cross-Site Scripting XRms 1.99.2 - 'opportunity_title' Parameter Cross-Site Scripting XRms 1.99.2 - 'case_title' Parameter Cross-Site Scripting XRms 1.99.2 - 'file_id' Parameter Cross-Site Scripting XRms 1.99.2 - 'starting' Parameter Cross-Site Scripting Pligg 1.0.4 - 'install1.php' Cross-Site Scripting Joomla! Component DT Register - 'cat' SQL Injection Joomla! Component DT Register - 'cat' Parameter SQL Injection	2016-12-15 13:07:17 +00:00
Offensive Security	eddddf7aa8	DB: 2016-12-15 5 new exploits Microsoft Internet Explorer 9 IEFRAME - CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047) Microsoft Internet Explorer 9 - IEFRAME CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047) Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities Poppler 0.10.3 - Denial of Service Samsung Devices KNOX Extensions - OTP Service Heap Overflow Serva 3.0.0 HTTP Server - Denial of Service Serva 3.0.0 - HTTP Server Denial of Service TP-LINK TD-W8151N - Denial of Service Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH) Youngzsoft CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH) Trixbox - (langChoice) Local File Inclusion (connect-back) (2) Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python) Fonality trixbox - 'langChoice' Parameter Local File Inclusion (connect-back) (2) Fonality trixbox 2.6.1 - 'langChoice' Parameter Remote Code Execution (Python) Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (1) Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (2) Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (1) Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (2) Joomla! Component 'com_contenthistory' - SQL Injection / Remote Code Execution (Metasploit) Joomla! 3.4.4 Component Content History - SQL Injection / Remote Code Execution (Metasploit) McAfee Virus Scan Enterprise for Linux - Remote Code Execution BrewBlogger 1.3.1 - (printLog.php) SQL Injection BrewBlogger 1.3.1 - 'printLog.php' SQL Injection ContentNow 1.30 - (Local File Inclusion / Arbitrary File Upload / Delete) Multiple Vulnerabilities ContentNow 1.30 - Local File Inclusion / Arbitrary File Upload/Delete ContentNow 1.30 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities ContentNow 1.30 - Arbitrary File Upload / Cross-Site Scripting ContentNow 1.39 - (pageid) SQL Injection ContentNow 1.39 - 'pageid' Parameter SQL Injection Maian Recipe 1.0 - (path_to_folder) Remote File Inclusion Maian Recipe 1.0 - 'path_to_folder' Parameter Remote File Inclusion Sisplet CMS 05.10 - (site_path) Remote File Inclusion Sisplet CMS 05.10 - 'site_path' Parameter Remote File Inclusion Sisplet CMS - 'index.php id' 2008-01-24 SQL Injection VanGogh Web CMS 0.9 - (article_ID) SQL Injection Sisplet CMS 2008-01-24 - 'id' Parameter SQL Injection VanGogh Web CMS 0.9 - 'article_ID' Parameter SQL Injection Efestech Shop 2.0 - 'cat_id' SQL Injection plx Ad Trader 3.2 - (adid) SQL Injection Joomla! Component versioning 1.0.2 - 'id' SQL Injection Joomla! Component mygallery - 'cid' SQL Injection XchangeBoard 1.70 - (boardID) SQL Injection CMS little 0.0.1 - (index.php template) Local File Inclusion Joomla! Component com_brightweblinks - 'catid' SQL Injection Efestech Shop 2.0 - 'cat_id' Parameter SQL Injection plx Ad Trader 3.2 - 'adid' Parameter SQL Injection Joomla! Component versioning 1.0.2 - 'id' Parameter SQL Injection Joomla! Component mygallery - 'cid' Parameter SQL Injection XchangeBoard 1.70 - 'boardID' Parameter SQL Injection CMS little 0.0.1 - 'template' Parameter Local File Inclusion Joomla! Component Brightcode Weblinks - 'catid' Parameter SQL Injection phPortal 1.2 - Multiple Remote File Inclusions PHPortal 1.2 - Multiple Remote File Inclusions phpWebNews 0.2 MySQL Edition - (id_kat) SQL Injection phpWebNews 0.2 MySQL Edition - (det) SQL Injection pHNews CMS - Multiple Local File Inclusion PHPwebnews 0.2 MySQL Edition - 'id_kat' Parameter SQL Injection PHPwebnews 0.2 MySQL Edition - 'det' Parameter SQL Injection pHNews CMS Alpha 1 - Local File Inclusion Kasseler CMS 1.3.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Kasseler CMS 1.3.0 - Local File Inclusion / Cross-Site Scripting XPOZE Pro 3.06 - 'uid' SQL Injection ContentNow 1.4.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (1) XPOZE Pro 3.06 - 'uid' Parameter SQL Injection ContentNow 1.4.1 - Arbitrary File Upload / Cross-Site Scripting SmartPPC Pay Per Click Script - 'idDirectory' Blind SQL Injection (1) Fuzzylime CMS 3.01a - (file) Local File Inclusion Triton CMS Pro - (x-forwarded-for) Blind SQL Injection Neutrino 0.8.4 Atomic Edition - Remote Code Execution SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (2) Fuzzylime CMS 3.01a - 'file' Parameter Local File Inclusion Triton CMS Pro 1.06 - 'x-forwarded-for' Blind SQL Injection QNX Neutrino 0.8.4 Atomic Edition - Remote Code Execution SmartPPC Pay Per Click Script - 'idDirectory' Blind SQL Injection (2) Joomla! Component com_content 1.0.0 - 'itemID' SQL Injection Joomla! Component Content 1.0.0 - 'itemID' Parameter SQL Injection BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion BoonEx Ray 3.5 - 'sIncPath' Parameter Remote File Inclusion DreamPics Builder - (page) SQL Injection DreamNews Manager - 'id' SQL Injection gapicms 9.0.2 - (dirDepth) Remote File Inclusion phpDatingClub - 'website.php' Local File Inclusion DreamPics Builder - 'page' Parameter SQL Injection DreamNews Manager - 'id' Parameter SQL Injection gapicms 9.0.2 - 'dirDepth' Parameter Remote File Inclusion phpDatingClub 3.7 - 'website.php' Local File Inclusion Million Pixels 3 - (id_cat) SQL Injection Million Pixels 3 - 'id_cat' Parameter SQL Injection Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (PHP) Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (Perl) Fuzzylime CMS 3.01 - 'poll' Parameter Remote Code Execution (PHP) Fuzzylime CMS 3.01 - 'poll' Parameter Remote Code Execution (Perl) WebCMS Portal Edition - 'id' SQL Injection jsite 1.0 oe - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Avlc Forum - 'vlc_forum.php id' SQL Injection Fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution WebCMS Portal Edition - 'id' Parameter SQL Injection jsite 1.0 oe - SQL Injection / Local File Inclusion Avlc Forum - 'vlc_forum.php' SQL Injection Fuzzylime CMS 3.01 - 'commrss.php' Remote Code Execution Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection Ultrastats 0.2.142 - 'players-detail.php' Blind SQL Injection CodeDB - 'list.php lang' Local File Inclusion CodeDB 1.1.1 - 'list.php' Local File Inclusion Pluck 4.5.1 - (blogpost) Local File Inclusion (win only) Pluck CMS 4.5.1 - 'blogpost' Parameter Local File Inclusion (win only) Pragyan CMS 2.6.2 - (sourceFolder) Remote File Inclusion Comdev Web Blogger 4.1.3 - (arcmonth) SQL Injection Pragyan CMS 2.6.2 - 'sourceFolder' Parameter Remote File Inclusion Comdev Web Blogger 4.1.3 - 'arcmonth' Parameter SQL Injection phpWebNews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling PHPwebnews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling WebCMS Portal Edition - 'index.php id' Blind SQL Injection WebCMS Portal Edition - 'id' Parameter Blind SQL Injection Pluck 4.5.3 - (update.php) Remote File Corruption Exploit Pluck CMS 4.5.3 - 'update.php' Remote File Corruption Exploit Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection Ultrastats 0.2.144/0.3.11 - 'serverid' Parameter SQL Injection Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion Pluck CMS 4.5.3 - 'g_pcltar_lib_dir' Parameter Local File Inclusion Fuzzylime CMS 3.03 - (track.php p) Local File Inclusion Fuzzylime CMS 3.03 - 'track.php' Local File Inclusion CMS little 0.0.1 - (index.php term) SQL Injection CMS little 0.0.1 - 'term' Parameter SQL Injection SHOP-INET 4 - 'show_cat2.php grid' SQL Injection SHOP-INET 4 - 'grid' Parameter SQL Injection Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion Pluck CMS 4.6.1 - 'module_pages_site.php' Local File Inclusion Joomla! Component Maian Music 1.2.1 - (category) SQL Injection Joomla! Component Maian Music 1.2.1 - 'category' Parameter SQL Injection Pluck 4.6.2 - (langpref) Local File Inclusion Pluck CMS 4.6.2 - 'langpref' Parameter Local File Inclusion phportal 1.0 - Insecure Cookie Handling PHPortal 1.0 - Insecure Cookie Handling Kasseler CMS - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Kasseler CMS - File Disclosure / Cross-Site Scripting DreamPics Builder - (exhibition_id) SQL Injection DreamPics Builder - 'exhibition_id' Parameter SQL Injection Trixbox 2.2.4 - PhonecDirectory.php SQL Injection Fonality trixbox 2.2.4 - 'PhonecDirectory.php' SQL Injection Kasseler CMS 1.4.x lite - (Module Jokes) SQL Injection Kasseler CMS 1.4.x lite Module Jokes - SQL Injection PHPortal_1.2 - (gunaysoft.php) Remote File Inclusion PHPortal 1.2 - 'gunaysoft.php' Remote File Inclusion Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion (Metasploit) Fonality trixbox CE 2.6.1 - 'langChoice' Parameter Local File Inclusion (Metasploit) maian weblog 4.0 - Blind SQL Injection Maian Weblog 4.0 - Blind SQL Injection brewblogger 2.3.2 - Multiple Vulnerabilities BrewBlogger 2.3.2 - Multiple Vulnerabilities Maian Weblog 2.0 - print.php Multiple Parameter SQL Injection Maian Weblog 2.0 - mail.php Multiple Parameter SQL Injection Maian Weblog 2.0 - 'print.php' SQL Injection Maian Weblog 2.0 - 'mail.php' SQL Injection PHPwebnews 0.1 - iklan.php m_txt Parameter Cross-Site Scripting PHPwebnews 0.1 - 'index.php' m_txt Parameter Cross-Site Scripting PHPwebnews 0.1 - bukutamu.php m_txt Parameter Cross-Site Scripting PHPwebnews 0.1 - 'iklan.php' Cross-Site Scripting PHPwebnews 0.1 - 'index.php' Cross-Site Scripting PHPwebnews 0.1 - 'bukutamu.php' Cross-Site Scripting Joomla! Component com_content 1.5 RC3 - 'index.php' view Parameter SQL Injection Joomla! Component Content 1.5 RC3 - 'view' Parameter SQL Injection Trixbox 2.4.2 - user/index.php Query String Cross-Site Scripting Trixbox 2.4.2 - maint/index.php Query String Cross-Site Scripting Fonality trixbox 2.4.2 - Cross-Site Scripting Pluck 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities Trixbox - SQL Injection Fonality trixbox - SQL Injection Trixbox - 'endpoint_aastra.php mac Parameter' Remote Code Injection Fonality trixbox - 'mac' Parameter Remote Code Injection THELIA 1.4.2.1 - Multiple Cross-Site Scripting Vulnerabilities Pluck 4.6.3 - 'cont1' Parameter HTML Injection Pluck CMS 4.6.3 - 'cont1' Parameter HTML Injection Pluck 4.7 - Multiple Local File Inclusion / File Disclosure Vulnerabilities Pluck CMS 4.7 - Multiple Local File Inclusion / File Disclosure Vulnerabilities Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection Boonex Dolphin 6.1 - 'get_list.php' SQL Injection Joomla! Component 'com_content' - 'year' Parameter SQL Injection Joomla! Component Content - 'year' Parameter SQL Injection Pluck 4.7 - Directory Traversal Pluck CMS 4.7 - Directory Traversal SenseSites CommonSense CMS - cat2.php id Parameter SQL Injection SenseSites CommonSense CMS - 'id' Parameter SQL Injection Fonality trixbox - /maint/modules/endpointcfg/endpoint_generic.php mac Parameter SQL Injection Fonality trixbox - /maint/modules/home/index.php lang Parameter Directory Traversal Fonality trixbox - '/maint/modules/asterisk_info/asterisk_info.php' lang Parameter Directory Traversal Fonality trixbox - /maint/modules/repo/repo.php lang Parameter Directory Traversal Fonality trixbox - '/maint/modules/endpointcfg/endpointcfg.php' lang Directory Traversal Fonality trixbox - /var/www/html/maint/modules/home/index.php lang Parameter Remote Code Execution Fonality trixbox - 'endpoint_generic.php' SQL Injection Fonality trixbox - 'index.php' Directory Traversal Fonality trixbox - 'asterisk_info.php' Directory Traversal Fonality trixbox - 'repo.php' Directory Traversal Fonality trixbox - 'endpointcfg.php' Directory Traversal Fonality trixbox - 'index.php' Remote Code Execution Joomla! Component DT Register - 'cat' SQL Injection	2016-12-15 05:01:19 +00:00
Offensive Security	b080c70f8b	DB: 2016-12-14 7 new exploits Microsoft Internet Explorer 9 IEFRAME - CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047) Xitami Web Server 5.0a0 - Denial of Service OpenSSL 1.1.0a/1.1.0b - Denial of Service Serva 3.0.0 HTTP Server - Denial of Service iOS 10.1.x - Certificate File Memory Corruption OpenBSD 4.0 - (vga) Privilege Escalation OpenBSD 4.0 - 'vga' Privilege Escalation 10-Strike Network File Search Pro 2.3 - SEH Local Buffer Overflow MyBloggie 2.1.4 - (trackback.php) Multiple SQL Injections MyBloggie 2.1.4 - 'trackback.php' Multiple SQL Injections AShop Deluxe 4.x - (catalogue.php cat) SQL Injection AShop Deluxe 4.x - 'catalogue.php' SQL Injection HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion HIOX Banner Rotator 1.3 - 'hm' Parameter Remote File Inclusion CAT2 - (spaw_root) Local File Inclusion CAT2 - 'spaw_root' Parameter Local File Inclusion MyBloggie 2.1.3 - search.php SQL Injection MyBloggie 2.1.2/2.1.3 - upload.php Multiple Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - delcomment.php Multiple Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - deluser.php 'id' Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - addcat.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - edituser.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - adduser.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - editcat.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - add.php trackback_url Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - delcat.php cat_id Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - del.php post_id Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'upload.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'delcomment.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'deluser.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'addcat.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'edituser.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'adduser.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'editcat.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'trackback_url' Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'delcat.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'del.php' Cross-Site Scripting MyBloggie 2.1.x - Multiple Remote File Inclusion MyBloggie 2.1.x - MyBloggie_Root_Path Parameter Multiple Remote File Inclusion MyBloggie 2.1.x - 'MyBloggie_Root_Path' Parameter Remote File Inclusion AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter Cross-Site Scripting AShop Deluxe 4.5 - ashop/basket.php cat Parameter Cross-Site Scripting AShop Deluxe 4.5 - ashop/search.php SearchString Parameter Cross-Site Scripting AShop Deluxe 4.5 - shipping.php Multiple Parameter Cross-Site Scripting AShop Deluxe 4.5 - admin/editcatalogue.php cat Parameter Cross-Site Scripting AShop Deluxe 4.5 - admin/salesadmin.php resultpage Parameter Cross-Site Scripting AShop Deluxe 4.5 - 'catalogue.php' Cross-Site Scripting AShop Deluxe 4.5 - 'basket.php' Cross-Site Scripting AShop Deluxe 4.5 - 'search.php' Cross-Site Scripting AShop Deluxe 4.5 - 'shipping.php' Cross-Site Scripting AShop Deluxe 4.5 - 'editcatalogue.php' Cross-Site Scripting AShop Deluxe 4.5 - 'salesadmin.php' Cross-Site Scripting MyBloggie 2.1.5 - 'index.php' PATH_INFO Parameter Cross-Site Scripting MyBloggie 2.1.5 - 'index.php' Cross-Site Scripting MyBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting MyBloggie 2.1.5 - 'login.php' Cross-Site Scripting Smart Guard Network Manager 6.3.2 - SQL Injection WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery	2016-12-14 05:01:23 +00:00
Offensive Security	96bd05d39d	DB: 2016-12-12 3 new exploits BolinTech DreamFTP Server 1.0 - User Name Format String (1) BolinTech DreamFTP Server 1.0 - User Name Format String opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1) Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1) Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat PoC Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat (PoC) EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation Orca 2.0.2 - Cross-Site Scripting Orca 2.0.2 - 'topic ' Cross-Site Scripting Netgear R7000 - Cross-Site Scripting ARG-W4 ADSL Router - Multiple Vulnerabilities	2016-12-12 20:31:23 +00:00
Offensive Security	9cad083b49	DB: 2016-12-11 5 new exploits uTorrent 1.8.3 (Build 15772) - Create New Torrent Buffer Overflow (PoC) uTorrent 1.8.3 Build 15772 - Create New Torrent Buffer Overflow (PoC) F5 BIG-IP - Authentication Bypass (1) F5 BIG-IP - Authentication Bypass (PoC) Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat PoC (1) Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat PoC Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (2) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (2) Microsoft Internet Explorer 9 MSHTML - CDispNode::InsertSiblingNode Use-After-Free (MS13-037) (1) Microsoft Internet Explorer 9 MSHTML - CDispNode::InsertSiblingNode Use-After-Free (MS13-037) (2) Microsoft Internet Explorer 9 MSHTML - CElement::HasFlag Memory Corruption uTorrent - DLL Hijacking uTorrent 2.0.3 - DLL Hijacking F5 BIG-IP - Authentication Bypass (2) F5 BIG-IP - Authentication Bypass SePortal - SQL Injection / Remote Code Execution (Metasploit) SePortal 2.5 - SQL Injection / Remote Code Execution (Metasploit) MyPHP CMS 0.3 - (domain) Remote File Inclusion MyPHP CMS 0.3 - 'domain' Parameter Remote File Inclusion RSS-aggregator - 'display.php path' Remote File Inclusion RSS-aggregator - 'path' Parameter Remote File Inclusion HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion HomePH Design 2.10 RC2 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities HoMaP-CMS 0.1 - 'plugin_admin.php' Remote File Inclusion HomePH Design 2.10 RC2 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting cmreams CMS 1.3.1.1 beta2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities cmreams CMS 1.3.1.1 beta2 - Local File Inclusion / Cross-Site Scripting HoMaP-CMS 0.1 - (index.php go) SQL Injection HoMaP-CMS 0.1 - 'go' Parameter SQL Injection Ready2Edit - 'pages.php menuid' SQL Injection ResearchGuide 0.5 - (guide.php id) SQL Injection MVC-Web CMS 1.0/1.2 - (index.asp newsid) SQL Injection Ready2Edit - 'menuid' Parameter SQL Injection ResearchGuide 0.5 - 'id' Parameter SQL Injection MVC-Web CMS 1.0/1.2 - 'newsid' Parameter SQL Injection Demo4 CMS - 'index.php id' SQL Injection Joomla! Component com_facileforms 1.4.4 - Remote File Inclusion Dagger CMS 2008 - (dir_inc) Remote File Inclusion TinxCMS 1.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities mm chat 1.5 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ourvideo CMS 9.5 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities cmsWorks 2.2 RC4 - (mod_root) Remote File Inclusion Demo4 CMS - 'id' Parameter SQL Injection Joomla! Component FacileForms 1.4.4 - Remote File Inclusion Dagger CMS 2008 - 'dir_inc' Parameter Remote File Inclusion TinXCMS 1.1 - Local File Inclusion / Cross-Site Scripting mm chat 1.5 - Local File Inclusion / Cross-Site Scripting ourvideo CMS 9.5 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting cmsWorks 2.2 RC4 - 'mod_root' Parameter Remote File Inclusion Relative Real Estate Systems 3.0 - 'listing_id' SQL Injection Relative Real Estate Systems 3.0 - 'listing_id' Parameter SQL Injection DUcalendar 1.0 - (detail.asp iEve) SQL Injection HiveMaker Directory - 'cid' Parameter SQL Injection E-topbiz ViralDX 2.07 - (adclick.php bannerid) SQL Injection Link ADS 1 - 'out.php linkid' SQL Injection TOKOKITA - 'barang.php produk_id' SQL Injection Webdevindo-CMS 0.1 - (index.php hal) SQL Injection mUnky 0.0.1 - (index.php zone) Local File Inclusion Jokes & Funny Pics Script - (sb_jokeid) SQL Injection DUcalendar 1.0 - 'iEve' Parameter SQL Injection HiveMaker Directory 1.0.2 - 'cid' Parameter SQL Injection E-topbiz ViralDX 2.07 - 'bannerid' Parameter SQL Injection Link ADS 1 - 'linkid' Parameter SQL Injection TOKOKITA - 'produk_id' Parameter SQL Injection Webdevindo-CMS 0.1 - 'hal' Parameter SQL Injection mUnky 0.0.1 - 'zone' Parameter Local File Inclusion Jokes & Funny Pics Script - 'sb_jokeid' Parameter SQL Injection MyPHP CMS 0.3.1 - (page.php pid) SQL Injection PHPmotion 2.0 - (update_profile.php) Arbitrary File Upload MyPHP CMS 0.3.1 - 'pid' Parameter SQL Injection PHPmotion 2.0 - 'update_profile.php' Arbitrary File Upload polypager 1.0rc2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PHP-Fusion Mod Kroax 4.42 - (category) SQL Injection polypager 1.0rc2 - SQL Injection / Cross-Site Scripting PHP-Fusion Mod Kroax 4.42 - 'category' Parameter SQL Injection Riddles Complete Website 1.2.1 - (riddleid) SQL Injection Tips Complete Website 1.2.0 - (tipid) SQL Injection Jokes Complete Website 2.1.3 - (jokeid) SQL Injection Drinks Complete Website 2.1.0 - (drinkid) SQL Injection Cheats Complete Website 1.1.1 - 'itemID' SQL Injection Riddles Complete Website 1.2.1 - 'riddleid' Parameter SQL Injection Tips Complete Website 1.2.0 - 'tipid' Parameter SQL Injection Easysitenetwork Jokes Complete Website 2.1.3 - 'jokeid' Parameter SQL Injection Drinks Complete Website 2.1.0 - 'drinkid' Parameter SQL Injection Cheats Complete Website 1.1.1 - 'itemID' Parameter SQL Injection Orca 2.0/2.0.2 - (Parameters.php) Remote File Inclusion Orca 2.0/2.0.2 - 'Parameters.php' Remote File Inclusion OTManager CMS 24a - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities OTManager CMS 24a - Local File Inclusion / Cross-Site Scripting SePortal 2.4 - (poll.php poll_id) SQL Injection SePortal 2.4 - 'poll_id' Parameter SQL Injection poweraward 1.1.0 rc1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component jabode - 'id' SQL Injection Online Booking Manager 2.2 - 'id' SQL Injection poweraward 1.1.0 rc1 - Local File Inclusion / Cross-Site Scripting Joomla! Component jabode - 'id' Parameter SQL Injection Online Booking Manager 2.2 - 'id' Parameter SQL Injection Joomla! Component Xe webtv - 'id' Blind SQL Injection Joomla! Component Xe webtv - 'id' Parameter Blind SQL Injection AcmlmBoard 1.A2 - 'pow' SQL Injection eSHOP100 - (SUB) SQL Injection AcmlmBoard 1.A2 - 'pow' Parameter SQL Injection eSHOP100 - 'SUB' Parameter SQL Injection OTManager CMS 2.4 - (Tipo) Remote File Inclusion OTManager CMS 2.4 - 'Tipo' Parameter Remote File Inclusion Orca 2.0.2 - (Topic) Cross-Site Scripting Orca 2.0.2 - Cross-Site Scripting Hedgehog-CMS 1.21 - (Local File Inclusion) Remote Command Execution Hedgehog-CMS 1.21 - Local File Inclusion / Remote Command Execution catviz 0.4.0b1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Catviz 0.4.0 beta1 - Local File Inclusion / Cross-Site Scripting Joomla! Component com_facileforms - Cross-Site Scripting Joomla! Component FacileForms - Cross-Site Scripting PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload PHPmotion 1.62 - 'FCKeditor' Arbitrary File Upload Roundcube 1.2.2 - Remote Code Execution Pivot 1.0 - Remote module_db.php File Inclusion Pivot 1.0 - 'module_db.php' Remote File Inclusion MyBloggie 2.1 - 'index.php' year Parameter Cross-Site Scripting MyBloggie 2.1 - 'index.php' Cross-Site Scripting E-topbiz Link ADS 1 - 'out.php' SQL Injection PolyPager 0.9.51/1.0 - 'nr' Parameter Cross-Site Scripting RSS-aggregator 1.0 - admin/fonctions/supprimer_flux.php IdFlux Parameter SQL Injection RSS-aggregator 1.0 - admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection RSS-aggregator 1.0 - 'admin/fonctions/' Direct Request Administrator Authentication Bypass RSS-aggregator 1.0 - 'IdFlux' Parameter SQL Injection RSS-aggregator 1.0 - 'IdTag' Parameter SQL Injection RSS-aggregator 1.0 - Authentication Bypass Jokes Complete Website - joke.php id Parameter Cross-Site Scripting Jokes Complete Website - results.php searchingred Parameter Cross-Site Scripting Easysitenetwork Jokes Complete Website - 'id' Parameter Cross-Site Scripting Easysitenetwork Jokes Complete Website - 'searchingred' Parameter Cross-Site Scripting Splunk Enterprise 6.4.3 - Server-Side Request Forgery	2016-12-11 05:01:17 +00:00
Offensive Security	f88827eb1f	DB: 2016-12-10 4 new exploits Free MP3 CD Ripper 2.6 - Exploit (1) Free MP3 CD Ripper 2.6 - '.wav' PoC Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (1) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (1) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (2) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (3) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (2) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (3) WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (1) WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (PoC) Ascend R 4.5 Ci12 - Denial of Service (1) Ascend R 4.5 Ci12 - Denial of Service (2) Ascend R 4.5 Ci12 - Denial of Service (C) Ascend R 4.5 Ci12 - Denial of Service (Perl) Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (1) Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (PoC) thttpd 2.2x - defang Remote Buffer Overflow (1) thttpd 2.2x - defang Remote Buffer Overflow (PoC) PHP 3/4/5 - Multiple Local And Remote Vulnerabilities (1) PHP 3/4/5 - Multiple Local / Remote Vulnerabilities (1) Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index (PoC) (1) Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index (PoC) Linux Kernel 2.4.x / 2.6.x - 'Bluez' BlueTooth Signed Buffer Index Privilege Escalation (3) Linux Kernel 2.4.x / 2.6.x - 'Bluez' BlueTooth Signed Buffer Index Privilege Escalation (2) Free MP3 CD Ripper 2.6 - (wav) Stack Buffer Overflow (PoC) Free MP3 CD Ripper 2.6 - '.wav' Stack Buffer Overflow Free MP3 CD Ripper 2.6 - Exploit (2) Free MP3 CD Ripper 2.6 - '.wav' Exploit Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index Privilege Escalation (2) Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index Privilege Escalation (1) Free MP3 CD Ripper 2.6 - Local Buffer Overflow Free MP3 CD Ripper 2.6 - '.wav' Local Buffer Overflow Free MP3 CD Ripper 2.6 2.8 '.wav' - SEH Based Buffer Overflow (Windows 7 DEP Bypass) Free MP3 CD Ripper 2.6 2.8 - '.wav' SEH Based Buffer Overflow (Windows 7 DEP Bypass) Alt-N SecurityGateway - 'Username' Buffer Overflow (Metasploit) Alt-N SecurityGateway 1.0.1 - 'Username' Buffer Overflow (Metasploit) WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (2) WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow thttpd 2.2x - defang Remote Buffer Overflow (2) thttpd 2.2x - defang Remote Buffer Overflow Windows x64 - Bind Shell TCP Shellcode (508 bytes) CuteNews 1.4.1 - (function.php) Local File Inclusion CuteNews 1.4.1 - 'function.php' Local File Inclusion CoreNews 2.0.1 - (userid) SQL Injection CoreNews 2.0.1 - 'userid' Parameter SQL Injection phpAuction 2.1 - (phpAds_path) Remote File Inclusion phpAuction 2.1 - 'phpAds_path' Parameter Remote File Inclusion Freenews 1.1 - (moteur.php) Remote File Inclusion Freenews 1.1 - 'moteur.php' Remote File Inclusion SH-News 3.1 - (scriptpath) Multiple Remote File Inclusion SH-News 3.1 - 'scriptpath' Parameter Remote File Inclusion JaxUltraBB 2.0 - (delete.php) Remote Auto Deface Exploit JaxUltraBB 2.0 - 'delete.php' Remote Auto Deface Exploit JaxUltraBB 2.0 - Topic Reply Command Execution JaxUltraBB 2.0 - Command Execution Oxygen 1.1.3 - (O2PHP Bulletin Board) SQL Injection Oxygen 1.1.3 (O2PHP Bulletin Board) - SQL Injection cutenews aj-fork 167f - (cutepath) Remote File Inclusion cutenews aj-fork 167f - 'cutepath' Parameter Remote File Inclusion SH-News 0.93 - (misc.php) Remote File Inclusion SH-News 0.93 - 'misc.php' Remote File Inclusion aspWebCalendar 4.5 - (calendar.asp eventid) SQL Injection AspWebCalendar 4.5 - 'eventid' Parameter SQL Injection SH-News 3.0 - (comments.php id) SQL Injection SH-News 3.0 - 'comments.php' SQL Injection ClipShare - 'uprofile.php UID' SQL Injection ClipShare - 'UID' Parameter SQL Injection Lasernet CMS 1.5 - SQL Injection (2) LaserNet CMS 1.5 - SQL Injection (2) Oxygen 2.0 - (repquote) SQL Injection Oxygen 2.0 - 'repquote' Parameter SQL Injection Open Azimyt CMS 0.22 - 'lang' Local File Inclusion Open Azimyt CMS 0.22 - 'lang' Parameter Local File Inclusion Joomla! Component Simple Shop Galore 3.x - 'catid' SQL Injection Joomla! Component Simple Shop Galore 3.x - 'catid' Parameter SQL Injection Bizon-CMS 2.0 - (index.php Id) SQL Injection Basic-CMS - 'index.php r' SQL Injection Bizon-CMS 2.0 - 'Id' Parameter SQL Injection Basic-CMS - 'index.php' SQL Injection ClipShare < 3.0.1 - (tid) SQL Injection easyTrade 2.x - (detail.php id) SQL Injection ThaiQuickCart - (sLanguage) Local File Inclusion ClipShare < 3.0.1 - 'tid' Parameter SQL Injection easyTrade 2.x - 'id' Parameter SQL Injection ThaiQuickCart 3 - 'sLanguage' Cookie Local File Inclusion eroCMS 1.4 - (index.php site) SQL Injection WebCalendar 1.0.4 - (includedir) Remote File Inclusion traindepot 0.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities doITlive CMS 2.50 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities AspWebCalendar 2008 - Arbitrary File Upload netBIOS - 'shownews.php newsid' SQL Injection Maxtrade AIO 1.3.23 - (categori) SQL Injection Mybizz-Classifieds - 'index.php cat' SQL Injection Easy Webstore 1.2 - (index.php postid) SQL Injection eroCMS 1.4 - 'site' Parameter SQL Injection WebCalendar 1.0.4 - 'includedir' Parameter Remote File Inclusion traindepot 0.1 - Local File Inclusion / Cross-Site Scripting doITlive CMS 2.50 - SQL Injection / Cross-Site Scripting AspWebCalendar 2008 - Arbitrary File Upload netBIOS - 'newsid' Parameter SQL Injection Maxtrade AIO 1.3.23 - 'categori' Parameter SQL Injection Mybizz-Classifieds - 'cat' Parameter SQL Injection Easy Webstore 1.2 - SQL Injection Carscripts Classifieds - 'index.php cat' SQL Injection BoatScripts Classifieds - 'index.php type' SQL Injection Carscripts Classifieds - 'cat' Parameter SQL Injection BoatScripts Classifieds - 'type' Parameter SQL Injection ownrs blog beta3 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities samart-cms 2.0 - (contentsid) SQL Injection CMS-BRD - (menuclick) SQL Injection ownrs blog beta3 - SQL Injection / Cross-Site Scripting Yektaweb Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities samart-cms 2.0 - 'contentsid' Parameter SQL Injection CMS-BRD - 'menuclick' Parameter SQL Injection CaupoShop Classic 1.3 - (saArticle[ID]) SQL Injection CaupoShop Classic 1.3 - 'saArticle[ID]' SQL Injection Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities Lightweight news portal [lnp] 1.0b - Multiple Vulnerabilities Lightweight news portal (LNP) 1.0b - Multiple Vulnerabilities CiBlog 3.1 - (links-extern.php id) SQL Injection CiBlog 3.1 - 'id' Parameter SQL Injection jaxultrabb 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities emuCMS 0.3 - 'cat_id' SQL Injection phpAuction - 'profile.php user_id' SQL Injection SiteXS CMS 0.1.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities @CMS 2.1.1 - (readarticle.php article_id) SQL Injection eNews 0.1 - (delete.php) Arbitrary Delete Post PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection jaxultrabb 2.0 - Local File Inclusion / Cross-Site Scripting emuCMS 0.3 - 'cat_id' Parameter SQL Injection phpAuction - 'profile.php' SQL Injection SiteXS CMS 0.1.1 - Arbitrary File Upload / Cross-Site Scripting @CMS 2.1.1 - SQL Injection eNews 0.1 - 'delete.php' Arbitrary Delete Post PHP KnowledgeBase Script 2.4 - 'cat_id' Parameter SQL Injection OFFL 0.2.6 - (teams.php fflteam) SQL Injection Online Fantasy Football League (OFFL) 0.2.6 - 'teams.php' SQL Injection phpAuction 3.2.1 - (item.php id) SQL Injection Joomla! Component EXP Shop - 'catid' SQL Injection DUdForum 3.0 - (forum.asp iFor) SQL Injection shibby shop 2.2 - (SQL Injection / update) Multiple Vulnerabilities phpAuction 3.2.1 - 'item.php' SQL Injection Joomla! Component EXP Shop - 'catid' Parameter SQL Injection DUdForum 3.0 - 'iFor' Parameter SQL Injection shibby shop 2.2 - Multiple Vulnerabilities LiteNews 0.1 - 'id' SQL Injection LiteNews 0.1 - 'id' Parameter SQL Injection ClipShare Pro 2006-2007 - (chid) SQL Injection ClipShare Pro 2006-2007 - 'chid' Parameter SQL Injection phpauctionsystem - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities phpauctionsystem - Cross-Site Scripting / SQL Injection Jamroom - 'index.php t' Local File Inclusion Jamroom 4.0.2 - 't' Parameter Local File Inclusion Oxygen2PHP 1.1.3 - (member.php) SQL Injection Oxygen2PHP 1.1.3 - 'member.php' SQL Injection Oxygen2PHP 1.1.3 - (post.php) Blind SQL Injection Oxygen2PHP 1.1.3 - (forumdisplay.php) Blind SQL Injection Oxygen2PHP 1.1.3 - 'post.php' Blind SQL Injection Oxygen2PHP 1.1.3 - 'forumdisplay.php' Blind SQL Injection MyPhpAuction 2010 - 'id' SQL Injection MyPhpAuction 2010 - 'id' Parameter SQL Injection CuteNews - 'index.php?page' Local File Inclusion CuteNews - 'page' Parameter Local File Inclusion Lasernet CMS 1.5 - SQL Injection (1) LaserNet CMS 1.5 - SQL Injection (1) WebCalendar 1.2.4 - (install/index.php) Remote Code Execution WebCalendar 1.2.4 - Remote Code Execution MyMarket 1.71 - Form_Header.php Cross-Site Scripting MyMarket 1.71 - 'Form_Header.php' Cross-Site Scripting CuteNews 0.88 - shownews.php Remote File Inclusion CuteNews 0.88 - search.php Remote File Inclusion CuteNews 0.88 - comments.php Remote File Inclusion CuteNews 0.88 - 'shownews.php' Remote File Inclusion CuteNews 0.88 - 'search.php' Remote File Inclusion CuteNews 0.88 - 'comments.php' Remote File Inclusion WebCalendar 0.9.x - colors.php color Cross-Site Scripting WebCalendar 0.9.x - week.php user Cross-Site Scripting CuteNews 0.88/1.3 - example1.php id Parameter Cross-Site Scripting CuteNews 0.88/1.3 - example2.php id Parameter Cross-Site Scripting CuteNews 0.88/1.3 - show_archives.php id Parameter Cross-Site Scripting CuteNews 0.88/1.3 - 'example1.php' Cross-Site Scripting CuteNews 0.88/1.3 - 'example2.php' Cross-Site Scripting CuteNews 0.88/1.3 - 'show_archives.php' Cross-Site Scripting CuteNews 1.3.1 - show_archives.php archive Parameter Cross-Site Scripting CuteNews 1.3.1 - 'show_archives.php' Cross-Site Scripting ClipShare 4.1.1 - (gmembers.php gid Parameter) Blind SQL Injection ClipShare 4.1.1 - 'gid' Parameter Blind SQL Injection CutePHP CuteNews 1.3.6 - x-forwarded-for Script Injection CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection CuteNews 1.4.1 - show_archives.php template Parameter Traversal Arbitrary File Access CuteNews 1.4.1 - show_news.php template Parameter Traversal Arbitrary File Access CuteNews 1.4.1 - 'show_archives.php' Traversal Arbitrary File Access CuteNews 1.4.1 - 'template' Parameter Traversal Arbitrary File Access WebCalendar 1.0.1 - Layers_Toggle.php HTTP Response Splitting WebCalendar 1.0.1 - 'Layers_Toggle.php' HTTP Response Splitting CuteNews 1.4.1 - show_news.php Cross-Site Scripting CuteNews 1.4.1 - 'show_news.php' Cross-Site Scripting O2PHP Oxygen 1.0/1.1 - post.php SQL Injection O2PHP Oxygen 1.0/1.1 - 'post.php' SQL Injection Freenews 1.1 - Aff_News.php Remote File Inclusion Freenews 1.1 - 'Aff_News.php' Remote File Inclusion ActiveNews Manager - activenews_view.asp articleId Parameter SQL Injection ActiveNews Manager - 'articleId' Parameter SQL Injection ActiveNews Manager - default.asp page Parameter SQL Injection ActiveNews Manager - activenews_search.asp query Parameter Cross-Site Scripting Active News Manager - activeNews_categories.asp catID Parameter SQL Injection Active News Manager - activeNews_comments.asp articleId Parameter SQL Injection ActiveNews Manager - 'page' Parameter SQL Injection ActiveNews Manager - 'query' Parameter Cross-Site Scripting Active News Manager - 'catID' Parameter SQL Injection Active News Manager - 'articleId' Parameter SQL Injection CuteNews 1.4.5 - show_news.php Query String Cross-Site Scripting CuteNews 1.4.5 - rss.php rss_title Parameter Cross-Site Scripting CuteNews 1.4.5 - 'show_news.php' Cross-Site Scripting CuteNews 1.4.5 - 'rss_title' Parameter Cross-Site Scripting CuteNews 1.3.6 - Result Parameter Cross-Site Scripting CuteNews 1.3.6 - 'result' Parameter Cross-Site Scripting ClipShare 1.5.3 - ADODB-Connection.Inc.php Remote File Inclusion ClipShare 1.5.3 - 'ADODB-Connection.Inc.php' Remote File Inclusion WebCalendar 1.1.6 - pref.php Query String Cross-Site Scripting WebCalendar 1.1.6 - search.php adv Parameter Cross-Site Scripting WebCalendar 1.1.6 - 'pref.php' Cross-Site Scripting WebCalendar 1.1.6 - 'search.php' Cross-Site Scripting SiteXS CMS 0.0.1 - 'upload.php' Arbitrary File Upload SiteXS CMS 0.1.1 - 'upload.php' Arbitrary File Upload Basic-CMS - 'index.php' SQL Injection Joomla! Component EXP Shop 1.0 'com_expshop' - SQL Injection Joomla! Component EXP Shop 1.0 - SQL Injection Jamroom 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities Jamroom 3.3.8 - Cookie Authentication Bypass CuteNews 1.4.6 - register.php result Parameter Cross-Site Scripting CuteNews 1.4.6 - 'result' Parameter Cross-Site Scripting CuteNews 1.4.6 - search.php from_date_day Parameter Full Path Disclosure CuteNews 1.4.6 - 'from_date_day' Parameter Full Path Disclosure ZeroCMS 1.0 - (zero_view_article.php article_id Parameter) SQL Injection ZeroCMS 1.0 - 'zero_view_article.php' SQL Injection ZeroCMS 1.0 - zero_transact_user.php Handling Privilege Escalation ZeroCMS 1.0 - 'zero_transact_user.php' Handling Privilege Escalation ZeroCMS 1.0 - (zero_transact_article.php article_id POST Parameter) SQL Injection ZeroCMS 1.0 - 'zero_transact_article.php' SQL Injection WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (1) WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (2) Netgear R7000 - Command Injection	2016-12-10 05:01:16 +00:00
Offensive Security	0231ae9ba7	DB: 2016-12-09 5 new exploits Dual DHCP DNS Server 7.29 - Denial of Service TP-LINK TD-W8951ND - Denial of Service OpenSSH 7.2 - Denial of Service Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation Advanced Webhost Billing System (AWBS) - cart2.php Remote File Inclusion Advanced Webhost Billing System (AWBS) 2.4.0 - 'cart2.php' Remote File Inclusion AWBS 2.7.1 - (news.php viewnews) SQL Injection Anata CMS 1.0b5 - (change.php) Arbitrary Add Admin Advanced Webhost Billing System (AWBS) 2.7.1 - 'news.php' SQL Injection Anata CMS 1.0b5 - 'change.php' Arbitrary Add Admin Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass Simple Machines Forum (SMF) 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass Simple Machines Forum (SMF) - Multiple Security Vulnerabilities Simple Machines Forum (SMF) 1.1.10/2.0 RC2 - Multiple Security Vulnerabilities Advanced Webhost Billing System 2.2.2 - contact.php Multiple Cross-Site Scripting Vulnerabilities Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection Advanced Webhost Billing System (AWBS) 2.9.2 - 'oid' Parameter SQL Injection Simple Machines Forum (SMF) 2.0.2 - 'index.php' scheduled Parameter Cross-Site Scripting Simple Machines Forum (SMF) 2.0.2 - 'scheduled' Parameter Cross-Site Scripting Cisco Unified Communications Manager 7/8/9 - Directory Traversal	2016-12-09 05:01:19 +00:00
g0tmi1k	f8d598fca8	Merge pull request #65 from g0tmi1k/searchsploit Fix for #64	2016-12-08 20:36:52 +00:00
g0tmi1k	b94b787e2d	Fix for #64 Dirty, but it works	2016-12-08 20:35:54 +00:00
Offensive Security	fb1dd3709f	DB: 2016-12-08 12 new exploits vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit vsftpd 2.0.5 - 'CWD' Authenticated Remote Memory Consumption XChat - Heap Overflow Denial of Service XChat 2.8.9 - Heap Overflow Denial of Service Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (1) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (1) glibc - getaddrinfo Stack Based Buffer Overflow (1) glibc - 'getaddrinfo' Stack Based Buffer Overflow (PoC) Microsoft Edge - JSON.parse Info Leak Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index Microsoft Edge - CMarkup::EnsureDeleteCFState Use-After-Free (MS15-125) Microsoft Internet Explorer 9 - CDoc::ExecuteScriptUri Use-After-Free (MS13-009) Microsoft Edge - CBaseScriptable::PrivateQueryInterface Memory Corruption (MS16-068) Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC) Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1) Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation (2) Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Microsoft PowerShell - XML External Entity Injection XChat 2.8.7b - (URI Handler) Remote Code Execution (Internet Explorer 6/7' XChat 2.8.7b - 'URI Handler' Remote Code Execution (Internet Explorer 6/7) Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap glibc - getaddrinfo Stack Based Buffer Overflow (2) glibc - 'getaddrinfo' Stack Based Buffer Overflow Microsoft Internet Explorer jscript9 - JavaScriptStackWalker Memory Corruption (MS15-056) Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes) Gravity Board X 1.1 - (csscontent) Remote Code Execution Gravity Board X 1.1 - 'csscontent' Parameter Remote Code Execution Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion Mambo Component ExtCalendar 2.0 - Remote File Inclusion Mambo Component com_babackup 1.1 - File Inclusion Mambo Component bigAPE-Backup 1.1 - File Inclusion E-Smart Cart 1.0 - 'Product_ID' SQL Injection E-Smart Cart 1.0 - 'Product_ID' Parameter SQL Injection Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion Joomla! / Mambo Component SWmenu 4.0 - Remote File Inclusion Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion Joomla! / Mambo Component New Article 1.1 - Remote File Inclusion Cartweaver - 'Details.cfm ProdID' SQL Injection Cartweaver 2.16.11 - 'ProdID' Parameter SQL Injection Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' Parameter SQL Injection xeCMS 1.x - (view.php list) Remote File Disclosure xeCMS 1.x - 'view.php' Remote File Disclosure Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection Mambo Component Portfolio Manager 1.0 - 'categoryId' Parameter SQL Injection Easy-Clanpage 2.2 - 'id' SQL Injection Easy-Clanpage 2.2 - 'id' Parameter SQL Injection JAMM CMS - 'id' Blind SQL Injection Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities JAMM CMS - 'id' Parameter Blind SQL Injection Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection Butterfly ORGanizer 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities GLLCTS2 <= 4.2.4 - 'detail' Parameter SQL Injection Butterfly ORGanizer 2.0.0 - SQL Injection / Cross-Site Scripting Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection Mambo Component Galleries 1.0 - 'aid' Parameter SQL Injection Easy-Clanpage 3.0b1 - (section) Local File Inclusion WebChamado 1.1 - (tsk_id) SQL Injection Pre News Manager 1.0 - (index.php id) SQL Injection Pre Ads Portal 2.0 - SQL Injection Easy-Clanpage 3.0b1 - 'section' Parameter Local File Inclusion WebChamado 1.1 - 'tsk_id' Parameter SQL Injection Pre News Manager 1.0 - 'id' Parameter SQL Injection Pre ADS Portal 2.0 - SQL Injection GLLCTS2 - 'listing.php sort' Blind SQL Injection GLLCTS2 - 'sort' Parameter Blind SQL Injection Contenido 4.8.4 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Contenido 4.8.4 - Remote File Inclusion / Cross-Site Scripting PHPMyCart - 'shop.php cat' SQL Injection SHOUTcast Admin Panel 2.0 - (page) Local File Inclusion Cartweaver 3 - (prodId) Blind SQL Injection DIY - (index_topic did) Blind SQL Injection PHPMyCart 1.3 - 'cat' Parameter SQL Injection SHOUTcast Admin Panel 2.0 - 'page' Parameter Local File Inclusion Cartweaver 3 - 'prodId' Parameter Blind SQL Injection DIY - 'did' Parameter Blind SQL Injection ezcms 1.2 - (Blind SQL Injection / Authentication Bypass) Multiple Vulnerabilities PHPEasyNews 1.13 RC2 - (POST) SQL Injection ezcms 1.2 - Blind SQL Injection / Authentication Bypass PHPEasyNews 1.13 RC2 - 'POST' Parameter SQL Injection Devalcms 1.4a - (currentfile) Local File Inclusion Devalcms 1.4a - 'currentfile' Parameter Local File Inclusion IPTBB 0.5.6 - (index.php act) Local File Inclusion IPTBB 0.5.6 - 'act' Parameter Local File Inclusion Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection Mambo Component Articles - 'artid' Parameter Blind SQL Injection Mambo Component 'com_n-gallery' - Multiple SQL Injections Mambo Component N-Gallery - Multiple SQL Injections devalcms 1.4a - Cross-Site Scripting / Remote Code Execution Devalcms 1.4a - Cross-Site Scripting / Remote Code Execution PHP JOBWEBSITE PRO - (Authentication Bypass) SQL Injection PHP JOBWEBSITE PRO - Authentication Bypass Pre ADS Portal 2.0 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities Pre ADS Portal 2.0 - Authentication Bypass / Cross-Site Scripting Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection Mambo Component n-form - 'form_id' Parameter Blind SQL Injection Pre Job Board - (Authentication Bypass) SQL Injection Pre Job Board - Authentication Bypass Butterfly ORGanizer 2.0.1 - (view.php id) SQL Injection Butterfly ORGanizer 2.0.1 - 'id' Parameter SQL Injection facil-cms 0.1rc2 - Multiple Vulnerabilities Facil-CMS 0.1RC2 - Multiple Vulnerabilities Family Connections CMS 1.9 - (member) SQL Injection Family Connections CMS 1.9 - SQL Injection Mambo Component 'com_hestar' - SQL Injection Mambo Component Hestar - SQL Injection Joomla! / Mambo Component 'com_tupinambis' - SQL Injection Joomla! / Mambo Component Tupinambis - SQL Injection Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion Joomla! / Mambo Component D4J eZine 2.1 - Remote File Inclusion Mambo Component 'com_materialsuche' 1.0 - SQL Injection Mambo Component Material Suche 1.0 - SQL Injection Pre ADS Portal - 'cid' SQL Injection Pre ADS Portal - 'cid' Parameter SQL Injection Pre News Manager - (nid) SQL Injection Pre News Manager - 'nid' Parameter SQL Injection Mambo Component 'com_akogallery' - SQL Injection Mambo Component AkoGallery - SQL Injection Mambo Component 'com_mambads' - SQL Injection Mambo Component MambAds - SQL Injection Facil-CMS - (Local File Inclusion / Remote File Inclusion) Facil-CMS 0.1RC2 - Local / Remote File Inclusion AskMe Pro 2.1 - (que_id) SQL Injection Alstrasoft AskMe Pro 2.1 - 'que_id' Parameter SQL Injection Pre Job Board Pro - SQL Injection Authentication Bypass Pre Job Board Pro - Authentication Bypass DiY-CMS 1.0 - Multiple Remote File Inclusion DIY-CMS 1.0 - Multiple Remote File Inclusion Alstrasoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection Alstrasoft AskMe Pro 2.1 - (profile.php?id) SQL Injection Alstrasoft AskMe Pro 2.1 - 'profile.php' SQL Injection Pre Ads Portal - SQL Bypass Pre ADS Portal - Authentication Bypass Family Connections CMS 2.3.2 - (POST) Persistent Cross-Site Scripting / XML Injection Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting / XML Injection Family Connections CMS 2.5.0 / 2.7.1 - (less.php) Remote Command Execution Family Connections CMS 2.5.0 / 2.7.1 - 'less.php' Remote Command Execution Family Connections CMS - 'less.php' Remote Command Execution (Metasploit) Family Connections CMS 2.7.1 - 'less.php' Remote Command Execution (Metasploit) Gravity Board X 1.1 - DeleteThread.php Cross-Site Scripting Clever Copy 3.0 - Connect.INC Information Disclosure Clever Copy 3.0 - 'Connect.INC' Information Disclosure Cartweaver 2.16.11 - Results.cfm category Parameter SQL Injection Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection Cartweaver 2.16.11 - 'Results.cfm' SQL Injection Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion Mambo Component LMTG Myhomepage 1.2 - Multiple Remote File Inclusion Mambo Component Rssxt 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion Mambo Component Display MOSBot Manager - 'MosConfig_absolute_path' Parameter Remote File Inclusion Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion Joomla! / Mambo Component Comprofiler 1.0 - 'class.php' Remote File Inclusion Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection Joomla! / Mambo Component Filebase - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection PHP JOBWEBSITE PRO - siteadmin/forgot.php adname Parameter SQL Injection PHP JOBWEBSITE PRO - siteadmin/forgot.php Multiple Parameter Cross-Site Scripting PHP JOBWEBSITE PRO - 'adname' Parameter SQL Injection PHP JOBWEBSITE PRO - 'forgot.php' Cross-Site Scripting Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection Conkurent PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection Mambo Component Docman 1.3.0 - Multiple SQL Injection Mambo Component 'com_n-skyrslur' - Cross-Site Scripting Mambo Component N-Skyrslur - Cross-Site Scripting Mambo Component 'com_n-gallery' - SQL Injection Mambo Component N-Gallery - SQL Injection Mambo Component 'com_n-press' - SQL Injection Mambo Component N-Press - SQL Injection Mambo Component 'com_n-frettir' - SQL Injection Mambo Component 'com_n-myndir' - SQL Injection Mambo Component N-Frettir - SQL Injection Mambo Component N-Myndir - SQL Injection AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities Edge SkateShop - Authentication bypass AbanteCart 1.2.7 - Cross-Site Scripting	2016-12-08 05:01:21 +00:00
Offensive Security	855e59f932	DB: 2016-12-07 9 new exploits MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC) Asterisk - (SIP channel driver / in pedantic mode) Remote Crash Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC) Asterisk 1.2.x - (SIP channel driver / in pedantic mode) Remote Crash F5 BIG-IP - Remote Root Authentication Bypass (1) F5 BIG-IP - Authentication Bypass (1) Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow NTPd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow NetCat 0.7.1 - Denial of Service Microsoft Event Viewer 1.0 - XML External Entity Injection Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection Apache CouchDB 2.0.0 - Local Privilege Escalation Samba 2.2.8 - Remote Root Exploit Samba 2.2.8 - Remote Code Execution Microsoft Windows - WebDAV Remote Root Exploit (2) Microsoft Windows - WebDAV Remote Code Execution (2) Microsoft IIS 5.0 - WebDAV Remote Root Exploit (3) (xwdav) Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav) miniSQL (mSQL) 1.3 - Remote GID Root Exploit miniSQL (mSQL) 1.3 - GID Remote Code Execution Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit GtkFtpd 1.0.4 - Remote Root Buffer Overflow Real Server 7/8/9 (Windows / Linux) - Remote Code Execution GtkFtpd 1.0.4 - Buffer Overflow Solaris Sadmind - Default Configuration Remote Root Exploit Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit Solaris Sadmind - Default Configuration Remote Code Execution Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / Brute Force Exploit ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit Cyrus IMSPD 1.7 - 'abook_dbname' Remote Code Execution Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Remote Root Exploit Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Monit 4.1 - Remote Root Buffer Overflow Monit 4.2 - Remote Root Buffer Overflow Monit 4.1 - Buffer Overflow Monit 4.2 - Buffer Overflow INND/NNRP < 1.6.x - Remote Root Overflow INND/NNRP < 1.6.x - Overflow Exploit LPRng (RedHat 7.0) - lpd Remote Root Format String LPRng (RedHat 7.0) - 'lpd' Format String BeroFTPD 1.3.4(1) (Linux/x86) - Remote Root Exploit BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution BIND 8.2.x - (TSIG) Remote Root Stack Overflow (1) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (2) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (3) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (4) BIND 8.2.x - (TSIG) Stack Overflow (1) BIND 8.2.x - (TSIG) Stack Overflow (2) BIND 8.2.x - (TSIG) Stack Overflow (3) BIND 8.2.x - (TSIG) Stack Overflow (4) HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Root Exploit CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Solaris /bin/login (SPARC/x86) - Remote Root Exploit Solaris /bin/login (SPARC/x86) - Remote Code Execution Drcat 0.5.0-beta - (drcatd) Remote Root Exploit Drcat 0.5.0-beta - 'drcatd' Remote Code Execution Dropbear SSH 0.34 - Remote Root Exploit Dropbear SSH 0.34 - Remote Code Execution Apple Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow Apple Mac OSX 10.3.3 - AppleFileServer Overflow Remote Code Execution Monit 4.2 - Basic Authentication Remote Root Exploit Monit 4.2 - Basic Authentication Remote Code Execution WvTFTPd 0.9 - Remote Root Heap Overflow WvTFTPd 0.9 - Heap Overflow Qwik SMTP 0.3 - Remote Root Format String Qwik SMTP 0.3 - Format String Citadel/UX 6.27 - Remote Root Format String Citadel/UX 6.27 - Format String Knox Arkeia Server Backup 5.3.x - Remote Root Exploit Knox Arkeia Server Backup 5.3.x - Remote Code Execution Smail 3.2.0.120 - Remote Root Heap Overflow mtftpd 0.0.3 - Remote Root Exploit Smail 3.2.0.120 - Heap Overflow mtftpd 0.0.3 - Remote Code Execution dSMTP Mail Server 3.1b - Linux Remote Root Format String dSMTP Mail Server 3.1b (Linux) - Format String Exploit IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit linux-ftpd-ssl 0.17 - 'MKD'/'CWD' Remote Code Execution MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow Alt-N MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow dproxy-nexgen (Linux/x86) - Buffer Overflow Kerberos 1.5.1 - Kadmind Remote Root Buffer Overflow Kerberos 1.5.1 - Kadmind Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield) webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow Sun Solaris 10 - rpc.ypupdated Remote Root Exploit Sun Solaris 10 - 'rpc.ypupdated' Remote Code Execution ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit) Sun Solaris 10 - rpc.ypupdated Remote Code Execution (Metasploit) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python) Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python) Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit Solaris 9 (UltraSPARC) - sadmind Remote Code Execution Apache SpamAssassin Milter Plugin 0.3.1 - Remote Root Command Execution Apache SpamAssassin Milter Plugin 0.3.1 - Remote Command Execution Microworld eScan AntiVirus < 3.x - Remote Root Command Execution Microworld eScan AntiVirus < 3.x - Remote Code Execution AIX5l with FTP-Server - Remote Root Hash Disclosure AIX5l with FTP-Server - Hash Disclosure McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution) McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Remote Code Execution) ProFTPd 1.3.3c - Compromised Source Remote Root Trojan ProFTPd 1.3.3c - Compromised Source (Trojan) Remote Code Execution Comtrend ADSL Router CT-5367 C01_R12 - Remote Root Exploit Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit) Alt-N MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit) ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution DreamBox DM800 1.5rc1 - Remote Root File Disclosure DreamBox DM800 1.5rc1 - File Disclosure TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite TelnetD encrypt_keyid - Function Pointer Overwrite F5 BIG-IP - Remote Root Authentication Bypass (2) MySQL - Remote Root Authentication Bypass F5 BIG-IP - Authentication Bypass (2) MySQL - Authentication Bypass ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection WIDZ 1.0/1.5 - Remote Root Compromise WIDZ 1.0/1.5 - Remote Code Execution Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH) DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow proManager 0.73 - (note.php) SQL Injection ProManager 0.73 - 'note.php' SQL Injection pNews 1.1.0 - (nbs) Remote File Inclusion pNews 1.1.0 - 'nbs' Parameter Remote File Inclusion Power Phlogger 2.0.9 - (config.inc.php3) File Inclusion Power Phlogger 2.0.9 - 'config.inc.php3' File Inclusion eFiction 3.1.1 - (path_to_smf) Remote File Inclusion eFiction 3.1.1 - 'path_to_smf' Remote File Inclusion FlexPHPNews 0.0.5 - (news.php newsid) SQL Injection FlexPHPNews 0.0.5 - 'newsid' Parameter SQL Injection Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion Achievo 1.1.0 - 'config_atkroot' Parameter Remote File Inclusion SimpNews 2.40.01 - (print.php newnr) SQL Injection SimpNews 2.40.01 - 'newnr' Parameter SQL Injection PHPNews 0.93 - (format_menue) Remote File Inclusion PHPNews 0.93 - 'format_menue' Parameter Remote File Inclusion meBiblio 0.4.5 - (index.php action) Remote File Inclusion meBiblio 0.4.5 - 'action' Parameter Remote File Inclusion Joomla! Component rapidrecipe 1.6.5 - SQL Injection Joomla! Component Rapid Recipe 1.6.5 - SQL Injection mebiblio 0.4.7 - (SQL Injection / Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities mebiblio 0.4.7 - SQL Injection / Arbitrary File Upload / Cross-Site Scripting pLog - 'albumID' SQL Injection smeweb 1.4b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PLog 1.0.6 - 'albumID' Parameter SQL Injection smeweb 1.4b - SQL Injection / Cross-Site Scripting Joomla! Component joomradio 1.0 - 'id' SQL Injection Joomla! Component JoomRadio 1.0 - 'id' Parameter SQL Injection Battle Blog 1.25 - (comment.asp) SQL Injection Battle Blog 1.25 - 'comment.asp' SQL Injection 1Book Guestbook Script - Code Execution 1Book Guestbook Script 1.0.1 - Code Execution PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component EasyBook 1.1 - (gbid) SQL Injection 427bb 2.3.1 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PHP-Address Book 3.1.5 - SQL Injection / Cross-Site Scripting Joomla! Component EasyBook 1.1 - 'gbid' Parameter SQL Injection 427bb 2.3.1 - SQL Injection / Cross-Site Scripting Power Phlogger 2.2.5 - (css_str) SQL Injection pSys 0.7.0.a - (shownews) SQL Injection Joomla! Component JoomlaDate - (user) SQL Injection Power Phlogger 2.2.5 - 'css_str' Parameter SQL Injection pSys 0.7.0.a - 'shownews' Parameter SQL Injection Joomla! Component JoomlaDate 1.2 - 'user' Parameter SQL Injection JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component yvcomment 1.16 - Blind SQL Injection JiRo's FAQ Manager eXperience 1.0 - 'fID' Parameter SQL Injection phpinv 0.8.0 - Local File Inclusion / Cross-Site Scripting Joomla! Component yvComment 1.16 - Blind SQL Injection BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion Joomla! Component rapidrecipe - SQL Injection Joomla! Component Rapid Recipe 1.6.6/1.6.7 - SQL Injection Joomla! Component iJoomla! News Portal - 'itemID' SQL Injection Joomla! Component iJoomla News Portal 1.0 - 'itemID' Parameter SQL Injection real estate Web site 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities telephone directory 2008 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ASPilot Pilot Cart 7.3 - (article) SQL Injection real estate Web site 1.0 - SQL Injection / Cross-Site Scripting Telephone Directory 2008 - SQL Injection / Cross-Site Scripting ASPilot Pilot Cart 7.3 - 'article' Parameter SQL Injection Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite pNews 2.08 - (shownews) SQL Injection Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite pNews 2.08 - 'shownews' Parameter SQL Injection ErfurtWiki R1.02b - (css) Local File Inclusion DCFM Blog 0.9.4 - (comments) SQL Injection yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Insanely Simple Blog 0.5 - (index) SQL Injection ASPPortal Free Version - 'Topic_Id' SQL Injection Experts 1.0.0 - (answer.php) SQL Injection SyndeoCMS 2.6.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ErfurtWiki R1.02b - Local File Inclusion DCFM Blog 0.9.4 - SQL Injection Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection Insanely Simple Blog 0.5 - SQL Injection ASPPortal Free Version - 'Topic_Id' Parameter SQL Injection Experts 1.0.0 - 'answer.php' SQL Injection SyndeoCMS 2.6.0 - Local File Inclusion / Cross-Site Scripting Yuhhu 2008 SuperStar - 'board' SQL Injection Yuhhu 2008 SuperStar - 'board' Parameter SQL Injection eFiction 3.0 - (toplists.php list) SQL Injection eFiction 3.0 - 'toplists.php' SQL Injection pSys 0.7.0 Alpha - (chatbox.php) SQL Injection pSys 0.7.0 Alpha - 'chatbox.php' SQL Injection pNews 2.03 - (newsid) SQL Injection pNews 2.03 - 'newsid' Parameter SQL Injection Joomla! Component JooBlog 0.1.1 - (PostID) SQL Injection Joomla! Component JooBlog 0.1.1 - 'PostID' Parameter SQL Injection FlexPHPNews 0.0.6 & PRO - (Authentication Bypass) SQL Injection FlexPHPNews 0.0.6 & PRO - Authentication Bypass E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities E-ShopSystem - Authentication Bypass / SQL Injection Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload 427BB Fourtwosevenbb 2.3.2 - SQL Injection 427BB 2.3.2 - SQL Injection Joomla! Component 'com_joomradio' - SQL Injection Joomla! Component JoomRadio 1.0 - SQL Injection Joomla! Component 'com_elite_experts' - SQL Injection Joomla! Component Elite Experts - SQL Injection ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection Contrexx ShopSystem 2.2 SP3 (catId) - Blind SQL Injection Contrexx ShopSystem 2.2 SP3 - 'catId' Parameter Blind SQL Injection Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting Alt-N MDaemon free 12.5.4 - Persistent Cross-Site Scripting SimpNews 2.0.1/2.13 - PATH_SIMPNEWS Remote File Inclusion SimpNews 2.0.1/2.13 - 'path_simpnews' Parameter Remote File Inclusion PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion PHPSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - system_footer.php Multiple Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - 'sensor_program' Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure Seowonintech Routers fw: 2.3.9 - File Disclosure PHPNews 1.2.x - auth.php SQL Injection PHPNews 1.2.x - 'auth.php' SQL Injection efiction 1.0/1.1/2.0 - titles.php let Parameter Cross-Site Scripting efiction 1.0/1.1/2.0 - titles.php let Parameter SQL Injection efiction 1.0/1.1/2.0 - viewstory.php sid Parameter SQL Injection efiction 1.0/1.1/2.0 - viewuser.php uid Parameter SQL Injection efiction 1.0/1.1/2.0 - 'titles.php' Cross-Site Scripting efiction 1.0/1.1/2.0 - 'titles.php' SQL Injection efiction 1.0/1.1/2.0 - 'sid' Parameter SQL Injection efiction 1.0/1.1/2.0 - 'uid' Parameter SQL Injection 427BB 2.2 - showthread.php SQL Injection 427BB 2.2 - 'showthread.php' SQL Injection BrowserCRM - results.php Cross-Site Scripting Simpnews 2.x - Wap_short_news.php Remote File Inclusion Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting Yblog - funk.php id Parameter Cross-Site Scripting Yblog - tem.php action Parameter Cross-Site Scripting Yblog - uss.php action Parameter Cross-Site Scripting Yblog - 'funk.php' Cross-Site Scripting Yblog - 'tem.php' Cross-Site Scripting Yblog - 'uss.php' Cross-Site Scripting Simpnews 2.x - admin/index.php Unspecified Cross-Site Scripting Simpnews 2.x - admin/pwlost.php Unspecified Cross-Site Scripting Simpnews 2.x - 'index.php' Cross-Site Scripting Simpnews 2.x - 'pwlost.php' Cross-Site Scripting PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting Insanely Simple Blog 0.4/0.5 - 'index.php' current_subsection Parameter SQL Injection Insanely Simple Blog 0.4/0.5 - Blog Anonymous Blog Entry Cross-Site Scripting Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting SimpNews 2.41.3 - admin/layout2b.php l_username Parameter Cross-Site Scripting SimpNews 2.41.3 - comment.php backurl Parameter Cross-Site Scripting SimpNews 2.41.3 - 'l_username' Parameter Cross-Site Scripting SimpNews 2.41.3 - 'backurl' Parameter Cross-Site Scripting BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection BrowserCRM 5.100.1 - modules/Documents/index.php contact_id Parameter SQL Injection BrowserCRM 5.100.1 - Multiple Script URI Cross-Site Scripting BrowserCRM 5.100.1 - license/index.php framed Parameter Cross-Site Scripting BrowserCRM 5.100.1 - licence/view.php framed Parameter Cross-Site Scripting BrowserCRM 5.100.1 - pub/clients.php login[] Parameter Cross-Site Scripting BrowserCRM 5.100.1 - 'index.php' login[] Parameter Cross-Site Scripting BrowserCRM 5.100.1 - 'parent_id' Parameter SQL Injection BrowserCRM 5.100.1 - 'contact_id' Parameter SQL Injection BrowserCRM 5.100.1 - URI Cross-Site Scripting BrowserCRM 5.100.1 - 'framed' Parameter Cross-Site Scripting Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection BrowserCRM 5.100.1 - 'clients.php' Cross-Site Scripting BrowserCRM 5.100.1 - 'login[]' Cross-Site Scripting	2016-12-07 05:01:17 +00:00
Offensive Security	5dc941e36b	DB: 2016-12-06 5 new exploits Foxit Reader 4.1.1 - Stack Overflow (Egghunter Mod) Foxit Reader 4.1.1 - Stack Overflow (Egghunter) iSQL 1.0 - Shell Command Injection iSQL 1.0 - Command Injection Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection Microsoft Excel Starter 2010 - XML External Entity Injection Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity Injection Samba 2.2.x - Remote Root Buffer Overflow Samba 2.2.x - Buffer Overflow PoPToP PPTP 1.1.4-b3 - Remote Root Exploit Snort 1.9.1 - 'p7snort191.sh' Remote Root Exploit PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit PoPToP PPTP 1.1.4-b3 - Remote Command Execution Snort 1.9.1 - 'p7snort191.sh' Remote Command Execution PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Command Execution Sendmail 8.12.8 - Prescan() BSD Remote Root Exploit Sendmail 8.12.8 - Prescan() BSD Remote Command Execution WsMp3d 0.x - Remote Root Heap Overflow WsMp3d 0.x - Heap Overflow Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit Atftpd 0.6 - 'atftpdx.c' Remote Command Execution Samba 2.2.8 - (Brute Force Method) Remote Root Exploit Samba 2.2.8 - (Brute Force Method) Remote Command Execution WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit WU-FTPD 2.6.2 - Off-by-One Remote Command Execution WU-FTPD 2.6.2 - Remote Root Exploit WU-FTPD 2.6.2 - Remote Command Execution WU-FTPD 2.6.0 - Remote Root Exploit WU-FTPD 2.6.0 - Remote Command Execution LPRng 3.6.22/23/24 - Remote Root Exploit LPRng 3.6.22/23/24 - Remote Command Execution LPRng 3.6.24-1 - Remote Root Exploit LPRng 3.6.24-1 - Remote Command Execution WU-FTPD 2.6.1 - Remote Root Exploit SSH (x2) - Remote Root Exploit WU-FTPD 2.6.1 - Remote Command Execution SSH (x2) - Remote Command Execution BSD TelnetD - Remote Root Exploit (1) BSD TelnetD - Remote Command Execution (1) Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit Sendmail with clamav-milter < 0.91.2 - Remote Command Execution ProFTPd IAC 1.3.x - Remote Root Exploit ProFTPd IAC 1.3.x - Remote Command Execution Exim 4.63 - Remote Root Exploit Exim 4.63 - Remote Command Execution Splunk - Remote Root Exploit Splunk - Remote Command Execution FreeBSD OpenSSH 3.5p1 - Remote Root Exploit FreeBSD OpenSSH 3.5p1 - Remote Command Execution HP Data Protector (Linux) - Remote Root Shell HP Data Protector (Linux) - Remote Command Execution FreeBSD ftpd and ProFTPd on FreeBSD - Remote Root Exploit FreeBSD ftpd and ProFTPd on FreeBSD - Remote Command Execution Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Root Remote Code Execution) Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Remote Code Execution) BSD TelnetD - Remote Root Exploit (2) BSD TelnetD - Remote Command Execution (2) Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Root Remote Code Execution) Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Remote Command Execution) Sendmail 8.6.9 IDENT - Remote Root Exploit Sendmail 8.6.9 IDENT - Remote Command Execution Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Exploit ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQL Injection ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection H-Sphere Webshell 2.4 - Remote Root Exploit H-Sphere Webshell 2.4 - Remote Command Execution MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Root Exploit MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution Ubiquiti AirOS 5.5.2 - Authenticated Remote Command Execution Allied Telesis AT-MCF2000M 3.0.2 - Gaining Root Shell Access Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution Novell NCP - Unauthenticated Remote Root Exploit Novell NCP - Unauthenticated Remote Command Execution Seowonintech Devices - Remote Root Exploit Seowonintech Devices - Remote Command Execution ASUS RT-AC66U - acsd Parameter Remote Root Shell ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP) ASUS RT-N56U - Remote Buffer Overflow (ROP) NovaSTOR NovaNET 12.0 - Remote Root Exploit NovaSTOR NovaNET 12.0 - Remote Command Execution ALCASAR 2.8 - Remote Root Code Execution ALCASAR 2.8 - Remote Code Execution F5 iControl - Remote Root Command Execution (Metasploit) F5 iControl - Remote Command Execution (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Command Execution (Metasploit) Seagate Central 2014.0410.0026-F - Remote Root Exploit Seagate Central 2014.0410.0026-F - Remote Command Execution Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit Proxmox VE 3/4 - Insecure Hostname Checking Remote Command Execution Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit) BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution Alcatel Lucent Omnivista 8770 - Remote Code Execution Windows x86 - Password Protected TCP Bind Shell (637 bytes) Windows x86 - Password Protected TCP Bind Shellcode (637 bytes) Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes) Windows x86 - URLDownloadToFileA() / SetFileAttributesA() / WinExec() / ExitProcess() Shellcode (394 bytes) Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes) Linux/x86-64 - Syscall Persistent Bind Shell / Multi-terminal / Password / Daemon Shellcode (83_ 148_ 177 bytes) Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes) Linux/x86-64 - Subtle Probing Reverse Shell / Timer_ Burst / Password / Multi-Terminal Shellcode (84_ 122_ 172 bytes) Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes) Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes) Linux/x86 - NetCat Bind Shellcode with Port (44 / 52 bytes) Linux/x86 - zsh TCP Port 9090 Bind Shellcode (96 bytes) Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Command Execution D-Link DSR Router Series - Remote Root Shell D-Link DSR Router Series - Remote Command Execution Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities Alcatel Lucent Omnivista 4760 - Multiple Cross-Site Scripting Vulnerabilities ALCASAR 2.8.1 - Remote Root Code Execution ALCASAR 2.8.1 - Remote Code Execution SevOne NMS 5.3.6.0 - Remote Root Exploit SevOne NMS 5.3.6.0 - Remote Command Execution Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution Iris ID IrisAccess ICU 7000-2 - Remote Command Execution NUUO NVRmini 2 3.0.8 - Remote Root Exploit NUUO NVRmini 2 3.0.8 - Remote Code Execution EyeLock nano NXT 3.5 - Remote Root Exploit EyeLock nano NXT 3.5 - Remote Code Execution InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Command Execution	2016-12-06 05:01:19 +00:00
Offensive Security	aa4fced35c	DB: 2016-12-05	2016-12-05 05:01:20 +00:00
Offensive Security	0a2e79b884	DB: 2016-12-04 2 new exploits FreeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated FreeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow (PoC) FreeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow (PoC) FreeSSHd 1.2.4 - Denial of Service freeSSHd 1.2.4 - Denial of Service FreeSSHd - Denial of Service (PoC) freeSSHd - Denial of Service (PoC) onehttpd 0.7 - Denial of Service OneHTTPD 0.7 - Denial of Service FreeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service freeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service FreeSSHd 1.3.1 - Denial of Service freeSSHd 1.3.1 - Denial of Service Microsoft Internet Explorer 9 < 11 - MSHTML 'PROPERTYDESC::HandleStyleComponentProperty' Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 9/10/11 - MSHTML 'PROPERTYDESC::HandleStyleComponentProperty' Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 8 / 9 / 10 / 11 - MSHTML 'DOMImplementation' Type Confusion (MS16-009) Microsoft Internet Explorer 8/9/10/11 - MSHTML 'DOMImplementation' Type Confusion (MS16-009) Microsoft Windows 8.0 < 8.1 (x64) - 'TrackPopupMenu' Privilege Escalation (MS14-058) Microsoft Windows 8.0/8.1 (x64) - 'TrackPopupMenu' Privilege Escalation (MS14-058) FreeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow freeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow FreeSSHd 1.2.1 - Authenticated Remote SEH Overflow freeSSHd 1.2.1 - Authenticated Remote SEH Overflow FreeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH) freeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH) FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) FreeSSHd 2.1.3 - Remote Authentication Bypass freeSSHd 2.1.3 - Remote Authentication Bypass FreeSSHd 1.2.6 - Authentication Bypass (Metasploit) freeSSHd 1.2.6 - Authentication Bypass (Metasploit) Microsoft Internet Explorer 8<11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 8/9/10/11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution Joomla! Component com_mycontent 1.1.13 - Blind SQL Injection Joomla! Component MyContent 1.1.13 - Blind SQL Injection Xfinity Gateway - Remote Code Execution	2016-12-04 05:01:23 +00:00
Offensive Security	4b3da08aa9	DB: 2016-12-03 1 new exploits PHP - wddx_deserialize() String Append Crash PHP 5 - wddx_deserialize() String Append Crash PHP - 'PHP_gd2.dll' imagepsloadfont Local Buffer Overflow (PoC) PHP 5.2.3 - 'PHP_gd2.dll' imagepsloadfont Local Buffer Overflow (PoC) Samba 3.0.27a - send_mailslot() Remote Buffer Overflow Samba 3.0.27a - 'send_mailslot()' Remote Buffer Overflow PHP 5.2.6 - sleep() Local Memory Exhaust Exploit CA Internet Security Suite 2008 - SaveToFile()File Corruption (PoC) PHP 5.2.6 - 'sleep()' Local Memory Exhaust Exploit CA Internet Security Suite 2008 - 'SaveToFile()' File Corruption (PoC) freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated Samba (client) - receive_smb_raw() Buffer Overflow (PoC) FreeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated Samba 3.0.29 (client) - 'receive_smb_raw()' Buffer Overflow (PoC) freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow PoC FreeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow (PoC) freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow PoC FreeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow (PoC) FreeSSHD 1.2.4 - Remote Buffer Overflow Denial of Service FreeSSHd 1.2.4 - Denial of Service Samba - Multiple Denial of Service Vulnerabilities Samba 3.4.7/3.5.1 - Denial of Service FreeSSHd - Crash (PoC) FreeSSHd - Denial of Service (PoC) PHP - Hashtables Denial of Service PHP 5.3.8 - Hashtables Denial of Service freeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service FreeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service freeSSHd 1.3.1 - Denial of Service FreeSSHd 1.3.1 - Denial of Service PHP - SplDoublyLinkedList Unserialize() Use-After-Free PHP 5.4/5.5/5.6 - SplDoublyLinkedList Unserialize() Use-After-Free PHP - SplObjectStorage Unserialize() Use-After-Free PHP 5.4/5.5/5.6 - SplObjectStorage Unserialize() Use-After-Free PHP - Unserialize() Use-After-Free Vulnerabilities PHP 5.4/5.5/5.6 - Unserialize() Use-After-Free Vulnerabilities PHP - 'ini_restore()' Memory Information Disclosure PHP 5.2.10/5.3.0 - 'ini_restore()' Memory Information Disclosure Linux Kernel < 3.4.5 (ARM Android 4.2.2 / 4.4) - Privilege Escalation Linux Kernel < 3.4.5 (Android 4.2.2 / 4.4 ARM) - Privilege Escalation Linux Kernel 3.13 - Privilege Escalation PoC (gid) Linux Kernel 3.13 - Privilege Escalation PoC (SGID) freeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow FreeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow freeSSHd 1.2.1 - Authenticated Remote SEH Overflow FreeSSHd 1.2.1 - Authenticated Remote SEH Overflow FreeSSHd 1.2.1 - (rename) Remote Buffer Overflow (SEH) FreeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH) Samba (Solaris) - lsa_io_trans_names Heap Overflow (Metasploit) Samba (Solaris SPARC) - trans2open Overflow (Metasploit) Samba 3.0.24 (Solaris) - 'lsa_io_trans_names' Heap Overflow (Metasploit) Samba 2.2.8 (Solaris SPARC) - 'trans2open' Overflow (Metasploit) freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit) Samba (Linux) - lsa_io_trans_names Heap Overflow (Metasploit) Samba (Linux/x86) - chain_reply Memory Corruption (Metasploit) Samba (Linux x86) - trans2open Overflow (Metasploit) Samba 3.0.24 (Linux) - 'lsa_io_trans_names' Heap Overflow (Metasploit) Samba 3.3.12 (Linux/x86) - 'chain_reply' Memory Corruption (Metasploit) Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit) Samba (OSX) - lsa_io_trans_names Heap Overflow (Metasploit) Samba (OSX/PPC) - trans2open Overflow (Metasploit) Samba 3.0.10 (OSX) - 'lsa_io_trans_names' Heap Overflow (Metasploit) Samba 2.2.8 (OSX/PPC) - 'trans2open' Overflow (Metasploit) Samba (BSD x86) - trans2open Overflow Exploit (Metasploit) Samba 2.2.8 (BSD x86) - 'trans2open' Overflow Exploit (Metasploit) PHP - CGI Argument Injection (Metasploit) PHP 5.3.12/5.4.2 - CGI Argument Injection (Metasploit) PHP - apache_request_headers Function Buffer Overflow (Metasploit) PHP 5.4.3 - apache_request_headers Function Buffer Overflow (Metasploit) Samba - SetInformationPolicy AuditEventsInfo Heap Overflow (Metasploit) Samba 3.4.16/3.5.14/3.6.4 - SetInformationPolicy AuditEventsInfo Heap Overflow (Metasploit) FreeSSHD 2.1.3 - Remote Authentication Bypass FreeSSHd 2.1.3 - Remote Authentication Bypass FreeSSHD - Authentication Bypass (Metasploit) FreeSSHd 1.2.6 - Authentication Bypass (Metasploit) HP LoadRunner - magentproc.exe Overflow (Metasploit) HP LoadRunner - 'magentproc.exe' Overflow (Metasploit) PHP - 'header()' HTTP Header Injection PHP 5.3.11/5.4.0RC2 - 'header()' HTTP Header Injection VX Search Enterprise 9.0.26 - Buffer Overflow Sync Breeze Enterprise 8.9.24 - Buffer Overflow Dup Scout Enterprise 9.0.28 - Buffer Overflow Disk Sorter Enterprise 9.0.24 - Buffer Overflow Disk Savvy Enterprise 9.0.32 - Buffer Overflow VX Search Enterprise 9.0.26 - 'Login' Buffer Overflow Sync Breeze Enterprise 8.9.24 - 'Login' Buffer Overflow Dup Scout Enterprise 9.0.28 - 'Login' Buffer Overflow Disk Sorter Enterprise 9.0.24 - 'Login' Buffer Overflow Disk Savvy Enterprise 9.0.32 - 'Login' Buffer Overflow VX Search Enterprise 9.1.12 - Buffer Overflow Sync Breeze Enterprise 9.1.16 - Buffer Overflow Disk Sorter Enterprise 9.1.12 - Buffer Overflow Dup Scout Enterprise 9.1.14 - Buffer Overflow Disk Savvy Enterprise 9.1.14 - Buffer Overflow Disk Pulse Enterprise 9.1.16 - Buffer Overflow VX Search Enterprise 9.1.12 - 'Login' Buffer Overflow Sync Breeze Enterprise 9.1.16 - 'Login' Buffer Overflow Disk Sorter Enterprise 9.1.12 - 'Login' Buffer Overflow Dup Scout Enterprise 9.1.14 - 'Login' Buffer Overflow Disk Savvy Enterprise 9.1.14 - 'Login' Buffer Overflow Disk Pulse Enterprise 9.1.16 - 'Login' Buffer Overflow Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow PHP - (php-exec-dir) Patch Command Access Restriction Bypass PHP 4.3.7 - (php-exec-dir) Patch Command Access Restriction Bypass phNNTP 1.3 - (article-raw.php) Remote File Inclusion phNNTP 1.3 - 'article-raw.php' Remote File Inclusion Travelsized CMS 0.4 - (FrontPage.php) Remote File Inclusion Travelsized CMS 0.4 - 'FrontPage.php' Remote File Inclusion Uberghey 0.3.1 - (FrontPage.php) Remote File Inclusion Uberghey 0.3.1 - 'FrontPage.php' Remote File Inclusion BP Blog 7.0 - (default.asp layout) SQL Injection BP Blog 7.0 - 'layout' Parameter SQL Injection Joomla! Component Artist (idgalery) - SQL Injection FlashBlog - (articulo_id) SQL Injection Joomla! Component Artist - 'idgalery' Parameter SQL Injection FlashBlog - 'articulo_id' Parameter SQL Injection AirvaeCommerce 3.0 - 'pid' SQL Injection AirvaeCommerce 3.0 - 'pid' Parameter SQL Injection CMS from Scratch 1.1.3 - (image.php) Directory Traversal CMS from Scratch 1.1.3 - 'image.php' Directory Traversal HiveMaker Professional 1.0.2 - 'cid' SQL Injection HiveMaker Professional 1.0.2 - 'cid' Parameter SQL Injection Social Site Generator - (sgc_id) SQL Injection Social Site Generator 2.0 - 'sgc_id' Parameter SQL Injection PHP Visit Counter 0.4 - (datespan) SQL Injection PassWiki 0.9.16 RC3 - (site_id) Local File Inclusion BP Blog 6.0 - 'id' Blind SQL Injection EasyWay CMS - 'index.php mid' SQL Injection Social Site Generator - (path) Remote File Inclusion Joomla! Component prayercenter 1.4.9 - 'id' SQL Injection Joomla! Component com_biblestudy 1.5.0 - 'id' SQL Injection PHP Visit Counter 0.4 - 'datespan' Parameter SQL Injection PassWiki 0.9.16 RC3 - 'site_id' Parameter Local File Inclusion BP Blog 6.0 - 'id' Parameter Blind SQL Injection EasyWay CMS - 'mid' Parameter SQL Injection Social Site Generator 2.0 - 'path' Parameter Remote File Inclusion Joomla! Component prayercenter 1.4.9 - 'id' Parameter SQL Injection Joomla! Component Bible Study 1.5.0 - 'id' Parameter SQL Injection HiveMaker Directory - 'index.php cid' SQL Injection HiveMaker Directory - 'cid' Parameter SQL Injection Goople 1.8.2 - (FrontPage.php) Blind SQL Injection Goople 1.8.2 - 'FrontPage.php' Blind SQL Injection PsychoStats 3.2.2b - (awards.php id Parameter) Blind SQL Injection PsychoStats 3.2.2b - 'awards.php' Blind SQL Injection PsychoStats 2.x - Login Parameter Cross-Site Scripting PsychoStats 2.3 - Server.php Full Path Disclosure PsychoStats 2.3 - 'Server.php' Full Path Disclosure PsychoStats 3.0.6b - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities PHP - cgimode fpm writeprocmemfile Bypass disable function demo PHP 5.5.9 - cgimode fpm writeprocmemfile Bypass disable function CMSimple - /2author/index.php color Parameter Remote Code Execution CMSimple 4.4.4 - 'color' Parameter Remote Code Execution	2016-12-03 05:01:19 +00:00
Offensive Security	42018b3d96	DB: 2016-12-02	2016-12-02 05:01:20 +00:00
Offensive Security	a5cd225af0	DB: 2016-12-01 7 new exploits Xitami Web Server 5.0a0 - Denial of Service Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (SUID) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition Privilege Escalation (/etc/passwd) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (/etc/passwd) WinPower 4.9.0.4 - Privilege Escalation Internet PhotoShow (page) - Remote File Inclusion Internet PhotoShow 1.3 - 'page' Parameter Remote File Inclusion EQdkp 1.3.0 - (dbal.php) Remote File Inclusion EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion CaLogic Calendars 1.2.2 - 'CLPath' Remote File Inclusion MercuryBoard 1.1.4 - (User-Agent) SQL Injection MercuryBoard 1.1.4 - 'User-Agent' SQL Injection EQdkp 1.3.1 - (Referer Spoof) Remote Database Backup EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup Web Slider 0.6 - (path) Remote File Inclusion Web Slider 0.6 - 'path' Parameter Remote File Inclusion Zomplog 3.8 - (mp3playlist.php speler) SQL Injection Zomplog 3.8 - 'mp3playlist.php' SQL Injection EQdkp 1.3.2 - (listmembers.php rank) SQL Injection EQdkp 1.3.2 - 'listmembers.php' SQL Injection CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection CKGold Shopping Cart 2.0 - 'category.php' Blind SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' Parameter SQL Injection Zomplog 3.8.1 - upload_files.php Arbitrary File Upload Zomplog 3.8.1 - Arbitrary File Upload CMS Made Simple 1.2.2 - (TinyMCE module) SQL Injection CMS Made Simple 1.2.2 Module TinyMCE - SQL Injection Mega File Hosting Script 1.2 - (fid) SQL Injection Mega File Hosting Script 1.2 - 'fid' Parameter SQL Injection CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload AJ HYIP ACME - 'topic_detail.php id' SQL Injection EQDKP 1.3.2f - (user_id) Authentication Bypass (PoC) e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection AJ HYIP ACME - 'topic_detail.php' SQL Injection EQdkp 1.3.2f - 'user_id' Authentication Bypass (PoC) e107 Plugin BLOG Engine 2.2 - 'rid' Parameter Blind SQL Injection CaLogic Calendars 1.2.2 - (langsel) SQL Injection CaLogic Calendars 1.2.2 - 'langsel' Parameter SQL Injection EMO Realty Manager - 'news.php ida' SQL Injection The Real Estate Script - 'dpage.php docID' SQL Injection Linkspile - 'link.php cat_id' SQL Injection Freelance Auction Script 1.0 - (browseproject.php) SQL Injection EMO Realty Manager - 'ida' Parameter SQL Injection The Real Estate Script - 'docID' Parameter SQL Injection Linkspile - 'cat_id' Parameter SQL Injection Freelance Auction Script 1.0 - 'browseproject.php' SQL Injection rgboard 3.0.12 - (Remote File Inclusioni / Cross-Site Scripting) Multiple Vulnerabilities Kostenloses Linkmanagementscript - (page_to_include) Remote File Inclusion rgboard 3.0.12 - Remote File Inclusioni / Cross-Site Scripting Kostenloses Linkmanagementscript - Remote File Inclusion newsmanager 2.0 - (Remote File Inclusion / File Disclosure / SQL Injection / pb) Multiple Vulnerabilities 68 Classifieds 4.0 - (category.php cat) SQL Injection newsmanager 2.0 - Remote File Inclusion / File Disclosure / SQL Injection 68 Classifieds 4.0 - 'category.php' SQL Injection StanWeb.CMS - (default.asp id) SQL Injection StanWeb.CMS - SQL Injection Archangel Weblog 0.90.02 - (post_id) SQL Injection Archangel Weblog 0.90.02 - 'post_id' Parameter SQL Injection WR-Meeting 1.0 - (msnum) Local File Disclosure WR-Meeting 1.0 - 'msnum' Parameter Local File Disclosure FicHive 1.0 - (category) Blind SQL Injection Smeego 1.0 - (Cookie lang) Local File Inclusion FicHive 1.0 - 'category' Parameter Blind SQL Injection Smeego 1.0 - 'Cookie lang' Local File Inclusion TAGWORX.CMS - Multiple SQL Injections TAGWORX.CMS 3.00.02 - Multiple SQL Injections lulieblog 1.2 - Multiple Vulnerabilities AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add Admin easycms 0.4.2 - Multiple Vulnerabilities Lulieblog 1.2 - Multiple Vulnerabilities AlkalinePHP 0.77.35 - 'adduser.php' Arbitrary Add Admin Easycms 0.4.2 - Multiple Vulnerabilities AlkalinePHP 0.80.00 Beta - (thread.php id) SQL Injection AlkalinePHP 0.80.00 Beta - 'thread.php' SQL Injection EntertainmentScript - 'play.php id' SQL Injection EntertainmentScript 1.4.0 - 'play.php' SQL Injection ecms 0.4.2 - (SQL Injection / Security Bypass) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 - (Code Execution / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities ComicShout 2.5 - (index.php comic_id) SQL Injection eCMS 0.4.2 - SQL Injection / Security Bypass Mantis Bug Tracker 1.1.1 - Code Execution / Cross-Site Scripting / Cross-Site Request Forgery ComicShout 2.5 - 'comic_id' Parameter SQL Injection PHP Jokesite 2.0 - 'cat_id' SQL Injection Netious CMS 0.4 - (index.php pageid) SQL Injection PHP Jokesite 2.0 - 'cat_id' Parameter SQL Injection Netious CMS 0.4 - 'pageid' Parameter SQL Injection 6rbScript - 'news.php newsid' SQL Injection webl?sninger 4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities 6rbScript - 'news.php' SQL Injection Weblosninger 4 - Cross-Site Scripting / SQL Injection e107 Plugin BLOG Engine 2.2 - 'uid' Blind SQL Injection Quate CMS 0.3.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting / dt) Multiple Vulnerabilities e107 Plugin BLOG Engine 2.2 - 'uid' Parameter Blind SQL Injection Quate CMS 0.3.4 - Multiple Vulnerabilities RoomPHPlanning 1.5 - (idresa) SQL Injection PHPRaider 1.0.7 - (PHPbb3.functions.php) Remote File Inclusion RoomPHPlanning 1.5 - 'idresa' Parameter SQL Injection PHPRaider 1.0.7 - 'PHPbb3.functions.php' Remote File Inclusion CMS MAXSITE 1.10 - (category) SQL Injection CMS MAXSITE 1.10 - 'category' Parameter SQL Injection CKGold Shopping Cart 2.5 - (category_id) SQL Injection CKGold Shopping Cart 2.5 - 'category_id' Parameter SQL Injection ComicShout 2.8 - (news.php news_id) SQL Injection ComicShout 2.8 - 'news_id' Parameter SQL Injection AJ HYIP ACME - 'news.php id' SQL Injection AJ HYIP ACME - 'news.php' SQL Injection Quate CMS 0.3.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Quate CMS 0.3.4 - Local File Inclusion / Cross-Site Scripting e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection e107 Plugin BLOG Engine 2.2 - 'uid' Parameter SQL Injection AJ HYIP ACME - 'comment.php artid' SQL Injection AJ HYIP ACME - 'readarticle.php artid' SQL Injection AJ HYIP ACME - 'comment.php' SQL Injection AJ HYIP ACME - 'readarticle.php' SQL Injection 6rbScript 3.3 - 'singerid' SQL Injection 6rbScript 3.3 - 'singerid' Parameter SQL Injection 6rbScript 3.3 - (section.php name) Local File Inclusion 6rbScript 3.3 - 'section.php' Local File Inclusion RoomPHPlanning 1.6 - (userform.php) Create Admin User Exploit RoomPHPlanning 1.6 - 'userform.php' Create Admin User Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion Mega File Hosting Script 1.2 - 'url' Parameter Remote File Inclusion Advanced Image Hosting (AIH) 2.3 - (gal) Blind SQL Injection Advanced Image Hosting (AIH) 2.3 - 'gal' Parameter Blind SQL Injection ActiveKB KnowledgeBase - 'loadpanel.php Panel' Local File Inclusion ActiveKB KnowledgeBase - 'Panel' Parameter Local File Inclusion Quate CMS 0.3.5 - (Remote File Inclusioni / Local File Inclusion) Multiple Vulnerabilities Quate CMS 0.3.5 - Remote File Inclusion / Local File Inclusion Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities Zomplog 3.9 - Cross-Site Scripting / Cross-Site Request Forgery YABSoft Advanced Image Hosting Script - SQL Injection Advanced Image Hosting Script - SQL Injection MercuryBoard 1.1 - index.php SQL Injection MercuryBoard 1.1 - 'index.php' SQL Injection CMS Made Simple 0.10 - Lang.php Remote File Inclusion CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion Zomplog 3.3/3.4 - detail.php HTML Injection Zomplog 3.3/3.4 - 'detail.php' HTML Injection CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting CMS Made Simple 1.0.2 - 'SearchInput' Parameter Cross-Site Scripting EQDKP 1.3.1 - Show Variable Cross-Site Scripting EQdkp 1.3.1 - Cross-Site Scripting CMS Made Simple 105 - Stylesheet.php SQL Injection CMS Made Simple 1.0.5 - 'Stylesheet.php' SQL Injection Internet PhotoShow - 'login_admin' Parameter Unauthorized Access 68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'login.php' Cross-Site Scripting 68 Classifieds 4.1 - category.php cat Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'category.php' Cross-Site Scripting 68 Classifieds 4.1 - searchresults.php page Parameter Cross-Site Scripting 68 Classifieds 4.1 - toplistings.php page Parameter Cross-Site Scripting 68 Classifieds 4.1 - viewlisting.php view Parameter Cross-Site Scripting 68 Classifieds 4.1 - viewmember.php member Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'searchresults.php' Cross-Site Scripting 68 Classifieds 4.1 - 'toplistings.php' Cross-Site Scripting 68 Classifieds 4.1 - 'viewlisting.php' Cross-Site Scripting 68 Classifieds 4.1 - 'viewmember.php' Cross-Site Scripting YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload CMS Made Simple Module Download Manager 1.4.1 - Arbitrary File Upload CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload CMS Made Simple Module Antz Toolkit 1.02 - Arbitrary File Upload Zomplog 3.9 - 'message' Parameter Multiple Cross-Site Scripting Vulnerabilities Zomplog 3.9 - 'message' Parameter Cross-Site Scripting YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion Joomla! Component Catalog 1.0.7 - SQL Injection Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection Xfinity Gateway - Cross-Site Request Forgery	2016-12-01 07:48:18 +00:00
Offensive Security	91b12c469e	DB: 2016-11-29 16 new exploits rdesktop 1.5.0 - iso_recv_msg() Integer Underflow (PoC) rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow (PoC) rdesktop 1.5.0 - 'iso_recv_msg()' Integer Underflow (PoC) rdesktop 1.5.0 - 'process_redirect_pdu()' BSS Overflow (PoC) NTP 4.2.8p3 - Denial of Service Microsoft Internet Explorer 8 MSHTML - 'SRunPointer::SpanQualifier/RunType' Out-Of-Bounds Read (MS15-009) Microsoft Internet Explorer 11 MSHTML - 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion Microsoft Internet Explorer 10 MSHTML - 'CEditAdorner::Detach' Use-After-Free (MS13-047) Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type Confusion (MS16-009) Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Linux Kernel 2.6.x < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1) Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1) Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2) Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation TFTP Server 1.4 - Buffer Overflow Remote Exploit (2) TFTP Server 1.4 - Remote Buffer Overflow (2) TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit) TFTP Server 1.4 - ST WRQ Buffer Overflow (Metasploit) Android - 'BadKernel' Remote Code Execution VX Search Enterprise 9.1.12 - Buffer Overflow Sync Breeze Enterprise 9.1.16 - Buffer Overflow Disk Sorter Enterprise 9.1.12 - Buffer Overflow Dup Scout Enterprise 9.1.14 - Buffer Overflow Disk Savvy Enterprise 9.1.14 - Buffer Overflow Disk Pulse Enterprise 9.1.16 - Buffer Overflow Linux/x86 - Egg-hunter Shellcode (25 bytes) Linux/x86 - Egg-hunter Shellcode (31 bytes) RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion CMS Faethon 1.3.2 - 'mainpath' Parameter Remote File Inclusion CMS Faethon 2.0 - (mainpath) Remote File Inclusion CMS Faethon 2.0 - 'mainpath' Parameter Remote File Inclusion SazCart 1.5 - (cart.php) Remote File Inclusion SazCart 1.5 - 'cart.php' Remote File Inclusion Cyberfolio 2.0 RC1 - (av) Remote File Inclusion Cyberfolio 2.0 RC1 - 'av' Parameter Remote File Inclusion FipsCMS 4.5 - (index.asp) SQL Injection FipsCMS 4.5 - 'index.asp' SQL Injection AJ Classifieds 1.0 - (postingdetails.php) SQL Injection AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection RunCMS 1.5.2 - (debug_show.php) SQL Injection RunCMS 1.5.2 - 'debug_show.php' SQL Injection OneCMS 2.4 - (userreviews.php abc) SQL Injection OneCMS 2.4 - 'abc' Parameter SQL Injection RunCMS 1.6 - disclaimer.php Remote File Overwrite RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite PHPEasyData 1.5.4 - 'cat_id' SQL Injection FipsCMS - 'print.asp lg' SQL Injection Galleristic 1.0 - (index.php cat) SQL Injection gameCMS Lite 1.0 - (index.php systemId) SQL Injection PHPEasyData 1.5.4 - 'cat_id' Parameter SQL Injection FipsCMS 2.1 - 'print.asp' SQL Injection Galleristic 1.0 - 'cat' Parameter SQL Injection GameCMS Lite 1.0 - 'systemId' Parameter SQL Injection CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities CMS Faethon 2.2 Ultimate - Remote File Inclusion / Cross-Site Scripting MusicBox 2.3.7 - (artistId) SQL Injection RunCMS 1.6.1 - (msg_image) SQL Injection MusicBox 2.3.7 - 'artistId' Parameter SQL Injection RunCMS 1.6.1 - 'msg_image' Parameter SQL Injection vShare YouTube Clone 2.6 - (tid) SQL Injection vShare YouTube Clone 2.6 - 'tid' Parameter SQL Injection Cyberfolio 7.12 - (rep) Remote File Inclusion miniBloggie 1.0 - (del.php) Arbitrary Delete Post Cyberfolio 7.12 - 'rep' Parameter Remote File Inclusion miniBloggie 1.0 - 'del.php' Arbitrary Delete Post SazCart 1.5.1 - (prodid) SQL Injection SazCart 1.5.1 - 'prodid' Parameter SQL Injection Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting Ktools Photostore 3.5.1 - (gallery.php gid) SQL Injection Ktools Photostore 3.5.1 - 'gid' Parameter SQL Injection Joomla! Component com_datsogallery 1.6 - Blind SQL Injection Joomla! Component Datsogallery 1.6 - Blind SQL Injection Vortex CMS - 'index.php pageid' Blind SQL Injection AJ Article 1.0 - (featured_article.php) SQL Injection AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection Vortex CMS - 'pageid' Parameter Blind SQL Injection AJ Article 1.0 - 'featured_article.php' SQL Injection AJ Auction 6.2.1 - 'classifide_ad.php' SQL Injection clanlite 2.x - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ClanLite 2.x - SQL Injection / Cross-Site Scripting OneCMS 2.5 - (install_mod.php) Local File Inclusion OneCMS 2.5 - 'install_mod.php' Local File Inclusion AJ Auction Web 2.0 - (cate_id) SQL Injection AJ Auction 1.0 - 'id' SQL Injection AJ Auction Web 2.0 - 'cate_id' Parameter SQL Injection AJ Auction 1.0 - 'id' Parameter SQL Injection FipsCMS Light 2.1 - (r) SQL Injection FipsCMS Light 2.1 - 'r' Parameter SQL Injection AJ Auction Pro Platinum Skin - 'detail.php item_id' SQL Injection AJ Auction Pro Platinum Skin - 'item_id' Parameter SQL Injection AJ Auction Pro Platinum - (seller_id) SQL Injection AJ Auction Pro Platinum - 'seller_id' Parameter SQL Injection miniBloggie 1.0 - (del.php) Blind SQL Injection miniBloggie 1.0 - 'del.php' Blind SQL Injection AJ Article - 'featured_article.php mode' SQL Injection AJ ARTICLE - (Authentication Bypass) SQL Injection AJ Article 1.0 - Authentication Bypass Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion Cyberfolio 7.12.2 - 'theme' Parameter Local File Inclusion AJ ARTICLE - Remote Authentication Bypass AJ Article 1.0 - Remote Authentication Bypass MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection MusicBox 2.3.8 - 'viewalbums.php' SQL Injection AJ Auction Pro OOPD 2.3 - 'id' SQL Injection AJ Auction Pro OOPD 2.3 - 'id' Parameter SQL Injection BigACE CMS 2.5 - 'Username' SQL Injection BigACE 2.5 - SQL Injection ZeusCart 2.3 - 'maincatid' SQL Injection ZeusCart 2.3 - 'maincatid' Parameter SQL Injection BigACE CMS 2.6 - (cmd) Local File Inclusion BigACE 2.6 - 'cmd' Parameter Local File Inclusion RunCMS 1.6.3 - (double ext) Remote Shell Injection RunCMS 1.6.3 - Remote Shell Injection AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection AJ Auction Pro OOPD 2.x - 'id' Parameter SQL Injection RunCMS 2m1 - store() SQL Injection RunCMS 2ma - post.php SQL Injection RunCMS 2m1 - 'store()' SQL Injection RunCMS 2ma - 'post.php' SQL Injection AJ Article - Persistent Cross-Site Scripting AJ Article 3.0 - Cross-Site Scripting admidio 2.3.5 - Multiple Vulnerabilities Admidio 2.3.5 - Multiple Vulnerabilities RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection MusicBox 2.3 - Type Parameter SQL Injection MusicBox 2.3 - 'type' Parameter SQL Injection RunCMS 1.x - Bigshow.php Cross-Site Scripting RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting RunCMS 1.2/1.3 - PMLite.php SQL Injection RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection RunCMS 1.x - Ratefile.php Cross-Site Scripting RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin) MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting MusicBox 2.3 - 'index.php' SQL Injection MusicBox 2.3 - 'index.php' Cross-Site Scripting MusicBox 2.3 - 'cart.php' Cross-Site Scripting MusicBox 2.3.4 - Page Parameter SQL Injection MusicBox 2.3.4 - 'page' Parameter SQL Injection MyWebland miniBloggie 1.0 - Fname Remote File Inclusion miniBloggie 1.0 - 'Fname' Remote File Inclusion BigACE 1.8.2 - item_main.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - 'item_main.php' Remote File Inclusion BigACE 1.8.2 - 'upload_form.php' Remote File Inclusion BigACE 1.8.2 - 'download.cmd.php' Remote File Inclusion BigACE 1.8.2 - 'admin.cmd.php' Remote File Inclusion ClanLite - Config-PHP.php Remote File Inclusion ClanLite - 'conf-php.php' Remote File Inclusion FipsCMS 2.1 - PID Parameter SQL Injection FipsCMS 2.1 - 'pid' Parameter SQL Injection RunCMS 1.6.1 - votepolls.php bbPath[path] Parameter Remote File Inclusion RunCMS 1.6.1 - config.php bbPath[root_theme] Parameter Remote File Inclusion RunCMS 1.6.1 - 'bbPath[path]' Parameter Remote File Inclusion RunCMS 1.6.1 - 'bbPath[root_theme]' Parameter Remote File Inclusion FipsCMS 2.1 - 'forum/neu.asp' SQL Injection FipsCMS 2.1 - 'neu.asp' SQL Injection OneCMS 2.6.1 - admin/admin.php cat Parameter Cross-Site Scripting OneCMS 2.6.1 - search.php search Parameter SQL Injection OneCMS 2.6.1 - admin/admin.php Short1 Parameter Cross-Site Scripting OneCMS 2.6.1 - 'cat' Parameter Cross-Site Scripting OneCMS 2.6.1 - 'search' Parameter SQL Injection OneCMS 2.6.1 - 'short1' Parameter Cross-Site Scripting RunCMS 'partners' Module - 'id' Parameter SQL Injection RunCMS Module Partners - 'id' Parameter SQL Injection Zeuscart v.4 - Multiple Vulnerabilities Zeuscart 4.0 - Multiple Vulnerabilities BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal BigACE 2.7.5 - 'LANGUAGE' Parameter Directory Traversal Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting Red Hat JBoss EAP - Deserialization of Untrusted Data	2016-11-29 05:01:20 +00:00
Offensive Security	b1cbed79e4	DB: 2016-11-28 1 new exploits Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC)	2016-11-28 05:01:17 +00:00
Offensive Security	eecfa80164	DB: 2016-11-26 1 new exploits Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation Linux Kernel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation miniweb 0.8.19 - Multiple Vulnerabilities Miniweb 0.8.19 - Multiple Vulnerabilities HLDS WebMod 0.48 - (rconpass) Remote Heap Overflow HLDS WebMod 0.48 - 'rconpass' Remote Heap Overflow bytes interactive Web shopper 1.0/2.0 - Directory Traversal Bytes interactive Web shopper 1.0/2.0 - Directory Traversal interactive story 1.3 - Directory Traversal Interactive story 1.3 - Directory Traversal Linux/x86 - Egg-hunter Shellcode (25 bytes) DeluxeBB 1.06 - (name) SQL Injection (mq=off) DeluxeBB 1.06 - 'name' Parameter SQL Injection (mq=off) DeluxeBB 1.06 - (Attachment mod_mime) Remote Exploit DeluxeBB 1.06 - 'Attachment mod_mime' Remote Exploit DeluxeBB 1.06 - (templatefolder) Remote File Inclusion DeluxeBB 1.06 - 'templatefolder' Parameter Remote File Inclusion DeluxeBB 1.07 - (cp.php) Create Admin Exploit DeluxeBB 1.07 - Remote Create Admin Scout Portal Toolkit 1.4.0 - (forumid) SQL Injection Scout Portal Toolkit 1.4.0 - 'forumid' Parameter SQL Injection interact 2.2 - (CONFIG[base_path]) Remote File Inclusion Interact 2.2 - 'CONFIG[base_path]' Remote File Inclusion DeluxeBB 1.09 - Remote Admin Email Change Exploit DeluxeBB 1.09 - Remote Admin Email Change megabbs forum 2.2 - SQL Injection / Cross-Site Scripting Megabbs Forum 2.2 - SQL Injection / Cross-Site Scripting OxYProject 0.85 - (edithistory.php) Remote Code Execution OxYProject 0.85 - 'edithistory.php' Remote Code Execution interact 2.4.1 - Multiple Remote File Inclusion Joomla! Component Webhosting - 'catid' Blind SQL Injection Interact 2.4.1 - Multiple Remote File Inclusion Joomla! Component Webhosting - 'catid' Parameter Blind SQL Injection vlbook 1.21 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities Vlbook 1.21 - Cross-Site Scripting / Local File Inclusion ItCMS 1.9 - (boxpop.php) Remote Code Execution BlogMe PHP - 'comments.php id' SQL Injection SmartBlog - 'index.php tid' SQL Injection ItCMS 1.9 - 'boxpop.php' Remote Code Execution BlogMe PHP 1.1 - 'comments.php' SQL Injection SmartBlog 1.3 - 'index.php' SQL Injection cplinks 1.03 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ScorpNews 1.0 - (example.php site) Remote File Inclusion Scout Portal Toolkit 1.4.0 - (ParentId) SQL Injection Cplinks 1.03 - Authentication Bypass / SQL Injection / Cross-Site Scripting ScorpNews 1.0 - 'site' Parameter Remote File Inclusion Scout Portal Toolkit 1.4.0 - 'ParentId' Parameter SQL Injection Online Rental Property Script 4.5 - 'pid' SQL Injection Anserv Auction XL - 'viewfaqs.php cat' SQL Injection Kmita Tellfriend 2.0 - (file) Remote File Inclusion Kmita Mail 3.0 - (file) Remote File Inclusion BackLinkSpider (cat_id) - SQL Injection Online Rental Property Script 4.5 - 'pid' Parameter SQL Injection Anserv Auction XL - 'cat' Parameter SQL Injection Kmita Tellfriend 2.0 - 'file' Parameter Remote File Inclusion Kmita Mail 3.0 - 'file' Parameter Remote File Inclusion BackLinkSpider 1.1 - 'cat_id' Parameter SQL Injection deluxebb 1.2 - Multiple Vulnerabilities Pre Shopping Mall 1.1 - (search.php search) SQL Injection DeluxeBB 1.2 - Multiple Vulnerabilities Pre Shopping Mall 1.1 - 'search.php' SQL Injection Interact E-Learning System 2.4.1 - (help.php) Local File Inclusion Interact 2.4.1 - 'help.php' Local File Inclusion ItCMS 2.1a - (Authentication Bypass) SQL Injection ItCMS 2.1a - Authentication Bypass DeluxeBB 1.3 - (qorder) SQL Injection DeluxeBB 1.3 - 'qorder' Parameter SQL Injection Online Rental Property Script 5.0 - 'pid' SQL Injection Online Rental Property Script 5.0 - 'pid' Parameter SQL Injection phpDirectorySource - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities phpDirectorySource 1.0 - Cross-Site Scripting / SQL Injection open auto Classifieds 1.5.9 - Multiple Vulnerabilities Open Auto Classifieds 1.5.9 - Multiple Vulnerabilities deluxebb 1.3 - Multiple Vulnerabilities DeluxeBB 1.3 - Multiple Vulnerabilities DeluxeBB 1.0 - topic.php tid Parameter SQL Injection DeluxeBB 1.0 - misc.php uid Parameter SQL Injection DeluxeBB 1.0 - forums.php fid Parameter SQL Injection DeluxeBB 1.0 - pm.php uid Parameter SQL Injection DeluxeBB 1.0 - newpost.php fid Parameter SQL Injection DeluxeBB 1.0 - 'topic.php' SQL Injection DeluxeBB 1.0 - 'misc.php' SQL Injection DeluxeBB 1.0 - 'forums.php' SQL Injection DeluxeBB 1.0 - 'pm.php' SQL Injection DeluxeBB 1.0 - 'newpost.php' SQL Injection Scout Portal Toolkit 1.3.1 - SPT-QuickSearch.php Multiple Parameter Cross-Site Scripting Scout Portal Toolkit 1.3.1 - SPT-BrowseResources.php ParentId Parameter Cross-Site Scripting Scout Portal Toolkit 1.3.1 - SPT-AdvancedSearch.php Multiple Parameter Cross-Site Scripting Scout Portal Toolkit 1.3.1 - SPT-UserLogin.php Multiple Parameter SQL Injection Scout Portal Toolkit 1.3.1 - 'SPT-QuickSearch.php' Cross-Site Scripting Scout Portal Toolkit 1.3.1 - 'SPT-BrowseResources.php' Cross-Site Scripting Scout Portal Toolkit 1.3.1 - 'SPT-AdvancedSearch.php' Cross-Site Scripting Scout Portal Toolkit 1.3.1 - 'SPT-UserLogin.php' SQL Injection Pre Shopping Mall 1.0 - Multiple Input Validation Vulnerabilities DeluxeBB 1.09 - Sig.php Remote File Inclusion DeluxeBB 1.09 - 'Sig.php' Remote File Inclusion BackLinkSpider 1.3.1774 - Multiple Cross-Site Scripting Vulnerabilities	2016-11-26 05:01:22 +00:00
Offensive Security	b3a7c78388	DB: 2016-11-25 4 new exploits Groupwise 7.0 - (mailto: scheme) Buffer Overflow (PoC) Groupwise 7.0 - 'mailto: scheme' Buffer Overflow (PoC) Remote Utilities Host 6.3 - Denial of Service Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) GNU Wget < 1.18 - Access List Bypass / Race Condition miniBB - 'user' Input Validation Hole MiniBB 1.7f - 'user' Parameter SQL Injection TR Newsportal 0.36tr1 - (poll.php) Remote File Inclusion TR Newsportal 0.36tr1 - 'poll.php' Remote File Inclusion PHP Forge 3 Beta 2 - (cfg_racine) Remote File Inclusion PHP Forge 3 Beta 2 - 'cfg_racine' Parameter Remote File Inclusion miniBB keyword_replacer 1.0 - (pathToFiles) File Inclusion MiniBB keyword_replacer 1.0 - 'pathToFiles' Parameter File Inclusion miniBB 2.0.2 - (bb_func_txt.php) Remote File Inclusion MiniBB 2.0.2 - 'bb_func_txt.php' Remote File Inclusion W1L3D4 philboard 0.2 - (W1L3D4_bolum.asp forumid) SQL Injection W1L3D4 philboard 0.2 - 'W1L3D4_bolum.asp' SQL Injection miniBB 2.1 - (table) SQL Injection MiniBB 2.1 - 'table' Parameter SQL Injection Joovili 3.0.6 - (joovili.images.php) Remote File Disclosure Joovili 3.0.6 - 'joovili.images.php' Remote File Disclosure Apartment Search Script - 'listtest.php r' SQL Injection XOOPS Module Recipe - 'detail.php id' SQL Injection Aterr 0.9.1 - (class) Local File Inclusion (PHP5) W1L3D4 philboard 1.0 - (philboard_reply.asp) SQL Injection Apartment Search Script - 'listtest.php' SQL Injection XOOPS Module Recipe 2.2 - 'detail.php' SQL Injection Aterr 0.9.1 - Local File Inclusion (PHP5) W1L3D4 philboard 1.0 - 'philboard_reply.asp' SQL Injection KubeLance 1.6.4 - (ipn.php i) Local File Inclusion acidcat CMS 3.4.1 - Multiple Vulnerabilities BlogWorx 1.0 - (view.asp id) SQL Injection Crazy Goomba 1.2.1 - 'id' SQL Injection RedDot CMS 7.5 - (LngId) SQL Injection TR News 2.1 - (nb) SQL Injection KubeLance 1.6.4 - 'ipn.php' Local File Inclusion Acidcat CMS 3.4.1 - Multiple Vulnerabilities BlogWorx 1.0 - 'id' Parameter SQL Injection Crazy Goomba 1.2.1 - 'id' Parameter SQL Injection RedDot CMS 7.5 - 'LngId' Parameter SQL Injection TR News 2.1 - 'nb' Parameter SQL Injection E RESERV 2.1 - (index.php ID_loc) SQL Injection Joomla! Component Filiale 1.0.4 - (idFiliale) SQL Injection E RESERV 2.1 - 'index.php' SQL Injection Joomla! Component Filiale 1.0.4 - 'idFiliale' Parameter SQL Injection minibb 2.2 - (Cross-Site Scripting / SQL Injection / Full Path Disclosure) Multiple Vulnerabilities PostNuke Module PostSchedule - (eid) SQL Injection MiniBB 2.2 - Cross-Site Scripting / SQL Injection / Full Path Disclosure PostNuke Module PostSchedule 1.0 - 'eid' Parameter SQL Injection Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Siteman 2.x - Code Execution / Local File Inclusion / Cross-Site Scripting PHP Forge 3 Beta 2 - 'id' SQL Injection PHP Forge 3 Beta 2 - 'id' Parameter SQL Injection megabbs forum 2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Jokes Site Script - 'jokes.php?catagorie' SQL Injection FluentCMS - 'view.php sid' SQL Injection megabbs forum 2.2 - SQL Injection / Cross-Site Scripting Jokes Site Script - 'jokes.php' SQL Injection FluentCMS - 'view.php' SQL Injection Prozilla Hosting Index - 'Directory.php cat_id' SQL Injection Softbiz Web Host Directory Script (host_id) - SQL Injection Joovili 3.1 - (browse.videos.php category) SQL Injection Prozilla Hosting Index - 'cat_id' Parameter SQL Injection Softbiz Web Host Directory Script - 'host_id' Parameter SQL Injection Joovili 3.1 - 'browse.videos.php' SQL Injection w1l3d4 philboard 1.2 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities W1L3D4 philboard 1.2 - Blind SQL Injection / Cross-Site Scripting apartment search script - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities Apartment Search Script - Arbitrary File Upload / Cross-Site Scripting Mini Web Calendar 1.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Mini Web Calendar 1.2 - File Disclosure / Cross-Site Scripting Prozilla Hosting Index - 'id' SQL Injection Prozilla Hosting Index - 'id' Parameter SQL Injection web Calendar system 3.12/3.30 - Multiple Vulnerabilities Web Calendar System 3.12/3.30 - Multiple Vulnerabilities Web Calendar 4.1 - (Authentication Bypass) SQL Injection Web Calendar 4.1 - Authentication Bypass web Calendar system 3.40 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Web Calendar System 3.40 - Cross-Site Scripting / SQL Injection KubeLance - 'profile.php?id' SQL Injection KubeLance 1.7.6 - 'profile.php' SQL Injection Clever Copy 2.0 - calendar.php Cross-Site Scripting Clever Copy 2.0 - 'calendar.php' Cross-Site Scripting Clever Copy 2.0 - results.php Multiple Parameter Cross-Site Scripting Clever Copy 2.0 - categorysearch.php Multiple Parameter Cross-Site Scripting Clever Copy 2.0 - 'results.php' Cross-Site Scripting Clever Copy 2.0 - 'categorysearch.php' Cross-Site Scripting Acidcat CMS 2.1.13 - default.asp ID Parameter SQL Injection Acidcat CMS 2.1.13 - acidcat.mdb Remote Information Disclosure Acidcat CMS 2.1.13 - 'ID' Parameter SQL Injection Acidcat CMS 2.1.13 - 'acidcat.mdb' Remote Information Disclosure ODFaq 2.1 - faq.php SQL Injection ODFaq 2.1 - 'faq.php' SQL Injection MiniBB 1.5 - news.php Remote File Inclusion MiniBB 1.5 - 'news.php' Remote File Inclusion W1L3D4 philboard 0.3 - W1L3D4_Aramasonuc.asp Cross-Site Scripting W1L3D4 philboard 0.3 - Cross-Site Scripting Proverbs Web Calendar 1.1 - Password Parameter SQL Injection Proverbs Web Calendar 1.1 - 'Password' Parameter SQL Injection Chimaera Project Aterr 0.9.1 - Multiple Local File Inclusion miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusion DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting eZoneScripts Apartment Search Script - 'listtest.php' SQL Injection miniBB 3.1 - Blind SQL Injection MiniBB 3.1 - Blind SQL Injection Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting	2016-11-25 05:01:20 +00:00
Offensive Security	38038a7128	DB: 2016-11-24 6 new exploits Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow UCanCode - Multiple Vulnerabilities Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2) Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1) Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service (PoC) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (1) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (2) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (1) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (2) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation (3) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC) (1) Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation (2) Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC) Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Privilege Escalation Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation Linux Kernel 2.6.30 < 2.6.30.1 / SELinux (RHEL 5) - Privilege Escalation Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Privilege Escalation (2) Linux Kernel 2.6.18 - 'move_pages()' Information Leak Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation Windows x64 - Download & Execute Shellcode (358 bytes)	2016-11-24 05:01:19 +00:00
Offensive Security	32fc589910	DB: 2016-11-23 8 new exploits xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC) Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC) 3Com OfficeConnect Routers - Denial of Service (Content-Type) 3Com OfficeConnect Routers - (Content-Type) Denial of Service xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow Divx Player - Denial of Service Divx Player 6.8.2 - Denial of Service Microsoft Word (Win/Mac) - Crash (PoC) Microsoft Word (Windows/OSX) - Crash (PoC) TP-LINK TDDP - Multiple Vulnerabilities Microsoft Internet Explorer 8 MSHTML - 'Ptls5::LsFindSpanVisualBoundaries' Memory Corruption Office 2008 sp0 - RTF pFragments MAC Exploit Microsoft Office 2008 SP0 (Mac) - RTF pFragments Exploit Huawei UTPS - Unquoted Service Path Privilege Escalation xine-lib 1.1 - (media player library) Remote Format String Xine-Lib 1.1 - (media player library) Remote Format String Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite 3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting 3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Parameter Cross-Site Scripting xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities Xine-Lib 1.1.11 - Multiple Heap Based Remote Buffer Overflow Vulnerabilities Crestron AM-100 - Multiple Vulnerabilities Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) Simple Machines Forum 1.0.4 - (modify) SQL Injection Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL Injection PHP-Fusion 6.00.109 - (msg_send) SQL Injection PHP-Fusion 6.00.109 - 'msg_send' Parameter SQL Injection PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection PHP-Fusion 6.00.306 - (srch_where) SQL Injection PHP-Fusion 6.00.306 - 'srch_where' Parameter SQL Injection Simple Machines Forum 1.1 rc2 (Windows) - (lngfile) Remote Exploit Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploit Simple Machines Forum 1.1 rc2 - Lock Topics Remote Exploit Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion Virtual Law Office - (phpc_root_path) Remote File Inclusion Virtual Law Office - 'phpc_root_path' Remote File Inclusion AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion AllMyGuests 0.3.0 - 'AMG_serverpath' Parameter Remote File Inclusion Simple Machines Forum 1.1.3 - Blind SQL Injection Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection BosClassifieds 3.0 - (index.php cat) SQL Injection BosNews 4.0 - (article) SQL Injection BosClassifieds 3.0 - 'index.php' SQL Injection BosNews 4.0 - 'article' Parameter SQL Injection Classifieds Caffe - 'index.php cat_id' SQL Injection Classifieds Caffe - 'cat_id' Parameter SQL Injection carbon communities 2.4 - Multiple Vulnerabilities XplodPHP AutoTutorials 2.1 - 'id' SQL Injection Carbon Communities 2.4 - Multiple Vulnerabilities XplodPHP AutoTutorials 2.1 - 'id' Parameter SQL Injection Grape Statistics 0.2a - (location) Remote File Inclusion 5th Avenue Shopping Cart - 'category_id' SQL Injection Grape Statistics 0.2a - 'location' Parameter Remote File Inclusion 5th Avenue Shopping Cart - 'category_id' Parameter SQL Injection PhShoutBox 1.5 - (final) Insecure Cookie Handling Simple Customer 1.2 - (contact.php id) SQL Injection AllMyGuests 0.4.1 - (AMG_id) SQL Injection PhShoutBox 1.5 - Insecure Cookie Handling Simple Customer 1.2 - 'contact.php' SQL Injection AllMyGuests 0.4.1 - 'AMG_id' Parameter SQL Injection Simple Machines Forum 1.1.4 - SQL Injection Simple Machines Forum (SMF) 1.1.4 - SQL Injection virtual support office-xp 3.0.29 - Multiple Vulnerabilities Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities PHP-Fusion Mod Classifieds - (lid) SQL Injection PHP-Fusion Mod Classifieds - 'lid' Parameter SQL Injection Simple Machines Forum 1.1.5 (Windows x86) - Admin Reset Password Exploit Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit PHP-Fusion Mod freshlinks - (linkid) SQL Injection PHP-Fusion Mod freshlinks - 'linkid' Parameter SQL Injection PHP-Fusion Mod manuals - (manual) SQL Injection PHP-Fusion Mod manuals - 'manual' Parameter SQL Injection PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection PHP-Fusion Mod triscoop_race_system - 'raceid' Parameter SQL Injection BosDev BosClassifieds - 'cat_id' SQL Injection BosClassifieds - 'cat_id' SQL Injection Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution PHP-Fusion 7.00.1 - (messages.php) SQL Injection PHP-Fusion 7.00.1 - 'messages.php' SQL Injection Check New 4.52 - (findoffice.php search) SQL Injection Check New 4.52 - 'findoffice.php search' SQL Injection PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection PHP-Fusion Mod the_kroax (comment_id) - SQL Injection PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload Simple Machines Forums - (BBCode) Cookie Stealing Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing PHP-Fusion Mod Book Panel - (bookid) SQL Injection PHP-Fusion Mod Book Panel - 'bookid' Parameter SQL Injection PHP-Fusion Mod Book Panel - (course_id) SQL Injection PHP-Fusion Mod Book Panel - 'course_id' Parameter SQL Injection Opencart 1.1.8 - (route) Local File Inclusion Opencart 1.1.8 - 'route' Local File Inclusion exjune officer message system 1 - Multiple Vulnerabilities Exjune Officer Message System 1 - Multiple Vulnerabilities Simple Machines Forum - Multiple Security Vulnerabilities Simple Machines Forum (SMF) - Multiple Security Vulnerabilities PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection PHP-Fusion 6.01.15.4 - 'downloads.php' SQL Injection Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute (PoC) Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC) PHP-fusion dsmsf - (module downloads) SQL Injection PHP-fusion dsmsf Mod Downloads - SQL Injection Group Office - (comment_id) SQL Injection Group Office - 'comment_id' SQL Injection PHP-Fusion MG - User-Fotoalbum SQL Injection PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection Simple Machines forum (SMF) 2.0 - session Hijacking Simple Machines Forum (SMF) 2.0 - Session Hijacking AllMyGuests 0.x - info.inc.php Arbitrary Code Execution AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution Simple Machines Forum 1.0 - Size Tag HTML Injection Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection OpenCart 1.5.5.1 - (FileManager.php) Directory Traversal Arbitrary File Access OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access PHP-Fusion 4.0 - Viewthread.php Information Disclosure PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure PHP-Fusion 4/5 - Setuser.php HTML Injection PHP-Fusion 4/5 - 'Setuser.php' HTML Injection PHP-Fusion 4.0/5.0/6.0 - messages.php SQL Injection PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection PHP-Fusion 6.0.109 - messages.php SQL Injection PHP-Fusion 6.0.109 - 'messages.php' SQL Injection PHP-Fusion 6.0 - members.php Cross-Site Scripting PHP-Fusion 6.0 - 'members.php' Cross-Site Scripting PHP-Fusion 6.0.x - news.php SQL Injection PHP-Fusion 6.0.x - 'news.php' SQL Injection Simple Machines Forum 1.0/1.1 - 'index.php' Cross-Site Scripting Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scripting PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection Simple Machines Forum 1.1.4 - Multiple Remote File Inclusion Simple Machines Forum (SMF) 1.1.4 - Multiple Remote File Inclusion Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass Simple Machines Forum (SMF) 1.1.6 - HTTP POST Request Filter Security Bypass OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection PHP-Fusion - 'articles.php' Cross-Site Scripting AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload WordPress Plugin Dharma booking 2.38.3 - File Inclusion WordPress Plugin Dharma Booking 2.38.3 - File Inclusion EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection	2016-11-23 05:01:19 +00:00
Offensive Security	dab1517032	DB: 2016-11-22 13 new exploits Borland Interbase 2007 - ibserver.exe Buffer Overflow (PoC) Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC) Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference Linux Kernel 4.8.0-22 / 3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Microsoft Edge Scripting Engine - Memory Corruption (MS16-129) Microsoft Edge - 'CTextExtractor::GetBlockText' Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 8 jscript - 'RegExpBase::FBadHeader' Use-After-Free (MS15-018) NTP 4.2.8p8 - Denial of Service Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow Borland Interbase 2007 - PWD_db_aliased Buffer Overflow (Metasploit) Borland Interbase 2007 - 'PWD_db_aliased' Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - 'open_marker_file' Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 sp2 - 'jrd8_create_database' Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - 'INET_connect' Buffer Overflow (Metasploit) Borland Interbase - isc_create_database() Buffer Overflow (Metasploit) Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit) Borland Interbase - isc_attach_database() Buffer Overflow (Metasploit) Borland Interbase - 'isc_attach_database()' Buffer Overflow (Metasploit) Borland Interbase - SVC_attach() Buffer Overflow (Metasploit) Borland Interbase - 'SVC_attach()' Buffer Overflow (Metasploit) Borland Interbase - Create-Request Buffer Overflow (Metasploit) Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit) Borland Interbase - PWD_db_aliased() Buffer Overflow (Metasploit) Borland Interbase - open_marker_file() Buffer Overflow (Metasploit) Borland Interbase - 'PWD_db_aliased()' Buffer Overflow (Metasploit) Borland Interbase - 'open_marker_file()' Buffer Overflow (Metasploit) Borland Interbase - jrd8_create_database() Buffer Overflow (Metasploit) Borland Interbase - INET_connect() Buffer Overflow (Metasploit) Borland Interbase - 'jrd8_create_database()' Buffer Overflow (Metasploit) Borland Interbase - 'INET_connect()' Buffer Overflow (Metasploit) Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) phpunity.postcard - (gallery_path) Remote File Inclusion phpunity.postcard - 'gallery_path' Parameter Remote File Inclusion CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion CcMail 1.0.1 - 'functions_dir' Parameter Remote File Inclusion 1024 CMS 0.7 - (download.php item) Remote File Disclosure 1024 CMS 0.7 - 'download.php' Remote File Disclosure cpCommerce 1.1.0 - (category.php id_category) SQL Injection CPCommerce 1.1.0 - 'id_category' Parameter SQL Injection 1024 CMS 1.3.1 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities 1024 CMS 1.3.1 - Local File Inclusion / SQL Injection Mole 2.1.0 - (viewsource.php) Remote File Disclosure ChartDirector 4.1 - (viewsource.php) File Disclosure 724CMS 4.01 Enterprise - (index.php ID) SQL Injection My Gaming Ladder 7.5 - (ladderid) SQL Injection Mole 2.1.0 - 'viewsource.php' Remote File Disclosure ChartDirector 4.1 - 'viewsource.php' File Disclosure 724CMS 4.01 Enterprise - 'index.php' SQL Injection My Gaming Ladder 7.5 - 'ladderid' Parameter SQL Injection exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities Pligg CMS 9.9.0 - (editlink.php id) SQL Injection ExBB 0.22 - Local / Remote File Inclusion Pligg CMS 9.9.0 - 'editlink.php' SQL Injection Prediction Football 1.x - (matchid) SQL Injection Prediction Football 1.x - 'matchid' Parameter SQL Injection Free Photo Gallery Site Script - (path) File Disclosure Free Photo Gallery Site Script - 'path' Parameter File Disclosure LiveCart 1.1.1 - (category id) Blind SQL Injection Ksemail - 'index.php language' Local File Inclusion LiveCart 1.1.1 - 'id' Parameter Blind SQL Injection Ksemail - Local File Inclusion RX Maxsoft - 'popup_img.php fotoID' SQL Injection PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection RX Maxsoft - 'fotoID' Parameter SQL Injection PHPKB Knowledge Base Software 1.5 - 'ID' Parameter SQL Injection Pollbooth 2.0 - (pollID) SQL Injection cpcommerce 1.1.0 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities Pollbooth 2.0 - 'pollID' Parameter SQL Injection CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion SmallBiz eShop - (content_id) SQL Injection SmallBiz eShop - 'content_id' Parameter SQL Injection lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection PostcardMentor - 'cat_fldAuto' Parameter SQL Injection Pligg CMS 9.9.0 - (story.php id) SQL Injection Pligg CMS 9.9.0 - 'story.php' SQL Injection LokiCMS 0.3.4 - writeconfig() Remote Command Execution LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass CPCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass cpCommerce 1.2.8 - (id_document) Blind SQL Injection CPCommerce 1.2.8 - 'id_document' Parameter Blind SQL Injection cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure ChartDirector 5.0.1 - 'cacheId' Parameter Arbitrary File Disclosure Pligg CMS 1.0.4 - (story.php?id) SQL Injection Pligg CMS 1.0.4 - 'story.php' SQL Injection 724CMS 4.59 Enterprise - SQL Injection 724CMS Enterprise 4.59 - SQL Injection lightneasy 3.2.2 - Multiple Vulnerabilities LightNEasy 3.2.2 - Multiple Vulnerabilities My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injection Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection PhotoKorn 1.53/1.54 - postcard.php id Parameter SQL Injection PhotoKorn 1.53/1.54 - 'id' Parameter SQL Injection CPCommerce 1.1 - Manufacturer.php SQL Injection CPCommerce 1.1 - 'manufacturer.php' SQL Injection LiveCart 1.0.1 - user/remindPassword return Parameter Cross-Site Scripting LiveCart 1.0.1 - category q Parameter Cross-Site Scripting LiveCart 1.0.1 - order return Parameter Cross-Site Scripting LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'q' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'email' Parameter Cross-Site Scripting Pligg CMS 1.x - module.php Multiple Parameter Cross-Site Scripting Pligg CMS 1.x - 'module.php' Multiple Parameter Cross-Site Scripting Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection CMS Made Simple 2.1.5 - Cross-Site Scripting Atlassian Confluence AppFusions Doxygen 1.3.0 - Directory Traversal WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery Mezzanine 4.2.0 - Cross-Site Scripting LEPTON 2.2.2 - SQL Injection LEPTON 2.2.2 - Remote Code Execution FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery FUDforum 3.0.6 - Local File Inclusion Wordpress Plugin Olimometer 2.56 - SQL Injection	2016-11-22 05:01:18 +00:00
Offensive Security	4c5719d98f	DB: 2016-11-21 2 new exploits ScriptCase 8.1.053 - Multiple Vulnerabilities CMS Made Simple 2.1.5 - Cross-Site Scripting	2016-11-21 05:01:19 +00:00
Offensive Security	9349284ea2	DB: 2016-11-20	2016-11-20 05:01:20 +00:00
Offensive Security	8948e76c12	DB: 2016-11-19 14 new exploits Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Windows - 'Jolt2.c' Denial of Service Microsoft Windows - 'Jolt2.c' Denial of Service (MS00-029) Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019) Ventrilo 2.3.0 - Remote Denial of Service (All Platforms) Ventrilo 2.3.0 (All Platforms) - Remote Denial of Service Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1) Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1) Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2) Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2) Microsoft Windows Vista - Access Violation from Limited Account Exploit (BSoD) Microsoft Windows Vista - Access Violation from Limited Account Exploit (Blue Screen of Death) Microsoft Windows 2003 - '.EOT' BSOD Crash Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote BSOD Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063) Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution (Metasploit) Microsoft Windows 2000<2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Google Chrome 4.1 - OOB Array Indexing Google Chrome 4.1 - Out-of-Bounds Array Indexing Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow 10-020 (PoC) Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) CommView 6.1 (Build 636) - Local Denial of Service (BSOD) CommView 6.1 (Build 636) - Local Denial of Service (Blue Screen of Death) Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051) Microsoft Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051) Microsoft Cinepak Codec CVDecompress - Heap Overflow Microsoft Cinepak Codec CVDecompress - Heap Overflow (MS10-055) Microsoft Unicode Scripts Processor - Remote Code Execution Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063) Microsoft Office - HtmlDlgHelper Class Memory Corruption Microsoft Office - HtmlDlgHelper Class Memory Corruption (MS10-071) Microsoft Plug and Play Service - Overflow Exploit (Metasploit) Microsoft Plug and Play Service - Overflow Exploit (MS05-039) (Metasploit) Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC) Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC) (MS11-02) Microsoft HyperV - Persistent Denial of Service Microsoft HyperV - Persistent Denial of Service (MS11-047) Crush FTP 5 - 'APPE' command Remote JVM BSOD (PoC) Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC) Microsoft WINS Service 5.2.3790.4520 - Memory Corruption Microsoft WINS - ECommEndDlg Input Validation Error Microsoft WINS Service 5.2.3790.4520 - Memory Corruption (MS11-035) Microsoft WINS - ECommEndDlg Input Validation Error (MS11-035/MS11-070) Win32k - Null Pointer De-reference PoC (MS11-077) Microsoft Win32k - Null Pointer De-reference PoC (MS11-077) Winows 7 keylayout - Blue Screen Microsoft Winows 7 - Keyoard Layout Blue Screen of Death (MS10-073) Apple Safari - GdiDrawStream BSoD Apple Safari - GdiDrawStream Blue Screen of Death PeerBlock 1.1 - BSOD Exploit PeerBlock 1.1 - Blue Screen of Death Exploit .NET Framework EncoderParameter - Integer Overflow Microsoft .NET Framework EncoderParameter - Integer Overflow (MS12-025) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034) Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050) Microsoft Windows Media Services 4.0/4.1 - Denial of Service Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038) Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (2) Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (MS00-040) (2) Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service (MS00-070) Microsoft IIS 4.0/5.0 - FTP Denial of Service Microsoft IIS 4.0/5.0 - FTP Denial of Service (MS01-026) Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031) Microsoft Windows XP/2000 - showHelp CHM File Execution Microsoft Windows XP/2000 - showHelp '.CHM' File Execution (MS03-004) Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012) DirectShow - Arbitrary Memory Overwrite (MS13-056) Microsoft DirectShow - Arbitrary Memory Overwrite (MS13-056) Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1) Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (MS08-025) (1) Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow (MS11-083) Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads (MS15-021) Google Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow Google Chrome - open-vcdiff Out-of-Bounds Read in Browser Process Integer Overflow Avast! - OOB Write Decrypting PEncrypt Packed executables Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007) Microsoft Office / COM Object - 'WMALFXGFXDSP.dll' DLL Planting (MS16-007) Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type Apple Mac OSX Kernel - Out-of-Bounds Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type Microsoft Edge - 'Array.splice' Heap Overflow Moxa SoftCMS 1.5 - Denial of Service (PoC) Microsoft Edge - 'FillFromPrototypes' Type Confusion Microsoft Edge - 'Array.filter' Info Leak Microsoft Edge - 'Array.reverse' Overflow Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow Microsoft Windows 2000 - Utility Manager Privilege Elevation Exploit (MS04-019) Microsoft Windows 2000 - POSIX Subsystem Privilege Escalation (MS04-020) Microsoft Windows 2000 - Universal Language Utility Manager Exploit (MS04-019) Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Windows 2000 - Utility Manager All-in-One Exploit (MS04-019) Microsoft Windows Server 2000 - Utility Manager Privilege Elevation Exploit (MS04-019) Microsoft Windows Server 2000 - POSIX Subsystem Privilege Escalation (MS04-020) Microsoft Windows Server 2000 - Universal Language Utility Manager Exploit (MS04-019) Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Windows Server 2000 - Utility Manager All-in-One Exploit (MS04-019) Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055) Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055) Microsoft Windows 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Excel - 0x5D record Stack Overflow Microsoft Excel - 0x5D record Stack Overflow (MS10-038) Win32k - Keyboard Layout (MS10-073) Microsoft Win32k - Keyboard Layout (MS10-073) Adobe - Doc.media.newPlayer Use-After-Free (1) Adobe - 'util.printf()' Buffer Overflow (1) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1) Adobe - 'util.printf()' Buffer Overflow (Metasploit) (1) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (1) Adobe - JBIG2Decode Memory Corruption (1) Adobe - Collab.getIcon() Buffer Overflow (1) Adobe Flash Player - 'newfunction' Invalid Pointer Use (1) Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (Metasploit) Adobe - JBIG2Decode Memory Corruption (Metasploit) (1) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1) Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (1) Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (MS09-032/MS09-037) (Metasploit) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2) Media Jukebox 8.0.400 - Buffer Overflow (SEH) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (2) Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (2) Adobe - Doc.media.newPlayer Use-After-Free (2) Adobe - 'util.printf()' Buffer Overflow (2) Microsoft Excel - Malformed FEATHEADER Record (Metasploit) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (2) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2) Adobe - 'util.printf()' Buffer Overflow (Metasploit) (2) Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (3) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3) WM Downloader 3.1.2.2 - Buffer Overflow (2) WM Downloader 3.1.2.2 - Buffer Overflow (Metasploit) (2) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (2) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (2) Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (Metasploit) Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit) gAlan 0.2.1 - Buffer Overflow (2) Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (Metasploit) gAlan 0.2.1 - Buffer Overflow (Metasploit) (2) Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (MS10-004) (Metasploit) BACnet OPC Client - Buffer Overflow (2) BACnet OPC Client - Buffer Overflow (Metasploit) (2) Adobe - JBIG2Decode Memory Corruption (2) Adobe - JBIG2Decode Memory Corruption (Metasploit) (2) Mini-stream 3.0.1.1 - Buffer Overflow (2) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2) Adobe - Collab.getIcon() Buffer Overflow (2) Adobe PDF - Escape EXE Social Engineering (No JavaScript) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (4) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2) Adobe PDF - Escape EXE Social Engineering (No JavaScript)(Metasploit) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4) Microsoft Word - RTF pFragments Stack Buffer Overflow (File Format) Adobe Flash Player - 'newfunction' Invalid Pointer Use (2) Microsoft Word - '.RTF' pFragments Stack Buffer Overflow (File Format) (MS10-087) (Metasploit) Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (2) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (1) Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit) Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (MS10-028) (Metasploit) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit) Microsoft Excel 2007 SP2 - Buffer Overwrite Microsoft Excel 2007 SP2 - Buffer Overwrite (MS11-021) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (Metasploit) (3) Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021) Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021) (Metasploit) Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) (Metasploit) Microsoft Office 2003 Home/Pro - Code Execution Microsoft Office 2003 Home/Pro - Code Execution (MS10-087) Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005) Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005) (Metasploit) Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit) Microsoft Windows - Task Scheduler .XML Privilege Escalation (MS10-092) (Metasploit) Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request (MS00-003) Microsoft Windows Kernel - Intel x64 SYSRET (PoC) Microsoft Windows Kernel - Intel x64 SYSRET (MS12-042) (PoC) Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit) Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101) Microsoft Windows Kerberos - Security Feature Bypass (MS16-101) Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) (Metasploit) VMware - Setuid VMware-mount Unsafe popen(3) VMware - Setuid VMware-mount Unsafe popen(3) (Metasploit) Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (Metasploit) Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (MS13-081) (Metasploit) Microsoft Word - RTF Object Confusion (MS14-017) Microsoft Word - RTF Object Confusion (MS14-017) (Metasploit) Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit) .NET Deployment Service - IE Sandbox Escape (MS14-009) Registry Symlink - IE Sandbox Escape (MS13-097) Microsoft .NET Deployment Service - IE Sandbox Escape (MS14-009) (Metasploit) Microsoft Registry Symlink - IE Sandbox Escape (MS13-097) (Metasploit) Microsoft Windows - OLE Package Manager Code Execution (MS14-060) Microsoft Windows - OLE Package Manager Code Execution (MS14-060) (Metasploit) Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (Metasploit) Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit) Microsoft Windows - OLE Package Manager Code Execution Through Python (MS14-064) Microsoft Windows - OLE Package Manager Code Execution (MS14-064) Microsoft Windows - OLE Package Manager Code Execution (via Python) (MS14-064) (Metasploit) Microsoft Windows - OLE Package Manager Code Execution (MS14-064) (Metasploit) Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004) Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004) (Metasploit) Microsoft Windows Server 2003 SP2 - Privilege Escalation Microsoft Windows Server 2003 SP2 - Privilege Escalation (MS14-070) Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation (MS10-073) Publish-It - '.PUI' Buffer Overflow (SEH) Publish-It - '.PUI' Buffer Overflow (SEH) (Metasploit) Microsoft Windows - ClientCopyImage Win32k Exploit (Metasploit) Microsoft Windows - ClientCopyImage Win32k Exploit (MS15-051) (Metasploit) Microsoft Word - Local Machine Zone Remote Code Execution Microsoft Word - Local Machine Zone Remote Code Execution (MS15-022) VideoCharge Studio - Buffer Overflow (SEH) VideoCharge Studio - Buffer Overflow (SEH) (Metasploit) Microsoft Windows - NtUserGetClipboardAccessToken Token Leak Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023) Microsoft Windows - Font Driver Buffer Overflow (MS15-078) Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit) Nagios 4.2.2 - Privilege Escalation ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) (Metasploit) Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset OOB Privilege Escalation Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) (Metasploit) VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010) VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation Palo Alto Networks PanOS root_trace - Privilege Escalation Palo Alto Networks PanOS root_reboot - Privilege Escalation RealServer < 8.0.2 - Remote Exploit (Windows Platforms) RealServer < 8.0.2 (Windows Platforms) - Remote Exploit Microsoft Windows 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049) Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049) Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows - 'WINS' Remote Buffer Overflow (3) Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045) (3) Microsoft Windows Message - Queuing Buffer Overflow Universal Exploit (MS05-017) (v.0.3) Microsoft Windows Message Queuing - Buffer Overflow Universal Exploit (MS05-017) (v.0.3) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) (MS05-039) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039) eIQnetworks License Manager - Remote Buffer Overflow (1) (Metasploit) eIQnetworks License Manager - Remote Buffer Overflow (2) (Metasploit) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2) Microsoft Windows 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit) Microsoft Windows Server 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (1) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1) Microsoft Windows - NetpManageIPCConnect - Stack Overflow (Python) Microsoft Windows - NetpManageIPCConnect - Stack Overflow (MS06-070) (Python) Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow (MS07-033) Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow (MS07-033) CCProxy 6.2 - Telnet Proxy Ping Overflow (1) (Metasploit) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1) Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065) Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue Exploit (MS07-065) Microsoft Windows Message Queuing Service - RPC Buffer Overflow Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC) Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC) (MS09-054) Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044) Movie Maker - Remote Code Execution (MS10-016) Microsoft Movie Maker - Remote Code Execution (MS10-016) ASP.NET - Padding Oracle (MS10-070) Microsoft ASP.NET - Padding Oracle (MS10-070) ASP.NET - Padding Oracle File Download (MS10-070) Microsoft Windows - NTLM Weak Nonce Microsoft ASP.NET - Padding Oracle File Download (MS10-070) Microsoft Windows - NTLM Weak Nonce (MS10-012) ASP.NET - Auto-Decryptor File Download Exploit (MS10-070) Microsoft ASP.NET - Auto-Decryptor File Download Exploit (MS10-070) Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (loop) Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (Loop) (Metasploit) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1) PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (1) PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie) (Metasploit) Axis2 - Authenticated Code Execution (via REST) Axis2 - Authenticated Code Execution (via REST) (Metasploit) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) (Metasploit) Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (Metasploit) Microsoft Private Communications Transport - Overflow Exploit (Metasploit) Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (MS10-025) (Metasploit) Microsoft Private Communications Transport - Overflow Exploit (MS04-011) (Metasploit) Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit) Microsoft IIS - Phone Book Service Overflow (Metasploit) Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (MS03-022) (Metasploit) Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (MS03-051) (Metasploit) Microsoft IIS - Phone Book Service Overflow (MS00-094) (Metasploit) Microsoft WINS - Service Memory Overwrite (Metasploit) Microsoft Windows - SMB Relay Code Execution (Metasploit) Microsoft Windows - Print Spooler Service Impersonation (MS10-061) Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (Metasploit) Microsoft RRAS Service - Overflow Exploit (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (Metasploit) Microsoft Server Service - NetpwPathCanonicalize Overflow (Metasploit) Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (Metasploit) Microsoft Services - 'nwwks.dll' (MS06-066) Microsoft WINS - Service Memory Overwrite (MS04-045) (Metasploit) Microsoft Windows - SMB Relay Code Execution (MS08-068) (Metasploit) Microsoft Windows - Print Spooler Service Impersonation (MS10-061) (Metasploit) Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) (Metasploit) Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (MS09-050) (Metasploit) Microsoft RRAS Service - Overflow Exploit (MS06-025) (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (MS07-029) (Metasploit) Microsoft Server Service - NetpwPathCanonicalize Overflow (MS06-040) (Metasploit) Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (MS04-011) (Metasploit) Microsoft Services - 'nwwks.dll' (MS06-066) (Metasploit) Microsoft NetDDE Service - Overflow Exploit (Metasploit) Microsoft Workstation Service - NetpManageIPCConnect Overflow (Metasploit) Microsoft Services - 'nwapi32.dll' (MS06-066) Microsoft NetDDE Service - Overflow Exploit (MS04-031) (Metasploit) Microsoft Workstation Service - NetpManageIPCConnect Overflow (MS06-070) (Metasploit) Microsoft Services - 'nwapi32.dll' (MS06-066) (Metasploit) Microsoft RRAS Service - RASMAN Registry Overflow (Metasploit) Microsoft RRAS Service - RASMAN Registry Overflow (MS06-025) (Metasploit) Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) Microsoft Workstation Service - NetAddAlternateComputerName Overflow (Metasploit) Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (Metasploit) Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) (Metasploit) Microsoft Workstation Service - NetAddAlternateComputerName Overflow (MS03-049) (Metasploit) Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (MS05-030) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (2) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (Metasploit) Microsoft SQL Server - Resolution Overflow (Metasploit) Microsoft SQL Server - Payload Execution (via SQL Injection) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (Metasploit) Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit) Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (via SQL Injection) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (via SQL Injection) (Metasploit) Microsoft SQL Server - Hello Overflow (Metasploit) Microsoft SQL Server - Hello Overflow (MS02-056) (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (1) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (2) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (3) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (1) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (1) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1) Microsoft DirectX DirectShow - SAMI Buffer Overflow (Metasploit) Microsoft DirectX DirectShow - SAMI Buffer Overflow (MS07-064) (Metasploit) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (2) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2) Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (Metasploit) Microsoft IIS 4.0 - '.htr' Path Overflow (Metasploit) Microsoft IIS 5.0 - Printer Host Header Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit) Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (MS01-026) (Metasploit) Microsoft IIS 4.0 - '.htr' Path Overflow (MS02-018) (Metasploit) Microsoft IIS 5.0 - Printer Host Header Overflow (MS01-023) (Metasploit) Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (MS03-007) (Metasploit) Microsoft IIS 5.0 - IDQ Path Overflow (Metasploit) Microsoft IIS 5.0 - IDQ Path Overflow (MS01-033) (Metasploit) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (1) Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (Metasploit) Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (Metasploit) Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (MS06-067) (Metasploit) Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit) Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) (Metasploit) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) (MS07-017) (Metasploit) Microsoft Internet Explorer - XML Core Services HTTP Request Handling (Metasploit) Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (Metasploit) Microsoft Internet Explorer - XML Core Services HTTP Request Handling (MS06-071) (Metasploit) Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (MS11-003) (Metasploit) Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (MS09-043) (Metasploit) Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (Metasploit) Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (Metasploit) Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit) Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (MS09-043) (Metasploit) Microsoft Help Center - Cross-Site Scripting / Command Execution (Metasploit) Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (Metasploit) Microsoft Help Center - Cross-Site Scripting / Command Execution (MS10-042) (Metasploit) Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (MS09-072) (Metasploit) Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (Metasploit) Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (MS10-090) (Metasploit) Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (Metasploit) Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (MS09-002) (Metasploit) Microsoft Internet Explorer - COM CreateObject Code Execution (Metasploit) Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (MS06-057) (Metasploit) (2) Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (Metasploit) Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (MS10-018) (Metasploit) Microsoft Windows - Shell LNK Code Execution (Metasploit) Microsoft Windows - Shell LNK Code Execution (MS10-046) (Metasploit) Microsoft Internet Explorer - createTextRange() Code Execution (Metasploit) Microsoft Internet Explorer - createTextRange() Code Execution (MS06-013) (Metasploit) Microsoft Internet Explorer - Object Type (MS03-020) Microsoft Internet Explorer - Object Type (MS03-020) (Metasploit) Microsoft Internet Explorer - Data Binding Memory Corruption (Metasploit) Microsoft Internet Explorer - Data Binding Memory Corruption (MS08-078) (Metasploit) Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (Metasploit) Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (MS10-018) (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (1) Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1) Microsoft Internet Explorer - (VML) Fill Method Code Execution (MS06-055) (Metasploit) Microsoft Internet Explorer - 'Aurora' Memory Corruption (Metasploit) Microsoft Internet Explorer - 'Aurora' Memory Corruption (MS10-002) (Metasploit) Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (Metasploit) Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) CCProxy 6.2 - Telnet Proxy Ping Overflow (2) (Metasploit) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) Outlook - ATTACH_BY_REF_RESOLVE File Execution (Metasploit) Outlook - ATTACH_BY_REF_ONLY File Execution (Metasploit) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) (MS07-017) (Metasploit) Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit) Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit) Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) (Metasploit) FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD) FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD) (Metasploit) httpdx - tolog() Function Format String (1) httpdx - tolog() Function Format String (Metasploit) (1) Microsoft IIS FTP Server - NLST Response Overflow (Metasploit) Microsoft IIS FTP Server - NLST Response Overflow (MS09-053) (Metasploit) Microsoft Message Queueing Service - Path Overflow (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() Overflow (TCP) Microsoft RPC DCOM Interface - Overflow Exploit (Metasploit) Microsoft Message Queueing Service - DNS Name Path Overflow (Metasploit) Microsoft Message Queueing Service - Path Overflow (MS05-017) (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() TCP Overflow (MS07-029) (Metasploit) Microsoft RPC DCOM Interface - Overflow Exploit (MS03-026) (Metasploit) Microsoft Message Queueing Service - DNS Name Path Overflow (MS07-065) (Metasploit) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (2) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1) httpdx - tolog() Function Format String (2) httpdx - tolog() Function Format String (Metasploit) (2) Exchange 2000 - XEXCH50 Heap Overflow (MS03-046) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (MS03-046) (Metasploit) NetSupport Manager Agent - Remote Buffer Overflow (2) NetSupport Manager Agent - Remote Buffer Overflow (Metasploit) (2) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (Metasploit) (1) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (Metasploit) (2) SquirrelMail PGP Plugin - Command Execution (SMTP) SquirrelMail PGP Plugin - Command Execution (SMTP) (Metasploit) ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) (Metasploit) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (2) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) (Metasploit) Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment) Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview ('.lzh' Attachment) (Metasploit) Mozilla Firefox - 'nsTreeRange' Dangling Pointer (1) Mozilla Firefox - 'nsTreeRange' Dangling Pointer (Metasploit) (1) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (1) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1) Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026) Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026) (Metasploit) ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2) ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (Metasploit) (2) Mozilla Firefox - Array.reduceRight() Integer Overflow (2) Mozilla Firefox - Array.reduceRight() Integer Overflow (Metasploit) (2) Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (Metasploit) Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (MS05-054) (Metasploit) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (2) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2) Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) (Metasploit) Sun Java Web Start Plugin - Command Line Argument Injection (2012) Sun Java Web Start Plugin - Command Line Argument Injection (2012) (Metasploit) Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002) Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002) (Metasploit) Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) (Metasploit) quickshare file share 1.2.1 - Directory Traversal (2) quickshare file share 1.2.1 - Directory Traversal (Metasploit) (2) Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit) Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065) (Metasploit) Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037) Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037) (Metasploit) ComSndFTP 1.3.7 Beta - USER Format String (Write4) Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (Metasploit) ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit) Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (MS12-043) (Metasploit) Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL redirection Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL Redirection (MS99-043) Microsoft Office SharePoint Server 2007 - Remote Code Execution (Metasploit) Microsoft Office SharePoint Server 2007 - Remote Code Execution (MS10-104) (Metasploit) Microsoft IIS 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 - Directory Traversal (MS00-006) Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (Metasploit) Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (MS12-037) (Metasploit) Microsoft Internet Explorer 5.5 - Index.dat Microsoft Internet Explorer 5.5 - 'Index.dat' Exploit (MS00-055) Microsoft Visual Studio RAD Support - Buffer Overflow (Metasploit) Microsoft Visual Studio RAD Support - Buffer Overflow (MS03-051) (Metasploit) JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) (Metasploit) Microsoft Internet Explorer 5 - Zone Spoofing Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055) HP SiteScope - Remote Code Execution (1) HP SiteScope - Remote Code Execution (Metasploit) (1) Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure (MS02-023) Metasploit Web UI - Diagnostic Console Command Execution Metasploit Web UI - Diagnostic Console Command Execution (Metasploit) Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027) Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047) Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) (Metasploit) Microsoft Internet Explorer 5 - XML Page Object Type Validation Microsoft Internet Explorer 5 - XML Page Object Type Validation (MS03-040) Microsoft Windows XP/2000 - Messenger Service Buffer Overrun Microsoft Windows XP/2000 - Messenger Service Buffer Overrun (MS03-043) Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013) Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy (MS04-004) Microsoft Internet Explorer - Option Element Use-After-Free (Metasploit) Microsoft Internet Explorer - Option Element Use-After-Free (MS11-081) (Metasploit) Java Applet JMX - Remote Code Execution (1) Java Applet JMX - Remote Code Execution (Metasploit) (1) myServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting MyServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting VMware OVF Tools - Format String (1) VMware OVF Tools - Format String (Metasploit) (1) VMware OVF Tools - Format String (2) VMware OVF Tools - Format String (Metasploit) (2) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) Java Applet JMX - Remote Code Execution (2) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) Java Applet JMX - Remote Code Execution (Metasploit) (2) Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2) phpMyAdmin - Authenticated Remote Code Execution via preg_replace() phpMyAdmin - 'preg_replace' Authenticated Remote Code Execution (Metasploit) Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow (MS05-020) Microsoft Internet Explorer - textNode Use-After-Free (Metasploit) Microsoft Internet Explorer - textNode Use-After-Free (MS13-037) (Metasploit) Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009) Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009) (Metasploit) D-Link Devices - Unauthenticated Remote Command Execution (2) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2) D-Link Devices - Unauthenticated Remote Command Execution (1) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1) Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) (Metasploit) Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055) HP SiteScope - Remote Code Execution (2) Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055) (Metasploit) HP SiteScope - Remote Code Execution (Metasploit) (2) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (2) Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069) Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069) (Metasploit) Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071) (Metasploit) Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080) Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080) (Metasploit) Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) (Metasploit) Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) (Metasploit) Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012) Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012) (Metasploit) Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012) Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012) (Metasploit) Microsoft Windows Media Center - MCL Exploit (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) (Metasploit) Advantech Switch - Bash Environment Variable Code Injection (Shellshock) Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit) Oracle BeeHive 2 - voice-servlet processEvaluation() Oracle BeeHive 2 - voice-servlet processEvaluation() (Metasploit) Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference (MS15-134) IPFire - Bash Environment Variable Injection (Shellshock) IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit) Ruby on Rails - Dynamic Render File Upload / Remote Code Execution Ruby on Rails - Dynamic Render File Upload / Remote Code Execution (Metasploit) FTPShell Client 5.24 - 'PWD' Remote Buffer Overflow Windows x64 - Reverse Shell TCP Shellcode (694 bytes) phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (2) phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (Metasploit) (2) PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) (Metasploit) Wordpress Plugin BBS e-Franchise 1.1.1 - SQL Injection Wordpress Plugin Product Catalog 8 1.2.0 - SQL Injection EditMe CMS - Cross-Site Request Forgery (Add New Admin)	2016-11-19 05:01:21 +00:00
Offensive Security	b22e31535e	DB: 2016-11-18 3 new exploits Winamp 5.21 - (Midi File Header Handling) Buffer Overflow (PoC) Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC) Nullsoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC) NullSoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC) Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC) Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC) Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC) Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow (PoC) WinAmp GEN_MSN Plugin - Heap Buffer Overflow (PoC) Winamp GEN_MSN Plugin - Heap Buffer Overflow (PoC) Winamp 5.572 - whatsnew.txt Stack Overflow (PoC) Winamp 5.572 - 'whatsnew.txt' Stack Overflow (PoC) Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow WinAmp 5.63 - Invalid Pointer Dereference WinAmp 5.63 - Stack Based Buffer Overflow Winamp 5.63 - Invalid Pointer Dereference Winamp 5.63 - Stack Based Buffer Overflow Winamp 5.666 build 3516 - (Corrupted flv) Crash (PoC) Winamp 5.666 build 3516 - Corrupted .flv Crash (PoC) Microsoft Edge - 'eval' Type Confusion Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow SCO UnixWare < 7.1.4 p534589 - (pkgadd) Privilege Escalation SCO UnixWare Reliant HA - Privilege Escalation SCO UnixWare Merge - mcd Privilege Escalation Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Privilege Escalation SCO UnixWare Reliant HA 1.1.4 - Privilege Escalation SCO UnixWare Merge - 'mcd' Privilege Escalation Winamp 5.05-5.13 - '.ini' Local Stack Buffer Overflow (PoC) Winamp 5.05<5.13 - '.ini' Local Stack Buffer Overflow (PoC) Winamp 5.572 - whatsnew.txt Stack Overflow Winamp 5.572 - whatsnew.txt Local Buffer Overflow (Windows XP SP3 DE) Winamp 5.572 - 'whatsnew.txt' Stack Overflow Winamp 5.572 (Windows XP SP3 DE) - 'whatsnew.txt' Local Buffer Overflow Winamp 5.572 - whatsnew.txt SEH (Metasploit) Winamp 5.572 - 'whatsnew.txt' SEH (Metasploit) Winamp 5.572 - Local Buffer Overflow (Windows 7 ASLR + DEP Bypass) Winamp 5.572 (Windows 7) - Local Buffer Overflow (ASLR + DEP Bypass) Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking NullSoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking WinAmp 5.63 - (winamp.ini) Local Exploit Winamp 5.63 - 'winamp.ini' Local Exploit Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2) Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2) Nullsoft Winamp 2.x - AIP Buffer Overflow NullSoft Winamp 2.x - AIP Buffer Overflow Nullsoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow winamp Web interface 7.5.13 - Multiple Vulnerabilities Winamp Web interface 7.5.13 - Multiple Vulnerabilities Nullsoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow LinPHA 1.3.1 - (new_images.php) Blind SQL Injection LinPHA 1.3.1 - 'new_images.php' Blind SQL Injection KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection KwsPHP Module jeuxflash 1.0 - 'id' Parameter SQL Injection KwsPHP 1.0 - Newsletter Module SQL Injection KwsPHP 1.0 Module Newsletter - SQL Injection DaZPHP 0.1 - (prefixdir) Local File Inclusion PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion KwsPHP Module Galerie - (id_gal) SQL Injection KwsPHP Module Archives - 'id' SQL Injection KwsPHP Module jeuxflash (cat) 1.0 - SQL Injection KwsPHP Module ConcoursPhoto - (C_ID) SQL Injection XPOZE Pro 3.05 - (reed) SQL Injection Vastal I-Tech Software Zone - 'cat_id' SQL Injection sabros.us 1.75 - (thumbnails.php) Remote File Disclosure Comdev News Publisher - SQL Injection Affiliate Directory - 'cat_id' SQL Injection PHP Photo Gallery 1.0 - (photo_id) SQL Injection Blogator-script 0.95 - (incl_page) Remote File Inclusion PIGMy-SQL 1.4.1 - (getdata.php id) Blind SQL Injection Blogator-script 0.95 - (id_art) SQL Injection Dragoon 0.1 - (lng) Local File Inclusion DaZPHP 0.1 - 'prefixdir' Parameter Local File Inclusion PhpBlock a8.4 - 'PATH_TO_CODE' Parameter Remote File Inclusion KwsPHP 1.3.456 Module Galerie - 'id_gal' Parameter SQL Injection KwsPHP 1.3.456 Module Archives - 'id' Parameter SQL Injection KwsPHP Module jeuxflash 1.0 - 'cat' Parameter SQL Injection KwsPHP Module ConcoursPhoto 2.0 - 'C_ID' Parameter SQL Injection XPOZE Pro 3.05 - 'reed' Parameter SQL Injection Vastal I-Tech Software Zone - 'cat_id' Parameter SQL Injection Sabros.us 1.75 - 'thumbnails.php' Remote File Disclosure Comdev News Publisher 4.1.2 - SQL Injection Affiliate Directory - 'cat_id' Parameter SQL Injection PHP Photo Gallery 1.0 - 'photo_id' Parameter SQL Injection Blogator-script 0.95 - 'incl_page' Parameter Remote File Inclusion PIGMy-SQL 1.4.1 - 'getdata.php' Blind SQL Injection Blogator-script 0.95 - 'id_art' Parameter SQL Injection Dragoon 0.1 - 'lng' Parameter Local File Inclusion Easynet Forum Host - 'forum.php forum' SQL Injection CoBaLT 0.1 - Multiple SQL Injections Gaming Directory 1.0 - 'cat_id' SQL Injection Easynet Forum Host - 'forum.php' SQL Injection Cobalt 0.1 - Multiple SQL Injections Gaming Directory 1.0 - 'cat_id' Parameter SQL Injection Links Directory 1.1 - 'cat_id' SQL Injection Software Index 1.1 - 'cid' SQL Injection Links Directory 1.1 - 'cat_id' Parameter SQL Injection Software Index 1.1 - 'cid' Parameter SQL Injection Blog PixelMotion - 'index.php categorie' SQL Injection Site Sift Listings - 'id' SQL Injection Blog PixelMotion - 'categorie' Parameter SQL Injection Site Sift Listings - 'id' Parameter SQL Injection Prozilla Forum Service - 'forum.php forum' SQL Injection Prozilla Forum Service - 'forum' Parameter SQL Injection Prozilla Freelancers - (project) SQL Injection Prozilla Freelancers - 'project' Parameter SQL Injection LinPHA 1.3.3 - (maps plugin) Remote Command Execution Dragoon 0.1 - (root) Remote File Inclusion LinPHA 1.3.3 Plugin Maps - Remote Command Execution Dragoon 0.1 - 'root' Parameter Remote File Inclusion k-links directory - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities k-links directory - SQL Injection / Cross-Site Scripting SFS Affiliate Directory - 'id' SQL Injection Affiliate Directory - 'id' Parameter SQL Injection SFS EZ Gaming Directory - 'Directory.php id' SQL Injection SFS EZ Gaming Directory - 'directory.php' SQL Injection SFS EZ Gaming Directory - 'cat_id' SQL Injection SFS EZ Gaming Directory - 'cat_id' Parameter SQL Injection LinPHA 1.3.2 - (rotate.php) Remote Command Execution LinPHA 1.3.2 - 'rotate.php' Remote Command Execution cobalt qube webmail 1.0 - Directory Traversal Cobalt Qube Webmail 1.0 - Directory Traversal LinPHA 0.9.x/1.0 - 'index.php' lang Parameter Local File Inclusion LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion LinPHA 0.9.x/1.0 - 'lang' Parameter Local File Inclusion LinPHA 0.9.x/1.0 - 'install.php' Parameter Local File Inclusion LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Parameter Local File Inclusion LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion LinPHA 1.1 - Multiple Cross-Site Scripting Vulnerabilities Drake CMS 0.2 - 'index.php' Cross-Site Scripting Sabros.US 1.7 - 'index.php' Cross-Site Scripting Drake CMS 0.3.7 - 404.php Local File Inclusion Drake CMS 0.3.7 - '404.php' Local File Inclusion Drake CMS 0.4.9 - 'index.php' Cross-Site Scripting Blogator-script 0.95 - 'bs_auth.php' Cross-Site Scripting CoBaLT 2.0 - 'adminler.asp' SQL Injection Cobalt 2.0 - 'adminler.asp' SQL Injection VisualPic 0.3.1 - Cross-Site Scripting LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting LinPHA 1.3.2/1.3.3 - new_images.php Cross-Site Scripting Software Index - 'signinform.php' Cross-Site Scripting CMSimple 4.4.4 - Remote file Inclusion CMSimple 4.4.4 - Remote File Inclusion Wordpress Plugin Answer My Question 1.3 - SQL Injection Wordpress Plugin Sirv 1.3.1 - SQL Injection	2016-11-18 05:01:22 +00:00
Offensive Security	e1c4e9e1ec	DB: 2016-11-17 3 new exploits Redhat 6.1 / 6.2 - TTY Flood Users Exploit RedHat 6.1 / 6.2 - TTY Flood Users Exploit Microsoft Windows - Kernel ANI File Parsing Crash Microsoft Windows Kernel - '.ANI' File Parsing Crash PunBB 2.0.10 - (Register Multiple Users) Denial Of Service PunBB 2.0.10 - (Register Multiple Users) Denial of Service Apple Mac OSX 10.4.x - Kernel shared_region_map_file_np() Memory Corruption Apple Mac OSX 10.4.x Kernel - shared_region_map_file_np() Memory Corruption MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service MailEnable Professional/Enterprise 2.37 - Denial Of Service MailEnable Professional/Enterprise 2.37 - Denial of Service Apple Mac OSX 10.4.x - Kernel i386_set_ldt() Integer Overflow (PoC) Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC) Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial of Service snircd 1.3.4 - (send_user_mode) Denial of Service MPlayer - sdpplin_parse() Array Indexing Buffer Overflow (PoC) Snircd 1.3.4 - 'send_user_mode' Denial of Service MPlayer 1.0 rc2 - 'sdpplin_parse()' Array Indexing Buffer Overflow (PoC) LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial Of Service) LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial of Service) ZoIPer 2.22 - Call-Info Remote Denial Of Service ZoIPer 2.22 - Call-Info Remote Denial of Service Dualis 20.4 - '.bin' Local Denial Of Service Dualis 20.4 - '.bin' Local Denial of Service Dolphin 2.0 - '.elf' Local Denial Of Service Dolphin 2.0 - '.elf' Local Denial of Service Home FTP Server r1.10.3 (build 144) - Denial of Service Home FTP Server 1.10.3 (build 144) - Denial of Service Red Hat Linux - stickiness of /tmp Exploit RedHat Linux - Stickiness of /tmp Exploit Apple Mac OSX < 10.6.7 - Kernel Panic Exploit Apple Mac OSX < 10.6.7 - Kernel Panic Red Hat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service RedHat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service Titan FTP Server 3.0 - 'LIST' Command Denial Of Service Titan FTP Server 3.0 - 'LIST' Command Denial of Service Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Service Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial of Service I Hear U 0.5.6 - Multiple Remote Denial Of Service Vulnerabilities I Hear U 0.5.6 - Multiple Remote Denial of Service Vulnerabilities Microsoft Windows Explorer - '.png' Image Local Denial Of Service Microsoft Windows Explorer - '.png' Image Local Denial of Service Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial Of Service Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial of Service MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial of Service PHP 5.2.5 - Multiple GetText functions Denial Of Service Vulnerabilities PHP 5.2.5 - Multiple GetText functions Denial of Service Vulnerabilities LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial Of Service LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial of Service Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial Of Service Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial of Service Sami FTP Server 2.0.x - Multiple Commands Remote Denial Of Service Vulnerabilities Sami FTP Server 2.0.x - Multiple Commands Remote Denial of Service Vulnerabilities SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial Of Service SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial of Service RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial Of Service RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial of Service MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service snircd 1.3.4 And ircu 2.10.12.12 - 'set_user_mode' Remote Denial of Service MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial of Service SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service / Memory Corruption Vulnerabilities Microsoft Windows XP/Vista/2000/2003/2008 - Kernel Usermode Callback Privilege Escalation (1) SLMail Pro 6.3.1.0 - Multiple Remote Denial of Service / Memory Corruption Vulnerabilities Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1) SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial Of Service SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service Apple iCal 3.0.1 - 'ATTACH' Parameter Denial Of Service Apple iCal 3.0.1 - 'ATTACH' Parameter Denial of Service WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service Computer Associates ARCserve Backup Discovery Service Remote - Denial of Service Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service Microsoft Excel 2007 - JavaScript Code Remote Denial of Service GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial of Service GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial Of Service GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial of Service SWAT 4 - Multiple Denial Of Service Vulnerabilities SWAT 4 - Multiple Denial of Service Vulnerabilities Unreal Tournament 3 - Denial Of Service / Memory Corruption Unreal Tournament 3 - Denial of Service / Memory Corruption Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities Combat Evolved 1.0.7.0615 - Multiple Denial of Service Vulnerabilities Noticeware Email Server 4.6 - NG LOGIN Messages Denial Of Service Noticeware Email Server 4.6 - NG LOGIN Messages Denial of Service Ruby 1.9 - REXML Remote Denial Of Service Ruby 1.9 - REXML Remote Denial of Service Red Hat 8/9 - Directory Server Crafted Search Pattern Denial of Service RedHat 8/9 - Directory Server Crafted Search Pattern Denial of Service MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service MySQL 6.0.4 - Empty Binary String Literal Remote Denial of Service Mass Downloader - Malformed Executable Denial Of Service Mass Downloader - Malformed Executable Denial of Service Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service Zope 2.11.2 - PythonScript Multiple Remote Denial Of Service Vulnerabilities Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Zope 2.11.2 - PythonScript Multiple Remote Denial of Service Vulnerabilities GeSHi 1.0.x - XML Parsing Remote Denial Of Service GeSHi 1.0.x - XML Parsing Remote Denial of Service Symbian S60 - Malformed SMS/Mms Remote Denial Of Service Symbian S60 - Malformed SMS/Mms Remote Denial of Service InfraRecorder 0.53 - Memory Corruption (Denial Of Service) IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service InfraRecorder 0.53 - Memory Corruption (Denial of Service) IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service QNX RTOS 6.4 - Malformed ELF Binary File Local Denial Of Service QNX RTOS 6.4 - Malformed ELF Binary File Local Denial of Service Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial Of Service PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial Of Service Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial Of Service Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service MySQL 6.0.9 - XPath Expression Remote Denial Of Service MySQL 6.0.9 - XPath Expression Remote Denial of Service MPlayer - Malformed AAC File Handling Denial of Service MPlayer - Malformed OGM File Handling Denial of Service MPlayer - '.AAC' File Handling Denial of Service MPlayer - '.OGM' File Handling Denial of Service Mani's Admin Plugin - Remote Denial Of Service Mani's Admin Plugin - Remote Denial of Service cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial Of Service) CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial Of Service cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial of Service) CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service Git 1.6.3 - Parameter Processing Remote Denial Of Service Git 1.6.3 - Parameter Processing Remote Denial of Service GUPnP 0.12.7 - Message Handling Denial Of Service GUPnP 0.12.7 - Message Handling Denial of Service ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial Of Service ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial of Service FileCOPA FTP Server 5.01 - 'NOOP' Command Denial Of Service FileCOPA FTP Server 5.01 - 'NOOP' Command Denial of Service Snort 2.8.5 - Multiple Denial Of Service Vulnerabilities Snort 2.8.5 - Multiple Denial of Service Vulnerabilities lighttpd 1.4/1.5 - Slow Request Handling Remote Denial Of Service lighttpd 1.4/1.5 - Slow Request Handling Remote Denial of Service Skybox Security 6.3.x < 6.4.x - Multiple Denial Of Service Issue Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Issue Hybserv2 - ':help' Command Denial Of Service Hybserv2 - ':help' Command Denial of Service Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service Apple Safari 4.0.4 - Remote Denial Of Service Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial of Service Apple Safari 4.0.4 - Remote Denial of Service FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial Of Service FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial of Service PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial Of Service PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial of Service Remote Help HTTP 0.0.7 - GET Request Format String Denial Of Service Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial Of Service netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial of Service Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial Of Service Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial Of Service Xitami 5.0 - '/AUX' Request Remote Denial Of Service Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial of Service Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial of Service Xitami 5.0 - '/AUX' Request Remote Denial of Service Torque Game Engine - Multiple Denial Of Service Vulnerabilities Torque Game Engine - Multiple Denial of Service Vulnerabilities EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial of Service Vulnerabilities Unreal Engine - 'ReceivedRawBunch()' Denial Of Service Unreal Engine - 'ReceivedRawBunch()' Denial of Service Chrome Engine 4 - Denial Of Service Chrome Engine 4 - Denial of Service Sagem Fast 3304-V1 - Denial Of Service Sagem Fast 3304-V1 - Denial of Service Sumatra PDF 1.1 - Denial Of Service Sumatra PDF 1.1 - Denial of Service Freeciv 2.2.1 - Multiple Remote Denial Of Service Vulnerabilities Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial Of Service Vulnerabilities Freeciv 2.2.1 - Multiple Remote Denial of Service Vulnerabilities Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial of Service Vulnerabilities Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities Microsoft DirectX 8/9 DirectPlay - Multiple Denial of Service Vulnerabilities PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial Of Service PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service Sniper Elite 1.0 - Null Pointer Dereference Denial Of Service Sniper Elite 1.0 - Null Pointer Dereference Denial of Service MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial Of Service MySQL 5.1.48 - 'EXPLAIN' Denial Of Service OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial of Service MySQL 5.1.48 - 'EXPLAIN' Denial of Service OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial of Service Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial Of Service Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial of Service Oracle MySQL < 5.1.49 - 'DDL' Statements Denial of Service GNU glibc - 'regcomp()' Stack Exhaustion Denial Of Service GNU glibc - 'regcomp()' Stack Exhaustion Denial of Service Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial Of Service Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service Microsoft Internet Explorer 11 - Denial Of Service Microsoft Internet Explorer 11 - Denial of Service Golden FTP Server 4.70 - Malformed Message Denial Of Service Golden FTP Server 4.70 - Malformed Message Denial of Service TP-Link TL-WR740N - Denial Of Service PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial Of Service TP-Link TL-WR740N - Denial of Service PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial of Service Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial Of Service Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial Of Service Air Contacts Lite - HTTP Packet Denial Of Service Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial of Service Air Contacts Lite - HTTP Packet Denial of Service TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial Of Service) TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial of Service) Perl 5.10 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities Perl 5.10 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial Of Service Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial of Service Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial Of Service Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial of Service RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial Of Service RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial of Service PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial Of Service Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial of Service Microsoft Host Integration Server 2004-2010 - Remote Denial of Service Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial of Service Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service Titan FTP Server 8.40 - 'APPE' Command Remote Denial of Service Apache APR - Hash Collision Denial Of Service PHP PDORow Object - Remote Denial Of Service Apache APR - Hash Collision Denial of Service PHP PDORow Object - Remote Denial of Service PHP 5.3.8 - Remote Denial Of Service PHP 5.3.8 - Remote Denial of Service Mercury MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerabilities Mercury MR804 Router - Multiple HTTP Header Fields Denial of Service Vulnerabilities Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial of Service Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service Universal Reader 1.16.740.0 - 'uread.exe' Denial of Service Apache Sling - Denial Of Service Apache Sling - Denial of Service VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial of Service Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (2) Microsoft Windows - Kernel DeferWindowPos Use-After-Free (MS15-073) Microsoft Windows - Kernel UserCommitDesktopMemory Use-After-Free (MS15-073) Microsoft Windows - Kernel Pool Buffer Overflow Drawing Caption Bar (MS15-061) Microsoft Windows - Kernel HmgAllocateObjectAttr Use-After-Free (MS15-061) Microsoft Windows - Kernel win32k!vSolidFillRect Buffer Overflow (MS15-061) Microsoft Windows - Kernel SURFOBJ Null Pointer Dereference (MS15-061) Microsoft Windows - Kernel Brush Object Use-After-Free (MS15-061) Microsoft Windows - Kernel WindowStation Use-After-Free (MS15-061) Microsoft Windows - Kernel Null Pointer Dereference with Window Station and Clipboard (MS15-061) Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (1) Microsoft Windows - Kernel FlashWindowEx Memory Corruption (MS15-097) Microsoft Windows - Kernel bGetRealizedBrush Use-After-Free (MS15-097) Microsoft Windows - Kernel Use-After-Free with Cursor Object (MS15-097) Microsoft Windows - Kernel Use-After-Free with Printer Device Contexts (MS15-097) Microsoft Windows - Kernel NtGdiStretchBlt Pool Buffer Overflows (MS15-097) Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2) Microsoft Windows Kernel - DeferWindowPos Use-After-Free (MS15-073) Microsoft Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073) Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061) Microsoft Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061) Microsoft Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061) Microsoft Windows Kernel - SURFOBJ Null Pointer Dereference (MS15-061) Microsoft Windows Kernel - Brush Object Use-After-Free (MS15-061) Microsoft Windows Kernel - WindowStation Use-After-Free (MS15-061) Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061) Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1) Microsoft Windows Kernel - FlashWindowEx Memory Corruption (MS15-097) Microsoft Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097) Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097) Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097) Microsoft Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097) Microsoft Windows - Kernel NtGdiBitBlt Buffer Overflow (MS15-097) Microsoft Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097) MySQL / MariaDB - Geometry Query Denial Of Service MySQL / MariaDB - Geometry Query Denial of Service Apple Mac OSX - Kernel IOAccelMemoryInfoUserClient Use-After-Free Apple Mac OSX Kernel - IOAccelMemoryInfoUserClient Use-After-Free Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows Kernel - 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows Kernel - 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Blue Coat ProxySG 5.x - and Security Gateway OS Denial Of Service Blue Coat ProxySG 5.x - and Security Gateway OS Denial of Service Microsoft Windows - Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115) Microsoft Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115) Apple Mac OSX - Kernel no-more-senders Use-After-Free Apple Mac OSX Kernel - no-more-senders Use-After-Free Apple Mac OSX - Kernel IOAccelDisplayPipeUserClient2 Use-After-Free Apple Mac OSX Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free TFTPD32 / Tftpd64 - Denial Of Service TFTPD32 / Tftpd64 - Denial of Service Apple Mac OSX / iOS - Kernel IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free Apple Mac OSX / iOS - Kernel iokit Registry Iterator Manipulation Double-Free Apple Mac OSX / iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free Apple Mac OSX / iOS Kernel - iokit Registry Iterator Manipulation Double-Free Apple Mac OSX - Kernel Hypervisor Driver Use-After-Free Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026) Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026) Apple Mac OSX - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort Apple Mac OSX - Kernel AppleKeyStore Use-After-Free Apple Mac OSX - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver Apple Mac OSX Kernel - AppleKeyStore Use-After-Free Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver Microsoft Windows - Kernel Bitmap Use-After-Free Microsoft Windows - Kernel NtGdiGetTextExtentExW Out-of-Bounds Memory Read Microsoft Windows Kernel - Bitmap Use-After-Free Microsoft Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read Microsoft Windows - Kernel DrawMenuBarTemp Wild-Write (MS16-039) Microsoft Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039) Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Microsoft Windows Kernel - 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX - Kernel Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in IOAudioEngine Apple Mac OSX - Kernel OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type Apple Mac OSX - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2 Apple Mac OSX / iOS - Kernel UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient Apple Mac OSX - Kernel Stack Buffer Overflow in GeForce GPU Driver Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2 Apple Mac OSX / iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient Apple Mac OSX Kernel - GeForce GPU Driver Stack Buffer Overflow Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074) Microsoft Windows Kernel - 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074) Apple OS X - Kernel IOBluetoothFamily.kext Use-After-Free Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free Linux Kernel 2.2.x / 2.4.x (Redhat) - 'ptrace/kmod' Privilege Escalation Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0) xtokkaetama 1.0b - Local Game Exploit (Red Hat 9.0) XGalaga 2.0.34 (RedHat 9.0) - Local Game Exploit xtokkaetama 1.0b (RedHat 9.0) - Local Game Exploit hztty 2.0 - Privilege Escalation (Red Hat 9.0) hztty 2.0 (RedHat 9.0) - Privilege Escalation Redhat 6.2 /sbin/restore - Exploit RedHat 6.2 /sbin/restore - Exploit Redhat 6.2 Restore and Dump - Local Exploit (Perl) RedHat 6.2 Restore and Dump - Local Exploit (Perl) Redhat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit dump 0.4b15 (Redhat 6.2) - Exploit RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit dump 0.4b15 (RedHat 6.2) - Exploit Red Hat 6.2 xsoldier 0.96 - Exploit xsoldier 0.96 (RedHat 6.2) - Exploit Redhat 6.1 man - Local Exploit (egid 15) RedHat 6.1 man - Local Exploit (egid 15) Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055) Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055) Microsoft Windows - Kernel Privilege Escalation (MS06-049) Microsoft Windows Kernel - Privilege Escalation (MS06-049) Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Privilege Escalation Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Privilege Escalation (1) Linux Kernel 2.x (RedHat) - 'sock_sendpage()' Ring0 Privilege Escalation (1) (Linux Kernel 2.6.34-rc3) ReiserFS (Redhat / Ubuntu 9.10) - xattr Privilege Escalation (Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - xattr Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - 'compat' Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC) Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC) Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1) Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1) Immunix OS 6.2/7.0 / Redhat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow Immunix OS 6.2/7.0 / RedHat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow Microsoft Windows - Kernel Intel x64 SYSRET (PoC) Microsoft Windows Kernel - Intel x64 SYSRET (PoC) Linux Kernel 3.7.6 (Redhat x86/x64) - 'MSR' Driver Privilege Escalation Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation Microsoft Windows XP/7 - Kernel 'win32k.sys' Keyboard Layout Privilege Escalation Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation Microsoft Windows - Kernel 'win32k.sys' Privilege Escalation (MS14-058) Microsoft Windows Kernel - 'win32k.sys' Privilege Escalation (MS14-058) Apple OS X/iOS - Kernel IOSurface Use-After-Free Apple OS X/iOS Kernel - IOSurface Use-After-Free Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit) Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Privilege Escalation (Metasploit) Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal Ruby 1.8.6/1.9 (WEBick Httpd 1.3.1) - Directory Traversal mg-soft net Inspector 6.5.0.828 - Multiple Vulnerabilities MG-SOFT Net Inspector 6.5.0.828 - Multiple Vulnerabilities ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit Red Hat Linux 7.0 Apache - Remote 'Username' Enumeration RedHat Linux 7.0 Apache - Remote 'Username' Enumeration Red Hat Interchange 4.8.x - Arbitrary File Read RedHat Interchange 4.8.x - Arbitrary File Read Red Hat Apache 2.0.40 - Directory Index Default Configuration Error RedHat Apache 2.0.40 - Directory Index Default Configuration Error Foreman (Red Hat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit) Foreman (RedHat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit) Red Hat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities RedHat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit) RedHat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit) Katello (Red Hat Satellite) - users/update_roles Missing Authorisation (Metasploit) Katello (RedHat Satellite) - users/update_roles Missing Authorisation (Metasploit) Red Hat Stronghold Web Server 2.3 - Cross-Site Scripting RedHat Stronghold Web Server 2.3 - Cross-Site Scripting Red Hat Piranha - Remote Security Bypass RedHat Piranha - Remote Security Bypass KISGB 5.1.1 - (Authenticate.php) Remote File Inclusion KISGB 5.1.1 - 'Authenticate.php' Remote File Inclusion Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion Jshop Server 1.3 - 'fieldValidation.php' Remote File Inclusion phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution phpBP RC3 (2.204) - SQL Injection / Remote Code Execution eXV2 Module MyAnnonces - (lid) SQL Injection eXV2 Module eblog 1.2 - (blog_id) SQL Injection eXV2 Module Viso 2.0.4.3 - (kid) SQL Injection eXV2 Module WebChat 1.60 - (roomid) SQL Injection eXV2 Module MyAnnonces - 'lid' Parameter SQL Injection eXV2 Module eblog 1.2 - 'blog_id' Parameter SQL Injection eXV2 Module Viso 2.0.4.3 - 'kid' Parameter SQL Injection eXV2 Module WebChat 1.60 - 'roomid' Parameter SQL Injection Fuzzylime CMS 3.01 - (admindir) Remote File Inclusion Fuzzylime CMS 3.01 - 'admindir' Parameter Remote File Inclusion Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion Exero CMS 1.0.1 - 'theme' Parameter Multiple Local File Inclusion Joomla! Component Acajoom (com_acajoom) - SQL Injection Joomla! Component Acajoom 1.1.5 - SQL Injection ASPapp Knowledge Base - 'links.asp CatId' SQL Injection Joomla! Component joovideo 1.2.2 - 'id' SQL Injection Joomla! Component Alberghi 2.1.3 - 'id' SQL Injection Mambo Component 'com_accombo' 1.x - 'id' SQL Injection Joomla! Component Restaurante 1.0 - 'id' SQL Injection PEEL CMS - Admin Hash Extraction / Arbitrary File Upload RunCMS Module section - (artid) SQL Injection ASPapp Knowledge Base - SQL Injection ASPapp Knowledge Base - 'CatId' Parameter SQL Injection Joomla! Component joovideo 1.2.2 - 'id' Parameter SQL Injection Joomla! Component Alberghi 2.1.3 - 'id' Parameter SQL Injection Mambo Component Accombo 1.x - 'id' Parameter SQL Injection Joomla! Component Restaurante 1.0 - 'id' Parameter SQL Injection PEEL CMS 3.x - Admin Hash Extraction / Arbitrary File Upload RunCMS Module section - 'artid' Parameter SQL Injection ASPapp Knowledge Base - SQL Injection RunCMS Module Photo 3.02 - 'cid' SQL Injection D.E. Classifieds - 'cat_id' SQL Injection RunCMS Module Photo 3.02 - 'cid' Parameter SQL Injection D.E. Classifieds - 'cat_id' Parameter SQL Injection PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection PHP-Nuke Platinum 7.6.b.5 - 'dynamic_titles.php' SQL Injection Joomla! Component rekry 1.0.0 - (op_id) SQL Injection destar 0.2.2-5 - Arbitrary Add New User Exploit Joomla! Component rekry 1.0.0 - 'op_id' Parameter SQL Injection Destar 0.2.2-5 - Arbitrary Add New User Exploit destar 0.2.2-5 - Arbitrary Add Admin Destar 0.2.2-5 - Arbitrary Add Admin BolinOS 4.6.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Security Vulnerabilities Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting Joomla! Component Alphacontent 2.5.8 - 'id' Parameter SQL Injection TopperMod 1.0 - (mod.php) Local File Inclusion TopperMod 1.0 - 'mod.php' Local File Inclusion Joomla! Component MyAlbum 1.0 - (album) SQL Injection Joomla! Component MyAlbum 1.0 - 'album' Parameter SQL Injection Smoothflash - 'admin_view_image.php cid' SQL Injection Smoothflash - 'cid' Parameter SQL Injection JShop 1.x < 2.x - (page.php xPage) Local File Inclusion WordPress Plugin Download - (dl_id) SQL Injection PHPSpamManager 0.53b - (body.php) Remote File Disclosure Woltlab Burning Board Addon JGS-Treffen - SQL Injection Neat weblog 0.2 - 'articleId' SQL Injection EasyNews 40tr - (SQL Injection / Cross-Site Scripting / Local File Inclusion) SQL Injection FaScript FaPhoto 1.0 - (show.php id) SQL Injection Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection eggBlog 4.0 - Password Retrieve SQL Injection Joomla! Component actualite 1.0 - 'id' SQL Injection JShop 1.x < 2.x - 'xPage' Parameter Local File Inclusion WordPress Plugin Download - 'dl_id' Parameter SQL Injection PHPSpamManager 0.53b - 'body.php' Remote File Disclosure Woltlab Burning Board Addon JGS-Treffen 2.0.2 - SQL Injection Neat weblog 0.2 - 'articleId' Parameter SQL Injection EasyNews 40tr - SQL Injection / Cross-Site Scripting / Local File Inclusion FaScript FaPhoto 1.0 - 'show.php' SQL Injection Mambo Component Ahsshop 1.51 - 'vara' Parameter SQL Injection eggBlog 4.0 - SQL Injection Joomla! Component actualite 1.0 - 'id' Parameter SQL Injection PHPAddressBook 2.11 - (view.php id) SQL Injection PHPAddressBook 2.11 - 'view.php' SQL Injection Joomla! Component com_alphacontent - Blind SQL Injection Joomla! Component Alphacontent 2.5.8 - Blind SQL Injection Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection Joomla! Component Event Booking 2.10.1 - SQL Injection Nuked-klaN 1.3 - Multiple Cross-Site Scripting Vulnerabilities JShop E-Commerce Suite - xSearch Cross-Site Scripting JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting JShop E-Commerce Suite 1.2 - product.php Cross-Site Scripting Nuked-klaN 1.7 Sections Module - artid Parameter SQL Injection Nuked-klaN 1.7 Sections Module - 'artid' Parameter SQL Injection Nuked-klaN 1.7 Download Module - dl_id Parameter SQL Injection Nuked-klaN 1.7 Links Module - link_id Parameter SQL Injection Nuked-klaN 1.7 Download Module - 'dl_id' Parameter SQL Injection Nuked-klaN 1.7 Links Module - 'link_id' Parameter SQL Injection Nuked-klaN 1.7 - 'index.php' Cross-Site Scripting Foreman (Red Hat OpenStack/Satellite) - users/create Mass Assignment (Metasploit) Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit) Eggblog 3.1 - admin/articles.php edit Parameter Cross-Site Scripting Eggblog 3.1 - admin/comments.php edit Parameter Cross-Site Scripting Eggblog 3.1 - admin/users.php add Parameter Cross-Site Scripting Eggblog 3.1 - rss.php Cross-Site Scripting Nuked-klaN 1.7.5 - File Parameter News Module Cross-Site Scripting Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter Cross-Site Scripting Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter Cross-Site Scripting Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter Cross-Site Scripting Cuteflow Bin 1.5 - pages/edittemplate_step2.php language Parameter Cross-Site Scripting Cuteflow Bin 1.5 - pages/showfields.php language Parameter Cross-Site Scripting Cuteflow Bin 1.5 - pages/showuser.php language Parameter Cross-Site Scripting CS-Cart 4.3.10 - XML External Entity Injection CoronaMatrix phpAddressBook 2.0 - 'Username' Cross-Site Scripting Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting Cacti 0.8.7 (RedHat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload Mambo Component 'com_ahsshop' - SQL Injection Mambo Component Ahsshop - SQL Injection Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting Joomla 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation WordPress Plugin XCloner 3.1.5 - Multiple Vulnerabilities	2016-11-17 05:01:21 +00:00
Offensive Security	2e7215ec08	DB: 2016-11-16 8 new exploits MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service MailEnable Professional/Enterprise 2.37 - Denial of Service MailEnable Professional/Enterprise 2.37 - Denial Of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow Denial of Service MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service VideoLAN VLC Media Player - Subtitle StripTags() Function Memory Corruption VideoLAN VLC Media Player 1.1 - Subtitle StripTags() Function Memory Corruption VideoLAN VLC Media Player - XSPF Local File Integer Overflow in XSPF Playlist parser VideoLAN VLC Media Player 1.1.9 - XSPF Local File Integer Overflow in XSPF Playlist parser VideoLAN VLC Media Player - '.3gp' File Divide-by-Zero Denial of Service VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service VideoLAN VLC Media Player - '.wav' File Memory Corruption VideoLAN VLC Media Player 2.1.3 - '.wav' File Memory Corruption Microsoft Edge 11.0.10240.16384 - 'edgehtml' CAttrArray::Destroy Use-After-Free Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference Microsoft Windows Kernel - Registry Hive Loading 'nt!RtlEqualSid' Out-of-Bounds Read (MS16-138) VideoLAN VLC Media Player - '.TY' File Stack Based Buffer Overflow VideoLAN VLC Media Player 0.9.4 - '.TY' File Stack Based Buffer Overflow VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking VideoLAN VLC Media Player 1.1.3 - 'wintab32.dll' DLL Hijacking VideoLAN VLC Media Player - TiVo Buffer Overflow (Metasploit) VideoLAN VLC Media Player 0.9.4 - TiVo Buffer Overflow (Metasploit) VideoLAN VLC Media Player - MKV Memory Corruption (Metasploit) VideoLAN VLC Media Player 1.1.6 - 'MKV' Memory Corruption (Metasploit) VideoLAN VLC Media Player - RealText Subtitle Overflow (Metasploit) VideoLAN VLC Media Player 0.9.5 - RealText Subtitle Overflow (Metasploit) Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138) Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138) Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138) MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow MailEnable Professional/Enterprise 2.37 - 'APPEND' Remote Buffer Overflow Versant Object Database 7.0.1.3 - Commands Execution Exploit Versant Object Database 7.0.1.3 - Commands Execution VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow VideoLAN VLC Media Player - AMV Dangling Pointer (Metasploit) VideoLAN VLC Media Player 1.1.4 - 'AMV' Dangling Pointer (Metasploit) VideoLAN VLC Media Player - ModPlug ReadS3M Stack Buffer Overflow (Metasploit) VideoLAN VLC Media Player 1.1.8 - ModPlug ReadS3M Stack Buffer Overflow (Metasploit) VideoLAN VLC Media Player - Mms Stream Handling Buffer Overflow (Metasploit) VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit) Easy Internet Sharing Proxy Server 2.2 - SEH Overflow (Metasploit) Disk Pulse Enterprise 9.0.34 - Buffer Overflow Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit) Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow' (Metasploit) WinaXe 7.7 FTP Client - Remote Buffer Overflow (Metasploit) phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion phpMyNewsletter 0.6.10 - 'customize.php' Remote File Inclusion QuickTalk forum 1.3 - 'lang' Local File Inclusion QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion QuickTalk forum 1.3 - 'lang' Parameter Local File Inclusion QuickTicket 1.2 - 'qti_checkname.php' Local File Inclusion Mambo Component com_Musica - 'id' SQL Injection phpArcadeScript 3.0RC2 - (userid) SQL Injection phpComasy 0.8 - (mod_project_id) SQL Injection Dynamic photo Gallery 1.02 - 'albumID' SQL Injection Mambo Component com_Musica - 'id' Parameter SQL Injection phpArcadeScript 3.0RC2 - 'userid' Parameter SQL Injection phpComasy 0.8 - 'mod_project_id' Parameter SQL Injection Dynamic photo Gallery 1.02 - 'albumID' Parameter SQL Injection XOOPS Module Glossario 2.2 - 'sid' SQL Injection XOOPS Module wfdownloads - 'cid' SQL Injection XOOPS Module Glossario 2.2 - 'sid' Parameter SQL Injection XOOPS Module wfdownloads - 'cid' Parameter SQL Injection Joomla! Component Candle 1.0 - (cID) SQL Injection QuickTicket 1.5 - (qti_usr.php id) SQL Injection Joomla! Component Candle 1.0 - 'cid' Parameter SQL Injection QuickTicket 1.5 - 'qti_usr.php' SQL Injection Mambo Component eWriting 1.2.1 - (cat) SQL Injection phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection Mapbender 2.4.4 - (mapFiler.php) Remote Code Execution Mapbender 2.4.4 - (gaz) SQL Injection Mambo Component eWriting 1.2.1 - 'cat' Parameter SQL Injection phpMyNewsletter 0.8b5 - 'msg_id' Parameter SQL Injection Mapbender 2.4.4 - 'mapFiler.php' Remote Code Execution Mapbender 2.4.4 - 'gaz' Parameter SQL Injection phpBB Mod FileBase - 'id' SQL Injection phpBB Mod FileBase 2.0 - 'id' Parameter SQL Injection XOOPS Module Gallery 0.2.2 - (gid) SQL Injection XOOPS Module My_eGallery 3.04 - (gid) SQL Injection XOOPS Module Gallery 0.2.2 - 'gid' Parameter SQL Injection XOOPS Module My_eGallery 3.04 - 'gid' Parameter SQL Injection XOOPS Module tutorials - 'printpage.php' SQL Injection XOOPS Module tutorials 2.1b - 'printpage.php' SQL Injection easygallery 5.0tr - Multiple Vulnerabilities EasyGallery 5.0tr - Multiple Vulnerabilities phpArcadeScript 4 - (cat) SQL Injection phpArcadeScript 4 - 'cat' Parameter SQL Injection phpComasy 0.9.1 - (entry_id) SQL Injection phpComasy 0.9.1 - 'entry_id' Parameter SQL Injection phpArcadeScript 4.0 - (linkout.php id) SQL Injection phpArcadeScript 4.0 - 'id' Parameter SQL Injection Myiosoft EasyGallery - 'catid' Blind SQL Injection EasyGallery - 'catid' Parameter Blind SQL Injection phpArcadeScript 2.0 - tellafriend.php gamename Parameter Cross-Site Scripting phpArcadeScript 2.0 - loginbox.php login_status Parameter Cross-Site Scripting phpArcadeScript 2.0 - 'index.php' submissionstatus Parameter Cross-Site Scripting phpArcadeScript 2.0 - browse.php Multiple Parameter Cross-Site Scripting phpArcadeScript 2.0 - displaygame.php gamefile Parameter Cross-Site Scripting EasyGallery 1.17 - EasyGallery.php Cross-Site Scripting Bloo 1.00 - Googlespell_Proxy.php Cross-Site Scripting Mitra Informatika Solusindo Cart - 'p' Parameter SQL Injection	2016-11-16 05:01:23 +00:00
Offensive Security	c27aa131c8	DB: 2016-11-15 5 new exploits MyServer 0.8.11 - (204 No Content) error Remote Denial of Service MyServer 0.8.11 - '204 No Content' error Remote Denial of Service Microsoft Internet Explorer 11 MSHTML - CMapElement::Notify Use-After-Free (MS15-009) Microsoft Internet Explorer 9-11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 9<11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104) MySQL 4.0.17 - UDF Dynamic Library Exploit MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (1) MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Privilege Escalation MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (2) Solaris 8 / 9 - (/usr/ucb/ps) Local Information Leak Exploit Solaris 8 / 9 - '/usr/ucb/ps' Local Information Leak Exploit Solaris 10 (libnspr) - Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (1) Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (2) Solaris 10 (libnspr) - Constructor Privilege Escalation Solaris 10 libnspr - 'Constructor' Arbitrary File Creation Privilege Escalation (3) IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug IBM AIX 5.6/6.1 - '_LIB_INIT_DBG' Arbitrary File Overwrite via Libc Debug Apple MacOS 10.12 - 'task_t' Privilege Escalation Apple macOS 10.12 - 'task_t' Privilege Escalation Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation Solaris 8/9 ps - Environment Variable Information Leak Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation Linux Kernel 4.4 (Ubuntu 16.04) - BPF Local Privilege Escalation (Metasploit) Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - /bin/login Buffer Overflow Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Buffer Overflow Oracle 9i / 10g (extproc) - Local+Remote Command Execution Oracle 9i / 10g (extproc) - Local / Remote Command Execution Solaris/SPARC 2.5.1/2.6/7/8 - Derived 'login' Buffer Overflow Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 8<11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit) MiniNuke 1.8.2 - (news.asp hid) SQL Injection MiniNuke 1.8.2 - 'hid' Parameter SQL Injection MiniNuke 1.8.2b - (pages.asp) SQL Injection MiniNuke 1.8.2b - 'pages.asp' SQL Injection MiniNuke 2.x - (create an admin) SQL Injection MiniNuke 2.x - SQL Injection (Add Admin) Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit Nukedit CMS 4.9.6 - Unauthorized Admin Add Portail Web PHP 2.5.1 - (includes.php) Remote File Inclusion Portail Web PHP 2.5.1 - 'includes.php' Remote File Inclusion CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion Mambo Module Weather - 'absolute_path' Remote File Inclusion CodeBreak 1.1.2 - 'codebreak.php' Remote File Inclusion Mambo Module Weather - 'absolute_path' Parameter Remote File Inclusion mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion mxBB Module MX Shotcast 1.0 RC2 - 'getinfo1.php' Remote File Inclusion RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion RicarGBooK 1.2.1 - 'lang' Parameter Local File Inclusion BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection BlogPHP 2 - 'id' Parameter Cross-Site Scripting / SQL Injection MultiCart 2.0 - (productdetails.php) SQL Injection PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection PHP-Nuke Module Siir - 'id' SQL Injection MultiCart 2.0 - 'productdetails.php' SQL Injection PHP-Nuke Modules Manuales 0.1 - 'cid' Parameter SQL Injection PHP-Nuke Module Siir - 'id' Parameter SQL Injection OSSIM 0.9.9rc5 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection OSSIM 0.9.9rc5 - Cross-Site Scripting / SQL Injection PHP-Nuke Module NukeC 2.1 - 'id_catg' Parameter SQL Injection PHPProfiles 4.5.2 Beta - (body_comm.inc.php) Remote File Inclusion PHPProfiles 4.5.2 Beta - 'body_comm.inc.php' Remote File Inclusion PHPUserBase 1.3b - (unverified.inc.php) Local File Inclusion PHPUserBase 1.3b - (unverified.inc.php) Remote File Inclusion PHPUserBase 1.3b - 'unverified.inc.php' Local File Inclusion PHPUserBase 1.3b - 'unverified.inc.php' Remote File Inclusion PHP-Nuke Module Kose_Yazilari - (artid) SQL Injection MiniNuke 2.1 - (members.asp uid) SQL Injection PHP-Nuke Module Kose_Yazilari - 'artid' Parameter SQL Injection MiniNuke 2.1 - 'uid' Parameter SQL Injection Nukedit 4.9.x - Remote Create Admin Exploit WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities Mambo Component SimpleBoard 1.0.3 - 'catid' SQL Injection Nukedit 4.9.x - Remote Create Admin WordPress Plugin Sniplets 1.1.2 - Remote File Inclusion / Cross-Site Scripting / Remote Code Execution Mambo Component SimpleBoard 1.0.3 - 'catid' Parameter SQL Injection GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion Koobi Pro 5.7 - (categ) SQL Injection GROUP-E 1.6.41 - 'head_auth.php' Remote File Inclusion Dream4 Koobi Pro 5.7 - 'categ' Parameter SQL Injection barryvan compo manager 0.5pre-1 - Remote File Inclusion PHP-Nuke My_eGallery 2.7.9 - SQL Injection Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure Koobi CMS 4.3.0 < 4.2.3 - (categ) SQL Injection Barryvan Compo Manager 0.3 - Remote File Inclusion PHP-Nuke Module My_eGallery 2.7.9 - SQL Injection Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure Dream4 Koobi CMS 4.3.0 < 4.2.3 - 'categ' Parameter SQL Injection Koobi Pro 6.25 - links SQL Injection Koobi Pro 6.25 - shop SQL Injection Koobi Pro 6.25 - gallery SQL Injection Koobi Pro 6.25 - showimages SQL Injection Koobi 4.4/5.4 - gallery SQL Injection Dream4 Koobi Pro 6.25 Links - 'categ' Parameter SQL Injection Dream4 Koobi Pro 6.25 Shop - 'categ' Parameter SQL Injection Dream4 Koobi Pro 6.25 Gallery - 'galid' Parameter SQL Injection Dream4 Koobi Pro 6.25 Showimages - 'galid' Parameter SQL Injection Dream4 Koobi 4.4/5.4 - gallery SQL Injection Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections Koobi Pro 6.25 - poll SQL Injection Dream4 Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections Dream4 Koobi Pro 6.25 Poll - 'poll_id' Parameter SQL Injection Podcast Generator 1.2 - GLOBALS[] Multiple Vulnerabilities Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities DBHCMS Web Content Management System 1.1.4 - Remote File Inclusion DBHcms 1.1.4 - Remote File Inclusion Koobi Pro 6.1 - Gallery (img_id) Dream4 Koobi Pro 6.1 Gallery - 'img_id' Parameter SQL Injection dbhcms 1.1.4 - Persistent Cross-Site Scripting DBHcms 1.1.4 - Persistent Cross-Site Scripting DBHcms 1.1.4 (dbhcms_user and SearchString) - SQL Injection DBHcms 1.1.4 - 'dbhcms_user/SearchString' Parameter SQL Injection podcast generator 1.3 - Multiple Vulnerabilities Podcast Generator 1.3 - Multiple Vulnerabilities PHP Download Manager 1.1.x - files.php SQL Injection PHP Download Manager 1.1.x - 'files.php' SQL Injection Koobi 5.0 - BBCode URL Tag Script Injection Dream4 Koobi 5.0 - BBCode URL Tag Script Injection Koobi Pro 5.6 - showtopic Module toid Parameter Cross-Site Scripting Koobi Pro 5.6 - showtopic Module toid Parameter SQL Injection Dream4 Koobi Pro 5.6 - 'showtopic' Parameter SQL Injection Portail Web PHP 2.5.1 - config/conf-activation.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - menu/item.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - modules/conf_modules.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - system/login.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - 'conf-activation.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'item.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'conf_modules.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'login.php' Remote File Inclusion Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting Barryvan Compo Manager 0.3 - 'main.php' Remote File Inclusion Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion Boonex Dolphin 7.3.2 - Authentication Bypass / Remote Code Execution	2016-11-15 05:01:20 +00:00
Offensive Security	38e316551e	DB: 2016-11-14 2 new exploits Schoolhos CMS 2.29 - Remote Code Execution / SQL Injection ATutor 2.2.2 - Cross-Site Request Forgery (Add New Course)	2016-11-14 05:01:21 +00:00
Offensive Security	3c006aac19	DB: 2016-11-13	2016-11-13 05:01:17 +00:00
Offensive Security	8a72733f20	DB: 2016-11-12 1 new exploits PunBB 2.0.10 - (Register Multiple Users) Denial of Service PunBB 2.0.10 - (Register Multiple Users) Denial Of Service QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities QuickTime 7.4.1 - 'QTPlugin.ocx' Multiple Stack Overflow Vulnerabilities Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC) Apple iTunes 8.0.2.20/QuickTime 7.5.5 - '.mov' Multiple Off By Overflow (PoC) Apple QuickTime - MOV File Parsing Memory Corruption Apple QuickTime - '.mov' Parsing Memory Corruption Apple QuickTime - (rtsp URL Handler) Stack Buffer Overflow Apple QuickTime - 'rtsp URL Handler' Stack Buffer Overflow Apple QuickTime (Windows 2000) - (rtsp URL Handler) Buffer Overflow Apple QuickTime 7.1.3 - (HREFTrack) Cross-Zone Scripting Exploit Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Buffer Overflow Apple QuickTime 7.1.3 - 'HREFTrack' Cross-Zone Scripting Citrix Presentation Server Client - WFICA.OCX ActiveX Heap Buffer Overflow Citrix Presentation Server Client - 'WFICA.OCX' ActiveX Heap Buffer Overflow Philips VOIP841 - (Firmware 1.0.4.800) Multiple Vulnerabilities Philips VOIP841 'Firmware 1.0.4.800' - Multiple Vulnerabilities Ourgame GLWorld 2.x - hgs_startNotify() ActiveX Buffer Overflow Ourgame GLWorld 2.x - 'hgs_startNotify()' ActiveX Buffer Overflow Citrix Presentation Server Client 9.200 - WFICA.OCX ActiveX Component Heap Buffer Overflow PunBB 1.2.4 - (change_email) SQL Injection PunBB 1.2.4 - 'id' Parameter SQL Injection PHP Live Helper 1.x - 'abs_path' Remote File Inclusion PHP Live Helper 1.x - 'abs_path' Parameter Remote File Inclusion PHP Live! 3.2.1 - (help.php) Remote File Inclusion PHP Live! 3.2.1 - 'help.php' Remote File Inclusion PHP Live Helper 2.0 - 'abs_path' Remote File Inclusion PHP Live Helper 2.0 - 'abs_path' Parameter Remote File Inclusion nuBoard 0.5 - (index.php site) Remote File Inclusion nuBoard 0.5 - 'site' Parameter Remote File Inclusion vKios 2.0.0 - (products.php cat) SQL Injection vKios 2.0.0 - 'cat' Parameter SQL Injection Joomla! Component xfaq 1.2 - (aid) SQL Injection Joomla! Component xfaq 1.2 - 'aid' Parameter SQL Injection nuBoard 0.5 - (threads.php ssid) SQL Injection nuBoard 0.5 - 'ssid' Parameter SQL Injection Joomla! Component paxxgallery 0.2 - (iid) SQL Injection Joomla! Component MCQuiz 0.9 Final - (tid) SQL Injection Joomla! Component Quiz 0.81 - (tid) SQL Injection Joomla! Component mediaslide (albumnum) - Blind SQL Injection LookStrike Lan Manager 0.9 - Remote File Inclusion / Local File Inclusion Joomla! Component paxxgallery 0.2 - 'iid' Parameter SQL Injection Joomla! Component MCQuiz 0.9 Final - 'tid' Parameter SQL Injection Joomla! Component Quiz 0.81 - 'tid' Parameter SQL Injection Joomla! Component mediaslide - 'albumnum' Blind SQL Injection LookStrike Lan Manager 0.9 - Remote / Local File Inclusion PHP Live! 3.2.2 - (questid) SQL Injection (1) PHP Live! 3.2.2 - 'questid' Parameter SQL Injection (1) Mambo Component Quran 1.1 - (surano) SQL Injection Mambo Component Quran 1.1 - 'surano' Parameter SQL Injection Simple CMS 1.0.3 - (indexen.php area) SQL Injection Simple CMS 1.0.3 - 'area' Parameter SQL Injection XPWeb 3.3.2 - (download.php url) Remote File Disclosure XPWeb 3.3.2 - 'url' Parameter Remote File Disclosure Joomla! Component com_pccookbook - (user_id) SQL Injection Joomla! Component com_clasifier - 'cat_id' SQL Injection PHP-Nuke Module books SQL - 'cid' SQL Injection XOOPS Module myTopics - 'articleId' SQL Injection Joomla! Component com_pccookbook - 'user_id' Parameter SQL Injection Joomla! Component com_clasifier - 'cat_id' Parameter SQL Injection PHP-Nuke Module books SQL - 'cid' Parameter SQL Injection XOOPS Module myTopics - 'articleId' Parameter SQL Injection PHP-Nuke Module Sections - (artid) SQL Injection PHP-Nuke Module EasyContent - (page_id) SQL Injection RunCMS Module MyAnnonces - 'cid' SQL Injection XOOPS Module eEmpregos - 'cid' SQL Injection XOOPS Module Classifieds - 'cid' SQL Injection PHP-Nuke Modules Okul 1.0 - (okulid) SQL Injection Joomla! Component com_hwdvideoshare - SQL Injection PHP-Nuke Module Docum - (artid) SQL Injection Globsy 1.0 - (file) Remote File Disclosure PHP-Nuke Module Inhalt - 'cid' SQL Injection PHP-Nuke Module Sections - 'artid' Parameter SQL Injection PHP-Nuke Module EasyContent - 'page_id' Parameter SQL Injection RunCMS Module MyAnnonces - 'cid' Parameter SQL Injection XOOPS Module eEmpregos - 'cid' Parameter SQL Injection XOOPS Module Classifieds - 'cid' Parameter SQL Injection PHP-Nuke Modules Okul 1.0 - 'okulid' Parameter SQL Injection Joomla! Component Highwood Design hwdVideoShare - SQL Injection PHP-Nuke Module Docum - 'artid' Parameter SQL Injection Globsy 1.0 - 'file' Parameter Remote File Disclosure PHP-Nuke Module Inhalt - 'cid' Parameter SQL Injection Joomla! Component paxxgallery 0.2 - (gid) Blind SQL Injection Joomla! Component paxxgallery 0.2 - 'gid' Parameter Blind SQL Injection Pre Simple CMS - (Authentication Bypass) SQL Injection Pre Simple CMS - SQL Injection (Authentication Bypass) Joomla! Component com_pccookbook - (recipe_id) Blind SQL Injection Joomla! Component com_pccookbook - 'recipe_id' Parameter Blind SQL Injection PHP Live! 3.2.1/2 - '&x=' Blind SQL Injection PHP Live! 3.2.1/2 - 'x' Parameter Blind SQL Injection PHP Live! 3.2.2 - (questid) SQL Injection (2) PHP Live! 3.2.2 - 'questid' Parameter SQL Injection (2) PunBB Automatic Image Upload 1.3.5 - Delete Arbitrary File Exploit PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete Really Simple CMS 0.3a - (pagecontent.php PT) Local File Inclusion Really Simple CMS 0.3a - 'PT' Parameter Local File Inclusion Simple CMS Framework 1.0 - (page) SQL Injection Simple CMS Framework 1.0 - 'page' Parameter SQL Injection PHP Live! 3.3 - (deptid) SQL Injection PHP Live! 3.3 - 'deptid' Parameter SQL Injection Getsimple CMS 2.01 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities Getsimple CMS 2.01 - Multiple Vulnerabilities GNUBoard 4.33.02 - tp.php PATH_INFO SQL Injection GNUBoard 4.33.02 - 'tp.php' PATH_INFO SQL Injection auraCMS 1.5 - Multiple Cross-Site Scripting Vulnerabilities PunBB 1.x - profile.php User Profile Edit Module SQL Injection PunBB 1.x - 'profile.php' User Profile Edit Module SQL Injection PunBB 1.2.x - search.php SQL Injection PunBB 1.2.x - 'search.php' SQL Injection PHP Live! 3.0 - Status_Image.php Cross-Site Scripting PHP Live Helper 2.0 - chat.php Cross-Site Scripting PHP Live! 3.2.2 - setup/transcripts.php search_string Parameter Cross-Site Scripting PHP Live! 3.2.2 - 'index.php' l Parameter Cross-Site Scripting PHP Live! 3.2.2 - PHPlive/message_box.php Multiple Parameter Cross-Site Scripting artmedic weblog - artmedic_print.php date Parameter Cross-Site Scripting artmedic weblog - 'index.php' jahrneu Parameter Cross-Site Scripting PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities PunBB 1.3 - 'viewtopic.php' Cross-Site Scripting InvoicePlane 1.4.8 - Password Reset Getsimple CMS 2.01 - admin/template/error_checking.php Multiple Parameter Cross-Site Scripting Getsimple CMS 2.01 - 'admin/changedata.php' Cross-Site Scripting Getsimple CMS 2.01 - 'changedata.php' Cross-Site Scripting Getsimple CMS 2.03 - 'admin/upload-ajax.php' Arbitrary File Upload Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload PunBB 1.3.6 - 'browse.php' Cross-Site Scripting Getsimple CMS 3.1 - admin/theme.php err Parameter Reflected Cross-Site Scripting Getsimple CMS 3.1 - admin/pages.php error Parameter Reflected Cross-Site Scripting Getsimple CMS 3.1 - admin/index.php Multiple Parameter Reflected Cross-Site Scripting Getsimple CMS 3.1 - admin/upload.php path Parameter Cross-Site Scripting Getsimple CMS - /admin/edit.php Multiple Parameter Cross-Site Scripting Getsimple CMS - /admin/filebrowser.php Multiple Parameter Cross-Site Scripting	2016-11-12 05:01:20 +00:00
Offensive Security	b502c0ccb5	DB: 2016-11-11	2016-11-11 05:01:21 +00:00
Offensive Security	5d83ac5392	DB: 2016-11-10 10 new exploits Too many to list!	2016-11-10 23:34:44 +00:00
Offensive Security	490539b3f3	DB: 2016-11-09 17 new exploits DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion DigitalHive 2.0 RC2 - 'base_include.php' Remote File Inclusion DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion DodosMail 2.0.1 - 'dodosmail.php' Remote File Inclusion DoSePa 1.0.4 - (textview.php) Information Disclosure DoSePa 1.0.4 - 'textview.php' Information Disclosure TrueCrypt 4.3 - Privilege Escalation TrueCrypt 4.3 - 'setuid' Privilege Escalation w-Agora 4.2.1 - (cat) SQL Injection w-Agora 4.2.1 - 'cat' Parameter SQL Injection IPTBB 0.5.4 - (viewdir id) SQL Injection IPTBB 0.5.4 - 'id' Parameter SQL Injection LoudBlog 0.6.1 - (parsedpage) Remote Code Execution LoudBlog 0.6.1 - 'parsedpage' Parameter Remote Code Execution evilboard 0.1a - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities evilboard 0.1a - SQL Injection / Cross-Site Scripting QuickTime Player 7.3.1.70 - (rtsp) Buffer Overflow QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow DigitalHive 2.0 RC2 - (user_id) SQL Injection DigitalHive 2.0 RC2 - 'user_id' Parameter SQL Injection X7 Chat 2.0.5 - 'day' SQL Injection X7 Chat 2.0.5 - 'day' Parameter SQL Injection HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/DoS Cisco VPN Client - Integer Overflow (DOS) Cisco VPN Client - Integer Overflow (DoS) Multiple WordPress Plugins - timthumb.php File Upload Multiple WordPress Plugins - 'timthumb.php' File Upload glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation NetServe FTP Client 1.0 - Local DOS (Overflow) NetServe FTP Client 1.0 - Local DoS (Overflow) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial Of Service (PoC) Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084) Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation Solaris 8/9 ps - Environment Variable Information leak Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation Linux Kernel - TCP Related Read Use-After-Free WordPress Plugin 'XCloner' 3.1.5 - Multiple Vulnerabilities WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting MOVISTAR ADSL Router BHS_RTA - Remote File Disclosure D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure PLANET ADSL Router AND-4101 - Remote File Disclosure Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit) Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution	2016-11-09 05:01:25 +00:00
Offensive Security	1e08cb156e	DB: 2016-11-08 7 new exploits BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String BolinTech DreamFTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service BolinTech DreamFTP Server 1.0.2 - (PORT) Remote Denial of Service BolinTech DreamFTP - 'USER' Remote Buffer Overflow (PoC) BolinTech DreamFTP Server - 'USER' Remote Buffer Overflow (PoC) Dream FTP Server 1.02 - (users.dat) Arbitrary File Disclosure BolinTech DreamFTP Server 1.02 - 'users.dat' Arbitrary File Disclosure Joomla! Component com_menu - SQL Injection Joomla! Component 'com_menu' - SQL Injection Joomla! Component com_jp_jobs - SQL Injection Joomla! Component 'com_jp_jobs' 1.4.1 - SQL Injection Joomla! Component redSHOP - Local File Inclusion Joomla! Component redTWITTER - Local File Inclusion Joomla! Component WISro Yahoo Quotes - Local File Inclusion Joomla! Component com_press - SQL Injection Joomla! Component Picasa 2.0 - Local File Inclusion Joomla! Component 'com_redshop' 1.0 - Local File Inclusion Joomla! Component 'com_redtwitter' 1.0 - Local File Inclusion Joomla! Component 'com_wisroyq' 1.1 - Local File Inclusion Joomla! Component 'com_press' - SQL Injection Joomla! Component 'com_joomlapicasa' 2.0 - Local File Inclusion Joomla! Component com_serie - SQL Injection Joomla! Component 'com_serie' - SQL Injection Joomla! Component com_ranking - SQL Injection Joomla! Component JInventory - Local File Inclusion Joomla! Component com_svmap 1.1.1 - Local File Inclusion Joomla! Component com_shoutbox - Local File Inclusion Joomla! Component com_loginbox - Local File Inclusion Joomla! Component com_bca-rss-syndicator - Local File Inclusion Joomla! Component Magic Updater (com_Joomlaupdater) - Local File Inclusion Joomla! Component 'com_ranking' - SQL Injection Joomla! Component 'com_jinventory' - Local File Inclusion Joomla! Component 'com_svmap' 1.1.1 - Local File Inclusion Joomla! Component 'com_shoutbox' - Local File Inclusion Joomla! Component 'com_loginbox' - Local File Inclusion Joomla! Component 'com_bca-rss-syndicator' - Local File Inclusion Joomla! Component 'com_Joomlaupdater' - Local File Inclusion Joomla! Component News Portal com_news - Local File Inclusion Joomla! Component FreeStyle FAQ Lite 1.3 com_fss (faqid) - SQL Injection Joomla! Component 'com_news_portal' 1.5.x - Local File Inclusion Joomla! Component 'com_fss' 1.3 - 'faqid' Parameter SQL Injection Joomla! Component Saber Cart com_sebercart - Local File Inclusion Joomla! Component J!WHMCS Integrator com_jwhmcs - Local File Inclusion Joomla! Component Juke Box com_jukebox - Local File Inclusion Joomla! Component Joomla! Flickr com_Joomlaflickr - Local File Inclusion Joomla! Component Highslide JS com_hsconfig - Local File Inclusion Joomla! Component Fabrik com_fabrik - Local File Inclusion Joomla! Component Affiliate Feeds com_datafeeds - Local File Inclusion Joomla! Component Appointment com_appointment - Local File Inclusion Joomla! Component 'com_sebercart' 1.0.0.12 - Local File Inclusion Joomla! Component 'com_jwhmcs' 1.5.0 - Local File Inclusion Joomla! Component 'com_jukebox' 1.7 - Local File Inclusion Joomla! Component 'com_Joomlaflickr' 1.0 - Local File Inclusion Joomla! Component 'com_hsconfig' 1.5 - Local File Inclusion Joomla! Component 'com_fabrik' 2.0 - Local File Inclusion Joomla! Component 'com_datafeeds' 880 - Local File Inclusion Joomla! Component 'com_appointment' 1.5 - Local File Inclusion Joomla! Component XOBBIX - prodid SQL Injection Joomla! Component 'com_xobbix' 1.0 - 'prodid' Parameter SQL Injection Joomla! Component aWiki com_awiki - Local File Inclusion Joomla! Component VJDEO com_vjdeo 1.0 - Local File Inclusion Joomla! Component 'com_awiki' - Local File Inclusion Joomla! Component 'com_vjdeo' 1.0 - Local File Inclusion Joomla! Component com_articles - SQL Injection Joomla! Component 'com_articles' - SQL Injection Joomla! Component Webee Comments - Local File Inclusion Joomla! Component Realtyna Translator - Local File Inclusion Joomla! Component AWDwall-Joomla! - (cbuser) Local File Inclusion / SQL Injection Joomla! Component 'com_webeecomment' 2.0 - Local File Inclusion Joomla! Component 'com_realtyna' 1.0.15 - Local File Inclusion Joomla! Component com_awdwall 1.5.4 - Local File Inclusion / SQL Injection Joomla! Component PowerMail Pro com_powermail - Local File Inclusion Joomla! Component 'com_powermail' 1.5.3 - Local File Inclusion Joomla! Component Foobla Suggestions com_foobla - Local File Inclusion Joomla! Component JA Voice com_javoice - Local File Inclusion Joomla! Component 'com_foobla_suggestions' 1.5.1.2 - Local File Inclusion Joomla! Component 'com_javoice' - Local File Inclusion Joomla! Component com_pcchess - Local File Inclusion Joomla! Component huruhelpdesk - SQL Injection Joomla! Component 'com_pcchess' - Local File Inclusion Joomla! Component 'com_huruhelpdesk' - SQL Injection Joomla! Component com_agenda 1.0.1 - 'id' SQL Injection Joomla! Component 'com_agenda' 1.0.1 - 'id' Parameter SQL Injection Joomla! Component com_properties[aid] - SQL Injection Joomla! Component allvideos - Blind SQL Injection Joomla! Component com_Ca - SQL Injection Joomla! Component 'com_properties' - 'aid' Parameter SQL Injection Joomla! Component 'com_allvideos' - Blind SQL Injection Joomla! Component 'com_ca' - SQL Injection Joomla! Component TweetLA! - Local File Inclusion Joomla! Component Ticketbook - Local File Inclusion Joomla! Component JA Job Board - Multiple Local File Inclusion Joomla! Component Jfeedback! - Local File Inclusion Joomla! Component JProject Manager - Local File Inclusion Joomla! Component Preventive And Reservation - Local File Inclusion Joomla! Component RokModule - 'moduleid' Blind SQL Injection Joomla! Component spsNewsletter - Local File Inclusion Joomla! Component AlphaUserPoints - Local File Inclusion Joomla! Component TRAVELbook - Local File Inclusion Joomla! Component 'com_tweetla' - Local File Inclusion Joomla! Component 'com_ticketbook' - Local File Inclusion Joomla! Component 'com_jajobboard' - Multiple Local File Inclusion Joomla! Component 'com_jfeedback' - Local File Inclusion Joomla! Component 'com_jprojectmanager' - Local File Inclusion Joomla! Component 'com_preventive' - Local File Inclusion Joomla! Component 'com_rokmodule' - 'moduleid' Parameter Blind SQL Injection Joomla! Component 'com_spsnewsletter' - Local File Inclusion Joomla! Component 'com_alphauserpoints' 1.5.5 - Local File Inclusion Joomla! Component 'com_travelbook' 1.0.1 - Local File Inclusion Joomla! Component education - SQL Injection Joomla! Component 'com_education_classess' - SQL Injection Joomla! Component Multi-Venue Restaurant Menu Manager - SQL Injection Joomla! Component 'com_mv_restaurantmenumanager' 1.5.2 - SQL Injection Joomla! Component mv_restaurantmenumanager - SQL Injection Joomla! Component 'mv_restaurantmenumanager' - SQL Injection Joomla! Component Web TV com_webtv - Local File Inclusion Joomla! Component Horoscope com_horoscope - Local File Inclusion Joomla! Component Arcade Games com_arcadegames - Local File Inclusion Joomla! Component Flashgames com_Flashgames - Local File Inclusion Joomla! Component AddressBook com_AddressBook - Local File Inclusion Joomla! Component Easy Ad Banner com_advertising - Local File Inclusion Joomla! Component CV Maker com_cvmaker - Local File Inclusion Joomla! Component My Files com_myfiles - Local File Inclusion Joomla! Component Online Exam com_onlineexam - Local File Inclusion Joomla! Component JoomMail com_joommail - Local File Inclusion Joomla! Component Memory Book com_memory - Local File Inclusion Joomla! Component Online Market com_market - Local File Inclusion Joomla! Component Digital Diary com_diary - Local File Inclusion Joomla! Component 'com_webtv' - Local File Inclusion Joomla! Component 'com_horoscope' - Local File Inclusion Joomla! Component 'com_arcadegames' - Local File Inclusion Joomla! Component 'com_Flashgames' - Local File Inclusion Joomla! Component 'com_AddressBook' - Local File Inclusion Joomla! Component 'com_advertising' - Local File Inclusion Joomla! Component 'com_cvmaker' - Local File Inclusion Joomla! Component 'com_myfiles' - Local File Inclusion Joomla! Component 'com_onlineexam' - Local File Inclusion Joomla! Component 'com_joommail' - Local File Inclusion Joomla! Component 'com_memory' - Local File Inclusion Joomla! Component 'com_market' - Local File Inclusion Joomla! Component 'com_diary' - Local File Inclusion Joomla! Component com_worldrates - Local File Inclusion Joomla! Component com_record - Local File Inclusion Joomla! Component com_sweetykeeper - Local File Inclusion Joomla! Component com_jdrugstopics - SQL Injection Joomla! Component com_sermonspeaker - SQL Injection Joomla! Component com_flexicontent - Local File Joomla! Component 'com_worldrates' - Local File Inclusion Joomla! Component 'com_record' - Local File Inclusion Joomla! Component 'com_sweetykeeper' - Local File Inclusion Joomla! Component 'com_jdrugstopics' - SQL Injection Joomla! Component 'com_sermonspeaker' - SQL Injection Joomla! Component 'com_flexicontent' - Local File Joomla! Component Jvehicles - (aid) SQL Injection Joomla! Component com_jp_jobs 1.2.0 - 'id' SQL Injection Joomla! Component 'com_jvehicles' - 'aid' Parameter SQL Injection Joomla! Component 'com_jp_jobs' 1.2.0 - 'id' Parameter SQL Injection Joomla! Component com_QPersonel - SQL Injection Joomla! Component 'com_QPersonel' - SQL Injection Joomla! Component wgPicasa com_wgpicasa - Local File Inclusion Joomla! Component S5 Clan Roster com_s5clanroster - Local File Inclusion Joomla! Component Photo Battle com_photobattle - Local File Inclusion Joomla! Component MT Fire Eagle com_mtfireeagle - Local File Inclusion Joomla! Component Media Mall Factory com_mediamall - Blind SQL Injection Joomla! Component Love Factory com_lovefactory - Local File Inclusion Joomla! Component JA Comment com_jacomment - Local File Inclusion Joomla! Component Delicious BookMarks com_delicious - Local File Inclusion Joomla! Component Deluxe Blog Factory com_blogfactory - Local File Inclusion Joomla! Component BeeHeard Lite com_beeheard - Local File Inclusion Joomla! Component 'com_wgpicasa' - Local File Inclusion Joomla! Component 'com_s5clanroster' - Local File Inclusion Joomla! Component 'com_photobattle' - Local File Inclusion Joomla! Component 'com_mtfireeagle' - Local File Inclusion Joomla! Component 'com_mediamall' - Blind SQL Injection Joomla! Component 'com_lovefactory' - Local File Inclusion Joomla! Component 'com_jacomment' - Local File Inclusion Joomla! Component 'com_delicious' - Local File Inclusion Joomla! Component 'com_blogfactory' - Local File Inclusion Joomla! Component 'com_beeheard' - Local File Inclusion Joomla! Component com_iproperty 1.5.3 - 'id' SQL Injection Joomla! Component 'com_iproperty' 1.5.3 - 'id' Parameter SQL Injection Joomla! Component com_manager 1.5.3 - 'id' SQL Injection Joomla! Component 'com_manager' 1.5.3 - 'id' Parameter SQL Injection Joomla! Component com_joltcard - SQL Injection Joomla! Component com_pandafminigames - SQL Injection Joomla! Component 'com_joltcard' - SQL Injection Joomla! Component 'com_pandafminigames' - SQL Injection Joomla! Component Archery Scores (com_archeryscores) 1.0.6 - Local File Inclusion Joomla! Component ZiMB Comment com_zimbcomment - Local File Inclusion Joomla! Component ZiMB Manager com_zimbcore - Local File Inclusion Joomla! Component Gadget Factory com_gadgetfactory - Local File Inclusion Joomla! Component Matamko com_matamko - Local File Inclusion Joomla! Component Multiple Root com_multiroot - Local File Inclusion Joomla! Component Multiple Map com_multimap - Local File Inclusion Joomla! Component Contact Us Draw Root Map com_drawroot - Local File Inclusion Joomla! Component Contact Us Google Map com_google - Local File Inclusion Joomla! Component iF surfALERT com_if_surfalert - Local File Inclusion Joomla! Component 'com_archeryscores' 1.0.6 - Local File Inclusion Joomla! Component 'com_zimbcomment' - Local File Inclusion Joomla! Component 'com_zimbcore' - Local File Inclusion Joomla! Component 'com_gadgetfactory' - Local File Inclusion Joomla! Component 'com_matamko' - Local File Inclusion Joomla! Component 'com_multiroot' - Local File Inclusion Joomla! Component 'com_multimap' - Local File Inclusion Joomla! Component 'com_drawroot' - Local File Inclusion Joomla! Component 'com_google' - Local File Inclusion Joomla! Component 'com_if_surfalert' - Local File Inclusion Joomla! Component GBU FACEBOOK 1.0.5 - SQL Injection Joomla! Component 'com_gbufacebook' 1.0.5 - SQL Injection Joomla! Component com_jnewspaper - 'cid' SQL Injection Joomla! Component JTM Reseller 1.9 Beta - SQL Injection Joomla! Component 'com_jnewspaper' - 'cid' Parameter SQL Injection Joomla! Component 'com_jtm' 1.9 Beta - SQL Injection Joomla! Component wmi (com_wmi) - Local File Inclusion Joomla! Component OrgChart com_orgchart - Local File Inclusion Joomla! Component Mms Blog com_mmsblog - Local File Inclusion Joomla! Component 'com_wmi' - Local File Inclusion Joomla! Component 'com_orgchart' - Local File Inclusion Joomla! Component 'com_mmsblog' - Local File Inclusion Joomla! Component com_portfolio - Local File Disclosure Joomla! Component 'com_portfolio' - Local File Disclosure Joomla! Component com_caddy - Exploit Joomla! Component 'com_caddy' - Exploit Joomla! Component com_joomradio - SQL Injection Joomla! Component 'com_joomradio' - SQL Injection Joomla! Component Ultimate Portfolio com_ultimateportfolio - Local File Inclusion Joomla! Component NoticeBoard com_noticeboard - Local File Inclusion Joomla! Component SmartSite com_smartsite - Local File Inclusion Joomla! Extension ABC com_abc - SQL Injection Joomla! Component graphics (com_graphics) 1.0.6 - Local File Inclusion Joomla! Component 'com_ultimateportfolio' - Local File Inclusion Joomla! Component 'com_noticeboard' - Local File Inclusion Joomla! Component 'com_smartsite' - Local File Inclusion Joomla! Component 'com_abc' - SQL Injection Joomla! Component 'com_graphics' 1.0.6 - Local File Inclusion Joomla! Component JE Property Finder - Arbitrary File Upload Joomla! Component 'com_jesectionfinder' - Arbitrary File Upload Joomla! Component Wap4Joomla! - 'wapmain.php' SQL Injection Joomla! Component 'Wap4Joomla' - 'wapmain.php' SQL Injection Joomla! Component com_newsfeeds - SQL Injection Joomla! Component 'com_newsfeeds' - SQL Injection Joomla! Component Table JX - Cross-Site Scripting Vulnerabilities Joomla! Component Card View JX - Cross-Site Scripting Joomla! Component 'Table JX' - Cross-Site Scripting Joomla! Component 'Card View JX' - Cross-Site Scripting Joomla! Extension DJ-Classifieds com_djClassifieds - Arbitrary File Upload Joomla! 'com_djClassifieds' 0.9.1 - Arbitrary File Upload Joomla! Component com_articleman - Arbitrary File Upload Joomla! Component 'com_articleman' - Arbitrary File Upload Joomla! Component Module Camp26 Visitor Data 1.1 - Remote code Execution Joomla! Component 'mod_VisitorData' 1.1 - Remote code Execution Joomla! Component Custom PHP Pages com_PHP - Local File Inclusion Joomla! Component 'com_PHP' 0.1 - Local File Inclusion Joomla! Component com_konsultasi - 'sid' SQL Injection Joomla! Component 'com_konsultasi' - 'sid' Parameter SQL Injection Joomla! Component Advertising (com_aardvertiser) 2.0 - Local File Inclusion Joomla! Component 'com_aardvertiser' 2.0 - Local File Inclusion Joomla! Component Seber Cart - 'getPic.php' Local File Disclosure Joomla! Component FDione Form Wizard - Local File Inclusion Joomla! Component 'com_sebercart' - 'getPic.php' Local File Disclosure Joomla! Component 'com_dioneformwizard' - Local File Inclusion Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion Joomla! Component 'com_jejob' 1.0 - Local File Inclusion Joomla! Component com_jequoteform - Local File Inclusion Joomla! Component 'com_jequoteform' - Local File Inclusion Joomla! Component MS Comment 0.8.0b - Local File Inclusion Joomla! Component 'com_mscomment' 0.8.0b - Local File Inclusion Joomla! Component com_camp - SQL Injection Joomla! Component 'com_camp' - SQL Injection Joomla! Component simpledownload 0.9.5 - Local File Inclusion Joomla! Component 'com_simpledownload' 0.9.5 - Local File Inclusion Joomla! Component simpledownload 0.9.5 - Local File Disclosure Joomla! Component 'com_simpledownload' 0.9.5 - Local File Disclosure Joomla! Component com_crowdsource - SQL Injection Joomla! Component com_event - Multiple Vulnerabilities Joomla! Component 'com_crowdsource' - SQL Injection Joomla! Component 'com_event' - Multiple Vulnerabilities Joomla! Component com_event - SQL Injection Joomla! Component 'com_event' - SQL Injection Joomla! Component com_packages - SQL Injection Joomla! Component 'com_packages' - SQL Injection Joomla! Component com_qpersonel - SQL Injection Remote Exploit Joomla! Component 'com_qpersonel' 1.0 - SQL Injection BolinTech Dream FTP Server 1.02 - Format String (Metasploit) BolinTech DreamFTP Server 1.02 - Format String (Metasploit) PHP 5.4.3 (Windows x86) - Code Execution PHP 5.4.3 (Windows x86 Polish) - Code Execution Schoolhos CMS Beta 2.29 - (index.php id Parameter) SQL Injection Schoolhos CMS Beta 2.29 - 'id' Parameter SQL Injection BolinTech Dream FTP Server 1.0 - User Name Format String (1) BolinTech DreamFTP Server 1.0 - User Name Format String (1) Joomla! Component JoomlaTune JComments 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component 'com_jcomments' 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component Percha Image Attach 1.1 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component Percha Fields Attach 1.0 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchaimageattach' 1.1 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchafieldsattach' 1.0 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component Percha Multicategory Article 0.6 - 'index.php' Controller Parameter Arbitrary File Access Joomla! Component 'com_perchacategoriestree' 0.6 - 'Controller' Parameter Arbitrary File Access Joomla! Component com_horses - 'id' Parameter SQL Injection Joomla! Component 'com_horses' - 'id' Parameter SQL Injection FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation FreePBX 13 - Remote Command Execution / Privilege Escalation BolinTech DreamFTP 1.02 - 'RETR' Command Remote Buffer Overflow BolinTech DreamFTP Server 1.02 - 'RETR' Command Remote Buffer Overflow Schoolhos CMS 2.29 - 'kelas' Parameter SQL Injection Acoem 01dB CUBE/DUO Smart Noise Monitor - Password Change Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084) Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read NodCMS - PHP Code Execution Piwik 2.16.0 - 'layout' PHP Object Injection Sophos Web Appliance 4.2.1.3 - Remote Code Execution	2016-11-08 05:01:18 +00:00
g0tmi1k	b80848bd60	Merge pull request #59 from g0tmi1k/searchsploit SearchSploit - Screen width will not affect the results	2016-11-07 16:54:07 +00:00
g0tmi1k	55bbc4f153	Code cleanup - adds comments & formatting	2016-11-07 12:24:58 +00:00
g0tmi1k	9f26e75621	Screen width will not affect the results	2016-11-07 12:23:24 +00:00

... 5 6 7 8 9 ...

1385 commits