exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	cd6e21e600	DB: 2017-06-06 11 new exploits Disk Sorter 9.7.14 - 'Input Directory' Local Buffer Overflow DNSTracer 1.8.1 - Buffer Overflow Parallels Desktop - Virtual Machine Escape Subsonic 6.1.1 - XML External Entity Injection BIND 9.10.5 - Unquoted Service Path Privilege Escalation Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution Joomla! Component Payage 2.05 - 'aid' Parameter SQL Injection EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 - Remote Code Execution Subsonic 6.1.1 - Cross-Site Request Forgery Subsonic 6.1.1 - Server-Side Request Forgery Subsonic 6.1.1 - Cross-Site Request Forgery / Cross-Site Scripting	2017-06-06 05:01:15 +00:00
Offensive Security	42e94b4366	DB: 2017-06-05 26 new exploits Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine Microsoft MsMpEng - Multiple Crashes While Scanning Malformed Files Microsoft MsMpEng - Use-After-Free via Saved Callers WebKit JSC - 'JSObject::ensureLength' ensureLengthSlow Check Failure WebKit JSC - Incorrect Check in emitPutDerivedConstructorToArrowFunctionContextScope WebKit - 'Element::setAttributeNodeNS' Use-After-Free reiserfstune 3.6.25 - Local Buffer Overflow TiEmu 2.08 - Local Buffer Overflow Octopus Deploy - Authenticated Code Execution (Metasploit) Samba - 'is_known_pipename()' Arbitrary Module Load (Metasploit) CERIO DT-100G-N/DT-300N/CW-300N - Multiple Vulnerabilities Linux/x86 - execve(/bin/sh_) Shellcode (19 bytes) Linux/x86 - execve(_/bin/sh_) Shellcode (21 bytes) uc-http Daemon - Local File Inclusion / Directory Traversal Trend Micro Deep Security version 6.5 - XML External Entity Injection / Local Privilege Escalation / Remote Code Execution KEMP LoadMaster 7.135.0.13245 - Persistent Cross-Site Scripting / Remote Code Execution IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Heap Buffer Overflow WordPress Plugin Huge-IT Video Gallery 2.0.4 - SQL Injection TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Remote Code Execution as Root Piwigo Plugin Facetag 0.0.3 - SQL Injection OV3 Online Administration 3.0 - Directory Traversal OV3 Online Administration 3.0 - Remote Code Execution OV3 Online Administration 3.0 - SQL Injection Piwigo Plugin Facetag 0.0.3 - Cross-Site Scripting Riverbed SteelHead VCX 9.6.0a - Arbitrary File Read WebKit - CachedFrame does not Detach Openers Universal Cross-Site Scripting WebKit - 'CachedFrameBase::restore' Universal Cross-Site Scripting WebKit - 'Document::prepareForDestruction' and 'CachedFrame' Universal Cross-Site Scripting	2017-06-05 05:01:15 +00:00
Offensive Security	9e9bf495c2	DB: 2017-04-26 26 new exploits PHP 5.4.0RC6 (x64t) - Denial of Service PHP 5.4.0RC6 (x64) - Denial of Service Evostream Media Server 1.7.1 (x64) - Denial of Service PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH) VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write Dmitry 1.3a - Local Buffer Overflow Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation Oracle VM VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write Apple Safari - Array concat Memory Corruption Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest Code Double-Free VirtualBox - Cooperating VMs can Escape from Shared Folder PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation Dell Customer Connect 1.3.28.0 - Privilege Escalation LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege Escalation Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit Nginx 1.4.0 (Generic Linux x64) - Remote Exploit Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution Microsoft Office Word - Malicious Hta Execution (Metasploit) WePresent WiPG-1000 - Command Injection (Metasploit) OSX/Intel - setuid shell x86_64 Shellcode (51 bytes) OSX/Intel (x86-64) - setuid shell Shellcode (51 bytes) OSX/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes) OSX/Intel (x86-64) - reverse_tcp shell Shellcode (131 bytes) Linux x86 / x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes) Linux x86 / x86_64 - tcp_bind (Port 4444) Shellcode (251 bytes) Linux x86 / x86_64 - Read /etc/passwd Shellcode (156 bytes) Linux x86/x86-64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes) Linux x86/x86-64 - tcp_bind (Port 4444) Shellcode (251 bytes) Linux x86/x86-64 - Read /etc/passwd Shellcode (156 bytes) Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86-64 - Egghunter Shellcode (38 bytes) Linux/x86-64 - Reverse Shell Shellcode (84 bytes) FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery WordPress Plugin KittyCatfish 2.2 - SQL Injection WordPress Plugin Car Rental System 2.5 - SQL Injection WordPress Plugin Wow Viral Signups 2.1 - SQL Injection WordPress Plugin Wow Forms 2.1 - SQL Injection Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via DOCTYPE Oracle E-Business Suite 12.2.3 - 'IESFOOTPRINT' SQL Injection HPE OpenCall Media Platform (OCMP) 4.3.2 - Cross-Site Scripting / Remote File Inclusion OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection October CMS 1.0.412 - Multiple Vulnerabilities	2017-04-26 05:01:18 +00:00
Offensive Security	3c86b861c2	DB: 2017-04-19 4 new exploits Microsoft Windows - Uncredentialed SMB RCE (MS17-010) (Metasploit) Microsoft Windows - Unauthenticated SMB Remote Code Execution (MS17-010) (Metasploit) pinfo 0.6.9 - Local Buffer Overflow Tenable Appliance < 4.5 - Unauthenticated Remote Root Code Execution Microsoft Word - .RTF Remote Code Execution Huawei HG532n - Command Injection (Metasploit)	2017-04-19 05:01:17 +00:00
Offensive Security	aabd4b35b3	DB: 2017-04-14 12 new exploits Microsoft Windows Kernel win32k.sys - Multiple Bugs in the NtGdiGetDIBitsInternal System Call Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disclosure PonyOS 3.0 - tty ioctl() Local Kernel Exploit PonyOS 3.0 - TTY 'ioctl()' Local Kernel Exploit Solaris 7 - 11 (x86 & SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation Solaris 7 < 11 (x86 / SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation GNS3 Mac OS-X 1.5.2 - 'ubridge' Privilege Escalation PonyOS 4.0 - 'fluttershy' LD_LIBRARY_PATH Local Kernel Exploit Adobe Creative Cloud Desktop Application <= 4.0.0.185 - Privilege Escalation Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak) Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage Exploit Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution Linux/x86-64 - execve(_/bin/sh_) Shellcode (31 bytes) Coppermine Gallery < 1.5.44 - Directory Traversal Weaknesses SedSystems D3 Decimator - Multiple Vulnerabilities agorum core Pro 7.8.1.4-251 - Cross-Site Request Forgery agorum core Pro 7.8.1.4-251 - Persistent Cross-Site Scripting Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit)	2017-04-14 05:01:15 +00:00
Offensive Security	2ac6fc17c2	DB: 2017-04-13 3 new exploits Solaris 7 - 11 (x86 & SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation Cisco Catalyst 2960 IOS 12.2(55)SE11 - 'ROCEM' Remote Code Execution D-Link DWR-116 / DWR-116A1 - Arbitrary File Download	2017-04-13 05:01:16 +00:00
Offensive Security	6624e39c26	DB: 2017-04-05 31 new exploits macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption macOS Kernel 10.12.2 (16C67) - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn macOS/iOS Kernel 10.12.3 (16D32) - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking macOS Kernel 10.12.3 (16D32) - 'audit_pipe_open' Off-by-One Memory Corruption macOS/iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free macOS Kernel 10.12.2 (16C67) - 'AppleIntelCapriController::GetLinkConfig' Code Execution Due to Lack of Bounds Checking Broadcom Wi-Fi SoC - Heap Overflow in _wlc_tdls_cal_mic_chk_ Due to Large RSN IE in TDLS Setup Confirm Frame Apple WebKit 10.0.2 - HTMLInputElement Use-After-Free Apple WebKit - 'RenderLayer' Use-After-Free Apple WebKit - Negative-Size memmove in HTMLFormElement Apple WebKit - 'FormSubmission::create' Use-After-Free Apple WebKit - 'ComposedTreeIterator::traverseNextInShadowTree' Use-After-Free Apple WebKit - 'table' Use-After-Free Apple WebKit - 'WebCore::toJS' Use-After-Free macOS/iOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device Bluecoat ASG 6.6/CAS 1.3 - Privilege Escalation (Metasploit) Bluecoat ASG 6.6/CAS 1.3 - OS Command Injection (Metasploit) Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow Exploit SolarWinds LEM 6.3.1 - Remote Code Execution (Metasploit) Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit) Broadcom Wi-Fi SoC - 'dhd_handle_swc_evt' Heap Overflow Pixie 1.0.4 - Arbitrary File Upload Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window Apple WebKit 10.0.2(12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting Apple WebKit 10.0.2(12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion Apple WebKit 10.0.2(12602.3.12.0.1) - 'Frame::setDocument (1)' Universal Cross-Site Scripting Apple Webkit - 'JSCallbackData' Universal Cross-Site Scripting Maian Uploader 4.0 - 'index.php' keywords Parameter Cross-Site Scripting Maian Uploader 4.0 - admin/index.php keywords Parameter Cross-Site Scripting Maian Uploader 4.0 - admin/inc/header.php Multiple Parameter Cross-Site Scripting Maian Uploader 4.0 - 'keywords' Parameter Cross-Site Scripting Maian Uploader 4.0 - 'index.php' Cross-Site Scripting Maian Uploader 4.0 - 'header.php' Cross-Site Scripting Maian Uploader 4.0 - 'user' Parameter SQL Injection Maian Survey 1.1 - 'survey' Parameter SQL Injection Maian Greetings 2.1 - 'cat' Parameter SQL Injection	2017-04-05 05:01:18 +00:00
Offensive Security	0320cba051	DB: 2017-04-02 6 new exploits Microsoft Internet Explorer 11 - Crash PoC (1) Microsoft Internet Explorer 11 - Crash (PoC) (1) Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031) Microsoft Windows SQL Server - Remote Denial of Service (MS03-031) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (PoC) (MS03-046) Microsoft Windows - MSDTC Service Remote Memory Modification PoC (MS05-051) Microsoft Windows - MSDTC Service Remote Memory Modification (PoC) (MS05-051) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (1) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (1) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (1) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (3) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (2) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2) Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC (Metasploit) Apple Airport - 802.11 Probe Response Kernel Memory Corruption (PoC) (Metasploit) Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041) Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041) Microsoft Excel - Malformed Palette Record Denial of Service PoC (MS07-002) Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002) BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow (PoCs) Visual Basic - 'vbe6.dll' Local Stack Overflow PoC / Denial of Service Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - Authenticated Remote Stack Overflow (PoC) Microsoft Internet Explorer GDI+ - PoC (MS08-052) Microsoft Internet Explorer GDI+ - (PoC) (MS08-052) Microsoft Windows - GDI+ PoC (MS08-052) (2) Microsoft Windows - GDI+ (PoC) (MS08-052) (2) Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046) GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service Microsoft Windows - InternalOpenColorProfile Heap Overflow (PoC) (MS08-046) GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption (PoC) / Denial of Service Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (New Heap Spray) Adobe Acrobat Reader - JBIG2 Local Buffer Overflow PoC (2) Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2) eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH) eZip Wizard 3.0 - Local Stack Buffer Overflow (PoC) (SEH) Chasys Media Player 1.1 - '.pls' Local Buffer Overflow PoC (SEH) Chasys Media Player 1.1 - '.pls' Local Buffer Overflow (PoC) (SEH) Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (1) Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (1) Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (2) Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (2) Microsoft Internet Explorer - EMBED Memory Corruption PoC (MS09-014) Microsoft Internet Explorer - EMBED Memory Corruption (PoC) (MS09-014) DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow PoCs DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow (PoCs) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow PoC (SEH) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow (PoC) (SEH) MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String (PoC) otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs otsAV DJ/TV/Radio - Multiple Local Heap Overflow (PoCs) JetAudio 7.5.3 COWON Media Center - '.wav' Crash Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH) Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow PoC (SEH) Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (PoC) (SEH) Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (PoC) (SEH) Tuniac 090517c - '.m3u' Local File Crash (PoC) HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH) HTML Email Creator & Sender 2.3 - Local Buffer Overflow (PoC) (SEH) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (1) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (2) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (1) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (2) BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow PoC (2) BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow (PoC) (2) Eureka Email Client 2.2q - PoC Buffer Overflow Eureka Email Client 2.2q - Buffer Overflow (PoC) Microsoft Windows 7 / Server 2008 R2 - Remote Kernel Crash Microsoft Windows 7 / 2008 R2 - Remote Kernel Crash Picpuz 2.1.1 - Buffer Overflow Denial of Service/PoC Picpuz 2.1.1 - Buffer Overflow Denial of Service (PoC) Total MultiMedia Features - Denial of Service PoC for Sony Ericsson Phones Total MultiMedia Features - Sony Ericsson Phones Denial of Service (PoC) Mozilla Firefox 3.6 - (XML parser) Memory Corruption PoC/Denial of Service Mozilla Firefox 3.6 - (XML parser) Memory Corruption (PoC) / Denial of Service iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service (PoC) RCA DCM425 Cable Modem - micro_httpd Denial of Service/PoC RCA DCM425 Cable Modem - 'micro_httpd' Denial of Service (PoC) Free MP3 CD Ripper 2.6 - '.wav' PoC Free MP3 CD Ripper 2.6 - '.wav' (PoC) Anyzip 1.1 - '.zip' PoC (SEH) Anyzip 1.1 - '.zip' (PoC) (SEH) Microsoft Windows - SMB Client-Side Bug PoC (MS10-006) Microsoft Windows - SMB Client-Side Bug (PoC) (MS10-006) Webby WebServer - PoC SEH control Webby WebServer - SEH Control (PoC) FreeBSD 8.0 ftpd - off-by one PoC (FreeBSD-SA-10:05) FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off- By One (PoC) Microsoft Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free Microsoft Windows Vista/2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free AoAAudioExtractor 2.0.0.0 - ActiveX PoC (SEH) AoAAudioExtractor 2.0.0.0 - ActiveX (PoC) (SEH) Mozilla Firefox - Memory Corruption PoC (Simplified) Mozilla Firefox - (Simplified) Memory Corruption (PoC) Microsoft Windows - Win32k Pointer Dereferencement PoC (MS10-098) Microsoft Windows - Win32k Pointer Dereferencement (PoC) (MS10-098) Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH) Elecard MPEG Player 5.7 - Local Buffer Overflow (PoC) (SEH) Microsoft Windows XP - WmiTraceMessageVa Integer Truncation PoC (MS11-011) Microsoft Windows XP - WmiTraceMessageVa Integer Truncation (PoC) (MS11-011) Real player 14.0.2.633 - Buffer Overflow / Denial of ServiceExploit Real player 14.0.2.633 - Buffer Overflow / Denial of Service IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - '.ICO' With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - '.ICO' Without Transparent Colour Denial of Service / Remote Denial of Service Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service Microsoft Windows Vista/2008 - 'nsiproxy.sys' Local Kernel Denial of Service D-Link DSL-2650U - Denial of Service/PoC D-Link DSL-2650U - Denial of Service (PoC) Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun PoC (MS11-077) Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun (PoC) (MS11-077) Opera 11.52 - PoC Denial of Service Opera 11.52 - Denial of Service (PoC) Microsoft Win32k - Null Pointer De-reference PoC (MS11-077) Microsoft Win32k - Null Pointer De-reference (PoC) (MS11-077) Microsoft Windows - 'afd.sys' PoC (MS11-046) Microsoft Windows - 'afd.sys' (PoC) (MS11-046) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE (PoC) (MS12-034) Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit) Wyse - Unauthenticated Machine Remote Power Off )Denial of Service) (Metasploit) Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service Microsoft Windows NT 4/2000 - TCP/IP Printing Service Denial of Service Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference) Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Null Pointer Dereference Crash (PoC) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5) Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows NT / 2000 - Terminal Server Service RDP Denial of Service Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (1) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (2) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (2) Microsoft PoCket Internet Explorer 3.0 - Denial of Service Microsoft Pocket Internet Explorer 3.0 - Denial of Service Microsoft Windows - HWND_BROADCAST PoC (MS13-005) Microsoft Windows - HWND_BROADCAST (PoC) (MS13-005) Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash (PoC) Apple Safari 3 for Windows - Document.Location Denial of Service Apple Safari 3 for Windows - 'Document.Location' Denial of Service PotPlayer 1.5.42509 Beta - Denial of Service (Integer Division by Zero Exploit) PotPlayer 1.5.42509 Beta - Integer Division by Zero Denial of Service Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow Apple Safari 3.0.x for Windows - 'Document.Location.Hash' Buffer Overflow Android Web Browser - GIF File Heap Based Buffer Overflow Google Android Web Browser - '.GIF' File Heap Based Buffer Overflow Android Web Browser - BMP File Integer Overflow Google Android Web Browser - '.BMP' File Integer Overflow Gold MP4 Player 3.3 - Buffer Overflow PoC (SEH) Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH) Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows Vista/2003 - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035) Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash (PoC) (MS14-035) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption (PoC) (MS14-035) Microsoft Internet Explorer - Memory Corruption PoC (MS14-029) Microsoft Internet Explorer - Memory Corruption (PoC) (MS14-029) UniPDF 1.1 - Crash (PoC) (SEH) Brasero CD/DVD Burner 3.4.1 - '.m3u' Buffer Overflow Crash (PoC) Microsoft Windows - 'HTTP.sys' PoC (MS15-034) Microsoft Windows - 'HTTP.sys' (PoC) (MS15-034) UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC) Microsoft Internet Explorer 11 - Crash PoC (2) Microsoft Internet Explorer 11 - Crash (PoC) (2) Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash QNX RTOS 6.3.0 - Insecure 'rc.local' Permissions System Crash / Privilege Escalation Microsoft Windows - NtClose DeadLock PoC (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows - NtClose DeadLock (PoC) (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation (PoC) (MS06-030) PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper Buffer Overflow PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow Apache Tomcat (Windows) - runtime.getRuntime().exec() Privilege Escalation Apache Tomcat (Windows) - 'runtime.getRuntime().exec()' Privilege Escalation Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH) Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow (PoC) (SEH) Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH) Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (SEH) Tuniac 090517c - '.m3u' Local File Crash (PoC) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (1) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3) Microsoft HTML Help Workshop 4.74 - '.hhp' Index Buffer Overflow (Metasploit) (3) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2) Microsoft HTML Help Workshop 4.74 - '.hhp' Cotent Buffer Overflow (Metasploit) (2) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4) Microsoft HTML Help Workshop 4.74 - '.hhp' compiled Buffer Overflow (Metasploit) (4) Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (without egg-hunter) (Metasploit) Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (Without Egg-Hunter) (Metasploit) PHP 5.3.6 - Buffer Overflow PoC (ROP) PHP 5.3.6 - Buffer Overflow (ROP) (PoC) Microsoft Windows Server 2000/NT 4 - DLL Search Path Microsoft Windows NT 4/2000 - DLL Search Path Microsoft Windows Server 2000/NT 4 - NTFS File Hiding Microsoft Windows NT 4/2000 - NTFS File Hiding Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows NT 4/2000 - Process Handle Local Privilege Elevation Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (1) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (2) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (3) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (4) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (5) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (6) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (7) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (8) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows NT 4/2000 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT 4/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_parameters' Argument Arbitrary File Creation Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation Microsoft Windows XP/Vista/2003/2008 - WMI Service Isolation Privilege Escalation Adobe Reader for Android - addJavascriptInterface Exploit (Metasploit) Adobe Reader for Android - 'addJavascriptInterface' Exploit (Metasploit) UniPDF 1.1 - Crash PoC (SEH overwritten) Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash (PoC) UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (PoC) (MS15-052) Android - get_user/put_user Exploit (Metasploit) Google Android - get_user/put_user Exploit (Metasploit) Microsoft Windows 7 < 10 / Server 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Google Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit) MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit) ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (1) Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (1) Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (2) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (2) Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Buffer Overflow Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (2) Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027) Microsoft Internet Explorer 7 - Arbitrary File Rewrite (PoC) (MS07-027) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow ImageStation - 'SonyISUpload.cab' 1.0.0.38 ActiveX Buffer Overflow IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069) Microsoft XML Core Services DTD - Cross-Domain Scripting (PoC) (MS08-069) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (PoC) (MS09-002) Apple Mac OSX - Java applet Remote Deserialization Remote PoC (2) Apple Mac OSX - Java applet Remote Deserialization Remote (PoC) (2) Microsoft Windows live messenger plus! fileserver 1.0 - Directory Traversal Microsoft Windows Live Messenger Plus! Fileserver 1.0 - Directory Traversal JetAudio 7.5.3 COWON Media Center - '.wav' Crash DistCC Daemon - Command Execution (Metasploit) (1) DistCC Daemon - Command Execution (Metasploit) Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit) mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit) Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit) mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Veritas NetBackup - Remote Command Execution (Metasploit) (1) Veritas NetBackup - Remote Command Execution (Metasploit) Pegasus Mail Client 4.51 - PoC Buffer Overflow Pegasus Mail Client 4.51 - Buffer Overflow (PoC) Irix LPD tagprinter - Command Execution (Metasploit) (1) Irix LPD tagprinter - Command Execution (Metasploit) Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (1) Xtacacsd 4.1.2 - 'report()' Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account Tandberg E & EX & C Series Endpoints - Default Root Account Credentials Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2) Veritas NetBackup - Remote Command Execution (Metasploit) (2) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2) httpdx - tolog() Function Format String (Metasploit) (1) httpdx - 'tolog()' Function Format String (Metasploit) (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) httpdx - tolog() Function Format String (Metasploit) (2) httpdx - 'tolog()' Function Format String (Metasploit) (2) Irix LPD tagprinter - Command Execution (Metasploit) (2) Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (2) DistCC Daemon - Command Execution (Metasploit) (2) HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055) HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution (PoC) HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution (PoC) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1) Mozilla Firefox 3.6.16 (Windows) - mChannel Use-After-Free (Metasploit) (1) Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit) Opera 10/11 - Bad Nesting with Frameset Tag Memory Corruption (Metasploit) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2) Mozilla Firefox 3.6.16 (OSX) - mChannel Use-After-Free (Metasploit) (2) HP SiteScope - Remote Code Execution (Metasploit) (1) HP SiteScope (Linux/Windows) - Remote Code Execution (Metasploit) Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow Microsoft Windows XP/2000/NT 4 - Help Facility ActiveX Control Buffer Overflow Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows NT 4/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow thttpd 2.2x - defang Remote Buffer Overflow thttpd 2.2x - 'defang' Remote Buffer Overflow Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2) Novell ZENworks Configuration Management 10 SP3 / 11 SP2 - Remote Execution (Metasploit) Dovecot with Exim - sender_address Parameter Remote Command Execution Dovecot with Exim - 'sender_address' Parameter Remote Command Execution HP SiteScope - Remote Code Execution (Metasploit) (2) HP SiteScope (Windows) - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (1) Western Digital Arkeia < 10.0.10 - Remote Code Execution (Metasploit) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (2) Western Digital Arkeia < 11.0.12 - Remote Code Execution (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) E-Uploader Pro 1.0 - Image Upload with Code Execution E-Uploader Pro 1.0 - Image Upload / Code Execution ASPapp Knowledge Base - 'CatId' Parameter SQL Injection ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (1) ASPapp KnowledgeBase - 'catid' Parameter SQL Injection ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (2) ea-gBook 0.1 - Remote Command Execution with Remote File Inclusion (c99) ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion (c99) Flatchat 3.0 - 'pmscript.php with' Local File Inclusion Flatchat 3.0 - 'pmscript.php' Local File Inclusion Joomla! Component huruhelpdesk - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection (1) PGAUTOPro - SQL Injection / Cross-Site Scripting PGAUTOPro - SQL Injection / Cross-Site Scripting (1) Joomla! Component Huru Helpdesk - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection (2) SoftwareDEP Classified Script 2.5 - SQL Injection SoftwareDEP Classified Script 2.5 - SQL Injection (1) WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities Software DEP Classified Script 2.5 - SQL Injection SoftwareDEP Classified Script 2.5 - SQL Injection (2) Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (1) Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (2) Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (1) Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (2) OnlineArts DailyDose 1.1 - Denial of Servicee.pl Remote Command Execution OnlineArts DailyDose 1.1 - 'dose.pl' Remote Command Execution PHPOpenChat 2.3.4/3.0.1 - PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - PoC.php Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php' phpbb_root_path Parameter Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion ActiveNews Manager - 'articleId' Parameter SQL Injection ActiveNews Manager - 'articleId' Parameter SQL Injection (1) Active News Manager - 'articleId' Parameter SQL Injection ActiveNews Manager - 'articleId' Parameter SQL Injection (2) Sagem Fast 3304-V2 - Authentication Bypass Sagem Fast 3304-V2 - Authentication Bypass (1) PG Auto Pro - SQL Injection / Cross-Site Scripting PGAUTOPro - SQL Injection / Cross-Site Scripting (2) Sagem FAST3304-V2 - Authentication Bypass Sagem FAST3304-V2 - Authentication Bypass (2) Trend Micro - Multiple HTTP Problems with CoreServiceShell.exe Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers) phpATM 1.32 (Windows) - Arbitrary File Upload / Remote Command Execution Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit)	2017-04-02 05:01:18 +00:00
Offensive Security	570f8aec26	DB: 2017-03-25 6 new exploits wifirxpower - Local Buffer Overflow Miele Professional PG 8528 - Directory Traversal NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow (Metasploit) Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit) Gr8 Tutorial Script - SQL Injection Gr8 Gallery Script - SQL Injection	2017-03-25 05:01:17 +00:00
Offensive Security	846ce42eca	DB: 2017-03-02 14 new exploits SysGauge 1.5.18 - Buffer Overflow WePresent WiPG-1500 - Backdoor Account Windows x86 - Reverse TCP Staged Alphanumeric Shellcode (332 Bytes) DLink DSL-2730U Wireless N 150 - Cross-Site Request Forgery Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting WordPress Plugin Contact Form Manager - Cross-Site Request Forgery / Cross-Site Scripting WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting WordPress Plugin Popup by Supsystic 1.7.6 - Cross-Site Request Forgery WordPress Plugin NewStatPress 1.2.4 - Cross-Site Scripting WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery WordPress Plugin File Manager 3.0.1 - Cross-Site Request Forgery SchoolDir - SQL Injection Rage Faces Script 1.3 - SQL Injection Meme Maker Script 2.1 - 'user' Parameter SQL Injection	2017-03-02 05:01:19 +00:00
Offensive Security	187fb60098	DB: 2017-02-12 1 new exploits WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection	2017-02-12 05:01:16 +00:00
Offensive Security	dcc7720ad6	DB: 2017-02-11 18 new exploits Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit) F5 BIG-IP SSL Virtual Server - Memory Disclosure CMS Lite 1.3.1 - SQL Injection Tiger Post 3.0.1 - SQL Injection Gram Post 1.0 - SQL Injection Youtube Analytics Multi Channel 3.0 - SQL Injection Collabo - Arbitrary File Download Takas Classified 1.1 - SQL Injection Zigaform - SQL Injection Multilanguage Estate Agency Pro 1.2 - SQL Injection QWIKIA 1.1.1 - SQL Injection Automated Job Portal Script - SQL Injection CLUB-8 EMS - SQL Injection Uploadr - SQL Injection CodePaul ClipMass - SQL Injection Video Subscription - SQL Injection D-link DIR-600M - Cross-Site Request Forgery HotelCMS with Booking Engine - SQL Injection	2017-02-11 05:01:16 +00:00
Offensive Security	9ea9da7098	DB: 2017-02-04 6 new exploits APC UPS 3.7.2 - (apcupsd) Local Denial of Service APC UPS 3.7.2 - 'apcupsd' Local Denial of Service Microsoft Windows 7 / Server 2008R2 - Remote Kernel Crash Microsoft Windows 7 / Server 2008 R2 - Remote Kernel Crash Debian 9 ntfs-3g - Privilege Escalation CUPS 1.1.x - .HPGL File Processor Buffer Overflow CUPS 1.1.x - '.HPGL' File Processor Buffer Overflow CUPS < 2.0.3 - Remote Command Execution Netwave IP Camera - Password Disclosure Itech Multi Vendor Script 6.49 - SQL Injection Itech Multi Vendor Script 6.49 - 'pl' Parameter SQL Injection SlimarUSER Management 1.0 - 'id' Parameter SQL Injection Itech Multi Vendor Script 6.49 - SQL Injection Zoneminder 1.29 / 1.30 - Cross-Site Scripting / SQL Injection / Session Fixation / Cross-Site Request Forgery	2017-02-04 05:01:18 +00:00
Offensive Security	62dddb2f49	DB: 2016-12-20 9 new exploits Apache 2.2 - (Windows) Local Denial of Service Apache 2.2 (Windows) - Local Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x (Mod_JK) - Chunked Encoding Denial of Service Apache 2.4.7 mod_status - Scoreboard Handling Race Condition Apache 2.4.7 (mod_status) - Scoreboard Handling Race Condition Google Chrome < 31.0.1650.48 - HTTP 1xx base::StringTokenizerT<...>::QuickGetNext Out-of-Bounds Read Apache 1.3.31 mod_include - Local Buffer Overflow Apache 1.3.31 (mod_include) - Local Buffer Overflow Gopher 3.0.9 - (+VIEWS) Remote Client Side Buffer Overflow Gopher 3.0.9 - (+VIEWS) Remote Client-Side Buffer Overflow Apache 'Mod_Auth_OpenID' - Session Stealing Apache (Mod_Auth_OpenID) - Session Stealing Apache 2.0.4x mod_php Module - File Descriptor Leakage (1) Apache 2.0.4x mod_php Module - File Descriptor Leakage (2) Apache 2.0.4x (mod_php) - File Descriptor Leakage (1) Apache 2.0.4x (mod_php) - File Descriptor Leakage (2) Apache 2.0.4x mod_perl Module - File Descriptor Leakage (3) Apache 2.0.4x (mod_perl) - File Descriptor Leakage (3) Apache 1.3.x mod_include - Local Buffer Overflow Apache 1.3.x (mod_include) - Local Buffer Overflow Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command Execution Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) Google Chrome + Fedora 25 / Ubuntu 16.04 - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download Apache 1.3.x mod_mylo - Remote Code Execution Apache 1.3.x (mod_mylo) - Remote Code Execution Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure Apache 1.3.x < 2.0.48 (mod_userdir) - Remote Users Disclosure Apache mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2) Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Exploit (2) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (2) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting Apache (mod_perl) - 'Apache::Status' / 'Apache2::Status' Cross-Site Scripting Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit Apache 2.2.14 (mod_isapi) - Dangling Pointer Remote SYSTEM Exploit Apache (Windows x86) - (Windows x86) Chunked Encoding (Metasploit) Apache (Windows x86) - Chunked Encoding (Metasploit) Apache mod_proxy - Reverse Proxy Exposure (PoC) Apache (mod_proxy) - Reverse Proxy Exposure (PoC) Apache 1.3.20 - Win32 PHP.exe Remote File Disclosure Apache 1.3.20 (Win32) - 'PHP.exe' Remote File Disclosure Apache mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1) Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Exploit (1) Joomla! Component 'com_media' - Arbitrary File Upload (Metasploit) Joomla! Component Media Manager - Arbitrary File Upload (Metasploit) Apache 2.2.6 - 'mod_negotiation' HTML Injection and HTTP Response Splitting Apache 2.2.6 (mod_negotiation) - HTML Injection and HTTP Response Splitting Apache 7.0.x 'mod_proxy'- Reverse Proxy Security Bypass Apache 7.0.x (mod_proxy) - Reverse Proxy Security Bypass Apache 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass Apache 2.2.15 (mod_proxy) - Reverse Proxy Security Bypass Apache 'mod_wsgi' Module - Information Disclosure Apache (mod_wsgi) - Information Disclosure Joomla! Component 'com_jp_jobs' 1.4.1 - SQL Injection Joomla! Component JP Jobs 1.4.1 - SQL Injection Joomla! Component 'com_joomlapicasa' 2.0 - Local File Inclusion Joomla! Component Picasa 2.0 - Local File Inclusion Joomla! Component 'com_jinventory' - Local File Inclusion Joomla! Component JInventory 1.23.02 - Local File Inclusion Joomla! Component 'com_loginbox' - Local File Inclusion Joomla! Component LoginBox - Local File Inclusion Joomla! Component 'com_Joomlaupdater' - Local File Inclusion Joomla! Component Magic Updater - Local File Inclusion Joomla! Component 'com_news_portal' 1.5.x - Local File Inclusion Joomla! Component 'com_fss' 1.3 - 'faqid' Parameter SQL Injection Joomla! Component News Portal 1.5.x - Local File Inclusion Joomla! Component Freestyle FAQ Lite 1.3 - 'faqid' Parameter SQL Injection Joomla! Component 'com_jwhmcs' 1.5.0 - Local File Inclusion Joomla! Component 'com_jukebox' 1.7 - Local File Inclusion Joomla! Component 'com_Joomlaflickr' 1.0 - Local File Inclusion Joomla! Component 'com_hsconfig' 1.5 - Local File Inclusion Joomla! Component 'com_fabrik' 2.0 - Local File Inclusion Joomla! Component 'com_datafeeds' 880 - Local File Inclusion Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion Joomla! Component Juke Box 1.7 - Local File Inclusion Joomla! Component Joomla Flickr 1.0 - Local File Inclusion Joomla! Component Highslide 1.5 - Local File Inclusion Joomla! Component Fabrik 2.0 - Local File Inclusion Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion Joomla! Component 'com_foobla_suggestions' 1.5.1.2 - Local File Inclusion Joomla! Component 'com_javoice' - Local File Inclusion Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion Joomla! Component JA Voice 2.0 - Local File Inclusion Joomla! Component 'com_jfeedback' - Local File Inclusion Joomla! Component 'com_jprojectmanager' - Local File Inclusion Joomla! Component Jfeedback 1.2 - Local File Inclusion Joomla! Component JProject Manager 1.0 - Local File Inclusion Joomla! Component 'com_mv_restaurantmenumanager' 1.5.2 - SQL Injection Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection Joomla! Component 'com_horoscope' - Local File Inclusion Joomla! Component Horoscope 1.5.0 - Local File Inclusion Joomla! Component 'com_market' - Local File Inclusion Joomla! Component Online Market 2.x - Local File Inclusion Joomla! Component 'com_jvehicles' - 'aid' Parameter SQL Injection Joomla! Component 'com_jp_jobs' 1.2.0 - 'id' Parameter SQL Injection Joomla! Component Jvehicles 1.0/2.0 - 'aid' Parameter SQL Injection Joomla! Component JP Jobs 1.2.0 - 'id' Parameter SQL Injection Joomla! Component 'com_mtfireeagle' - Local File Inclusion Joomla! Component 'com_mediamall' - Blind SQL Injection Joomla! Component 'com_lovefactory' - Local File Inclusion Joomla! Component 'com_jacomment' - Local File Inclusion Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion Joomla! Component Media Mall Factory 1.0.4 - Blind SQL Injection Joomla! Component Love Factory 1.3.4 - Local File Inclusion Joomla! Component JA Comment - Local File Inclusion Joomla! Component 'com_iproperty' 1.5.3 - 'id' Parameter SQL Injection Joomla! Component Intellectual Property 1.5.3 - 'id' Parameter SQL Injection Joomla! Component 'com_joltcard' - SQL Injection Joomla! Component JoltCard 1.2.1 - SQL Injection Joomla! Component 'com_gadgetfactory' - Local File Inclusion Joomla! Component 'com_matamko' - Local File Inclusion Joomla! Component 'com_multiroot' - Local File Inclusion Joomla! Component 'com_multimap' - Local File Inclusion Joomla! Component 'com_drawroot' - Local File Inclusion Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion Joomla! Component Matamko 1.01 - Local File Inclusion Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion Joomla! Component 'com_if_surfalert' - Local File Inclusion Joomla! Component iF surfALERT 1.2 - Local File Inclusion Joomla! Component 'com_gbufacebook' 1.0.5 - SQL Injection Joomla! Component GBU Facebook 1.0.5 - SQL Injection Joomla! Component 'com_jnewspaper' - 'cid' Parameter SQL Injection Joomla! Component 'com_jtm' 1.9 Beta - SQL Injection Joomla! Component Online News Paper Manager 1.0 - 'cid' Parameter SQL Injection Joomla! Component JTM Reseller 1.9 Beta - SQL Injection Joomla! Component 'com_mmsblog' - Local File Inclusion Joomla! Component MMS Blog 2.3.0 - Local File Inclusion Joomla! Component 'com_noticeboard' - Local File Inclusion Joomla! Component NoticeBoard 1.3 - Local File Inclusion Joomla! Component 'com_graphics' 1.0.6 - Local File Inclusion Joomla! Component Graphics 1.0.6 - Local File Inclusion Joomla! Component 'com_newsfeeds' - SQL Injection Joomla! Component Newsfeeds - SQL Injection Joomla! Component 'com_konsultasi' - 'sid' Parameter SQL Injection Joomla! Component Komento 1.0.0 - 'sid' Parameter SQL Injection Joomla! Component 'com_dioneformwizard' - Local File Inclusion Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion Joomla! Component 'com_jejob' 1.0 - Local File Inclusion Joomla! Component JE Job 1.0 - Local File Inclusion Joomla! Component 'com_jequoteform' - Local File Inclusion Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion Joomla! Component 'com_mscomment' 0.8.0b - Local File Inclusion Joomla! Component MS Comment 0.8.0b - Local File Inclusion Apache Axis2 Administration console - Authenticated Cross-Site Scripting Apache Axis2 Administration Console - Authenticated Cross-Site Scripting Joomla! Component 'com_mycar' - Multiple Vulnerabilities Joomla! Component My Car 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jejob' 1.0 - 'catid' Parameter SQL Injection Joomla! Component JE Job 1.0 - 'catid' Parameter SQL Injection Joomla! Component 'com_jsjobs' - SQL Injection Joomla! Component JS Jobs 1.0.5.8 - SQL Injection Joomla! Component 'com_djartgallery' - Multiple Vulnerabilities Joomla! Component DJ-ArtGallery 0.9.1 - Multiple Vulnerabilities Joomla! Component 'com_gamesbox' 1.0.2 - 'id' SQL Injection Joomla! Component Gamesbox 1.0.2 - 'id' Parameter SQL Injection Joomla! Component 'com_eventcal' 1.6.4 - Blind SQL Injection Joomla! Component eventCal 1.6.4 - Blind SQL Injection Joomla! Component 'com_ninjamonials' - Blind SQL Injection Joomla! Component NinjaMonials - Blind SQL Injection Joomla! Component 'com_neorecruit' - 'Itemid' Parameter Blind SQL Injection Joomla! Component NeoRecruit 1.6.4 - 'Itemid' Parameter Blind SQL Injection Joomla! Component 'com_golfcourseguide' 0.9.6.0 - SQL Injection Joomla! Component 'com_huruhelpdesk' - SQL Injection Joomla! Component Golf Course Guide 0.9.6.0 - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection Joomla! Component 'com_joomdle' 0.24 - SQL Injection Joomla! Component Joomdle 0.24 - SQL Injection Joomla! Component 'com_Joomla-visites' - Remote File Inclusion Joomla! Component Visites 1.1 RC2 - Remote File Inclusion Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injection Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion Joomla! Component iJoomla Magazine 3.0.1 - Remote File Inclusion Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection Joomla! Component Gantry 3.0.10 - Blind SQL Injection Joomla! Component 'com_jphone' - Local File Inclusion Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion Joomla! Component 'com_jgen' - SQL Injection Joomla! Component JGen 0.9.33 - SQL Injection Joomla! Component 'com_ezautos' - SQL Injection Joomla! Component Joostina - SQL Injection Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities Joomla! Component JE Guestbook 1.0 - Multiple Vulnerabilities Joomla! Component 'com_jedirectory' - SQL Injection Joomla! Component JE Directory 1.0 - SQL Injection Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities Joomla! Component JS Calendar 1.5.1 - Multiple Vulnerabilities Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection Joomla! Component JE Ajax Event Calendar - SQL Injection Joomla! Component 'com_flipwall' - SQL Injection Joomla! Component Pulse Infotech Flip Wall - SQL Injection Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection Joomla! Component 'com_jsupport' - Cross-Site Scripting Joomla! Component 'com_jsupport' - SQL Injection Joomla! Component JSupport 1.5.6 - Cross-Site Scripting Joomla! Component JSupport 1.5.6 - SQL Injection Joomla! Component 'com_jimtawl' - Local File Inclusion Joomla! Component Jimtawl 1.0.2 - Local File Inclusion phpMyAdmin - Client Side Code Injection / Redirect Link Falsification phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification Joomla! Component 'com_jeauto' 1.0 - SQL Injection Joomla! Component JE Auto 1.0 - SQL Injection Joomla! Component 'com_jradio' - Local File Inclusion Joomla! Component JRadio - Local File Inclusion Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion Joomla! Component JotLoader 2.2.1 - Local File Inclusion Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities Joomla! Component HM Community - Multiple Vulnerabilities Joomla! Component 'com_estateagent' - SQL Injection Joomla! Component Estate Agent - SQL Injection EPortfolio 1.0 - Client Side Input Validation EPortfolio 1.0 - Client-Side Input Validation ActiveWeb Contentserver 5.6.2929 CMS - Client Side Filtering Bypass ActiveWeb Contentserver 5.6.2929 CMS - Client-Side Filtering Bypass Joomla! Component 'com_komento' 1.7.2 - Persistent Cross-Site Scripting Joomla! Component 'com_jvcomment' 3.0.2 - 'id' Parameter SQL Injection Joomla! Component Komento 1.7.2 - Persistent Cross-Site Scripting Joomla! Component JV Comment 3.0.2 - 'id' Parameter SQL Injection Joomla! Component 'com_jcomments' 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component JComments 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion Joomla! Component Jstore - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_ecommercewd' 1.2.5 - SQL Injection Joomla! Component ECommerce-WD 1.2.5 - SQL Injection Joomla! Component 'com_contactformmaker' 1.0.1 - SQL Injection Joomla! Component Contact Form Maker 1.0.1 - SQL Injection Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_helpdeskpro' < 1.4.0 - Multiple Vulnerabilities Joomla! Component Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection ntop-ng 2.5.160805 - Username Enumeration	2016-12-20 05:01:16 +00:00
Offensive Security	855e59f932	DB: 2016-12-07 9 new exploits MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC) Asterisk - (SIP channel driver / in pedantic mode) Remote Crash Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC) Asterisk 1.2.x - (SIP channel driver / in pedantic mode) Remote Crash F5 BIG-IP - Remote Root Authentication Bypass (1) F5 BIG-IP - Authentication Bypass (1) Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow NTPd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow NetCat 0.7.1 - Denial of Service Microsoft Event Viewer 1.0 - XML External Entity Injection Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection Apache CouchDB 2.0.0 - Local Privilege Escalation Samba 2.2.8 - Remote Root Exploit Samba 2.2.8 - Remote Code Execution Microsoft Windows - WebDAV Remote Root Exploit (2) Microsoft Windows - WebDAV Remote Code Execution (2) Microsoft IIS 5.0 - WebDAV Remote Root Exploit (3) (xwdav) Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav) miniSQL (mSQL) 1.3 - Remote GID Root Exploit miniSQL (mSQL) 1.3 - GID Remote Code Execution Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit GtkFtpd 1.0.4 - Remote Root Buffer Overflow Real Server 7/8/9 (Windows / Linux) - Remote Code Execution GtkFtpd 1.0.4 - Buffer Overflow Solaris Sadmind - Default Configuration Remote Root Exploit Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit Solaris Sadmind - Default Configuration Remote Code Execution Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / Brute Force Exploit ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit Cyrus IMSPD 1.7 - 'abook_dbname' Remote Code Execution Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Remote Root Exploit Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Monit 4.1 - Remote Root Buffer Overflow Monit 4.2 - Remote Root Buffer Overflow Monit 4.1 - Buffer Overflow Monit 4.2 - Buffer Overflow INND/NNRP < 1.6.x - Remote Root Overflow INND/NNRP < 1.6.x - Overflow Exploit LPRng (RedHat 7.0) - lpd Remote Root Format String LPRng (RedHat 7.0) - 'lpd' Format String BeroFTPD 1.3.4(1) (Linux/x86) - Remote Root Exploit BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution BIND 8.2.x - (TSIG) Remote Root Stack Overflow (1) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (2) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (3) BIND 8.2.x - (TSIG) Remote Root Stack Overflow (4) BIND 8.2.x - (TSIG) Stack Overflow (1) BIND 8.2.x - (TSIG) Stack Overflow (2) BIND 8.2.x - (TSIG) Stack Overflow (3) BIND 8.2.x - (TSIG) Stack Overflow (4) HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Root Exploit CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Solaris /bin/login (SPARC/x86) - Remote Root Exploit Solaris /bin/login (SPARC/x86) - Remote Code Execution Drcat 0.5.0-beta - (drcatd) Remote Root Exploit Drcat 0.5.0-beta - 'drcatd' Remote Code Execution Dropbear SSH 0.34 - Remote Root Exploit Dropbear SSH 0.34 - Remote Code Execution Apple Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow Apple Mac OSX 10.3.3 - AppleFileServer Overflow Remote Code Execution Monit 4.2 - Basic Authentication Remote Root Exploit Monit 4.2 - Basic Authentication Remote Code Execution WvTFTPd 0.9 - Remote Root Heap Overflow WvTFTPd 0.9 - Heap Overflow Qwik SMTP 0.3 - Remote Root Format String Qwik SMTP 0.3 - Format String Citadel/UX 6.27 - Remote Root Format String Citadel/UX 6.27 - Format String Knox Arkeia Server Backup 5.3.x - Remote Root Exploit Knox Arkeia Server Backup 5.3.x - Remote Code Execution Smail 3.2.0.120 - Remote Root Heap Overflow mtftpd 0.0.3 - Remote Root Exploit Smail 3.2.0.120 - Heap Overflow mtftpd 0.0.3 - Remote Code Execution dSMTP Mail Server 3.1b - Linux Remote Root Format String dSMTP Mail Server 3.1b (Linux) - Format String Exploit IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit linux-ftpd-ssl 0.17 - 'MKD'/'CWD' Remote Code Execution MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow Alt-N MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow dproxy-nexgen (Linux/x86) - Buffer Overflow Kerberos 1.5.1 - Kadmind Remote Root Buffer Overflow Kerberos 1.5.1 - Kadmind Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield) webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow Sun Solaris 10 - rpc.ypupdated Remote Root Exploit Sun Solaris 10 - 'rpc.ypupdated' Remote Code Execution ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit) Sun Solaris 10 - rpc.ypupdated Remote Code Execution (Metasploit) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python) Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python) Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit Solaris 9 (UltraSPARC) - sadmind Remote Code Execution Apache SpamAssassin Milter Plugin 0.3.1 - Remote Root Command Execution Apache SpamAssassin Milter Plugin 0.3.1 - Remote Command Execution Microworld eScan AntiVirus < 3.x - Remote Root Command Execution Microworld eScan AntiVirus < 3.x - Remote Code Execution AIX5l with FTP-Server - Remote Root Hash Disclosure AIX5l with FTP-Server - Hash Disclosure McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution) McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Remote Code Execution) ProFTPd 1.3.3c - Compromised Source Remote Root Trojan ProFTPd 1.3.3c - Compromised Source (Trojan) Remote Code Execution Comtrend ADSL Router CT-5367 C01_R12 - Remote Root Exploit Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit) Alt-N MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit) ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution DreamBox DM800 1.5rc1 - Remote Root File Disclosure DreamBox DM800 1.5rc1 - File Disclosure TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite TelnetD encrypt_keyid - Function Pointer Overwrite F5 BIG-IP - Remote Root Authentication Bypass (2) MySQL - Remote Root Authentication Bypass F5 BIG-IP - Authentication Bypass (2) MySQL - Authentication Bypass ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection WIDZ 1.0/1.5 - Remote Root Compromise WIDZ 1.0/1.5 - Remote Code Execution Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH) DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow proManager 0.73 - (note.php) SQL Injection ProManager 0.73 - 'note.php' SQL Injection pNews 1.1.0 - (nbs) Remote File Inclusion pNews 1.1.0 - 'nbs' Parameter Remote File Inclusion Power Phlogger 2.0.9 - (config.inc.php3) File Inclusion Power Phlogger 2.0.9 - 'config.inc.php3' File Inclusion eFiction 3.1.1 - (path_to_smf) Remote File Inclusion eFiction 3.1.1 - 'path_to_smf' Remote File Inclusion FlexPHPNews 0.0.5 - (news.php newsid) SQL Injection FlexPHPNews 0.0.5 - 'newsid' Parameter SQL Injection Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion Achievo 1.1.0 - 'config_atkroot' Parameter Remote File Inclusion SimpNews 2.40.01 - (print.php newnr) SQL Injection SimpNews 2.40.01 - 'newnr' Parameter SQL Injection PHPNews 0.93 - (format_menue) Remote File Inclusion PHPNews 0.93 - 'format_menue' Parameter Remote File Inclusion meBiblio 0.4.5 - (index.php action) Remote File Inclusion meBiblio 0.4.5 - 'action' Parameter Remote File Inclusion Joomla! Component rapidrecipe 1.6.5 - SQL Injection Joomla! Component Rapid Recipe 1.6.5 - SQL Injection mebiblio 0.4.7 - (SQL Injection / Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities mebiblio 0.4.7 - SQL Injection / Arbitrary File Upload / Cross-Site Scripting pLog - 'albumID' SQL Injection smeweb 1.4b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PLog 1.0.6 - 'albumID' Parameter SQL Injection smeweb 1.4b - SQL Injection / Cross-Site Scripting Joomla! Component joomradio 1.0 - 'id' SQL Injection Joomla! Component JoomRadio 1.0 - 'id' Parameter SQL Injection Battle Blog 1.25 - (comment.asp) SQL Injection Battle Blog 1.25 - 'comment.asp' SQL Injection 1Book Guestbook Script - Code Execution 1Book Guestbook Script 1.0.1 - Code Execution PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component EasyBook 1.1 - (gbid) SQL Injection 427bb 2.3.1 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PHP-Address Book 3.1.5 - SQL Injection / Cross-Site Scripting Joomla! Component EasyBook 1.1 - 'gbid' Parameter SQL Injection 427bb 2.3.1 - SQL Injection / Cross-Site Scripting Power Phlogger 2.2.5 - (css_str) SQL Injection pSys 0.7.0.a - (shownews) SQL Injection Joomla! Component JoomlaDate - (user) SQL Injection Power Phlogger 2.2.5 - 'css_str' Parameter SQL Injection pSys 0.7.0.a - 'shownews' Parameter SQL Injection Joomla! Component JoomlaDate 1.2 - 'user' Parameter SQL Injection JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component yvcomment 1.16 - Blind SQL Injection JiRo's FAQ Manager eXperience 1.0 - 'fID' Parameter SQL Injection phpinv 0.8.0 - Local File Inclusion / Cross-Site Scripting Joomla! Component yvComment 1.16 - Blind SQL Injection BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion Joomla! Component rapidrecipe - SQL Injection Joomla! Component Rapid Recipe 1.6.6/1.6.7 - SQL Injection Joomla! Component iJoomla! News Portal - 'itemID' SQL Injection Joomla! Component iJoomla News Portal 1.0 - 'itemID' Parameter SQL Injection real estate Web site 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities telephone directory 2008 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ASPilot Pilot Cart 7.3 - (article) SQL Injection real estate Web site 1.0 - SQL Injection / Cross-Site Scripting Telephone Directory 2008 - SQL Injection / Cross-Site Scripting ASPilot Pilot Cart 7.3 - 'article' Parameter SQL Injection Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite pNews 2.08 - (shownews) SQL Injection Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite pNews 2.08 - 'shownews' Parameter SQL Injection ErfurtWiki R1.02b - (css) Local File Inclusion DCFM Blog 0.9.4 - (comments) SQL Injection yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Insanely Simple Blog 0.5 - (index) SQL Injection ASPPortal Free Version - 'Topic_Id' SQL Injection Experts 1.0.0 - (answer.php) SQL Injection SyndeoCMS 2.6.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ErfurtWiki R1.02b - Local File Inclusion DCFM Blog 0.9.4 - SQL Injection Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection Insanely Simple Blog 0.5 - SQL Injection ASPPortal Free Version - 'Topic_Id' Parameter SQL Injection Experts 1.0.0 - 'answer.php' SQL Injection SyndeoCMS 2.6.0 - Local File Inclusion / Cross-Site Scripting Yuhhu 2008 SuperStar - 'board' SQL Injection Yuhhu 2008 SuperStar - 'board' Parameter SQL Injection eFiction 3.0 - (toplists.php list) SQL Injection eFiction 3.0 - 'toplists.php' SQL Injection pSys 0.7.0 Alpha - (chatbox.php) SQL Injection pSys 0.7.0 Alpha - 'chatbox.php' SQL Injection pNews 2.03 - (newsid) SQL Injection pNews 2.03 - 'newsid' Parameter SQL Injection Joomla! Component JooBlog 0.1.1 - (PostID) SQL Injection Joomla! Component JooBlog 0.1.1 - 'PostID' Parameter SQL Injection FlexPHPNews 0.0.6 & PRO - (Authentication Bypass) SQL Injection FlexPHPNews 0.0.6 & PRO - Authentication Bypass E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities E-ShopSystem - Authentication Bypass / SQL Injection Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload 427BB Fourtwosevenbb 2.3.2 - SQL Injection 427BB 2.3.2 - SQL Injection Joomla! Component 'com_joomradio' - SQL Injection Joomla! Component JoomRadio 1.0 - SQL Injection Joomla! Component 'com_elite_experts' - SQL Injection Joomla! Component Elite Experts - SQL Injection ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection Contrexx ShopSystem 2.2 SP3 (catId) - Blind SQL Injection Contrexx ShopSystem 2.2 SP3 - 'catId' Parameter Blind SQL Injection Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting Alt-N MDaemon free 12.5.4 - Persistent Cross-Site Scripting SimpNews 2.0.1/2.13 - PATH_SIMPNEWS Remote File Inclusion SimpNews 2.0.1/2.13 - 'path_simpnews' Parameter Remote File Inclusion PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion PHPSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - system_footer.php Multiple Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - 'sensor_program' Parameter Cross-Site Scripting PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure Seowonintech Routers fw: 2.3.9 - File Disclosure PHPNews 1.2.x - auth.php SQL Injection PHPNews 1.2.x - 'auth.php' SQL Injection efiction 1.0/1.1/2.0 - titles.php let Parameter Cross-Site Scripting efiction 1.0/1.1/2.0 - titles.php let Parameter SQL Injection efiction 1.0/1.1/2.0 - viewstory.php sid Parameter SQL Injection efiction 1.0/1.1/2.0 - viewuser.php uid Parameter SQL Injection efiction 1.0/1.1/2.0 - 'titles.php' Cross-Site Scripting efiction 1.0/1.1/2.0 - 'titles.php' SQL Injection efiction 1.0/1.1/2.0 - 'sid' Parameter SQL Injection efiction 1.0/1.1/2.0 - 'uid' Parameter SQL Injection 427BB 2.2 - showthread.php SQL Injection 427BB 2.2 - 'showthread.php' SQL Injection BrowserCRM - results.php Cross-Site Scripting Simpnews 2.x - Wap_short_news.php Remote File Inclusion Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting Yblog - funk.php id Parameter Cross-Site Scripting Yblog - tem.php action Parameter Cross-Site Scripting Yblog - uss.php action Parameter Cross-Site Scripting Yblog - 'funk.php' Cross-Site Scripting Yblog - 'tem.php' Cross-Site Scripting Yblog - 'uss.php' Cross-Site Scripting Simpnews 2.x - admin/index.php Unspecified Cross-Site Scripting Simpnews 2.x - admin/pwlost.php Unspecified Cross-Site Scripting Simpnews 2.x - 'index.php' Cross-Site Scripting Simpnews 2.x - 'pwlost.php' Cross-Site Scripting PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting Insanely Simple Blog 0.4/0.5 - 'index.php' current_subsection Parameter SQL Injection Insanely Simple Blog 0.4/0.5 - Blog Anonymous Blog Entry Cross-Site Scripting Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting SimpNews 2.41.3 - admin/layout2b.php l_username Parameter Cross-Site Scripting SimpNews 2.41.3 - comment.php backurl Parameter Cross-Site Scripting SimpNews 2.41.3 - 'l_username' Parameter Cross-Site Scripting SimpNews 2.41.3 - 'backurl' Parameter Cross-Site Scripting BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection BrowserCRM 5.100.1 - modules/Documents/index.php contact_id Parameter SQL Injection BrowserCRM 5.100.1 - Multiple Script URI Cross-Site Scripting BrowserCRM 5.100.1 - license/index.php framed Parameter Cross-Site Scripting BrowserCRM 5.100.1 - licence/view.php framed Parameter Cross-Site Scripting BrowserCRM 5.100.1 - pub/clients.php login[] Parameter Cross-Site Scripting BrowserCRM 5.100.1 - 'index.php' login[] Parameter Cross-Site Scripting BrowserCRM 5.100.1 - 'parent_id' Parameter SQL Injection BrowserCRM 5.100.1 - 'contact_id' Parameter SQL Injection BrowserCRM 5.100.1 - URI Cross-Site Scripting BrowserCRM 5.100.1 - 'framed' Parameter Cross-Site Scripting Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection BrowserCRM 5.100.1 - 'clients.php' Cross-Site Scripting BrowserCRM 5.100.1 - 'login[]' Cross-Site Scripting	2016-12-07 05:01:17 +00:00
Offensive Security	5dc941e36b	DB: 2016-12-06 5 new exploits Foxit Reader 4.1.1 - Stack Overflow (Egghunter Mod) Foxit Reader 4.1.1 - Stack Overflow (Egghunter) iSQL 1.0 - Shell Command Injection iSQL 1.0 - Command Injection Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection Microsoft Excel Starter 2010 - XML External Entity Injection Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity Injection Samba 2.2.x - Remote Root Buffer Overflow Samba 2.2.x - Buffer Overflow PoPToP PPTP 1.1.4-b3 - Remote Root Exploit Snort 1.9.1 - 'p7snort191.sh' Remote Root Exploit PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit PoPToP PPTP 1.1.4-b3 - Remote Command Execution Snort 1.9.1 - 'p7snort191.sh' Remote Command Execution PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Command Execution Sendmail 8.12.8 - Prescan() BSD Remote Root Exploit Sendmail 8.12.8 - Prescan() BSD Remote Command Execution WsMp3d 0.x - Remote Root Heap Overflow WsMp3d 0.x - Heap Overflow Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit Atftpd 0.6 - 'atftpdx.c' Remote Command Execution Samba 2.2.8 - (Brute Force Method) Remote Root Exploit Samba 2.2.8 - (Brute Force Method) Remote Command Execution WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit WU-FTPD 2.6.2 - Off-by-One Remote Command Execution WU-FTPD 2.6.2 - Remote Root Exploit WU-FTPD 2.6.2 - Remote Command Execution WU-FTPD 2.6.0 - Remote Root Exploit WU-FTPD 2.6.0 - Remote Command Execution LPRng 3.6.22/23/24 - Remote Root Exploit LPRng 3.6.22/23/24 - Remote Command Execution LPRng 3.6.24-1 - Remote Root Exploit LPRng 3.6.24-1 - Remote Command Execution WU-FTPD 2.6.1 - Remote Root Exploit SSH (x2) - Remote Root Exploit WU-FTPD 2.6.1 - Remote Command Execution SSH (x2) - Remote Command Execution BSD TelnetD - Remote Root Exploit (1) BSD TelnetD - Remote Command Execution (1) Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit Sendmail with clamav-milter < 0.91.2 - Remote Command Execution ProFTPd IAC 1.3.x - Remote Root Exploit ProFTPd IAC 1.3.x - Remote Command Execution Exim 4.63 - Remote Root Exploit Exim 4.63 - Remote Command Execution Splunk - Remote Root Exploit Splunk - Remote Command Execution FreeBSD OpenSSH 3.5p1 - Remote Root Exploit FreeBSD OpenSSH 3.5p1 - Remote Command Execution HP Data Protector (Linux) - Remote Root Shell HP Data Protector (Linux) - Remote Command Execution FreeBSD ftpd and ProFTPd on FreeBSD - Remote Root Exploit FreeBSD ftpd and ProFTPd on FreeBSD - Remote Command Execution Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Root Remote Code Execution) Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Remote Code Execution) BSD TelnetD - Remote Root Exploit (2) BSD TelnetD - Remote Command Execution (2) Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Root Remote Code Execution) Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Remote Command Execution) Sendmail 8.6.9 IDENT - Remote Root Exploit Sendmail 8.6.9 IDENT - Remote Command Execution Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Exploit ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQL Injection ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection H-Sphere Webshell 2.4 - Remote Root Exploit H-Sphere Webshell 2.4 - Remote Command Execution MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Root Exploit MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution Ubiquiti AirOS 5.5.2 - Authenticated Remote Command Execution Allied Telesis AT-MCF2000M 3.0.2 - Gaining Root Shell Access Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution Novell NCP - Unauthenticated Remote Root Exploit Novell NCP - Unauthenticated Remote Command Execution Seowonintech Devices - Remote Root Exploit Seowonintech Devices - Remote Command Execution ASUS RT-AC66U - acsd Parameter Remote Root Shell ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP) ASUS RT-N56U - Remote Buffer Overflow (ROP) NovaSTOR NovaNET 12.0 - Remote Root Exploit NovaSTOR NovaNET 12.0 - Remote Command Execution ALCASAR 2.8 - Remote Root Code Execution ALCASAR 2.8 - Remote Code Execution F5 iControl - Remote Root Command Execution (Metasploit) F5 iControl - Remote Command Execution (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Command Execution (Metasploit) Seagate Central 2014.0410.0026-F - Remote Root Exploit Seagate Central 2014.0410.0026-F - Remote Command Execution Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit Proxmox VE 3/4 - Insecure Hostname Checking Remote Command Execution Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit) BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution Alcatel Lucent Omnivista 8770 - Remote Code Execution Windows x86 - Password Protected TCP Bind Shell (637 bytes) Windows x86 - Password Protected TCP Bind Shellcode (637 bytes) Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes) Windows x86 - URLDownloadToFileA() / SetFileAttributesA() / WinExec() / ExitProcess() Shellcode (394 bytes) Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes) Linux/x86-64 - Syscall Persistent Bind Shell / Multi-terminal / Password / Daemon Shellcode (83_ 148_ 177 bytes) Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes) Linux/x86-64 - Subtle Probing Reverse Shell / Timer_ Burst / Password / Multi-Terminal Shellcode (84_ 122_ 172 bytes) Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes) Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes) Linux/x86 - NetCat Bind Shellcode with Port (44 / 52 bytes) Linux/x86 - zsh TCP Port 9090 Bind Shellcode (96 bytes) Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Command Execution D-Link DSR Router Series - Remote Root Shell D-Link DSR Router Series - Remote Command Execution Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities Alcatel Lucent Omnivista 4760 - Multiple Cross-Site Scripting Vulnerabilities ALCASAR 2.8.1 - Remote Root Code Execution ALCASAR 2.8.1 - Remote Code Execution SevOne NMS 5.3.6.0 - Remote Root Exploit SevOne NMS 5.3.6.0 - Remote Command Execution Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution Iris ID IrisAccess ICU 7000-2 - Remote Command Execution NUUO NVRmini 2 3.0.8 - Remote Root Exploit NUUO NVRmini 2 3.0.8 - Remote Code Execution EyeLock nano NXT 3.5 - Remote Root Exploit EyeLock nano NXT 3.5 - Remote Code Execution InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Command Execution	2016-12-06 05:01:19 +00:00
Offensive Security	32fc589910	DB: 2016-11-23 8 new exploits xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC) Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC) 3Com OfficeConnect Routers - Denial of Service (Content-Type) 3Com OfficeConnect Routers - (Content-Type) Denial of Service xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow Divx Player - Denial of Service Divx Player 6.8.2 - Denial of Service Microsoft Word (Win/Mac) - Crash (PoC) Microsoft Word (Windows/OSX) - Crash (PoC) TP-LINK TDDP - Multiple Vulnerabilities Microsoft Internet Explorer 8 MSHTML - 'Ptls5::LsFindSpanVisualBoundaries' Memory Corruption Office 2008 sp0 - RTF pFragments MAC Exploit Microsoft Office 2008 SP0 (Mac) - RTF pFragments Exploit Huawei UTPS - Unquoted Service Path Privilege Escalation xine-lib 1.1 - (media player library) Remote Format String Xine-Lib 1.1 - (media player library) Remote Format String Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite 3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting 3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Parameter Cross-Site Scripting xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities Xine-Lib 1.1.11 - Multiple Heap Based Remote Buffer Overflow Vulnerabilities Crestron AM-100 - Multiple Vulnerabilities Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) Simple Machines Forum 1.0.4 - (modify) SQL Injection Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL Injection PHP-Fusion 6.00.109 - (msg_send) SQL Injection PHP-Fusion 6.00.109 - 'msg_send' Parameter SQL Injection PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection PHP-Fusion 6.00.306 - (srch_where) SQL Injection PHP-Fusion 6.00.306 - 'srch_where' Parameter SQL Injection Simple Machines Forum 1.1 rc2 (Windows) - (lngfile) Remote Exploit Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploit Simple Machines Forum 1.1 rc2 - Lock Topics Remote Exploit Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion Virtual Law Office - (phpc_root_path) Remote File Inclusion Virtual Law Office - 'phpc_root_path' Remote File Inclusion AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion AllMyGuests 0.3.0 - 'AMG_serverpath' Parameter Remote File Inclusion Simple Machines Forum 1.1.3 - Blind SQL Injection Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection BosClassifieds 3.0 - (index.php cat) SQL Injection BosNews 4.0 - (article) SQL Injection BosClassifieds 3.0 - 'index.php' SQL Injection BosNews 4.0 - 'article' Parameter SQL Injection Classifieds Caffe - 'index.php cat_id' SQL Injection Classifieds Caffe - 'cat_id' Parameter SQL Injection carbon communities 2.4 - Multiple Vulnerabilities XplodPHP AutoTutorials 2.1 - 'id' SQL Injection Carbon Communities 2.4 - Multiple Vulnerabilities XplodPHP AutoTutorials 2.1 - 'id' Parameter SQL Injection Grape Statistics 0.2a - (location) Remote File Inclusion 5th Avenue Shopping Cart - 'category_id' SQL Injection Grape Statistics 0.2a - 'location' Parameter Remote File Inclusion 5th Avenue Shopping Cart - 'category_id' Parameter SQL Injection PhShoutBox 1.5 - (final) Insecure Cookie Handling Simple Customer 1.2 - (contact.php id) SQL Injection AllMyGuests 0.4.1 - (AMG_id) SQL Injection PhShoutBox 1.5 - Insecure Cookie Handling Simple Customer 1.2 - 'contact.php' SQL Injection AllMyGuests 0.4.1 - 'AMG_id' Parameter SQL Injection Simple Machines Forum 1.1.4 - SQL Injection Simple Machines Forum (SMF) 1.1.4 - SQL Injection virtual support office-xp 3.0.29 - Multiple Vulnerabilities Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities PHP-Fusion Mod Classifieds - (lid) SQL Injection PHP-Fusion Mod Classifieds - 'lid' Parameter SQL Injection Simple Machines Forum 1.1.5 (Windows x86) - Admin Reset Password Exploit Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit PHP-Fusion Mod freshlinks - (linkid) SQL Injection PHP-Fusion Mod freshlinks - 'linkid' Parameter SQL Injection PHP-Fusion Mod manuals - (manual) SQL Injection PHP-Fusion Mod manuals - 'manual' Parameter SQL Injection PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection PHP-Fusion Mod triscoop_race_system - 'raceid' Parameter SQL Injection BosDev BosClassifieds - 'cat_id' SQL Injection BosClassifieds - 'cat_id' SQL Injection Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution PHP-Fusion 7.00.1 - (messages.php) SQL Injection PHP-Fusion 7.00.1 - 'messages.php' SQL Injection Check New 4.52 - (findoffice.php search) SQL Injection Check New 4.52 - 'findoffice.php search' SQL Injection PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection PHP-Fusion Mod the_kroax (comment_id) - SQL Injection PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload Simple Machines Forums - (BBCode) Cookie Stealing Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing PHP-Fusion Mod Book Panel - (bookid) SQL Injection PHP-Fusion Mod Book Panel - 'bookid' Parameter SQL Injection PHP-Fusion Mod Book Panel - (course_id) SQL Injection PHP-Fusion Mod Book Panel - 'course_id' Parameter SQL Injection Opencart 1.1.8 - (route) Local File Inclusion Opencart 1.1.8 - 'route' Local File Inclusion exjune officer message system 1 - Multiple Vulnerabilities Exjune Officer Message System 1 - Multiple Vulnerabilities Simple Machines Forum - Multiple Security Vulnerabilities Simple Machines Forum (SMF) - Multiple Security Vulnerabilities PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection PHP-Fusion 6.01.15.4 - 'downloads.php' SQL Injection Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute (PoC) Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC) PHP-fusion dsmsf - (module downloads) SQL Injection PHP-fusion dsmsf Mod Downloads - SQL Injection Group Office - (comment_id) SQL Injection Group Office - 'comment_id' SQL Injection PHP-Fusion MG - User-Fotoalbum SQL Injection PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection Simple Machines forum (SMF) 2.0 - session Hijacking Simple Machines Forum (SMF) 2.0 - Session Hijacking AllMyGuests 0.x - info.inc.php Arbitrary Code Execution AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution Simple Machines Forum 1.0 - Size Tag HTML Injection Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection OpenCart 1.5.5.1 - (FileManager.php) Directory Traversal Arbitrary File Access OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access PHP-Fusion 4.0 - Viewthread.php Information Disclosure PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure PHP-Fusion 4/5 - Setuser.php HTML Injection PHP-Fusion 4/5 - 'Setuser.php' HTML Injection PHP-Fusion 4.0/5.0/6.0 - messages.php SQL Injection PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection PHP-Fusion 6.0.109 - messages.php SQL Injection PHP-Fusion 6.0.109 - 'messages.php' SQL Injection PHP-Fusion 6.0 - members.php Cross-Site Scripting PHP-Fusion 6.0 - 'members.php' Cross-Site Scripting PHP-Fusion 6.0.x - news.php SQL Injection PHP-Fusion 6.0.x - 'news.php' SQL Injection Simple Machines Forum 1.0/1.1 - 'index.php' Cross-Site Scripting Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scripting PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection Simple Machines Forum 1.1.4 - Multiple Remote File Inclusion Simple Machines Forum (SMF) 1.1.4 - Multiple Remote File Inclusion Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass Simple Machines Forum (SMF) 1.1.6 - HTTP POST Request Filter Security Bypass OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection PHP-Fusion - 'articles.php' Cross-Site Scripting AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload WordPress Plugin Dharma booking 2.38.3 - File Inclusion WordPress Plugin Dharma Booking 2.38.3 - File Inclusion EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection	2016-11-23 05:01:19 +00:00
Offensive Security	490539b3f3	DB: 2016-11-09 17 new exploits DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion DigitalHive 2.0 RC2 - 'base_include.php' Remote File Inclusion DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion DodosMail 2.0.1 - 'dodosmail.php' Remote File Inclusion DoSePa 1.0.4 - (textview.php) Information Disclosure DoSePa 1.0.4 - 'textview.php' Information Disclosure TrueCrypt 4.3 - Privilege Escalation TrueCrypt 4.3 - 'setuid' Privilege Escalation w-Agora 4.2.1 - (cat) SQL Injection w-Agora 4.2.1 - 'cat' Parameter SQL Injection IPTBB 0.5.4 - (viewdir id) SQL Injection IPTBB 0.5.4 - 'id' Parameter SQL Injection LoudBlog 0.6.1 - (parsedpage) Remote Code Execution LoudBlog 0.6.1 - 'parsedpage' Parameter Remote Code Execution evilboard 0.1a - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities evilboard 0.1a - SQL Injection / Cross-Site Scripting QuickTime Player 7.3.1.70 - (rtsp) Buffer Overflow QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow DigitalHive 2.0 RC2 - (user_id) SQL Injection DigitalHive 2.0 RC2 - 'user_id' Parameter SQL Injection X7 Chat 2.0.5 - 'day' SQL Injection X7 Chat 2.0.5 - 'day' Parameter SQL Injection HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/DoS Cisco VPN Client - Integer Overflow (DOS) Cisco VPN Client - Integer Overflow (DoS) Multiple WordPress Plugins - timthumb.php File Upload Multiple WordPress Plugins - 'timthumb.php' File Upload glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation NetServe FTP Client 1.0 - Local DOS (Overflow) NetServe FTP Client 1.0 - Local DoS (Overflow) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial Of Service (PoC) Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084) Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation Solaris 8/9 ps - Environment Variable Information leak Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation Linux Kernel - TCP Related Read Use-After-Free WordPress Plugin 'XCloner' 3.1.5 - Multiple Vulnerabilities WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting MOVISTAR ADSL Router BHS_RTA - Remote File Disclosure D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure PLANET ADSL Router AND-4101 - Remote File Disclosure Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit) Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution	2016-11-09 05:01:25 +00:00
Offensive Security	1e08cb156e	DB: 2016-11-08 7 new exploits BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String BolinTech DreamFTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service BolinTech DreamFTP Server 1.0.2 - (PORT) Remote Denial of Service BolinTech DreamFTP - 'USER' Remote Buffer Overflow (PoC) BolinTech DreamFTP Server - 'USER' Remote Buffer Overflow (PoC) Dream FTP Server 1.02 - (users.dat) Arbitrary File Disclosure BolinTech DreamFTP Server 1.02 - 'users.dat' Arbitrary File Disclosure Joomla! Component com_menu - SQL Injection Joomla! Component 'com_menu' - SQL Injection Joomla! Component com_jp_jobs - SQL Injection Joomla! Component 'com_jp_jobs' 1.4.1 - SQL Injection Joomla! Component redSHOP - Local File Inclusion Joomla! Component redTWITTER - Local File Inclusion Joomla! Component WISro Yahoo Quotes - Local File Inclusion Joomla! Component com_press - SQL Injection Joomla! Component Picasa 2.0 - Local File Inclusion Joomla! Component 'com_redshop' 1.0 - Local File Inclusion Joomla! Component 'com_redtwitter' 1.0 - Local File Inclusion Joomla! Component 'com_wisroyq' 1.1 - Local File Inclusion Joomla! Component 'com_press' - SQL Injection Joomla! Component 'com_joomlapicasa' 2.0 - Local File Inclusion Joomla! Component com_serie - SQL Injection Joomla! Component 'com_serie' - SQL Injection Joomla! Component com_ranking - SQL Injection Joomla! Component JInventory - Local File Inclusion Joomla! Component com_svmap 1.1.1 - Local File Inclusion Joomla! Component com_shoutbox - Local File Inclusion Joomla! Component com_loginbox - Local File Inclusion Joomla! Component com_bca-rss-syndicator - Local File Inclusion Joomla! Component Magic Updater (com_Joomlaupdater) - Local File Inclusion Joomla! Component 'com_ranking' - SQL Injection Joomla! Component 'com_jinventory' - Local File Inclusion Joomla! Component 'com_svmap' 1.1.1 - Local File Inclusion Joomla! Component 'com_shoutbox' - Local File Inclusion Joomla! Component 'com_loginbox' - Local File Inclusion Joomla! Component 'com_bca-rss-syndicator' - Local File Inclusion Joomla! Component 'com_Joomlaupdater' - Local File Inclusion Joomla! Component News Portal com_news - Local File Inclusion Joomla! Component FreeStyle FAQ Lite 1.3 com_fss (faqid) - SQL Injection Joomla! Component 'com_news_portal' 1.5.x - Local File Inclusion Joomla! Component 'com_fss' 1.3 - 'faqid' Parameter SQL Injection Joomla! Component Saber Cart com_sebercart - Local File Inclusion Joomla! Component J!WHMCS Integrator com_jwhmcs - Local File Inclusion Joomla! Component Juke Box com_jukebox - Local File Inclusion Joomla! Component Joomla! Flickr com_Joomlaflickr - Local File Inclusion Joomla! Component Highslide JS com_hsconfig - Local File Inclusion Joomla! Component Fabrik com_fabrik - Local File Inclusion Joomla! Component Affiliate Feeds com_datafeeds - Local File Inclusion Joomla! Component Appointment com_appointment - Local File Inclusion Joomla! Component 'com_sebercart' 1.0.0.12 - Local File Inclusion Joomla! Component 'com_jwhmcs' 1.5.0 - Local File Inclusion Joomla! Component 'com_jukebox' 1.7 - Local File Inclusion Joomla! Component 'com_Joomlaflickr' 1.0 - Local File Inclusion Joomla! Component 'com_hsconfig' 1.5 - Local File Inclusion Joomla! Component 'com_fabrik' 2.0 - Local File Inclusion Joomla! Component 'com_datafeeds' 880 - Local File Inclusion Joomla! Component 'com_appointment' 1.5 - Local File Inclusion Joomla! Component XOBBIX - prodid SQL Injection Joomla! Component 'com_xobbix' 1.0 - 'prodid' Parameter SQL Injection Joomla! Component aWiki com_awiki - Local File Inclusion Joomla! Component VJDEO com_vjdeo 1.0 - Local File Inclusion Joomla! Component 'com_awiki' - Local File Inclusion Joomla! Component 'com_vjdeo' 1.0 - Local File Inclusion Joomla! Component com_articles - SQL Injection Joomla! Component 'com_articles' - SQL Injection Joomla! Component Webee Comments - Local File Inclusion Joomla! Component Realtyna Translator - Local File Inclusion Joomla! Component AWDwall-Joomla! - (cbuser) Local File Inclusion / SQL Injection Joomla! Component 'com_webeecomment' 2.0 - Local File Inclusion Joomla! Component 'com_realtyna' 1.0.15 - Local File Inclusion Joomla! Component com_awdwall 1.5.4 - Local File Inclusion / SQL Injection Joomla! Component PowerMail Pro com_powermail - Local File Inclusion Joomla! Component 'com_powermail' 1.5.3 - Local File Inclusion Joomla! Component Foobla Suggestions com_foobla - Local File Inclusion Joomla! Component JA Voice com_javoice - Local File Inclusion Joomla! Component 'com_foobla_suggestions' 1.5.1.2 - Local File Inclusion Joomla! Component 'com_javoice' - Local File Inclusion Joomla! Component com_pcchess - Local File Inclusion Joomla! Component huruhelpdesk - SQL Injection Joomla! Component 'com_pcchess' - Local File Inclusion Joomla! Component 'com_huruhelpdesk' - SQL Injection Joomla! Component com_agenda 1.0.1 - 'id' SQL Injection Joomla! Component 'com_agenda' 1.0.1 - 'id' Parameter SQL Injection Joomla! Component com_properties[aid] - SQL Injection Joomla! Component allvideos - Blind SQL Injection Joomla! Component com_Ca - SQL Injection Joomla! Component 'com_properties' - 'aid' Parameter SQL Injection Joomla! Component 'com_allvideos' - Blind SQL Injection Joomla! Component 'com_ca' - SQL Injection Joomla! Component TweetLA! - Local File Inclusion Joomla! Component Ticketbook - Local File Inclusion Joomla! Component JA Job Board - Multiple Local File Inclusion Joomla! Component Jfeedback! - Local File Inclusion Joomla! Component JProject Manager - Local File Inclusion Joomla! Component Preventive And Reservation - Local File Inclusion Joomla! Component RokModule - 'moduleid' Blind SQL Injection Joomla! Component spsNewsletter - Local File Inclusion Joomla! Component AlphaUserPoints - Local File Inclusion Joomla! Component TRAVELbook - Local File Inclusion Joomla! Component 'com_tweetla' - Local File Inclusion Joomla! Component 'com_ticketbook' - Local File Inclusion Joomla! Component 'com_jajobboard' - Multiple Local File Inclusion Joomla! Component 'com_jfeedback' - Local File Inclusion Joomla! Component 'com_jprojectmanager' - Local File Inclusion Joomla! Component 'com_preventive' - Local File Inclusion Joomla! Component 'com_rokmodule' - 'moduleid' Parameter Blind SQL Injection Joomla! Component 'com_spsnewsletter' - Local File Inclusion Joomla! Component 'com_alphauserpoints' 1.5.5 - Local File Inclusion Joomla! Component 'com_travelbook' 1.0.1 - Local File Inclusion Joomla! Component education - SQL Injection Joomla! Component 'com_education_classess' - SQL Injection Joomla! Component Multi-Venue Restaurant Menu Manager - SQL Injection Joomla! Component 'com_mv_restaurantmenumanager' 1.5.2 - SQL Injection Joomla! Component mv_restaurantmenumanager - SQL Injection Joomla! Component 'mv_restaurantmenumanager' - SQL Injection Joomla! Component Web TV com_webtv - Local File Inclusion Joomla! Component Horoscope com_horoscope - Local File Inclusion Joomla! Component Arcade Games com_arcadegames - Local File Inclusion Joomla! Component Flashgames com_Flashgames - Local File Inclusion Joomla! Component AddressBook com_AddressBook - Local File Inclusion Joomla! Component Easy Ad Banner com_advertising - Local File Inclusion Joomla! Component CV Maker com_cvmaker - Local File Inclusion Joomla! Component My Files com_myfiles - Local File Inclusion Joomla! Component Online Exam com_onlineexam - Local File Inclusion Joomla! Component JoomMail com_joommail - Local File Inclusion Joomla! Component Memory Book com_memory - Local File Inclusion Joomla! Component Online Market com_market - Local File Inclusion Joomla! Component Digital Diary com_diary - Local File Inclusion Joomla! Component 'com_webtv' - Local File Inclusion Joomla! Component 'com_horoscope' - Local File Inclusion Joomla! Component 'com_arcadegames' - Local File Inclusion Joomla! Component 'com_Flashgames' - Local File Inclusion Joomla! Component 'com_AddressBook' - Local File Inclusion Joomla! Component 'com_advertising' - Local File Inclusion Joomla! Component 'com_cvmaker' - Local File Inclusion Joomla! Component 'com_myfiles' - Local File Inclusion Joomla! Component 'com_onlineexam' - Local File Inclusion Joomla! Component 'com_joommail' - Local File Inclusion Joomla! Component 'com_memory' - Local File Inclusion Joomla! Component 'com_market' - Local File Inclusion Joomla! Component 'com_diary' - Local File Inclusion Joomla! Component com_worldrates - Local File Inclusion Joomla! Component com_record - Local File Inclusion Joomla! Component com_sweetykeeper - Local File Inclusion Joomla! Component com_jdrugstopics - SQL Injection Joomla! Component com_sermonspeaker - SQL Injection Joomla! Component com_flexicontent - Local File Joomla! Component 'com_worldrates' - Local File Inclusion Joomla! Component 'com_record' - Local File Inclusion Joomla! Component 'com_sweetykeeper' - Local File Inclusion Joomla! Component 'com_jdrugstopics' - SQL Injection Joomla! Component 'com_sermonspeaker' - SQL Injection Joomla! Component 'com_flexicontent' - Local File Joomla! Component Jvehicles - (aid) SQL Injection Joomla! Component com_jp_jobs 1.2.0 - 'id' SQL Injection Joomla! Component 'com_jvehicles' - 'aid' Parameter SQL Injection Joomla! Component 'com_jp_jobs' 1.2.0 - 'id' Parameter SQL Injection Joomla! Component com_QPersonel - SQL Injection Joomla! Component 'com_QPersonel' - SQL Injection Joomla! Component wgPicasa com_wgpicasa - Local File Inclusion Joomla! Component S5 Clan Roster com_s5clanroster - Local File Inclusion Joomla! Component Photo Battle com_photobattle - Local File Inclusion Joomla! Component MT Fire Eagle com_mtfireeagle - Local File Inclusion Joomla! Component Media Mall Factory com_mediamall - Blind SQL Injection Joomla! Component Love Factory com_lovefactory - Local File Inclusion Joomla! Component JA Comment com_jacomment - Local File Inclusion Joomla! Component Delicious BookMarks com_delicious - Local File Inclusion Joomla! Component Deluxe Blog Factory com_blogfactory - Local File Inclusion Joomla! Component BeeHeard Lite com_beeheard - Local File Inclusion Joomla! Component 'com_wgpicasa' - Local File Inclusion Joomla! Component 'com_s5clanroster' - Local File Inclusion Joomla! Component 'com_photobattle' - Local File Inclusion Joomla! Component 'com_mtfireeagle' - Local File Inclusion Joomla! Component 'com_mediamall' - Blind SQL Injection Joomla! Component 'com_lovefactory' - Local File Inclusion Joomla! Component 'com_jacomment' - Local File Inclusion Joomla! Component 'com_delicious' - Local File Inclusion Joomla! Component 'com_blogfactory' - Local File Inclusion Joomla! Component 'com_beeheard' - Local File Inclusion Joomla! Component com_iproperty 1.5.3 - 'id' SQL Injection Joomla! Component 'com_iproperty' 1.5.3 - 'id' Parameter SQL Injection Joomla! Component com_manager 1.5.3 - 'id' SQL Injection Joomla! Component 'com_manager' 1.5.3 - 'id' Parameter SQL Injection Joomla! Component com_joltcard - SQL Injection Joomla! Component com_pandafminigames - SQL Injection Joomla! Component 'com_joltcard' - SQL Injection Joomla! Component 'com_pandafminigames' - SQL Injection Joomla! Component Archery Scores (com_archeryscores) 1.0.6 - Local File Inclusion Joomla! Component ZiMB Comment com_zimbcomment - Local File Inclusion Joomla! Component ZiMB Manager com_zimbcore - Local File Inclusion Joomla! Component Gadget Factory com_gadgetfactory - Local File Inclusion Joomla! Component Matamko com_matamko - Local File Inclusion Joomla! Component Multiple Root com_multiroot - Local File Inclusion Joomla! Component Multiple Map com_multimap - Local File Inclusion Joomla! Component Contact Us Draw Root Map com_drawroot - Local File Inclusion Joomla! Component Contact Us Google Map com_google - Local File Inclusion Joomla! Component iF surfALERT com_if_surfalert - Local File Inclusion Joomla! Component 'com_archeryscores' 1.0.6 - Local File Inclusion Joomla! Component 'com_zimbcomment' - Local File Inclusion Joomla! Component 'com_zimbcore' - Local File Inclusion Joomla! Component 'com_gadgetfactory' - Local File Inclusion Joomla! Component 'com_matamko' - Local File Inclusion Joomla! Component 'com_multiroot' - Local File Inclusion Joomla! Component 'com_multimap' - Local File Inclusion Joomla! Component 'com_drawroot' - Local File Inclusion Joomla! Component 'com_google' - Local File Inclusion Joomla! Component 'com_if_surfalert' - Local File Inclusion Joomla! Component GBU FACEBOOK 1.0.5 - SQL Injection Joomla! Component 'com_gbufacebook' 1.0.5 - SQL Injection Joomla! Component com_jnewspaper - 'cid' SQL Injection Joomla! Component JTM Reseller 1.9 Beta - SQL Injection Joomla! Component 'com_jnewspaper' - 'cid' Parameter SQL Injection Joomla! Component 'com_jtm' 1.9 Beta - SQL Injection Joomla! Component wmi (com_wmi) - Local File Inclusion Joomla! Component OrgChart com_orgchart - Local File Inclusion Joomla! Component Mms Blog com_mmsblog - Local File Inclusion Joomla! Component 'com_wmi' - Local File Inclusion Joomla! Component 'com_orgchart' - Local File Inclusion Joomla! Component 'com_mmsblog' - Local File Inclusion Joomla! Component com_portfolio - Local File Disclosure Joomla! Component 'com_portfolio' - Local File Disclosure Joomla! Component com_caddy - Exploit Joomla! Component 'com_caddy' - Exploit Joomla! Component com_joomradio - SQL Injection Joomla! Component 'com_joomradio' - SQL Injection Joomla! Component Ultimate Portfolio com_ultimateportfolio - Local File Inclusion Joomla! Component NoticeBoard com_noticeboard - Local File Inclusion Joomla! Component SmartSite com_smartsite - Local File Inclusion Joomla! Extension ABC com_abc - SQL Injection Joomla! Component graphics (com_graphics) 1.0.6 - Local File Inclusion Joomla! Component 'com_ultimateportfolio' - Local File Inclusion Joomla! Component 'com_noticeboard' - Local File Inclusion Joomla! Component 'com_smartsite' - Local File Inclusion Joomla! Component 'com_abc' - SQL Injection Joomla! Component 'com_graphics' 1.0.6 - Local File Inclusion Joomla! Component JE Property Finder - Arbitrary File Upload Joomla! Component 'com_jesectionfinder' - Arbitrary File Upload Joomla! Component Wap4Joomla! - 'wapmain.php' SQL Injection Joomla! Component 'Wap4Joomla' - 'wapmain.php' SQL Injection Joomla! Component com_newsfeeds - SQL Injection Joomla! Component 'com_newsfeeds' - SQL Injection Joomla! Component Table JX - Cross-Site Scripting Vulnerabilities Joomla! Component Card View JX - Cross-Site Scripting Joomla! Component 'Table JX' - Cross-Site Scripting Joomla! Component 'Card View JX' - Cross-Site Scripting Joomla! Extension DJ-Classifieds com_djClassifieds - Arbitrary File Upload Joomla! 'com_djClassifieds' 0.9.1 - Arbitrary File Upload Joomla! Component com_articleman - Arbitrary File Upload Joomla! Component 'com_articleman' - Arbitrary File Upload Joomla! Component Module Camp26 Visitor Data 1.1 - Remote code Execution Joomla! Component 'mod_VisitorData' 1.1 - Remote code Execution Joomla! Component Custom PHP Pages com_PHP - Local File Inclusion Joomla! Component 'com_PHP' 0.1 - Local File Inclusion Joomla! Component com_konsultasi - 'sid' SQL Injection Joomla! Component 'com_konsultasi' - 'sid' Parameter SQL Injection Joomla! Component Advertising (com_aardvertiser) 2.0 - Local File Inclusion Joomla! Component 'com_aardvertiser' 2.0 - Local File Inclusion Joomla! Component Seber Cart - 'getPic.php' Local File Disclosure Joomla! Component FDione Form Wizard - Local File Inclusion Joomla! Component 'com_sebercart' - 'getPic.php' Local File Disclosure Joomla! Component 'com_dioneformwizard' - Local File Inclusion Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion Joomla! Component 'com_jejob' 1.0 - Local File Inclusion Joomla! Component com_jequoteform - Local File Inclusion Joomla! Component 'com_jequoteform' - Local File Inclusion Joomla! Component MS Comment 0.8.0b - Local File Inclusion Joomla! Component 'com_mscomment' 0.8.0b - Local File Inclusion Joomla! Component com_camp - SQL Injection Joomla! Component 'com_camp' - SQL Injection Joomla! Component simpledownload 0.9.5 - Local File Inclusion Joomla! Component 'com_simpledownload' 0.9.5 - Local File Inclusion Joomla! Component simpledownload 0.9.5 - Local File Disclosure Joomla! Component 'com_simpledownload' 0.9.5 - Local File Disclosure Joomla! Component com_crowdsource - SQL Injection Joomla! Component com_event - Multiple Vulnerabilities Joomla! Component 'com_crowdsource' - SQL Injection Joomla! Component 'com_event' - Multiple Vulnerabilities Joomla! Component com_event - SQL Injection Joomla! Component 'com_event' - SQL Injection Joomla! Component com_packages - SQL Injection Joomla! Component 'com_packages' - SQL Injection Joomla! Component com_qpersonel - SQL Injection Remote Exploit Joomla! Component 'com_qpersonel' 1.0 - SQL Injection BolinTech Dream FTP Server 1.02 - Format String (Metasploit) BolinTech DreamFTP Server 1.02 - Format String (Metasploit) PHP 5.4.3 (Windows x86) - Code Execution PHP 5.4.3 (Windows x86 Polish) - Code Execution Schoolhos CMS Beta 2.29 - (index.php id Parameter) SQL Injection Schoolhos CMS Beta 2.29 - 'id' Parameter SQL Injection BolinTech Dream FTP Server 1.0 - User Name Format String (1) BolinTech DreamFTP Server 1.0 - User Name Format String (1) Joomla! Component JoomlaTune JComments 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component 'com_jcomments' 2.1 - 'ComntrNam' Parameter Cross-Site Scripting Joomla! Component Percha Image Attach 1.1 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component Percha Fields Attach 1.0 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchaimageattach' 1.1 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchafieldsattach' 1.0 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component Percha Multicategory Article 0.6 - 'index.php' Controller Parameter Arbitrary File Access Joomla! Component 'com_perchacategoriestree' 0.6 - 'Controller' Parameter Arbitrary File Access Joomla! Component com_horses - 'id' Parameter SQL Injection Joomla! Component 'com_horses' - 'id' Parameter SQL Injection FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation FreePBX 13 - Remote Command Execution / Privilege Escalation BolinTech DreamFTP 1.02 - 'RETR' Command Remote Buffer Overflow BolinTech DreamFTP Server 1.02 - 'RETR' Command Remote Buffer Overflow Schoolhos CMS 2.29 - 'kelas' Parameter SQL Injection Acoem 01dB CUBE/DUO Smart Noise Monitor - Password Change Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084) Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read NodCMS - PHP Code Execution Piwik 2.16.0 - 'layout' PHP Object Injection Sophos Web Appliance 4.2.1.3 - Remote Code Execution	2016-11-08 05:01:18 +00:00
Offensive Security	3b565e4e9d	DB: 2016-10-29 7 new exploits SetCMS 3.6.5 - (setcms.org) Remote Command Execution SetCMS 3.6.5 - Remote Command Execution PHP-Nuke < 8.0 - 'sid' SQL Injection PHP-Nuke 8.0 Final - 'sid' SQL Injection PHP-Nuke < 8.0 - 'sid' Parameter SQL Injection PHP-Nuke 8.0 Final - 'sid' Parameter SQL Injection Foojan Wms 1.0 - (index.php story) SQL Injection Foojan Wms 1.0 - 'story' Parameter SQL Injection Web Wiz Forums 9.07 - (sub) Directory Traversal Web Wiz Forums 9.07 - 'sub' Parameter Directory Traversal Web Wiz NewsPad 1.02 - (sub) Directory Traversal Siteman 1.1.9 - (cat) Remote File Disclosure Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution SLAED CMS 2.5 Lite - (newlang) Local File Inclusion Liquid-Silver CMS 0.1 - (update) Local File Inclusion Web Wiz NewsPad 1.02 - 'sub' Parameter Directory Traversal Siteman 1.1.9 - 'cat' Parameter Remote File Disclosure Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution SLAED CMS 2.5 Lite - 'newlang' Parameter Local File Inclusion Liquid-Silver CMS 0.1 - 'update' Parameter Local File Inclusion Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod (PoC) Seagull 0.6.3 - 'files' Parameter Remote File Disclosure ImageShack Toolbar 4.5.7 - 'FileUploader' Class InsecureMethod (PoC) flinx 1.3 - (category.php id) SQL Injection flinx 1.3 - 'id' Parameter SQL Injection Persits XUpload 3.0 - AddFile() Remote Buffer Overflow Persits XUpload 3.0 - 'AddFile()' Remote Buffer Overflow simple forum 3.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Simple Forum 3.2 - File Disclosure / Cross-Site Scripting WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection Oracle 10g R1 - pitrig_drop PLSQL Injection (get users hash) Oracle 10g R1 - PITRIG_TRUNCATE PLSQL Injection (get users hash) WordPress Plugin WP-Cal 0.3 - 'editevent.php' SQL Injection WordPress Plugin fGallery 2.4.1 - 'fimrss.php' SQL Injection Oracle 10g R1 - 'pitrig_drop' PLSQL Injection (get users hash) Oracle 10g R1 - 'PITRIG_TRUNCATE' PLSQL Injection (get users hash) phpMyClub 0.0.1 - (page_courante) Local File Inclusion bubbling library 1.32 - dispatcher.php Remote File Disclosure Bigware Shop 2.0 - pollid SQL Injection Smart Publisher 1.0.1 - (disp.php) Remote Code Execution SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit phpMyClub 0.0.1 - 'page_courante' Parameter Local File Inclusion bubbling library 1.32 - 'uri' Parameter Remote File Disclosure Bigware Shop 2.0 - 'pollid' Parameter SQL Injection Smart Publisher 1.0.1 - 'filedata' Parameter Remote Code Execution SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit phpCMS 1.2.2 - (parser.php) Remote File Disclosure Mambo Component NewsLetter - (listid) SQL Injection Mambo Component Fq - (listid) SQL Injection Mambo Component MaMML - (listid) SQL Injection phpCMS 1.2.2 - 'file' Parameter Remote File Disclosure Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection Mambo 'com_fq' - 'listid' Parameter SQL Injection Mambo 'com_mamml' - 'listid' Parameter SQL Injection phpCMS 1.1.7 - counter.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - parser.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.parser_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - PHPCMS include/class.session_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.edit_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.http_indexer_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.cache_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.search_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.lib_indexer_universal_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - include/class.layout_PHPcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion phpCMS 1.1.7 - 'counter.php' Remote File Inclusion phpCMS 1.1.7 - 'parser.php' Remote File Inclusion phpCMS 1.1.7 - 'class.parser_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.session_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.edit_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.http_indexer_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.cache_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.search_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.lib_indexer_universal_PHPcms.php' Remote File Inclusion phpCMS 1.1.7 - 'class.layout_PHPcms.php' Remote File Inclusion phpCMS 2008 - 'ask/search_ajax.php' SQL Injection phpCMS 2008 - 'search_ajax.php' SQL Injection InfraPower PPS-02-S Q213V1 - Local File Disclosure InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference InfraPower PPS-02-S Q213V1 - Authentication Bypass InfraPower PPS-02-S Q213V1 - Multiple XSS InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution	2016-10-29 05:01:21 +00:00
Offensive Security	1e70058c1e	DB: 2016-10-27 3 new exploits ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection ProFTPd 1.2.9RC1 - 'mod_sql' SQL Injection OpenBSD - (ibcs2_exec) Kernel Local Exploit OpenBSD - 'ibcs2_exec' Kernel Local Exploit Microsoft FrontPage Server Extensions - fp30reg.dll Exploit (MS03-051) Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051) IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit OpenBSD 2.x < 3.3 - exec_ibcs2_coff_prep_zmagic() Kernel Exploit IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit OpenBSD 2.x < 3.3 - 'exec_ibcs2_coff_prep_zmagic()' kernel stack overflow Foxmail 5.0 - PunyLib.dll Remote Stack Overflow Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow (MS04-011) Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011) Microsoft Windows 2000/XP - Lsasrv.dll Remote Universal Exploit (MS04-011) Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1) Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (1) Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2) Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (2) Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038) Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote Exploit (MS05-038) Microsoft Internet Explorer 6 - (mshtml.dll datasrc) Denial of Service Microsoft Internet Explorer 6 - 'mshtml.dll datasrc' Denial of Service Microsoft Internet Explorer 6 - (mshtml.dll div) Denial of Service Microsoft Internet Explorer 6 - 'mshtml.dll div' Denial of Service Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution Admbook 1.2.2 - 'x-forwarded-for' Remote Command Execution Microsoft Internet Explorer 6 - (script action handlers) (mshtml.dll) Denial of Service Microsoft Internet Explorer 6 - (script action handlers) 'mshtml.dll' Denial of Service Microsoft Internet Explorer 6 - (mshtml.dll checkbox) Crash Microsoft Internet Explorer 6 - 'mshtml.dll checkbox' Crash Total Commander 6.x - (unacev2.dll) Buffer Overflow (PoC) Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC) Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service (PoC) Mozilla Firefox 1.5.0.2 - 'js320.dll/xpcom_core.dll' Denial of Service (PoC) Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion Aardvark Topsites PHP 4.2.2 - 'lostpw.php' Remote File Inclusion ACal 2.2.6 - (day.php) Remote File Inclusion ACal 2.2.6 - 'day.php' Remote File Inclusion Ad Manager Pro 2.6 - (ipath) Remote File Inclusion Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion A-Blog 2.0 - (menu.php) Remote File Inclusion A-Blog 2.0 - 'menu.php' Remote File Inclusion 2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit 2BGal 3.0 - 'admin/configuration.inc.php' Local Inclusion Exploit a-ConMan 3.2b - (common.inc.php) Remote File Inclusion a-ConMan 3.2b - 'common.inc.php' Remote File Inclusion RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service Macromedia Shockwave 10 (SwDir.dll) Internet Explorer 7 - Denial of Service Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double-Free Microsoft Windows - NtRaiseHardError 'Csrss.exe/winsrv.dll' Double-Free BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service BrowseDialog Class 'ccrpbds6.dll' Internet Explorer 7 - Denial of Service DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE Denial of Service DivX Player 6.4.1 - DivXBrowserPlugin 'npdivx32.dll' IE Denial of Service ACGVclick 0.2.0 - (path) Remote File Inclusion ACGVclick 0.2.0 - 'path' Remote File Inclusion ACGVannu 1.3 - (index2.php) Remote User Pass Change ACGVannu 1.3 - 'index2.php' Remote User Pass Change CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service DivX Web Player 1.3.0 - 'npdivx32.dll' Remote Denial of Service Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow Denial of Service Macromedia 10.1.4.20 - 'SwDir.dll' Internet Explorer Stack Overflow Denial of Service Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption NetSprint Toolbar - ActiveX toolbar.dll Denial of Service (PoC) NetSprint Toolbar - ActiveX 'toolbar.dll' Denial of Service (PoC) ActSoft DVD-Tools - (dvdtools.ocx 3.8.5.0) Stack Overflow ActSoft DVD-Tools - 'dvdtools.ocx 3.8.5.0' Stack Overflow SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service SmartCode VNC Manager 3.6 - 'scvncctrl.dll' Denial of Service Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) Overwrite (SEH) Barcodewiz ActiveX Control 2.0 - (Barcodewiz.dll) Remote Buffer Overflow (PoC) Barcodewiz ActiveX Control 2.52 - 'Barcodewiz.dll' Overwrite (SEH) Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC) Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service Remote Display Dev kit 1.2.1.0 - 'RControl.dll' Denial of Service Hewlett Packard 1.0.0.309 - hpqvwocx.dll ActiveX Magview Overflow (PoC) Hewlett Packard 1.0.0.309 - 'hpqvwocx.dll' ActiveX Magview Overflow (PoC) Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution Exploit LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow LeadTools Raster ISIS Object 'LTRIS14e.DLL 14.5.0.44' - Remote Buffer Overflow Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Exploit Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow SafeNet High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - 'Ywcvwr.dll' Download / Execute Exploit Yahoo! Messenger Webcam 8.1 - 'Ywcupl.dll' Download / Execute Exploit BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit 6ALBlog - (newsid) SQL Injection 6ALBlog - 'newsid' SQL Injection Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write Avax Vector 'Avaxswf.dll' 1.0.0.1 - ActiveX Arbitrary Data Write HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write Exploit AMX Corp. VNC ActiveX Control - (AmxVnc.dll 1.0.13.0) Buffer Overflow AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Buffer Overflow HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - SaveToFile() Exploit WinPcap 4.0 - NPF.SYS Privilege Elevation (PoC) WinPcap 4.0 - 'NPF.SYS' Privilege Elevation (PoC) Program Checker - (sasatl.dll 1.5.0.531) JavaScript Heap Spraying Exploit Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit Program Checker - (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit Symantec AntiVirus - symtdi.sys Privilege Escalation SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write Exploit Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit Symantec AntiVirus - 'symtdi.sys' Privilege Escalation Data Dynamics ActiveReport ActiveX - (actrpt2.dll 2.5) Insecure Method Data Dynamics ActiveReport ActiveX - 'actrpt2.dll 2.5' Insecure Method Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow Zenturi NixonMyPrograms Class 'sasatl.dll 1.5.0.531' - Remote Buffer Overflow PHP - PHP_gd2.dll imagepsloadfont Local Buffer Overflow (PoC) PHP - 'PHP_gd2.dll' imagepsloadfont Local Buffer Overflow (PoC) VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write Exploit VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution VMware Inc 6.0.0 - 'vielib.dll 2.2.5.42958' Remode Code Execution CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Insecure Method CHILKAT ASP String - 'CkString.dll 1.1' SaveToFile() Insecure Method 2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow 2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow NVR SP2 2.0 (nvUnifiedControl.dll 1.1.45.0) - SetText() Remote Exploit NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Insecure Method NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - DeleteXMLFile() Insecure Method NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - SetText() Remote Exploit NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - SaveXMLFile() Insecure Method NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - DeleteXMLFile() Insecure Method Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) Buffer Overflow Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit Norman Virus Control - 'nvcoaft51.sys' ioctl BF672028 Exploit PPStream - (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow PPStream - 'PowerPlayer.dll 2.0.1.3829' ActiveX Remote Overflow Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX Buffer Overflow Yahoo! Messenger - 'YVerInfo.dll 2007.8.27.1' ActiveX Buffer Overflow GlobalLink 2.7.0.8 - glItemCom.dll SetInfo() Heap Overflow Trend Micro ServerProtect - eng50.dll Remote Stack Overflow GlobalLink 2.7.0.8 - 'glItemCom.dll' SetInfo() Heap Overflow Trend Micro ServerProtect - 'eng50.dll' Remote Stack Overflow GlobalLink 2.7.0.8 - glitemflat.dll SetClientInfo() Heap Overflow GlobalLink 2.7.0.8 - 'glitemflat.dll' SetClientInfo() Heap Overflow BaoFeng2 - mps.dll ActiveX Multiple Remote Buffer Overflow PoCs BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Insecure Method Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow Ultra Crypto Component - 'CryptoX.dll 2.0' SaveToFile() Insecure Method Ultra Crypto Component - 'CryptoX.dll 2.0' Remote Buffer Overflow Microsoft Visual Studio 6.0 - (VBTOVSI.dll 1.0.0.0) File Overwrite Microsoft Visual Studio 6.0 - 'VBTOVSI.dll 1.0.0.0' File Overwrite HP ActiveX - (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow (PoC) HP ActiveX - 'hpqutil.dll' ListFiles Remote Heap Overflow (PoC) EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Buffer Overflow EB Design Pty Ltd - (EBCRYPT.dll 2.0) Multiple Remote Vulnerabilities EB Design Pty Ltd - 'EBCRYPT.dll 2.0' Multiple Remote Vulnerabilities ActiveKB KnowledgeBase 2.x - (catId) SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection actSite 1.991 Beta - (base.php) Remote File Inclusion actSite 1.991 Beta - 'base.php' Remote File Inclusion GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow GOM Player 2.1.6.3499 - 'GomWeb3.dll 1.0.0.12' Remote Overflow Media Player Classic 6.4.9 MP4 - File Stack Overflow Microsoft Windows Media Player 6.4 MP4 - File Stack Overflow (PoC) Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow Media Player Classic 6.4.9 - '.MP4' File Stack Overflow Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow (PoC) Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote Buffer Overflow (PoC) Online Media Technologies 'AVSMJPEGFILE.DLL 1.1' - Remote Buffer Overflow (PoC) AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit AuraCMS 2.2 - Remote Add Administrator IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow Macrovision Installshield - isusweb.dll Overwrite (SEH) IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Buffer Overflow Macrovision Installshield - 'isusweb.dll' Overwrite (SEH) IBM Domino Web Access Upload Module - 'dwa7w.dll' Buffer Overflow 0DayDB 2.3 - 'delete id' Remote Authentication Bypass photokron 1.7 - (update script) Remote Database Disclosure 0DayDB 2.3 - 'id' Parameter Remote Authentication Bypass photokron 1.7 - Remote Database Disclosure NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow Binn SBuilder - (nid) Blind SQL Injection NUVICO DVR NVDV4 / PdvrAtl Module 'PdvrAtl.DLL 1.0.1.25' - Buffer Overflow Binn SBuilder - 'nid' Parameter Blind SQL Injection Xforum 1.4 - (topic) SQL Injection Xforum 1.4 - 'topic' Parameter SQL Injection RichStrong CMS - 'showproduct.asp cat' SQL Injection RichStrong CMS - 'cat' Parameter SQL Injection LulieBlog 1.0.1 - (delete id) Remote Authentication Bypass Macrovision FlexNet - isusweb.dll DownloadAndExecute Method Exploit FaScript FaMp3 1.0 - (show.php) SQL Injection FaScript FaName 1.0 - (page.php) SQL Injection FaScript FaPersian Petition - 'show.php' SQL Injection FaScript FaPersianHack 1.0 - (show.php) SQL Injection RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) Buffer Overflow Blog:CMS 4.2.1b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Aria 0.99-6 - 'effect.php' Local File Inclusion MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure LulieBlog 1.0.1 - Remote Authentication Bypass Macrovision FlexNet - 'isusweb.dll' DownloadAndExecute Method Exploit FaScript FaMp3 1.0 - SQL Injection FaScript FaName 1.0 - SQL Injection FaScript FaPersian Petition - SQL Injection FaScript FaPersianHack 1.0 - SQL Injection RTS Sentry Digital Surveillance - 'CamPanel.dll 2.1.0.2' Buffer Overflow Blog:CMS 4.2.1b - SQL Injection / Cross-Site Scripting Aria 0.99-6 - 'page' Parameter Local File Inclusion MailBee WebMail Pro 4.1 - Remote File Disclosure PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection PHP-RESIDENCE 0.7.2 - 'Search' Parameter SQL Injection Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow AuraCMS 1.62 - (stat.php) Remote Code Execution Digital Data Communications - 'RtspVaPgCtrl' Class Remote Buffer Overflow AuraCMS 1.62 - 'stat.php' Remote Code Execution OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service OpenBSD 4.2 - 'rtlabel_id2name()' Local Null Pointer Dereference Dos Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow Toshiba Surveillance - 'MeIpCamX.dll 1.0.0.4' Remote Buffer Overflow LulieBlog 1.02 - (voircom.php id) SQL Injection LulieBlog 1.02 - SQL Injection Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Exploit Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method Exploit MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit MailBee Objects 5.5 - 'MailBee.dll' Remote Insecure Method Exploit SafeNet IPSecDrv.sys 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method Exploit Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit Chilkat FTP ActiveX 2.0 - 'ChilkatCert.dll' Insecure Method Exploit Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' ActiveX Buffer Overflow Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow Yahoo! JukeBox MediaGrid - ActiveX 'mediagrid.dll' AddBitmap() Buffer Overflow AuraCMS 2.2 - (gallery_data.php) SQL Injection AuraCMS 2.2 - 'albums' Pramater SQL Injection DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel Ring0 link list zero (PoC) DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC) DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM Exploit DESlock+ <= 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Buffer Overflow KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow (PoC) KingSoft - 'UpdateOcx2.dll' SetUninstallName() Heap Overflow (PoC) AuraCMS 2.2.1 - (online.php) Blind SQL Injection AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection AuraCMS 2.x - (user.php) Security Code Bypass / Add Administrator Exploit AuraCMS 2.x - 'user.php' Security Code Bypass / Add Administrator Real Player - rmoc3260.dll ActiveX Control Remote Code Execution Real Player - 'rmoc3260.dll' ActiveX Control Remote Code Execution Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service (PoC) Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC) 5th Avenue Shopping Cart - (category_id) SQL Injection 5th Avenue Shopping Cart - 'category_id' SQL Injection HP Software Update - (Hpufunction.dll 4.0.0.1) Insecure Method (PoC) HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method (PoC) Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow Miniweb 2.0 - (historymonth) SQL Injection Miniweb 2.0 - 'historymonth' Parameter SQL Injection Admidio 1.4.8 - (getfile.php) Remote File Disclosure Admidio 1.4.8 - 'getfile.php' Remote File Disclosure muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow muvee autoProducer 6.1 - 'TextOut.dll' ActiveX Remote Buffer Overflow Deterministic Network Enhancer - dne2000.sys kernel Ring0 SYSTEM Exploit Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM Exploit Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow (PoC) Visual Basic Enterprise Edition SP6 - 'vb6skit.dll' Buffer Overflow (PoC) AcmlmBoard 1.A2 - (pow) SQL Injection AcmlmBoard 1.A2 - 'pow' SQL Injection CMailServer 5.4.6 - (CMailCOM.dll) Remote Overwrite (SEH) CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH) AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit AuraCMS 2.2.2 - 'pages_data.php' Arbitrary Edit/Add/Delete Exploit NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow ABG Blocking Script 1.0a - (abg_path) Remote File Inclusion ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion VMware Workstation - (hcmon.sys 6.0.0.45731) Local Denial of Service VMware Workstation - 'hcmon.sys 6.0.0.45731' Local Denial of Service ACG-PTP 1.0.6 - (adid) SQL Injection ACG-PTP 1.0.6 - 'adid' SQL Injection Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow (MS08-053) Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) x10media mp3 search engine 1.5.5 - Remote File Inclusion X10media Mp3 Search Engine 1.5.5 - Remote File Inclusion addalink 4 - (category_id) SQL Injection addalink 4 - 'category_id' SQL Injection 6rbScript 3.3 - (singerid) SQL Injection 6rbScript 3.3 - 'singerid' SQL Injection DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service AdMan 1.1.20070907 - (campaignId) SQL Injection AdMan 1.1.20070907 - 'campaignId' SQL Injection Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection MW6 Datamatrix - ActiveX (Datamatrix.dll) Insecure Method Exploit MW6 PDF417 - ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method Exploit MW6 PDF417 - ActiveX 'MW6PDF417.dll' Remote Insecure Method Exploit Article Publisher PRO 1.5 - (SQL Injection) Authentication Bypass Article Publisher PRO 1.5 - (Authentication Bypass) SQL Injection AJ ARTICLE - (SQL Injection) Remote Authentication Bypass AJ ARTICLE - (Authentication Bypass) SQL Injection Apoll 0.7b - (SQL Injection) Remote Authentication Bypass Apoll 0.7b - (Authentication Bypass) SQL Injection WEBBDOMAIN Petition 1.02/2.0/3.0 - (SQL Injection) Authentication Bypass WEBBDOMAIN Polls 1.01 - (SQL Injection) Authentication Bypass WEBBDOMAIN Petition 1.02/2.0/3.0 - (Authentication Bypass) SQL Injection WEBBDOMAIN Polls 1.01 - (Authentication Bypass) SQL Injection WEBBDOMAIN Webshop 1.02 - (SQL Injection) Authentication Bypass WEBBDOMAIN Webshop 1.02 - (Authentication Bypass) SQL Injection WEBBDOMAIN Post Card 1.02 - (SQL Injection) Authentication Bypass WEBBDOMAIN Post Card 1.02 - (Authentication Bypass) SQL Injection Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Anti-Keylogger Elite 3.3.0 - 'AKEProtect.sys' Privilege Escalation Active Price Comparison 4 - (ProductID) Blind SQL Injection Active Price Comparison 4 - 'ProductID' Blind SQL Injection Active Test 2.1 - (QuizID) Blind SQL Injection Active Test 2.1 - 'QuizID' Blind SQL Injection EasyMail ActiveX - (emmailstore.dll 6.5.0.3) Buffer Overflow EasyMail ActiveX - 'emmailstore.dll 6.5.0.3' Buffer Overflow ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation ESET Smart Security 3.0.672 - 'epfw.sys' Privilege Escalation PowerStrip 3.84 - (pstrip.sys) Privilege Escalation PowerStrip 3.84 - 'pstrip.sys' Privilege Escalation PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service PGP Desktop 9.0.6 - 'PGPwded.sys' Local Denial of Service Miniweb 2.0 - (Authentication Bypass) SQL Injection Miniweb 2.0 - SQL Injection (Authentication Bypass) MW6 Barcode ActiveX - (Barcode.dll) Remote Heap Overflow (PoC) MW6 Barcode ActiveX - 'Barcode.dll' Remote Heap Overflow (PoC) A Better Member-Based ASP Photo Gallery - (entry) SQL Injection A Better Member-Based ASP Photo Gallery - 'entry' SQL Injection mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation mks_vir 9b < 1.2.0.0b297 - 'mksmonen.sys' Privilege Escalation Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method Exploit CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Privilege Escalation AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure AdaptBB 1.0 - 'topic_id' SQL Injection / Credentials Disclosure X10Media Mp3 - Search Engine < 1.6.2 Admin Access X10media Mp3 Search Engine < 1.6.2 Admin Access Microsoft Media Player - (quartz.dll .mid) Denial of Service Microsoft Media Player - 'quartz.dll .mid' Denial of Service Microsoft Media Player - (quartz.dll .wav) Multiple Remote Denial of Service Vulnerabilities Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Privilege Escalation ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Privilege Escalation Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow Roxio CinePlayer 3.2 - 'SonicMediaPlayer.dll' Remote Buffer Overflow Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow (heap spray) Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray) AdaptBB 1.0 - (forumspath) Remote File Inclusion AdaptBB 1.0 - 'forumspath' Remote File Inclusion Online Armor < 3.5.0.12 - (OAmon.sys) Privilege Escalation Online Armor < 3.5.0.12 - 'OAmon.sys' Privilege Escalation McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution DESlock+ 4.0.2 - 'dlpcrypt.sys' Local Kernel Ring0 Code Execution Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow (SEH) Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (SEH) Miniweb 2.0 Module Publisher - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Miniweb 2.0 Module Survey Pro - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow (PoC) GDivX Zenith Player AviFixer Class - 'fix.dll 1.0.0.1' Buffer Overflow (PoC) Accommodation Hotel Booking Portal - (hotel_id) SQL Injection Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - (jar50.dll) Null Pointer Dereference Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - 'jar50.dll' Null Pointer Dereference Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption SAP GUI for Windows - sapirrfc.dll ActiveX Overflow SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow Authentium SafeCentral 2.6 - shdrv.sys Local kernel Ring0 SYSTEM Exploit Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM Exploit Microsoft Internet Explorer - iepeers.dll Use-After-Free Exploit (Metasploit) Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free Exploit (Metasploit) Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) Denial of Service (Crash) SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Multiple Vendor librpc.dll Signedness Error - Remote Code Execution Multiple Vendor 'librpc.dll' Signedness Error - Remote Code Execution Micropoint ProActive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Privilege Escalation iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow iMesh 7.1.0.x - 'IMWeb.dll 7.0.0.x' Remote Heap Overflow avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities avtech software 'avc781viewer.dll' ActiveX - Multiple Vulnerabilities HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC) HP Operations Manager 8.16 - 'srcvw4.dll' LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC) ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow ZipGenius 6.3.1.2552 - 'zgtips.dll' Stack Buffer Overflow Avast! 4.7 - aavmker4.sys Privilege Escalation Avast! 4.7 - 'aavmker4.sys' Privilege Escalation Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow Bigant Messenger 2.52 - 'AntCore.dll' RegisterCom() Remote Heap Overflow Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion Apple Safari 4.0.5 - 'JavaScriptCore.dll' Stack Exhaustion 724CMS Enterprise 4.59 - (section.php) Local File Inclusion 724CMS Enterprise 4.59 - (section.php) SQL Injection 724CMS Enterprise 4.59 - 'section.php' Local File Inclusion 724CMS Enterprise 4.59 - 'section.php' SQL Injection MiniWebsvr 0.0.10 - Directory Traversal/Listing Exploits MiniWebsvr 0.0.10 - Directory Traversal / Listing 4Images 1.7.7 - (image_utils.php) Remote Command Execution 4Images 1.7.7 - 'image_utils.php' Remote Command Execution CommuniCrypt Mail 1.16 - (ANSMTP.dll/AOSMTP.dll) ActiveX CommuniCrypt Mail 1.16 - 'ANSMTP.dll/AOSMTP.dll' ActiveX Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - OpenSession() Buffer Overflow Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes) AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion AdaptCMS 2.0.0 Beta - 'init.php' Remote File Inclusion Microsoft - MSHTML.dll CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak Microsoft - 'MSHTML.dll' CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / Denial of Service Adobe Reader 9.3.2 - 'CoolType.dll' Remote Memory Corruption / Denial of Service Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Privilege Escalation Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption Avast! Internet Security 5.0 - 'aswFW.sys' Kernel Driver IOCTL Memory Pool Corruption QQ Computer Manager - TSKsp.sys Local Denial of Service QQ Computer Manager - 'TSKsp.sys' Local Denial of Service SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service SmartCode ServerX VNC Server ActiveX 1.1.5.0 - 'scvncsrvx.dll' Denial of Service Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Microsoft Vista - (fveapi.dll) BitLocker Drive Encryption API Hijacking Exploit Microsoft Vista - 'fveapi.dll' BitLocker Drive Encryption API Hijacking Exploit Nvidia Driver - 'nview.dll' DLL Hijacking Nvidia Driver - 'nview.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking LeadTools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL) Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Exploit A-Blog 2.0 - (sources/search.php) SQL Injection A-Blog 2.0 - 'sources/search.php' SQL Injection Microsoft DRM Technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities Microsoft DRM Technology 'msnetobj.dll' ActiveX - Multiple Vulnerabilities Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow (PoC) Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Buffer Overflow (PoC) VMware Workstation 7.1.1 - VMkbd.sys Denial of Service VMware Workstation 7.1.1 - 'VMkbd.sys' Denial of Service AuraCMS - 'pfd.php' SQL Injection AuraCMS 1.62 - 'pfd.php' SQL Injection Rising - RSNTGDI.sys Local Denial of Service Rising - 'RSNTGDI.sys' Local Denial of Service CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow CA Internet Security Suite 2010 - 'KmxSbx.sys' Kernel Pool Overflow Crystal Reports Viewer 12.0.0.549 - ActiveX Exploit (PrintControl.dll) Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX Exploit Irfanview 4.27 - JP2000.dll plugin Denial of Service Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service Kingsoft AntiVirus 2011 SP5.2 'KisKrnl.sys' 2011.1.13.89 - Local Kernel Mode Denial of Service Oracle Document Capture - empop3.dll Insecure Methods Oracle Document Capture - 'empop3.dll' Insecure Methods DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM Exploit DESlock+ <= 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit Microsoft IIS - ISAPI w3who.dll Query String Overflow (Metasploit) Microsoft IIS - ISAPI nsiislog.dll ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage fp30reg.dll Chunked Overflow (Metasploit) Microsoft IIS - ISAPI 'w3who.dll' Query String Overflow (Metasploit) Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit) Microsoft Services - nwwks.dll (MS06-066) Microsoft Services - 'nwwks.dll' (MS06-066) Microsoft Services - nwapi32.dll (MS06-066) Microsoft Services - 'nwapi32.dll' (MS06-066) ISS - PAM.dll ICQ Parser Buffer Overflow (Metasploit) ISS - 'PAM.dll' ICQ Parser Buffer Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV ntdll.dll Path Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit) RealPlayer - ierpplug.dll ActiveX Control Playlist Name Buffer Overflow (Metasploit) RealPlayer - 'ierpplug.dll' ActiveX Control Playlist Name Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow (Metasploit) Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit) Yahoo! Messenger - 'YVerInfo.dll' ActiveX Control Buffer Overflow (Metasploit) WinDVD7 - IASystemInfo.dll ActiveX Control Buffer Overflow (Metasploit) WinDVD7 - 'IASystemInfo.dll' ActiveX Control Buffer Overflow (Metasploit) SonicWALL Aventail - epi.dll AuthCredential Format String (Metasploit) SonicWALL Aventail - 'epi.dll' AuthCredential Format String (Metasploit) BaoFeng Storm - mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit) BaoFeng Storm - 'mps.dll' ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit) Ask.com Toolbar - askBar.dll ActiveX Control Buffer Overflow (Metasploit) Ask.com Toolbar - 'askBar.dll' ActiveX Control Buffer Overflow (Metasploit) Tumbleweed FileTransfer - vcst_eu.dll ActiveX Control Buffer Overflow (Metasploit) Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit) RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit) Juniper SSL-VPN IVE - JuniperSetupDLL.dll ActiveX Control Buffer Overflow (Metasploit) Juniper SSL-VPN IVE - 'JuniperSetupDLL.dll' ActiveX Control Buffer Overflow (Metasploit) RealPlayer - rmoc3260.dll ActiveX Control Heap Corruption (Metasploit) RealPlayer - 'rmoc3260.dll' ActiveX Control Heap Corruption (Metasploit) WebEx UCF - atucfobj.dll ActiveX NewObject Method Buffer Overflow (Metasploit) WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Buffer Overflow (Metasploit) DjVu - DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow (Metasploit) DjVu - 'DjVu_ActiveX_MSOffice.dll' ActiveX ComponentBuffer Overflow (Metasploit) Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit (Metasploit) Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX Exploit (Metasploit) AASync 2.2.1.0 - (Windows x86) Stack Buffer Overflow 'LIST' (Metasploit) AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit) BadBlue 2.5 - ext.dll Buffer Overflow (Metasploit) BadBlue 2.5 - 'ext.dll' Buffer Overflow (Metasploit) Amlibweb NetOpacs - webquery.dll Stack Buffer Overflow (Metasploit) Amlibweb NetOpacs - 'webquery.dll' Stack Buffer Overflow (Metasploit) Microsoft Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview Denial of Service (PoC) Microsoft Windows Explorer 6.0.2900.5512 - 'Shmedia.dll 6.0.2900.5512' AVI Preview Denial of Service (PoC) Microsoft Windows XP - afd.sys Local Kernel Denial of Service Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service Microsoft Visio - VISIODWG.dll DXF File Handling (Metasploit) Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit) Microsoft Windows 7 SP1 - mrxdav.sys WebDav Privilege Escalation (MS16-016) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll GDI+ - 'gdiplus.dll' CreateDashedPath Integer Overflow Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow (PoC) Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC) VideoLAN VLC Media Player 1.1.11 - (libav) libavcodec_plugin.dll Denial of Service VideoLAN VLC Media Player 1.1.11 - (libav) 'libavcodec_plugin.dll' Denial of Service HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow (Metasploit) HP OpenView Network Node Manager - 'ov.dll' _OVBuildPath Buffer Overflow (Metasploit) VideoLAN VLC Media Player 1.2.0 - (libtaglib_pluggin.dll) Denial of Service VideoLAN VLC Media Player 1.2.0 - 'libtaglib_pluggin.dll' Denial of Service Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH) Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH) ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow (Metasploit) ASUS Net4Switch - 'ipswcom.dll' ActiveX Stack Buffer Overflow (Metasploit) Quest Toad for Oracle Explain Plan Display ActiveX Control - (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite (PoC) Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite (PoC) Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC) Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC) RealPlayer .mp4 - file handling memory Corruption RealPlayer - '.mp4' file handling memory Corruption D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution D-Link DCS-5605 Network Surveillance - ActiveX Control 'DcsCliCtrl.dll' lstrcpyW Remote Buffer Overflow Quest InTrust 10.4.x - Annotation Objects ActiveX Control 'AnnotateX.dll' Uninitialized Pointer Remote Code Execution Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow (Metasploit) Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit) HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service MDAC 2.1.2.4202.3 / ms Win NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution (Metasploit) AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Microsoft Internet Explorer 4 / Outlook 2000/5.5 - MSHTML.dll Crash Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation Working Resources BadBlue 1.7 - ext.dll Cross-Site Scripting Working Resources BadBlue 1.7 - 'ext.dll' Cross-Site Scripting QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite (PoC) QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC) Microsoft Windows XP/95/98/2000/NT 4 - Riched20.dll Attribute Buffer Overflow Microsoft Windows XP/95/98/2000/NT 4 - 'Riched20.dll' Attribute Buffer Overflow Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (4) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (4) Working Resources 1.7.x/2.15 BadBlue - ext.dll Command Execution Working Resources 1.7.x/2.15 BadBlue - 'ext.dll' Command Execution Microsoft Shlwapi.dll 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service Microsoft Internet Explorer 5 - Remote URLMON.dll Buffer Overflow Microsoft Internet Explorer 5 - Remote 'URLMON.dll' Buffer Overflow Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - 'auth.dll' pa_modify_accounts() Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 - 'ldapagnt.dll' ldapagnt_eval() Perl Code Evaluation Remote Code Execution Microsoft Windows 2000/NT 4 Media Services - nsiislog.dll Remote Buffer Overflow Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin IN_MIDI.dll Track Data Size Buffer Overflow NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow myServer 0.4.x - cgi-lib.dll Remote Buffer Overflow myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow Nvidia Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow (PoC) Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC) Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun Microsoft ListBox/ComboBox Control - 'User32.dll' Function Buffer Overrun Irfanview 4.33 - IMXCF.dll Plugin Code Execution Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow YaSoft Switch Off 2.3 - 'swnet.dll' Remote Buffer Overflow Symantec Client Firewall Products 5 - SYMNDIS.SYS Driver Remote Denial of Service Symantec Client Firewall Products 5 - 'SYMNDIS.SYS' Driver Remote Denial of Service Panda ActiveScan 5.0 - ascontrol.dll Remote Heap Overflow Panda ActiveScan 5.0 - ascontrol.dll Denial of Service Panda ActiveScan 5.0 - 'ascontrol.dll' Remote Heap Overflow Panda ActiveScan 5.0 - 'ascontrol.dll' Denial of Service Foxit Reader 5.4.4.1128 Firefox Plugin - npFoxitReaderPlugin.dll Stack Buffer Overflow Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow Yahoo! Messenger 5.6 - YInsthelper.dll Multiple Buffer Overflow Vulnerabilities Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities Novell Groupwise Client - gwcls1.dll ActiveX Remote Code Execution (Metasploit) Novell Groupwise Client - 'gwcls1.dll' ActiveX Remote Code Execution (Metasploit) F-Secure Policy Manager 5.11 - FSMSH.dll CGI Application Installation Full Path Disclosure F-Secure Policy Manager 5.11 - 'FSMSH.dll' CGI Application Installation Full Path Disclosure Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll Denial of Service Easy DVD Player 3.5.1 - (libav) 'libavcodec_plugin.dll' Denial of Service Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow WPS Office - Wpsio.dll Stack Buffer Overflow WPS Office - 'Wpsio.dll' Stack Buffer Overflow AN HTTPD - CMDIS.dll Remote Buffer Overflow AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server 300 - Crash (PoC) Sigma ISP Manager 6.6 - Sigmaweb.dll SQL Injection Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Based Overflow Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service Oracle WebCenter Content - CheckOutAndOpen.dll ActiveX Remote Code Execution (Metasploit) Oracle WebCenter Content - 'CheckOutAndOpen.dll' ActiveX Remote Code Execution (Metasploit) Microsoft Visual Studio .NET - msdds.dll Remote Code Execution Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution TP-Link PS110U Print Server TL - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration Novell Client 2 SP3 - nicm.sys Privilege Escalation (Metasploit) Novell Client 2 SP3 - 'nicm.sys' Privilege Escalation (Metasploit) StarUML - WinGraphviz.dll ActiveX Buffer Overflow StarUML - 'WinGraphviz.dll' ActiveX Buffer Overflow MiniWeb (Build 300) - Arbitrary File Upload (Metasploit) MiniWeb 300 - Arbitrary File Upload (Metasploit) Yahoo! Messenger 7.0/7.5 - jscript.dll Non-ASCII Character Denial of Service Yahoo! Messenger 7.0/7.5 - 'jscript.dll' Non-ASCII Character Denial of Service Microsoft PowerPoint 2003 - mso.dll PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Agnitum Outpost Firewall 3.5.631 - FiltNT.SYS Local Denial of Service Agnitum Outpost Firewall 3.5.631 - 'FiltNT.SYS' Local Denial of Service Microsoft Internet Explorer 6 - IMSKDIC.dll Denial of Service Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service Microsoft Internet Explorer 6 - MSOE.dll Denial of Service Microsoft Internet Explorer 6 - 'MSOE.dll' Denial of Service Microsoft Internet Explorer 6 - TSUserEX.dll ActiveX Control Memory Corruption Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxfw.sys' Privilege Escalation Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxstart.sys' Privilege Escalation Avira Internet Security - avipbb.sys Filter Bypass / Privilege Escalation Avira Internet Security - 'avipbb.sys' Filter Bypass / Privilege Escalation Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver 'fortknoxfw.sys' Memory Corruption Kerio Personal Firewall 4.3 - IPHLPAPI.dll Privilege Escalation Kerio Personal Firewall 4.3 - 'IPHLPAPI.dll' Privilege Escalation PrecisionID Barcode - PrecisionID_Barcode.dll ActiveX 1.9 Control Arbitrary File Overwrite PrecisionID Barcode - 'PrecisionID_Barcode.dll' ActiveX 1.9 Control Arbitrary File Overwrite CA Multiple Products Console Server and InoCore.dll - Remote Code Execution Vulnerabilities CA Multiple Products Console Server and 'InoCore.dll' - Remote Code Execution Vulnerabilities SSC DiskAccess NFS Client - DAPCNFSD.dll Stack Buffer Overflow SSC DiskAccess NFS Client - 'DAPCNFSD.dll' Stack Buffer Overflow Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities Comodo Firewall 2.3.6 - 'CMDMon.SYS' Multiple Denial of Service Vulnerabilities Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service Symantec SYMTDI.SYS Device Driver - Local Denial of Service Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service eSellerate SDK 3.6.5 - eSellerateControl365.dll ActiveX Control Buffer Overflow eSellerate SDK 3.6.5 - 'eSellerateControl365.dll' ActiveX Control Buffer Overflow NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting NextPage LivePublish 2.02 - 'LPEXT.dll' Cross-Site Scripting Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow Roxio CinePlayer 3.2 - SonicDVDDashVRNav.dll ActiveX Control Remote Buffer Overflow Roxio CinePlayer 3.2 - 'SonicDVDDashVRNav.dll' ActiveX Control Remote Buffer Overflow Dart ZipLite Compression 1.8.5.3 - DartZipLite.dll ActiveX Control Buffer Overflow Dart ZipLite Compression 1.8.5.3 - 'DartZipLite.dll' ActiveX Control Buffer Overflow F-Secure Policy Manager 7.00 - FSMSH.dll Remote Denial of Service Apple Safari 3.0.1 for Windows - Corefoundation.dll Denial of Service F-Secure Policy Manager 7.00 - 'FSMSH.dll' Remote Denial of Service Apple Safari 3.0.1 for Windows - 'Corefoundation.dll' Denial of Service VMware Tools 3.1 - HGFS.Sys Privilege Escalation VMware Tools 3.1 - 'HGFS.Sys' Privilege Escalation Microsoft Windows Kernel win32k.sys - Integer Overflow (MS13-101) Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101) Baidu Soba Search Bar 5.4 - BaiduBar.dll ActiveX Control Remote Code Execution Baidu Soba Search Bar 5.4 - 'BaiduBar.dll' ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - TBLinf32.dll ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution Microsoft Internet Explorer 5.0.1 - Vector Markup Language VGX.dll Remote Buffer Overflow Microsoft Internet Explorer 5.0.1 - Vector Markup Language 'VGX.dll' Remote Buffer Overflow Yahoo! Messenger 8.1 - KDU_V32M.DLL Remote Denial of Service Yahoo! Messenger 8.1 - 'KDU_V32M.DLL' Remote Denial of Service BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free BitDefender AntiVirus 2008 - 'bdelev.dll' ActiveX Control Double-Free AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Based Buffer Overflow Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow Microsoft Agent - 'agentdpv.dll' ActiveX Control Malformed URL Stack Buffer Overflow Macrovision SafeDisc - SecDRV.SYS Method_Neither Privilege Escalation SpeedFan - Speedfan.sys Privilege Escalation Macrovision SafeDisc - 'SecDRV.SYS' Method_Neither Privilege Escalation SpeedFan - 'Speedfan.sys' Privilege Escalation RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow RealPlayer 10.0/10.5/11 - 'ierpplug.dll' ActiveX Control Import Playlist Name Stack Buffer Overflow GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities RealMedia RealPlayer 10.5/11 - ierpplug.dll PlayerProperty ActiveX Control Buffer Overflow RealMedia RealPlayer 10.5/11 - 'ierpplug.dll' PlayerProperty ActiveX Control Buffer Overflow AuraCMS 2.2 - 'lihatberita' Module 'id' Parameter SQL Injection AuraCMS 2.2 - 'lihatberita' Module SQL Injection Panda Internet Security/AntiVirus+Firewall 2008 - CPoint.sys Memory Corruption Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter Cross-Site Scripting SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate 'wgate.dll' ~service Parameter Cross-Site Scripting Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow Symantec Multiple Products - Client Proxy ActiveX 'CLIproxy.dll' Remote Overflow Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation (Metasploit) VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit) AuraCMS 1.62 - 'pdf.php' SQL Injection VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit Microsoft Windows 8.1 (x86/x64) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation Microsoft Windows 8.1 (x86/x64) - 'ahcache.sys' NtApphelpCacheControl Privilege Escalation JetAudio 8.1.3 - (Corrupted mp4) Crash (PoC) JetAudio 8.1.3 - '.mp4' Crash (PoC) Microsoft Windows - HTTP.sys PoC (MS15-034) Microsoft Windows - 'HTTP.sys' PoC (MS15-034) MS Windows (HTTP.sys) - HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) Microsoft Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052) FinePlayer 2.20 (.mp4) - Crash (PoC) FinePlayer 2.20 - '.mp4' Crash (PoC) Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081) Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080) Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081) Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081) Microsoft Office 2007 - 'wwlib.dll' fcPlcfFldMom Uninitialized Heap Usage Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081) Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080) Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081) Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081) Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table Microsoft Windows - ATMFD.dll CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access Microsoft Windows - ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to - Malformed CFF Table Microsoft Windows - 'ATMFD.dll' CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads Microsoft Office 2007 - msxml5.dll Crash (PoC) Microsoft Office 2007 - 'msxml5.dll' Crash (PoC) Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097) Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097) Microsoft Windows - Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115) Microsoft Office / COM Object - els.dll DLL Planting (MS15-134) Microsoft Office / COM Object - 'els.dll' DLL Planting (MS15-134) Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132) Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132) Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007) Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS16-007) Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007) Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007) QuickHeal 16.00 - webssx.sys Driver Denial of Service QuickHeal 16.00 - 'webssx.sys' Driver Denial of Service Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Elevation Exploit Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Stack Corruption (MS16-026) Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026) Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026) Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow Hyper-V - 'vmswitch.sys' VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow Microsoft Windows - Kernel win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Adobe Flash - MP4 File Stack Corruption Adobe Flash - .MP4 File Stack Corruption Microsoft Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) Microsoft Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) Microsoft Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074) Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074) VMware Virtual Machine Communication Interface (VMCI) vmci.sys - (PoC) VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys' (PoC) Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067) Microsoft Windows - 'NetAPI32.dll' Code Execution (Python) (MS08-067) SAP Adaptive Server Enterprise 16 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Boonex Dolphin 7.3.2 - Authentication Bypass SmallFTPd 1.0.3 - 'mkd' Command Denial of Service Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure	2016-10-27 05:01:19 +00:00
Offensive Security	506182d72d	DB: 2016-10-22 7 new exploits RealSecure / Blackice - iss_pam1.dll Remote Overflow RealSecure / Blackice - 'iss_pam1.dll' Remote Overflow Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Exploit Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Mozilla Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll) Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll) TeamViewer 5.0.8703 - (dwmapi.dll) DLL Hijacking Exploit Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Exploit Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Exploit Microsoft Address Book 6.00.2900.5512 - (wab32res.dll) DLL Hijacking Exploit Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking Exploit TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking Exploit Mozilla Firefox 3.6.8 - 'dwmapi.dll' DLL Hijacking Microsoft Windows Movie Maker 2.6.4038.0 - 'hhctrl.ocx' DLL Hijacking Opera 10.61 - 'dwmapi.dll' DLL Hijacking Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Microsoft Address Book 6.00.2900.5512 - 'wab32res.dll' DLL Hijacking Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking BS.Player 2.56 build 1043 - (mfc71loc.dll) DLL Hijacking Exploit Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll) Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Exploit BS.Player 2.56 build 1043 - 'mfc71loc.dll' DLL Hijacking Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Exploit VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Exploit Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll) InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Exploit Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Exploit Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Exploit Ettercap NG-0.7.3 - (wpcap.dll) DLL Hijacking Exploit Microsoft Group Convertor - 'imm.dll' DLL Hijacking Exploit Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Ettercap NG-0.7.3 - 'wpcap.dll' DLL Hijacking Microsoft Group Convertor - 'imm.dll' DLL Hijacking TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking Exploit MediaPlayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll) Skype 4.2.0.169 - (wab32.dll) DLL Hijacking Exploit TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Exploit Nvidia Driver - DLL Hijacking Exploit (nview.dll) Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Exploit Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Exploit Cisco Packet Tracer 5.2 - (wintab32.dll) DLL Hijacking Exploit Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Exploit Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Nvidia Driver - 'nview.dll' DLL Hijacking Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Cisco Packet Tracer 5.2 - 'wintab32.dll' DLL Hijacking Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Exploit Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Exploit Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Exploit Mozilla Thunderbird - DLL Hijacking Exploit (dwmapi.dll) Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit (dwmapi.dll) Adobe ExtendedScript Toolkit CS5 3.5.0.52 - DLL Hijacking Exploit (dwmapi.dll) CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll) Media Player Classic 6.4.9.1 - (iacenc.dll) DLL Hijacking Exploit Nullsoft Winamp 5.581 - DLL Hijacking Exploit (wnaspi32.dll) Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll) Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Exploit Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Mozilla Thunderbird - 'dwmapi.dll' DLL Hijacking Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking Adobe ExtendedScript Toolkit CS5 3.5.0.52 - 'dwmapi.dll' DLL Hijacking CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking Media Player Classic 6.4.9.1 - 'iacenc.dll' DLL Hijacking Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Exploit Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Edge - 'Array.map' Heap Overflow (MS16-119) Microsoft Edge - Array.join Info Leak (MS16-119) Microsoft Edge - 'Array.join' Infomation Leak (MS16-119) Adobe Flash - Transform.colorTranform Getter Info Leak Adobe Flash - Transform.colorTranform Getter Infomation Leak Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124) Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123) Microsoft Windows - DeviceApi CMApi PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124) Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Windows - 'win32k.sys' TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Microsoft Windows - 'win32k.sys' TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Microsoft Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Infomation Leak (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access) Just Dial Clone Script - SQL Injection FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID) Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)	2016-10-22 05:01:17 +00:00
Offensive Security	07fdc778ee	DB: 2016-10-21 24 new exploits NetAuctionHelp 4.1 - search.asp SQL Injection Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution Microsoft Edge - Array.map Heap Overflow (MS16-119) Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow Microsoft Edge - Array.join Info Leak (MS16-119) Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124) Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124) HikVision Security Systems - Activex Buffer Overflow Oracle Netbeans IDE 8.1 - Directory Traversal MiCasa VeraLite - Remote Code Execution Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection Classifieds Rental Script - SQL Injection SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service SAP Adaptive Server Enterprise 16 - Denial of Service Event Calendar PHP 1.5 - SQL Injection SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal SPIP 3.1.2 - Cross-Site Request Forgery Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120) Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120) Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124) Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123) Microsoft Edge - Function.apply Info Leak (MS16-119) Microsoft Edge - Spread Operator Stack Overflow (MS16-119) Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)	2016-10-21 05:01:17 +00:00
Offensive Security	cd9e638108	DB: 2016-10-07 12 new exploits phpBB 2.0.10 - Remote Command Execution (CGI) Advance MLM Script - SQL Injection Picosafe Web Gui - Multiple Vulnerabilities Witbe - Remote Code Execution PHP Classifieds Rental Script - Blind SQL Injection B2B Portal Script - Blind SQL Injection MLM Unilevel Plan Script v1.0.2 - SQL Injection Just Dial Clone Script - SQL Injection Comodo Dragon Browser - Unquoted Service Path Privilege Escalation Billion Router 7700NR4 - Remote Command Execution Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Exagate WEBPack Management System - Multiple Vulnerabilities	2016-10-07 05:01:18 +00:00
Offensive Security	d9bdc2e376	DB: 2016-10-04 7 new exploits maplab ms4w 2.2.1 - Remote File Inclusion MapLab MS4W 2.2.1 - Remote File Inclusion Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow Grandsteam GXV3611_HD - SQL Injection Glassfish Server - Unquoted Service Path Privilege Escalation Windows Firewall Control - Unquoted Service Path Privilege Escalation Android - Insufficient Binder Message Verification Pointer Leak DWebPro 8.4.2 - Multiple Vulnerabilities Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)	2016-10-04 05:01:17 +00:00
Offensive Security	f421077feb	DB: 2016-09-28 6 new exploits UUCP Exploit - file creation/overwriting (symlinks) UUCP Exploit - File Creation/Overwriting (symlinks) Exploit Serv-U 3.x < 5.x - Privilege Escalation Serv-U FTP Server 3.x < 5.x - Privilege Escalation TiTan FTP Server - Long Command Heap Overflow (PoC) Titan FTP Server - Long Command Heap Overflow (PoC) Serv-U < 5.2 - Remote Denial of Service Serv-U FTP Server < 5.2 - Remote Denial of Service chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC) Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow WS_FTP Server 5.03 - (RNFR) Buffer Overflow Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow TYPSoft FTP Server 1.11 - (RETR) Denial of Service TYPSoft FTP Server 1.11 - 'RETR' Denial of Service XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC) XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC) WinFtp Server 2.0.2 - (PASV) Remote Denial of Service WinFTP Server 2.0.2 - (PASV) Remote Denial of Service DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service MiniWeb Http Server 0.8.x - Remote Denial of Service MiniWeb HTTP Server 0.8.x - Remote Denial of Service JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion JAF CMS 4.0 RC2 - Multiple Remote File Inclusion XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service Belkin wireless G router + ADSL2 modem - Authentication Bypass Belkin Wireless G router + ADSL2 modem - Authentication Bypass Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement WinFTP 2.3.0 - (PASV mode) Remote Denial of Service WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service Titan FTP server 6.26 build 630 - Remote Denial of Service Titan FTP Server 6.26 build 630 - Remote Denial of Service Netgear WG102 - Leaks SNMP write Password with read access Netgear WG102 - Leaks SNMP Write Password With Read Access WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Netgear embedded Linux for the SSL312 router - Denial of Service Netgear SSL312 Router - Denial of Service Belkin BullDog Plus UPS-Service - Buffer Overflow Belkin BullDog Plus - UPS-Service Buffer Overflow Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit Firebird SQL - op_connect_request main listener shutdown Firebird SQL - op_connect_request main listener shutdown Exploit HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service TYPSoft 1.10 - APPE DELE Denial of Service TYPSoft FTP Server 1.10 - APPE DELE Denial of Service WingFTP Server 3.2.4 - Cross-Site Request Forgery Wing FTP Server 3.2.4 - Cross-Site Request Forgery Quick Player 1.2 -Unicode BoF - bindshell Quick Player 1.2 - Unicode Buffer Overflow (Bindshell) UplusFtp Server 1.7.0.12 - Remote Buffer Overflow UplusFTP Server 1.7.0.12 - Remote Buffer Overflow Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC TopDownloads MP3 Player 1.0 - '.m3u' crash TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) uhttp Server - Directory Traversal uhttp Server 0.1.0-alpha - Directory Traversal eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - RETR Command Denial of Service SmallFTPd 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service SolarWinds 10.4.0.10 - TFTP Denial of Service SolarWinds TFTP Server 10.4.0.10 - Denial of Service e107 - Code Exec e107 - Code Exection HomeFTP Server r1.10.3 (build 144) - Denial of Service Home FTP Server r1.10.3 (build 144) - Denial of Service TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE) TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service SolarWinds 10.4.0.13 - Denial of Service SolarWinds TFTP Server 10.4.0.13 - Denial of Service ISC-DHCPD - Denial of Service ISC DHCPD - Denial of Service Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow deepin tftp server 1.25 - Directory Traversal Deepin TFTP Server 1.25 - Directory Traversal Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit JCMS 2010 - file download JCMS 2010 - File Download Exploit SolarFTP 2.0 - Multiple Commands Denial of Service Solar FTP Server 2.0 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - RETR CMD Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service Xynph 1.0 - USER Denial of Service Xynph FTP Server 1.0 - USER Denial of Service XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service Solar FTP 2.1 - Denial of Service Solar FTP Server 2.1 - Denial of Service Red Hat Linux - stickiness of /tmp Red Hat Linux - stickiness of /tmp Exploit home ftp server 1.12 - Directory Traversal Home FTP Server 1.12 - Directory Traversal NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit) RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit) Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow SmallFTPd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 - Denial of Service PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) Solar FTP 2.1.1 - PASV Buffer Overflow (PoC) Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC) BisonFTP Server 3.5 - Remote Buffer Overflow BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit) Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit) BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery zFTP Server - 'cwd/stat' Remote Denial of Service zFTPServer - 'cwd/stat' Remote Denial of Service Serv-U FTP - Jail Break Serv-U FTP Server - Jail Break Typsoft FTP Server 1.10 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service PeerBlock 1.1 - BSOD PeerBlock 1.1 - BSOD Exploit distinct tftp server 3.01 - Directory Traversal Distinct TFTP Server 3.01 - Directory Traversal PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection Berkeley Sendmail 5.58 - DEBUG Berkeley Sendmail 5.58 - Debug exploit SunView (SunOS 4.1.1) - selection_svc Digital Ultrix 4.0/4.1 - /usr/bin/chroot SunOS 4.1.1 - /usr/release/bin/makeinstall SunOS 4.1.1 - /usr/release/bin/winstall SunView (SunOS 4.1.1) - selection_svc Exploit Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit SunOS 4.1.3 - kmem setgid /etc/crash SunOS 4.1.3 - kmem setgid /etc/crash Exploit IRIX 6.4 - pfdisplay.cgi IRIX 6.4 - 'pfdisplay.cgi' Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit FreePBX < 13.0.188 - Remote Command Execution (Metasploit) HP JetAdmin 1.0.9 Rev. D - symlink HP JetAdmin 1.0.9 Rev. D - symlink Exploit Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation TP-Link Archer CR-700 - Cross-Site Scripting BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit Cat Soft Serv-U 2.5 - Buffer Overflow BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit Linux Kernel 2.0 / 2.1 / 2.2 - autofs Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit Debian 2.1 - httpd S.u.S.E. 5.2 - gnuplot Debian 2.1 - httpd Exploit S.u.S.E. Linux 5.2 - gnuplot Exploit Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit SGI IRIX 6.2 - /usr/lib/netaddpr SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - day5notifier SGI IRIX 6.2 - day5notifier Exploit SGI IRIX 6.4 - datman/cdman SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.3 - cgi-bin webdist.cgi SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit SGI IRIX 6.4 - cgi-bin handler SGI IRIX 6.4 - cgi-bin handler Exploit SGI IRIX 6.4 - login SGI IRIX 6.4 - login Exploit IBM AIX 3.2.5 - IFS IBM AIX 3.2.5 - IFS Exploit IBM AIX 3.2.5 - login(1) IBM AIX 3.2.5 - login(1) Exploit Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2) Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit GNU glibc 2.1/2.1.1 -6 - pt_chown GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit ProFTPd 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Exploit Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit S.u.S.E. Linux 6.1/6.2 - cwdtools S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit SCO Unixware 7.1 - 'pkg' commands SCO Unixware 7.1 - 'pkg' command Exploit Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service Nortel Networks Optivity NETarchitect 2.0 - PATH Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit SGI IRIX 6.2 - midikeys/soundplayer SGI IRIX 6.2 - midikeys/soundplayer Exploit Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Microsoft Windows 95/98/NT 4.0 - autorun.inf Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit Corel Linux OS 1.0 - buildxconfig Corel Linux OS 1.0 - setxconf Corel Linux OS 1.0 - buildxconfig Exploit Corel Linux OS 1.0 - setxconf Exploit TP Link Gateway 3.12.4 - Multiple Vulnerabilities TP-Link Gateway 3.12.4 - Multiple Vulnerabilities SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2) Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit Cisco IOS 11.x/12.x - HTTP %% Cisco IOS 11.x/12.x - HTTP %% Exploit RedHat Linux 6.0/6.1/6.2 - pam_console RedHat Linux 6.0/6.1/6.2 - pam_console Exploit HP-UX 10.20/11.0 man - /tmp symlink HP-UX 10.20/11.0 man - /tmp Symlink Exploit IRIX 5.3/6.x - mail IRIX 5.3/6.x - mail Exploit TYPSoft 0.7 x - FTP Server Remote Denial of Service TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service Oracle Internet Directory 2.0.6 - oidldap Oracle Internet Directory 2.0.6 - oidldap Exploit CatSoft FTP Serv-U 2.5.x - Brute Force Cat Soft Serv-U FTP Server 2.5.x - Brute Force Small HTTP server 2.0 1 - Non-Existent File Denial of Service Small HTTP Server 2.0 1 - Non-Existent File Denial of Service NCSA httpd-campas 1.2 - sample script NCSA httpd-campas 1.2 - sample script Exploit Novell NetWare Web Server 2.x - convert.bas Novell NetWare Web Server 2.x - convert.bas Exploit Serv-U 2.4/2.5 - FTP Directory Traversal Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal Novell Netware Web Server 3.x - files.pl Novell Netware Web Server 3.x - files.pl Exploit guido frassetto sedum http server 2.0 - Directory Traversal Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal robin twombly a1 http server 1.0 - Directory Traversal Robin Twombly A1 HTTP Server 1.0 - Directory Traversal SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit michael lamont savant http server 2.1 - Directory Traversal Michael Lamont Savant HTTP Server 2.1 - Directory Traversal zeroo http server 1.5 - Directory Traversal (1) zeroo http server 1.5 - Directory Traversal (2) Zeroo HTTP Server 1.5 - Directory Traversal (1) Zeroo HTTP Server 1.5 - Directory Traversal (2) Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting XLight FTP Server 1.x - Long Directory Request Remote Denial of Service Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service XLight FTP Server 1.52 - Remote Send File Request Denial of Service Xlight FTP Server 1.52 - Remote Send File Request Denial of Service gweb http server 0.5/0.6 - Directory Traversal GWeb HTTP Server 0.5/0.6 - Directory Traversal MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server (build 300) - Crash (PoC) TP-Link Print Server TL PS110U - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration PCMan's FTP Server 2.0.7 - Buffer Overflow PCMan FTP Server 2.0.7 - Buffer Overflow PCMan's FTP Server 2.0 - Remote Buffer Overflow PCMan FTP Server 2.0 - Remote Buffer Overflow PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3-5 - ZendEngine ECalloc Integer Overflow PHP 3 < 5 - ZendEngine ECalloc Integer Overflow NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static Http Server 1.0 - Denial of Service TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static HTTP Server 1.0 - Denial of Service NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2) Ipswitch 8.0 - WS_FTP Client Format String Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String NETGEAR WGR614 - Administration Interface Remote Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NetMan 204 - Backdoor Account NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Serv-U 11.1.0.3 - Denial of Service / Security Bypass Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND9 - TKEY (PoC) Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND 9 - TKEY (PoC) ISC BIND9 - TKEY Remote Denial of Service (PoC) ISC BIND 9 - TKEY Remote Denial of Service (PoC) NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Android (Stagefright) - Remote Code Execution Android - 'Stagefright' Remote Code Execution Microsoft Windows Media Center - MCL (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) Android libstagefright - Integer Overflow Remote Code Execution Android - libstagefright Integer Overflow Remote Code Execution NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution pdfium IsFlagSet (v8 memory management) - SIGSEGV pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) TallSoft SNMP TFTP Server 1.0.0 - Denial of Service TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service Metaphor - Stagefright Exploit with ASLR Bypass Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)	2016-09-28 11:55:43 +00:00
Offensive Security	4aa6d571e7	DB: 2016-09-17 3 new exploits Too many to list!	2016-09-17 05:08:43 +00:00
Offensive Security	5e2fc10125	DB: 2016-09-03	2016-09-03 13:13:25 +00:00
Offensive Security	31a21bb68d	DB: 2016-09-03 14 new exploits Too many to list!	2016-09-03 05:08:42 +00:00
Offensive Security	760d823bc8	DB: 2016-08-30 18 new exploits Too many to list!	2016-08-30 05:08:40 +00:00
Offensive Security	32bd251480	DB: 2016-08-20 17 new exploits Too many to list!	2016-08-20 05:06:28 +00:00
Offensive Security	ae53a02150	DB: 2016-08-19 4 new exploits Too many too list!	2016-08-19 05:06:41 +00:00
Offensive Security	8c28728c9f	DB: 2016-08-15 2 new exploits Cacti 0.8.6d Remote Command Execution Exploit Cacti 0.8.6d - Remote Command Execution Exploit Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin Exploit PHP < 4.4.5 - / 5.2.1 - php_binary Session Deserialization Information Leak PHP < 4.4.5 - / 5.2.1 - WDDX Session Deserialization Information Leak PHP < 4.4.5 / 5.2.1 - php_binary Session Deserialization Information Leak PHP < 4.4.5 / 5.2.1 - WDDX Session Deserialization Information Leak PHP < 4.4.5 - / 5.2.1 - _SESSION unset() Local Exploit PHP < 4.4.5 - / 5.2.1 - _SESSION Deserialization Overwrite Exploit PHP < 4.4.5 / 5.2.1 - _SESSION unset() Local Exploit PHP < 4.4.5 / 5.2.1 - _SESSION Deserialization Overwrite Exploit Cacti 0.8.6-d graph_view.php Command Injection (Metasploit) Cacti 0.8.6-d - graph_view.php Command Injection (Metasploit) Samba 3.0.10 - 3.3.5 - Format String And Security Bypass Samba 3.0.10 < 3.3.5 - Format String And Security Bypass Allomani - E-Store 1.0 - CSRF Add Admin Account Allomani - Super Multimedia 2.5 - CSRF Add Admin Account Allomani - E-Store 1.0 - CSRF (Add Admin Account) Allomani - Super Multimedia 2.5 - CSRF (Add Admin Account) HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow DoS HP Data Protector Media Operations NULL Pointer Dereference Remote DoS HP Data Protector Media Operations - NULL Pointer Dereference Remote DoS JBoss Application Server Remote Exploit JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Exploit EasyFTP Server 1.7.0.11 MKD Command Stack Buffer Overflow EasyFTP Server 1.7.0.11 - MKD Command Stack Buffer Overflow EasyFTP Server 1.7.0.11 LIST Command Stack Buffer Overflow EasyFTP Server 1.7.0.11 - LIST Command Stack Buffer Overflow EasyFTP Server 1.7.0.11 CWD Command Stack Buffer Overflow EasyFTP Server 1.7.0.11 - CWD Command Stack Buffer Overflow EasyFTP Server 1.7.0.11 list.html path Stack Buffer Overflow EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow Cacti graph_view.php Remote Command Execution Cacti - graph_view.php Remote Command Execution Linux/SuperH (sh4) - setuid(0) - chmod(_/etc/shadow__ 0666) - exit(0) shellcode (43 bytes) Linux/SuperH (sh4) - setuid(0) / chmod(_/etc/shadow__ 0666) / exit(0) Shellcode (43 bytes) HP Data Protector 6.20 EXEC_CMD Buffer Overflow HP Data Protector 6.20 - EXEC_CMD Buffer Overflow HP Data Protector Remote Shell for HP-UX HP Data Protector - Remote Shell for HP-UX WHMCompleteSolution (cart.php) 3.x.x < 4.0.x - Local File Disclosure WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - (cart.php) Local File Disclosure hp data protector media operations 6.20 - Directory Traversal HP Data Protector Media Operations 6.20 - Directory Traversal HP Data Protector 6.1 EXEC_CMD Remote Code Execution HP Data Protector 6.1 - EXEC_CMD Remote Code Execution HP Data Protector Client EXEC_CMD Remote Code Execution HP Data Protector Client - EXEC_CMD Remote Code Execution HP Data Protector Create New Folder Buffer Overflow HP Data Protector - Create New Folder Buffer Overflow Irfanview JPEG2000 <= 4.3.2.0 - jp2 - Stack Buffer Overflow Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow HP Data Protector DtbClsLogin Buffer Overflow HP Data Protector - DtbClsLogin Buffer Overflow RaXnet Cacti 0.5/0.6/0.8 Config_Settings.php Remote File Inclusion RaXnet Cacti 0.5/0.6/0.8 - Config_Settings.php Remote File Inclusion RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.php Remote File Inclusion RaXnet Cacti 0.5/0.6/0.8 - Top_Graph_Header.php Remote File Inclusion RaXnet Cacti 0.5/0.6.x/0.8.x Graph_Image.php Remote Command Execution Variant RaXnet Cacti 0.5/0.6.x/0.8.x - Graph_Image.php Remote Command Execution Variant TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) - Crash PoC TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash PoC HP Data Protector Arbitrary Remote Command Execution HP Data Protector - Arbitrary Remote Command Execution Indusoft Thin Client 7.1 - ActiveX - Buffer Overflow Indusoft Thin Client 7.1 - ActiveX Buffer Overflow BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities HP Data Protector Cell Request Service Buffer Overflow HP Data Protector - Cell Request Service Buffer Overflow Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution Cacti 0.8.7 graph_view.php graph_list Parameter SQL Injection Cacti 0.8.7 graph.php view_type Parameter XSS Cacti 0.8.7 graph_view.php filter Parameter XSS Cacti 0.8.7 tree.php Multiple Parameter SQL Injection Cacti 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection Cacti 0.8.7 index.php/sql.php Login Action login_username Parameter SQL Injection Cacti 0.8.7 - graph_view.php graph_list Parameter SQL Injection Cacti 0.8.7 - graph.php view_type Parameter XSS Cacti 0.8.7 - graph_view.php filter Parameter XSS Cacti 0.8.7 - tree.php Multiple Parameter SQL Injection Cacti 0.8.7 - graph_xport.php local_graph_id Parameter SQL Injection Cacti 0.8.7 - index.php/sql.php Login Action login_username Parameter SQL Injection MG2 - 'list' Parameter - Cross-Site Scripting MG2 - 'list' Parameter Cross-Site Scripting HP Data Protector Backup Client Service - Directory Traversal HP Data Protector - Backup Client Service Directory Traversal HP Data Protector EXEC_BAR Remote Command Execution HP Data Protector - EXEC_BAR Remote Command Execution HP Data Protector Backup Client Service Remote Code Execution HP Data Protector - Backup Client Service Remote Code Execution Cacti 0.8.x graph.php Multiple Parameter XSS Cacti 0.8.x - graph.php Multiple Parameter XSS Jetty 6.1.x JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities Cacti 0.8.7 on Red Hat High Performance Computing (HPC) utilities.php filter Parameter XSS Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter XSS HP Data Protector EXEC_INTEGUTIL Remote Code Execution HP Data Protector - EXEC_INTEGUTIL Remote Code Execution HP Data Protector 8.10 Remote Command Execution HP Data Protector 8.10 - Remote Command Execution Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow Exim 4 (Debian / Ubuntu) - Spool Local Privilege Escalation Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Local Privilege Escalation Wireshark 2.0.0 - 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service Wireshark 2.0.0 - 2.0.4 - CORBA IDL Dissectors Denial of Service Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - PacketBB Dissector Denial of Service Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - WSP Dissector Denial of Service Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - RLC Dissector Denial of Service Wireshark 2.0.0 < 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service Wireshark 2.0.0 < 2.0.4 - CORBA IDL Dissectors Denial of Service Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - PacketBB Dissector Denial of Service Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - WSP Dissector Denial of Service Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - RLC Dissector Denial of Service FreePBX 13 / 14 - Remote Code Execution FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit Samsung Smart Home Camera SNH-P-6410 - Command Injection	2016-08-15 05:09:55 +00:00
Offensive Security	428f25fc1c	DB: 2016-08-07 8 new exploits NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities ntop 2.3 <= 2.5 - Multiple Vulnerabilities Subrion CMS 4.0.5 - SQL Injection zFTP Client 20061220 - (Connection Name) Local Buffer Overflow PHP Power Browse 1.2 - Directory Traversal Davolink DV-2051 - Multiple Vulnerabilities WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting NASdeluxe NDL-2400r 2.01.09 - OS Command Injection	2016-08-07 02:36:02 +00:00
Offensive Security	acd30ed451	DB: 2016-07-19	2016-07-19 06:38:52 +00:00
Offensive Security	6dc4d46521	DB: 2016-05-18 16 new exploits Meteocontrol WEB’log - Admin Password Disclosure Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow Adobe Flash - JXR Processing Out-of-Bounds Read Adobe Flash - Out-of-Bounds Read when Placing Object Adobe Flash - Overflow in Processing Raw 565 Textures Adobe Flash - Heap Overflow in ATF Processing (Image Reading) Adobe Flash - MP4 File Stack Corruption Adobe Flash - Type Confusion in FileReference Constructor Adobe Flash - addProperty Use-After-Free Adobe Flash - SetNative Use-After-Free Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection SAP xMII 15.0 - Directory Traversal	2016-05-18 05:02:15 +00:00
Offensive Security	6c6fd8d397	DB: 2016-05-15	2016-05-15 05:03:54 +00:00
Offensive Security	52e862d62a	DB: 2016-05-11 9 new exploits Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit mIRC 6.1 - _IRC_ Protocol Remote Buffer Overflow Exploit mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow Exploit Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit Linux Kernel 2.4.22 - _do_brk()_ Local Root Exploit (PoC) Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept) Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working) Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit Xsok 1.02 - _-xsokdir_ Local Buffer Overflow Game Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (2) Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1) Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2) Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit Serv-U FTPD 3.x/4.x _SITE CHMOD_ Command Remote Exploit Serv-U FTPD 3.x/4.x- 'SITE CHMOD' Command Remote Exploit Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Local Proof-of-Concept (2) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2) Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Missing _do_munmap_ Exploit Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit eMule <= 0.42d IRC Remote Buffer Overflow Exploit eMule <= 0.42d - IRC Remote Buffer Overflow Exploit GnomeHack Local Buffer Overflow Exploit (gid=games) GnomeHack - Local Buffer Overflow Exploit (gid=games) Kwintv Local Buffer Overflow Exploit (gid=video(33)) Kwintv - Local Buffer Overflow Exploit (gid=video(33)) Redhat 6.1 man Local Exploit (egid 15) Redhat 6.1 man - Local Exploit (egid 15) Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit Linux Kernel 2.4.x - 2.6.x - Assembler Inline Function Local DoS Exploit rlpr <= 2.04 msg() Remote Format String Exploit MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit rlpr <= 2.04 - msg() Remote Format String Exploit MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit Ollydbg <= 1.10 Format String Bug Ollydbg <= 1.10 - Format String Bug Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit AOL Instant Messenger AIM _Away_ Message Local Exploit AOL Instant Messenger AIM - 'Away' Message Local Exploit Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit AOL Instant Messenger AIM _Away_ Message Remote Exploit AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2) Silent Storm Portal Multiple Vulnerabilities Silent Storm Portal - Multiple Vulnerabilities YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit Monit <= 4.2 Basic Authentication Remote Root Exploit Monit <= 4.2 - Basic Authentication Remote Root Exploit YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit Chatman <= 1.5.1 RC1 Broadcast Crash Exploit Flash Messaging <= 5.2.0g Remote Denial of Service Exploit Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit Halo <= 1.05 Broadcast Client Crash Exploit CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit Halo <= 1.05 - Broadcast Client Crash Exploit Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit Kreed <= 1.05 Format String and Denial of Service Exploit Kreed <= 1.05 - Format String and Denial of Service Exploit Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC Cscope <= 15.5 Symlink Vulnerability Exploit WinRAR <= 3.4.1 - Corrupt ZIP File Vulnerability PoC Cscope <= 15.5 - Symlink Vulnerability Exploit Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit Netcat 1.1 - _-e_ Switch Remote Buffer Overflow Exploit PHP <= 4.3.7 openlog() Buffer Overflow Exploit Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit PHP <= 4.3.7 - openlog() Buffer Overflow Exploit phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm) phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm) Gore <= 1.50 Socket Unreacheable Denial of Service Exploit Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit Exim <= 4.41 dns_build_reverse Local Exploit PoC Exim <= 4.41 - dns_build_reverse Local Exploit PoC Peer2Mail <= 1.4 Encrypted Password Dumper Exploit Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit Armagetron Advanced <= 0.2.7.0 Server Crash Exploit Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit MercuryBoard <= 1.1.1 Working SQL Injection MercuryBoard <= 1.1.1 - SQL Injection GNU a2ps _Anything to PostScript_ Local Exploit (not suid) GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID) vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1) vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution (part 2) Serv-U 4.x _site chmod_ Remote Buffer Overflow Exploit vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit 3Com 3CDaemon FTP Unauthorized _USER_ Remote BoF Exploit 3Com 3CDaemon FTP - Unauthorized 'USER' Remote BoF Exploit vBulletin <= 3.0.6 php Code Injection vBulletin <= 3.0.6 - PHP Code Injection Soldier of Fortune 2 <= 1.03 - _cl_guid_ - Server Crash Soldier of Fortune 2 <= 1.03 - 'cl_guid' - Server Crash Knet <= 1.04c Buffer Overflow Denial of Service Exploit Knet <= 1.04c - Buffer Overflow Denial of Service Exploit Scrapland <= 1.0 Server Termination Denial of Service Exploit Scrapland <= 1.0 - Server Termination Denial of Service Exploit Apache <= 2.0.52 HTTP GET request Denial of Service Exploit Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update) Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2) Microsoft Internet Explorer _mshtml.dll_ CSS Parsing Buffer Overflow Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2) Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows) Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux) PHP-Nuke 6.x - 7.6 Top module Remote SQL Injection Exploit (working) PHP-Nuke 6.x - 7.6 Top module - Remote SQL Injection Exploit HP-UX FTPD <= 1.1.214.4 - _REST_ Remote Brute Force Exploit HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial) Invision Power Board <= 2.0.3 - Login.PHP SQL Injection Exploit Invision Power Board <= 2.0.3 - Login.PHP SQL Injection (tutorial) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php) phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit Microsoft Internet Explorer - javascript _window()_ Crash Microsoft Internet Explorer - javascript 'window()' Crash Kaspersky AntiVirus - _klif.sys_ Privilege Escalation Vulnerability Kaspersky AntiVirus - 'klif.sys' Privilege Escalation Vulnerability Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working) Invision Power Board <= 1.3.1 - Login.PHP SQL Injection WordPress <= 1.5.1.1 - _add new admin_ SQL Injection Exploit WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit Mozilla Firefox <= 1.0.4 - _Set As Wallpaper_ Code Execution Exploit Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC) Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC) XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities Linux Kernel <= 2.6.11 - 'k-rad3.c' (CPL 0) Local Root Exploit Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities nodez <= 4.6.1.1 mercury Multiple Vulnerabilities nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities gCards <= 1.45 - Multiple Vulnerabilities All-In-One Exploit gCards <= 1.45 - Multiple Vulnerabilities Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit OpenTTD <= 0.4.7 - (multiple vulnerabilities) Denial of Service Exploit OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC) PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Exploit PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities Exploit outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities raydium <= svn 309 - Multiple Vulnerabilities Exploit raydium <= svn 309 - Multiple Vulnerabilities PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities Light Blog Remote Multiple Vulnerabilities Exploit Light Blog Remote - Multiple Vulnerabilities Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities contentnow 1.30 (upload/XSS) Multiple Vulnerabilities contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities Messagerie Locale (centre.php) Remote File Inclusion Vulnerability Site News (centre.php) Remote File Inclusion Vulnerability Messagerie Locale (centre.php) - Remote File Inclusion Vulnerability Site News (centre.php) - Remote File Inclusion Vulnerability kubix <= 0.7 - Multiple Vulnerabilities Exploit kubix <= 0.7 - Multiple Vulnerabilities BBS E-Market Professional (Path Disclosure/Include) Multiple Vulnerabilities BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit open newsletter <= 2.5 - Multiple Vulnerabilities Exploit (update) open newsletter <= 2.5 - Multiple Vulnerabilities (2) eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities php-update <= 2.7 - Multiple Vulnerabilities Exploit php-update <= 2.7 - Multiple Vulnerabilities ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities vp-asp shopping cart 6.09 (SQL/XSS) Multiple Vulnerabilities vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities Aztek Forum 4.0 - Multiple Vulnerabilities Exploit Aztek Forum 4.0 - Multiple Vulnerabilities otscms <= 2.1.5 (SQL/XSS) Multiple Vulnerabilities otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities qdblog 0.4 (SQL Injection/LFI) Multiple Vulnerabilities qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability Censura 1.15.04 - (censura.php vendorid) SQL Injection Vulnerability runawaysoft haber portal 1.0 (tr) Multiple Vulnerabilities runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities netclassifieds (SQL/XSS/full path) Multiple Vulnerabilities netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities bugmall shopping cart 2.5 (SQL/XSS) Multiple Vulnerabilities bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection Vulnerability Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day) Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0day) Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit else if CMS 0.6 - Multiple Vulnerabilities / Exploit else if CMS 0.6 - Multiple Vulnerabilities Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit Php-Stats 0.1.9.2 - Multiple Vulnerabilities Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection Vulnerability Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept portalapp 4.0 (SQL/XSS/auth bypasses) Multiple Vulnerabilities portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities evilboard 0.1a (SQL/XSS) Multiple Vulnerabilities evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit blogcms 4.2.1b (SQL/XSS) Multiple Vulnerabilities blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities bloofox 0.3 (SQL/fd) Multiple Vulnerabilities bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability Liquid-Silver CMS 0.1 - (update) Local File Inclusion Vulnerability simple forum 3.2 (fd/XSS) Multiple Vulnerabilities simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability Mambo Component Sermon 0.2 - (gid) SQL Injection Vulnerability Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities pigyard art gallery Multiple Vulnerabilities pigyard art gallery - Multiple Vulnerabilities XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection Vulnerability XOOPS Module My_eGallery 3.04 - (gid) SQL Injection Vulnerability easycalendar <= 4.0tr Multiple Vulnerabilities easygallery <= 5.0tr Multiple Vulnerabilities easycalendar <= 4.0tr - Multiple Vulnerabilities easygallery <= 5.0tr - Multiple Vulnerabilities Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities Exploit Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit minibb 2.2 (css/SQL/fpd) Multiple Vulnerabilities minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities siteman 2.x (exec/LFI/XSS) Multiple Vulnerabilities siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities megabbs forum 2.2 (SQL/XSS) Multiple Vulnerabilities megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit cplinks 1.03 (bypass/SQL/xxs) Multiple Vulnerabilities cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities deluxebb <= 1.2 - Multiple Vulnerabilities Exploit deluxebb <= 1.2 - Multiple Vulnerabilities Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection Vulnerability idautomation bar code ActiveX Multiple Vulnerabilities idautomation bar code ActiveX - Multiple Vulnerabilities ecms 0.4.2 (SQL/pb) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities mebiblio 0.4.7 (SQL/upload/XSS) Multiple Vulnerabilities mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities smeweb 1.4b (SQL/XSS) Multiple Vulnerabilities smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities 427bb 2.3.1 (SQL/XSS) Multiple Vulnerabilities 427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulnerabilities Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities real estate Web site 1.0 (SQL/XSS) Multiple Vulnerabilities telephone directory 2008 (SQL/XSS) Multiple Vulnerabilities real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities gravity board x 2.0 beta (SQL/XSS) Multiple Vulnerabilities gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities butterfly organizer 2.0.0 (SQL/XSS) Multiple Vulnerabilities butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities ownrs blog beta3 (SQL/XSS) Multiple Vulnerabilities ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities sitexs CMS 0.1.1 (upload/XSS) Multiple Vulnerabilities sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities shibby shop <= 2.2 (SQL/update) Multiple Vulnerabilities shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities polypager <= 1.0rc2 (SQL/XSS) Multiple Vulnerabilities polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities otmanager CMS 24a (LFI/XSS) Multiple Vulnerabilities w1l3d4 philboard 1.2 (blind sql/XSS) Multiple Vulnerabilities otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities Thelia 1.3.5 - Multiple Vulnerabilities Exploit Thelia 1.3.5 - Multiple Vulnerabilities contentnow 1.4.1 (upload/XSS) Multiple Vulnerabilities contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2) trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py) Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python) jsite 1.0 oe (SQL/LFI) Multiple Vulnerabilities jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit e-vision CMS <= 2.02 (SQL/upload/ig) Multiple Vulnerabilities k-links directory (SQL/XSS) Multiple Vulnerabilities e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities k-links directory - (SQL/XSS) Multiple Vulnerabilities Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities k-rate (SQL/XSS) Multiple Vulnerabilities k-rate - (SQL/XSS) Multiple Vulnerabilities Invision Power Board <= 2.3.5 - Multiple Vulnerabilities Exploit (revised) Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2) brim 2.0.0 (SQL/XSS) Multiple Vulnerabilities brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities aspwebalbum 3.2 (upload/SQL/XSS) Multiple Vulnerabilities aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities qwicsite pro (SQL/XSS) Multiple Vulnerabilities qwicsite pro - (SQL/XSS) Multiple Vulnerabilities Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities Availscript Article Script (articles.php) Multiple Vulnerabilities Availscript Article Script - (articles.php) Multiple Vulnerabilities Availscript Photo Album (pics.php) Multiple Vulnerabilities Availscript Photo Album - (pics.php) Multiple Vulnerabilities phpvid 1.1 0- (XSS/SQL) Multiple Vulnerabilities phpvid 1.1 0 - (XSS/SQL) Multiple Vulnerabilities php infoboard 7 - plus Multiple Vulnerabilities php infoboard 7 plus - Multiple Vulnerabilities camera life 2.6.2b4 (SQL/XSS) Multiple Vulnerabilities camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities mystats (hits.php) Multiple Vulnerabilities Exploit mystats - (hits.php) Multiple Vulnerabilities Vivvo CMS <= 3.4 - Multiple Vulnerabilities Destroyer Exploit Vivvo CMS <= 3.4 - Multiple Vulnerabilities websvn <= 2.0 - (XSS/fh/ce) Multiple Vulnerabilities websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities phpdaily (SQL/XSS/lfd) Multiple Vulnerabilities phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities questcms - (XSS/directory traversal/SQL) Multiple Vulnerabilities questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities apartment search script (rfu/XSS) Multiple Vulnerabilities apartment search script - (RFU/XSS) Multiple Vulnerabilities MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities pre multi-vendor shopping malls Multiple Vulnerabilities pre multi-vendor shopping malls - Multiple Vulnerabilities Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities AJSquare Free Polling Script (DB) Multiple Vulnerabilities AJSquare Free Polling Script - (DB) Multiple Vulnerabilities turnkeyforms Web Hosting Directory Multiple Vulnerabilities turnkeyforms Web Hosting Directory - Multiple Vulnerabilities GS Real Estate Portal US/International Module Multiple Vulnerabilities GS Real Estate Portal US/International Module - Multiple Vulnerabilities bandwebsite 1.5 (SQL/XSS) Multiple Vulnerabilities bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities chipmunk topsites (auth bypass/XSS) Multiple Vulnerabilities clean CMS 1.5 (blind SQL Injection/XSS) Multiple Vulnerabilities chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities comersus asp shopping cart (dd/XSS) Multiple Vulnerabilities comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities minimal ablog 0.4 (SQL/fu/bypass) Multiple Vulnerabilities minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities wbstreet 1.0 (SQL/dd) Multiple Vulnerabilities wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities template creature (SQL/dd) Multiple Vulnerabilities template creature - (SQL/DD) Multiple Vulnerabilities merlix educate servert (bypass/dd) Multiple Vulnerabilities merlix educate servert - (bypass/DD) Multiple Vulnerabilities nightfall personal diary 1.0 - (XSS/dd) Multiple Vulnerabilities Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulnerabilities nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities asp autodealer (SQL/dd) Multiple Vulnerabilities asp autodealer - (SQL/DD) Multiple Vulnerabilities aspmanage banners (rfu/dd) Multiple Vulnerabilities aspmanage banners - (RFU/DD) Multiple Vulnerabilities asp talk (SQL/css) Multiple Vulnerabilities asp talk - (SQL/css) Multiple Vulnerabilities siu guarani Multiple Vulnerabilities siu guarani - Multiple Vulnerabilities webcaf <= 1.4 - (LFI/rce) Multiple Vulnerabilities webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities postecards (SQL/dd) Multiple Vulnerabilities postecards - (SQL/DD) Multiple Vulnerabilities living Local 1.1 - (XSS-rfu) Multiple Vulnerabilities living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities cf shopkart 5.2.2 (SQL/dd) Multiple Vulnerabilities cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities the net guys aspired2blog (SQL/dd) Multiple Vulnerabilities the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities joomla live chat (SQL/proxy) Multiple Vulnerabilities joomla live chat - (SQL/proxy) Multiple Vulnerabilities isweb CMS 3.0 (SQL/XSS) Multiple Vulnerabilities isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities clickandemail (SQL/XSS) Multiple Vulnerabilities click&rank (SQL/XSS) Multiple Vulnerabilities clickandemail - (SQL/XSS) Multiple Vulnerabilities click&rank - (SQL/XSS) Multiple Vulnerabilities Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities Liberum Help Desk 0.97.3 - (SQL/DD) Remote Vulnerabilities Zelta E Store - (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities 2532/gigs 1.2.2 - stable Multiple Vulnerabilities 2532/gigs 1.2.2 stable - Multiple Vulnerabilities constructr CMS <= 3.02.5 stable Multiple Vulnerabilities constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit doop CMS <= 1.4.0b (CSRF/upload shell) Multiple Vulnerabilities doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities Nokia S60 SMS/Mms (Curse of Silence) Denial of Service Vulnerability Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service Vulnerability Seo4SMF for SMF forums Multiple Vulnerabilities Seo4SMF for SMF forums - Multiple Vulnerabilities mkportal <= 1.2.1 () Multiple Vulnerabilities mkportal <= 1.2.1 - Multiple Vulnerabilities rankem (dd/XSS/cm) Multiple Vulnerabilities blogit! (SQL/dd/XSS) Multiple Vulnerabilities rankem - (DD/XSS/cm) Multiple Vulnerabilities blogit! - (SQL/DD/XSS) Multiple Vulnerabilities E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities navicopa webserver 3.0.1 (bof/sd) Multiple Vulnerabilities navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities team 1.x - (dd/XSS) Multiple Vulnerabilities Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities team 1.x - (DD/XSS) Multiple Vulnerabilities gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities w3bcms <= 3.5.0 - Multiple Vulnerabilities Exploit w3bcms <= 3.5.0 - Multiple Vulnerabilities powermovielist 0.14b (SQL/XSS) Multiple Vulnerabilities powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities ritsblog 0.4.2 (ab/XSS) Multiple Vulnerabilities Zabbix 1.6.2 Frontend Multiple Vulnerabilities blindblog 1.3.1 (SQL/ab/LFI) Multiple Vulnerabilities ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities Zabbix 1.6.2 - Frontend - Multiple Vulnerabilities blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth) Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities Femitter FTP Server 1.x - Multiple Vulnerabilities (post auth) Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities fungamez rc1 (ab/LFI) Multiple Vulnerabilities fungamez rc1 - (ab/LFI) Multiple Vulnerabilities mixedcms 1.0b (LFI/su/ab/fd) Multiple Vulnerabilities mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities fowlcms 1.1 (ab/LFI/su) Multiple Vulnerabilities fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities Linux Kernel 2.6.x - SCTP FWD Memory Corruption Remote Exploit Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit leap CMS 0.1.4 (SQL/XSS/su) Multiple Vulnerabilities leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities tematres 1.0.3 (auth bypass/SQL/XSS) Multiple Vulnerabilities tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit 2daybiz business community script Multiple Vulnerabilities Easy Scripts Answer and Question Script Multiple Vulnerabilities 2daybiz business community script - Multiple Vulnerabilities Easy Scripts Answer and Question Script - Multiple Vulnerabilities my-colex 1.4.2 (ab/XSS/SQL) Multiple Vulnerabilities my-gesuad 0.9.14 (ab/SQL/XSS) Multiple Vulnerabilities my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities vidshare pro (SQL/XSS) Multiple Vulnerabilities vidshare pro - (SQL/XSS) Multiple Vulnerabilities Mac OS X - Java applet Remote Deserialization Remote PoC (updated) Mac OS X - Java applet Remote Deserialization Remote PoC (Updated) asp inline corporate calendar (SQL/XSS) Multiple Vulnerabilities asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities minitwitter 0.3-beta (SQL/XSS) Multiple Vulnerabilities minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities elitecms 1.01 (SQL/XSS) Multiple Vulnerabilities elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities flashlight free edition (LFI/SQL) Multiple Vulnerabilities flashlight free edition - (LFI/SQL) Multiple Vulnerabilities propertymax pro free (SQL/XSS) Multiple Vulnerabilities propertymax pro free - (SQL/XSS) Multiple Vulnerabilities podcast generator <= 1.2 - globals[] Multiple Vulnerabilities podcast generator <= 1.2 - globals[] - Multiple Vulnerabilities kloxo 5.75 (24 issues) Multiple Vulnerabilities kloxo 5.75 - (24 issues) Multiple Vulnerabilities virtue news (SQL/XSS) Multiple Vulnerabilities virtue news - (SQL/XSS) Multiple Vulnerabilities mrcgiguy the ticket system 2.0 php Multiple Vulnerabilities mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities mrcgiguy freeticket (ch/SQL) Multiple Vulnerabilities mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities impleo music collection 2.0 (SQL/XSS) Multiple Vulnerabilities impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities kasseler CMS (fd/XSS) Multiple Vulnerabilities kasseler CMS - (fd/XSS) Multiple Vulnerabilities tribiq CMS 5.0.12c (XSS/LFI) Multiple Vulnerabilities tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64) Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities citrix xencenterweb - (XSS/SQL/rce) Multiple Vulnerabilities citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities FreeBSD 6/8 (ata device) Local Denial of Service Exploit FreeBSD 6/8 - (ata device) Local Denial of Service Exploit good/bad vote (XSS/LFI) Multiple Vulnerabilities good/bad vote - (XSS/LFI) Multiple Vulnerabilities Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux / RHEL5 - Test Kernel Local Root Exploit (0day) Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0day) mcshoutbox 1.1 (SQL/XSS/shell) Multiple Vulnerabilities mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities DD-WRT (httpd service) Remote Command Execution Vulnerability DD-WRT - (httpd service) Remote Command Execution Vulnerability tenrok 1.1.0 (udd/rce) Multiple Vulnerabilities tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit (1) Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1) Linux Kernel 2.4 / 2.6 - sock_sendpage() ring0 Root Exploit (1) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1) Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept Linux Kernel 2.6 < 2.6.19 - (32-bit) ip_append_data() ring0 Root Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (PPC Edition) Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC) Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit (x86/x64) Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (2) Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2) Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities Linux Kernel - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty Linux Kernel - 'pipe.c' Local Privilege Escalation Vulnerability Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability Linux Kernel - 'unix_stream_connect()' Local Denial of Service Vulnerability Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service Vulnerability Unreal Tournament 2004 - _Secure_ Overflow Unreal Tournament 2004 - 'Secure' Overflow VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit PHP < 5.3.1 - _multipart/form-data_ Denial of Service Exploit (Python) PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python) sugar crm 5.5.0.rc2 and 5.2.0j Multiple Vulnerabilities sugar crm 5.5.0.rc2 and 5.2.0j - Multiple Vulnerabilities Huawei MT882 Modem/Router Multiple Vulnerabilities Huawei MT882 Modem/Router - Multiple Vulnerabilities DigitalHive Multiple Vulnerabilities DigitalHive - Multiple Vulnerabilities zabbix server Multiple Vulnerabilities zabbix server - Multiple Vulnerabilities Ez Faq Maker Multiple Vulnerabilities Ez Faq Maker - Multiple Vulnerabilities Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities Horde 3.3.5 - _PHP_SELF_ XSS Vulnerability Horde 3.3.5 - 'PHP_SELF' XSS Vulnerability Lizard Cart Upload Shell Vulnerability Lizard Cart - Upload Shell Vulnerability Mega Upload Upload Shell Vulnerability Mega Upload 1.45 - Upload Shell Vulnerability MyCart shopping cart Upload Shell Vulnerability oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability MyCart shopping cart - Upload Shell Vulnerability osCommerce <= 2.2rc2a - Bypass/Create and Download Backup Vulnerability gallery_show.asp GID suffer from Blind SQL Injection Vulnerability gallery_show.asp - GID Blind SQL Injection Vulnerability Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities VirtualDJ Trial 6.0.6 - _New Year Edition_ - (.m3u) Exploit (0day) VirtualDJ Trial 6.0.6 - 'New Year Edition' - (.m3u) Exploit (0day) PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/XSS) PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities Docebo 3.6.0.2 (stable) Local File Inclusion Docebo 3.6.0.2 (stable) - Local File Inclusion CLONEBID B2B Marketplace Multiple Vulnerabilities ITechSctipts Alibaba Clone Multiple Vulnerabilities CLONEBID B2B Marketplace - Multiple Vulnerabilities ITechSctipts Alibaba Clone - Multiple Vulnerabilities ManageEngine OpUtils 5 - _Login.DO_ SQL Injection Vulnerability ManageEngine OpUtils 5 - 'Login.DO' SQL Injection Vulnerability CMS by MyWorks Multiple Vulnerabilities CMS by MyWorks - Multiple Vulnerabilities DZ Auktionshaus _V4.rgo_ (id) news.php - SQL Injection Vulnerability DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection Vulnerability PhpCityPortal Multiple Vulnerabilities PhpCityPortal - Multiple Vulnerabilities Joomla Component com_ckforms Multiple Vulnerabilities Joomla Component com_ckforms - Multiple Vulnerabilities Joomla Component com_vxdate Multiple Vulnerabilities Joomla Component com_vxdate - Multiple Vulnerabilities Adult Video Site Script Multiple Vulnerabilities Adult Video Site Script - Multiple Vulnerabilities iOS Safari - Bad _VML_ Remote DoS iOS Safari - Bad 'VML' Remote DoS Linux Kernel <= 2.6.34-rc3 ReiserFS xattr - Privilege Escalation Linux Kernel <= 2.6.34-rc3 ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation vBulletin _Cyb - Advanced Forum Statistics_ DoS vBulletin 'Cyb - Advanced Forum Statistics' DoS dl_stats Multiple Vulnerabilities dl_stats - Multiple Vulnerabilities avtech software (avc781viewer.dll) ActiveX Multiple Vulnerabilities avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities lanewsfactory Multiple Vulnerabilities lanewsfactory - Multiple Vulnerabilities MacOS X 10.6 HFS File System Attack (Denial of Service) MacOS X 10.6 - HFS File System Attack (Denial of Service) WFTPD Server 3.30 - Multiple Vulnerabilities (0day) WFTPD Server 3.30 - (0day) Multiple Vulnerabilities CompactCMS 1.4.0 (tiny_mce) Remote File Upload CompactCMS 1.4.0 (tiny_mce) - Remote File Upload Tainos Multiple Vulnerabilities Tainos - Multiple Vulnerabilities Joomla Component com_event Multiple Vulnerabilities Joomla Component com_event - Multiple Vulnerabilities B-Hind CMS (tiny_mce) Remote File Upload B-Hind CMS (tiny_mce) - Remote File Upload ComponentOne VSFlexGrid 7 & 8 - _Archive()_ method Remote Buffer Overflow Exploit ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - _PORT_ Command Remote DoS (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote DoS Blaze Apps Multiple Vulnerabilities Blaze Apps - Multiple Vulnerabilities Joomla Component My Car Multiple Vulnerabilities Joomla Component My Car - Multiple Vulnerabilities Marketing Web Design Multiple Vulnerabilities Marketing Web Design - Multiple Vulnerabilities Aim Web Design Multiple Vulnerabilities Aim Web Design - Multiple Vulnerabilities Zeeways Script Multiple Vulnerabilities Zeeways Script - Multiple Vulnerabilities QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure) QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities Joomla Component ChronoConnectivity Joomla Component ChronoForms (com_chronocontact) Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Vulnerability Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection Vulnerability Simple Posting System Multiple Vulnerabilities Simple Posting System - Multiple Vulnerabilities Joomla Component com_djartgallery Multiple Vulnerabilities Joomla Component com_djartgallery - Multiple Vulnerabilities Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection E-PHP B2B Marketplace Multiple Vulnerabilities E-PHP B2B Marketplace - Multiple Vulnerabilities DaLogin Multiple Vulnerabilities DaLogin - Multiple Vulnerabilities Novell iManager Multiple Vulnerabilities Novell iManager - Multiple Vulnerabilities 2DayBiz Video Community portal - _user-profile.php_ SQL Injection Vulnerability 2DayBiz Real Estate Portal - _viewpropertydetails.php_ SQL injection 2DayBiz Video Community portal - 'user-profile.php' SQL Injection Vulnerability 2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection NO-IP.com Dynamic DNS Update Client 2.2.1 - _Request_ Insecure Encoding Algorithm NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm TCW PHP Album Multiple Vulnerabilities Esoftpro Online Guestbook Pro Multiple Vulnerabilities TCW PHP Album - Multiple Vulnerabilities Esoftpro Online Guestbook Pro - Multiple Vulnerabilities Esoftpro Online Contact Manager Multiple Vulnerabilities Esoftpro Online Contact Manager - Multiple Vulnerabilities Joomla Component Sef (com_sef) - LFI Vulnerability Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability artforms 2.1b7.2 rc2 joomla component Multiple Vulnerabilities artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities Qt 4.6.3 - _QSslSocketBackendPrivate::transmit()_ Denial of Service Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service Macs CMS 1.1.4 - Multiple Vulnerabilities (XSS/CSRF) Macs CMS 1.1.4 - (XSS/CSRF) Multiple Vulnerabilities GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF) Ubuntu 9.10 (Karmic Koala) & 10.04 LTS (Lucid Lynx) PAM 1.1.0 MOTD - Local Root Exploit GetSimple CMS 2.01 - (XSS/CSRF) Multiple Vulnerabilities PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability Joomla Component QContacts (com_qcontacts) - SQL Injection Vulnerability Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow Microsoft Windows - Win32k.sys Driver _CreateDIBPalette()_ Buffer Overflow Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow Easy FTP - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands Zendesk Multiple Vulnerabilities Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands Zendesk - Multiple Vulnerabilities Mediacoder 0.7.5.4710 - _Universal_ SEH Buffer Overflow Exploit Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit Simple Forum PHP Multiple Vulnerabilities Simple Forum PHP - Multiple Vulnerabilities Linux Kernel < 2.6.36-rc1 CAN BCM - Privilege Escalation Exploit Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit Apple QuickTime __Marshaled_pUnk_ Backdoor Param Client-Side Arbitrary Code Execution Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution Adobe Acrobat Reader and Flash Player - _newclass_ invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Shop a la Cart Multiple Vulnerabilities Shop a la Cart - Multiple Vulnerabilities ifnuke - Multiple Vulnerabilities (0day) ifnuke - (0day) Multiple Vulnerabilities dynpage <= 1.0 - Multiple Vulnerabilities (0day) dynpage <= 1.0 - (0day) Multiple Vulnerabilities sirang web-based d-control Multiple Vulnerabilities sirang web-based d-control - Multiple Vulnerabilities Microsoft Office Visio - .DXF File Stack based Overflow Microsoft Office Visio 2002 - .DXF File Stack based Overflow Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution Vulnerability Zeeways Adserver Multiple Vulnerabilities Zeeways Adserver - Multiple Vulnerabilities Microsoft Office Word 2007 - sprmCMajority Buffer Overflow Microsoft Office Word 2007 SP2 - sprmCMajority Buffer Overflow Adobe Acrobat and Reader - _pushstring_ Memory Corruption Adobe Acrobat and Reader - 'pushstring' Memory Corruption Linux Kernel 2.6.27 < 2.6.36 - x86_64 compat Local Root Exploit Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection _reviews.php_ xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php' Java CMM readMabCurveData - Stack Overflow Java 6.19 CMM readMabCurveData - Stack Overflow Microsoft drm technology (msnetobj.dll) ActiveX Multiple Vulnerabilities RarCrack 0.2 - _filename_ init() .bss PoC Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities RarCrack 0.2 - 'filename' init() .bss PoC je guestbook 1.0 joomla component Multiple Vulnerabilities je guestbook 1.0 joomla component - Multiple Vulnerabilities Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities Linux Kernel < 2.6.36-rc6 - pktcdvd Kernel Memory Disclosure Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities js calendar 1.5.1 joomla component Multiple Vulnerabilities js calendar 1.5.1 joomla component - Multiple Vulnerabilities Oracle Java 6 - OBJECT tag _launchjnlp_/_docbase_ Param Buffer Overflow Exploit Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit Linux Kernel - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability Sybase Advantage Data Architect - _.SQL_ Format Heap Oveflow Sybase Advantage Data Architect - '.SQL' Format Heap Oveflow Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt) Minishare 1.4.0 - 1.5.5 - Buffer Overflow Vulnerability (users.txt) Linux Kernel - Stack Infoleaks Vulnerability Linux Kernel <= 2.4.0 - Stack Infoleaks Vulnerability Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities CLANSPHERE 2010.0 Final Multiple Vulnerabilities CLANSPHERE 2010.0 Final - Multiple Vulnerabilities Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service Vulnerability Linux Kernel - Unix Sockets Local Denial of Service Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service Site2Nite Big Truck Broker _txtSiteId_ SQL Injection Vulnerability Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection Vulnerability Linux Kernel <= 2.6.37 - Local Privilege Escalation (Full Nelson) Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation Habari Blog Multiple Vulnerabilities Habari Blog - Multiple Vulnerabilities Linux Kernel 2.6.34 - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit (1) F3Site 2011 alfa 1 - Multiple Vulnerabilities (XSS & CSRF) phpMySport 1.4 - Multiple Vulnerabilities (SQLi & Auth Bypass & Path Disclosure) F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities Linux Kernel < 2.6.34 - CAP_SYS_ADMIN x86 & x64 - Local Privilege Escalation Exploit (2) Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2) Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities T-Content Managment System Multiple Vulnerabilities T-Content Managment System - Multiple Vulnerabilities Samba _username map script_ Command Execution Samba 'username map script' Command Execution Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow Microsoft Internet Explorer - _Aurora_ Memory Corruption Microsoft Internet Explorer - 'Aurora' Memory Corruption Adobe Flash Player _newfunction_ Invalid Pointer Use Adobe Flash Player - 'newfunction' Invalid Pointer Use Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow Adobe Flash Player _Button_ Remote Code Execution Adobe Flash Player - 'Button' Remote Code Execution Adobe Flash Player _newfunction_ Invalid Pointer Use Adobe Flash Player - 'newfunction' Invalid Pointer Use Unreal Tournament 2004 - _secure_ Overflow (Win32) Unreal Tournament 2004 - 'secure' Overflow (Windows) Unreal Tournament 2004 - _secure_ Overflow (Linux) Unreal Tournament 2004 - 'secure' Overflow (Linux) Tugux CMS 1.0_final Multiple Vulnerabilities Tugux CMS 1.0_final - Multiple Vulnerabilities Honey Soft Web Solution Multiple Vulnerabilities Honey Soft Web Solution - Multiple Vulnerabilities Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability Joomla JCE Component (com_jce) - Blind SQL Injection Vulnerability Parnian Opendata CMS SQL Injection Vulnerability Parnian Opendata CMS - SQL Injection Vulnerability Time and Expense Management System Multiple Vulnerabilities Time and Expense Management System - Multiple Vulnerabilities ZyWALL USG - Appliance Multiple Vulnerabilities ZyWALL USG - Appliance - Multiple Vulnerabilities Cisco Unified Operations Manager Multiple Vulnerabilities Microsoft Windows Vista/Server 2008 - _nsiproxy.sys_ Local Kernel DoS Exploit Cisco Unified Operations Manager - Multiple Vulnerabilities Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit HP Data Protector Client EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055) HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055) Mozilla Firefox - _nsTreeRange_ Dangling Pointer Exploit Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit Ollance Member Login Script Multiple Vulnerabilities Ollance Member Login Script - Multiple Vulnerabilities Adobe Reader X Atom Type Confusion Vulnerability Exploit Adobe Reader X 10.0.0 - 10.0.1 - Atom Type Confusion Vulnerability Exploit Mozilla Firefox _nsTreeRange_ Dangling Pointer Vulnerability Mozilla Firefox - 'nsTreeRange' Dangling Pointer Vulnerability Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities Safari - SVG DOM Processing PoC CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities Safari 5.0.6_ 5.1 - SVG DOM Processing PoC Link Station Pro Multiple Vulnerabilities Link Station Pro - Multiple Vulnerabilities Cart Software Multiple Vulnerabilities Cart Software - Multiple Vulnerabilities Omnistar Mailer Multiple Vulnerabilities Omnistar Mailer - Multiple Vulnerabilities Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit MYRE Real Estate Software Multiple Vulnerabilities MYRE Real Estate Software - Multiple Vulnerabilities Cisco TelePresence Multiple Vulnerabilities - SOS-11-010 Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities FreeBSD UIPC socket heap Overflow proof-of-concept FreeBSD - UIPC socket heap Overflow Proof of Concept GotoCode Online Bookstore Multiple Vulnerabilities GotoCode Online Bookstore - Multiple Vulnerabilities DivX Plus Web Player _file://_ Buffer Overflow Vulnerability PoC DivX Plus Web Player - 'file://' Buffer Overflow Vulnerability PoC EFront <= 3.6.9 Community Edition Multiple Vulnerabilities EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities GotoCode Online Classifieds Multiple Vulnerabilities GotoCode Online Classifieds - Multiple Vulnerabilities 6kbbs Multiple Vulnerabilities 6kbbs - Multiple Vulnerabilities POSH Multiple Vulnerabilities POSH - Multiple Vulnerabilities NoNumber Framework Joomla! Plugin Multiple Vulnerabilities NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities Uiga Personal Portal Multiple Vulnerabilities Uiga Personal Portal - Multiple Vulnerabilities Barter Sites 1.3 Joomla Component Multiple Vulnerabilities Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities zFTP Server _cwd/stat_ Remote Denial-of-Service zFTP Server - 'cwd/stat' Remote Denial-of-Service JEEMA Sms 3.2 Joomla Component Multiple Vulnerabilities Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities osCSS2 - __ID_ parameter Local file inclusion osCSS2 - '_ID' parameter Local file inclusion Infoproject Business Hero Multiple Vulnerabilities Infoproject Business Hero - Multiple Vulnerabilities SugarCRM CE <= 6.3.1 - _unserialize()_ PHP Code Execution SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution ARYADAD Multiple Vulnerabilities Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (1) ARYADAD - Multiple Vulnerabilities Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1) vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit swDesk Multiple Vulnerabilities swDesk - Multiple Vulnerabilities Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI/XSS) Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials) DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities Adobe Flash Player .mp4 - 'cprt' Overflow_ Adobe Flash Player .mp4 - 'cprt' Overflow Wolfcms <= 0.75 - Multiple Vulnerabilities (CSRF - XSS) Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow_ Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow' MailMax <= 4.6 - POP3 - _USER_ Remote Buffer Overflow Exploit (No Login Needed) MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed) Samsung D6000 TV Multiple Vulnerabilities Samsung D6000 TV - Multiple Vulnerabilities Websense Triton Multiple Vulnerabilities Websense Triton - Multiple Vulnerabilities QNX phrelay/phindows/phditto Multiple Vulnerabilities QNX phrelay/phindows/phditto - Multiple Vulnerabilities Lynx Message Server Multiple Vulnerabilities Lynx Message Server - Multiple Vulnerabilities SAP Netweaver Dispatcher Multiple Vulnerabilities SAP Netweaver Dispatcher - Multiple Vulnerabilities elearning server 4g Multiple Vulnerabilities elearning server 4g - Multiple Vulnerabilities Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS) Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities Active Collab _chat module_ <= 2.3.8 - Remote PHP Code Injection Exploit Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability SunOS <= 4.1.3 - kmem setgid /etc/crash Vulnerability Linux kernel 2.0/2.1 - SIGIO Vulnerability Linux Kernel 2.0 / 2.1 - SIGIO Vulnerability Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability Microsoft Windows - _April Fools 2001_ Vulnerability Microsoft Windows - 'April Fools 2001' Vulnerability Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking _Save Password_ Vulnerability Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - _Pass the Hash_ with Modified SMB Client Vulnerability Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password' Vulnerability Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client Vulnerability Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability Linux kernel 2.0/2.1/2.2 - autofs Vulnerability Linux Kernel 2.0 / 2.1 / 2.2 - autofs Vulnerability QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities Linux kernel 2.0 - TCP Port DoS Vulnerability Linux kernel 2.2 - ldd core Vulnerability Linux Kernel 2.0 - TCP Port DoS Vulnerability Linux Kernel 2.2 - ldd core Force Reboot Vulnerability Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability Linux Kernel 2.0.33 - IP Fragment Overlap Vulnerability Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities Linux kernel 2.0.37 - Segment Limit Vulnerability Linux Kernel 2.0.37 - Segment Limit Local Root Vulnerability BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability Quinn _the Eskimo_ and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability Fujitsu Chocoa 1.0 beta7R _Topic_ Buffer Overflow Vulnerability Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow Vulnerability Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability Microsoft Internet Explorer 5.0 - ActiveX _Object for constructing type libraries for scriptlets_ Vulnerability Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets' Vulnerability Microsoft Internet Explorer 4.0/5.0 - ActiveX _Eyedog_ Vulnerability Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog' Vulnerability Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability Linux Kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability MediaHouse Software Statistics Server 4.28/5.1 - _Server ID_ Buffer Overflow Vulnerability MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow Vulnerability Tiki Wiki CMS Groupware <= 8.3 - _unserialize()_ PHP Code Execution Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Vulnerability Linux Kernel - fs/eventpoll.c Local Denial of Service Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service Netscape Enterprise Server _Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities Netscape Enterprise Server_ Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities Netsweeper WebAdmin Portal Multiple Vulnerabilities Netsweeper WebAdmin Portal - Multiple Vulnerabilities Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x _ALG_ Client Vulnerability Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client Vulnerability gpm 1.18.1/1.19_Debian 2.x_RedHat 6.x_S.u.S.E 5.3/6.x gpm Setgid Vulnerability gpm 1.18.1/1.19_ Debian 2.x_ RedHat 6.x_ S.u.S.E 5.3/6.x gpm Setgid Vulnerability Linux kernel 2.2.12/2.2.14/2.3.99_RedHat 6.x - Socket Denial of Service Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service Linux Kernel - Sendpage Local Privilege Escalation Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit) kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (1) kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (2) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2) Cart32 3.0 - _expdate_ Administrative Information Disclosure Vulnerability Cart32 3.0 - 'expdate' Administrative Information Disclosure Vulnerability DALnet Bahamut IRCd 4.6.5 - _SUMMON_ Buffer Overflow Vulnerability DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow Vulnerability BitchX IRC Client 75p1/75p3/1.0 c16 - _/INVITE_ Format String Vulnerability BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String Vulnerability CVSWeb Developer CVSWeb 1.80 insecure perl _open_ Vulnerability CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open' Vulnerability Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (1) Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (2) Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (1) Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (2) Solaris 2.6/7.0 - _eject_ Exploit for locale subsystem format string Solaris 2.6/7.0 - 'eject' Exploit for locale subsystem format string UoW Pine 4.0.4/4.10/4.21 - _From:_ Field Buffer Overflow Vulnerability UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow Vulnerability Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities Tickets CAD 2.20G Multiple Vulnerabilities Tickets CAD 2.20G - Multiple Vulnerabilities Cisco IOS 12 - Software _?/_ HTTP Request DoS Vulnerability Cisco IOS 12 - Software '?/' HTTP Request DoS Vulnerability Markus Triska CGIForum 1.0 - _thesection_ Directory Traversal Vulnerability Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal Vulnerability Tunnelblick - Local Root Exploit Tunnelblick - Local Root Exploit (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (2) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (3) Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (4) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3) Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4) ReiserFS 3.5.28 Kernel - DoS (Possible Code Execution Vulnerability) (Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution) Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment Vulnerability Linux sysctl() Kernel 2.2.x - Memory Reading Vulnerability Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept Vulnerability IOServer _Root Directory_ Trailing Backslash Multiple Vulnerabilities IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (1) Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (2) Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1) Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2) Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion Rit Research Labs _The Bat!_ 1.x - Missing Linefeeds DoS Vulnerability Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS Vulnerability Ad Manager Pro Multiple Vulnerabilities Ad Manager Pro - Multiple Vulnerabilities Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root Vulnerability HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS ID Software Quake 3 - _smurf attack_ Denial of Service Vulnerability ID Software Quake 3 - 'smurf attack' Denial of Service Vulnerability Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service Vulnerability Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root Vulnerability Pinterest Clone Script Multiple Vulnerabilities Pinterest Clone Script - Multiple Vulnerabilities User-Mode Linux Kernel 2.4.17-8 - Memory Access Vulnerability User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root Vulnerability Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit Ezylog Photovoltaic Management Server Multiple Vulnerabilities Ezylog Photovoltaic Management Server - Multiple Vulnerabilities Auxilium PetRatePro Multiple Vulnerabilities Netsweeper WebAdmin Portal Multiple Vulnerabilities Auxilium PetRatePro - Multiple Vulnerabilities Netsweeper WebAdmin Portal - Multiple Vulnerabilities Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC Vulnerability Fortigate UTM WAF Appliance Multiple Vulnerabilities Fortigate UTM WAF Appliance - Multiple Vulnerabilities Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 cleanSearchString() Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 Get Request Denial of Service Vulnerability Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting Vulnerability Working Resources BadBlue 1.7.3 - Get Request Denial of Service Vulnerability Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability Working Resources 1.7.3 BadBlue - Null Byte File Disclosure Vulnerability Working Resources 1.7.x BadBlue Administrative Interface Arbitrary File Access Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access Qualcomm Eudora 5 MIME Multipart Boundary Buffer Overflow Vulnerability Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow Vulnerability AFD 1.2.x Working Directory Local Buffer Overflow Vulnerabilities AFD 1.2.x - Working Directory Local Buffer Overflow Vulnerabilities Trillian 0.74 IRC PART Message Denial of Service Vulnerability Trillian 0.74 - IRC PART Message Denial of Service Vulnerability Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (1) Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (2) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (1) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (2) Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness CheckPoint/Sofaware Firewall Multiple Vulnerabilities CheckPoint/Sofaware Firewall - Multiple Vulnerabilities Working Resources 1.7.x/2.15 BadBlue Ext.DLL Command Execution Vulnerability Working Resources 1.7.x/2.15 BadBlue - Ext.DLL Command Execution Vulnerability Working Resources BadBlue 1.7.x/2.x Unauthorized HTS Access Vulnerability Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access Vulnerability Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service Vulnerability MYRE Realty Manager Multiple Vulnerabilities MYRE Realty Manager - Multiple Vulnerabilities Myrephp Business Directory Multiple Vulnerabilities MYREphp Vacation Rental Software Multiple Vulnerabilities Myrephp Business Directory - Multiple Vulnerabilities MYREphp Vacation Rental Software - Multiple Vulnerabilities BabyGekko 1.2.2e Multiple Vulnerabilities BabyGekko 1.2.2e - Multiple Vulnerabilities Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability Linux Kernel 2.4 - execve() System Call Race Condition Vulnerability Linux Kernel 2.4 - execve() System Call Race Condition PoC Vulnerability Aardvark Topsites 4.1 PHP Multiple Vulnerabilities Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities phpwcms <= 1.5.4.6 - _preg_replace_ - Multiple Vulnerabilities phpwcms <= 1.5.4.6 - 'preg_replace' - Multiple Vulnerabilities KAME Racoon _Initial Contact_ SA Deletion Vulnerability lionmax software www file share pro 2.4x Multiple Vulnerabilities (1) lionmax software www file share pro 2.4x Multiple Vulnerabilities (2) KAME Racoon 'Initial Contact' SA Deletion Vulnerability lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1) lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2) DUware Software Multiple Vulnerabilities DUware Software - Multiple Vulnerabilities Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Vulnerability ASP Portal Multiple Vulnerabilities ASP Portal - Multiple Vulnerabilities Working Resources BadBlue Server 2.40 phptest.php Path Disclosure Vulnerability Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure Vulnerability SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities Remote Root Exploit Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service Vulnerability Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service Vulnerability phpBugTracker 0.9 user.php bugid Parameter XSS phpBugTracker 0.9 - user.php bugid Parameter XSS Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability e107 website system 0.6 - _email article to a friend_ Feature XSS e107 website system 0.6 - 'email article to a friend' Feature XSS Rlpr 2.0 msg() Function Multiple Vulnerabilities Rlpr 2.0 msg() Function - Multiple Vulnerabilities Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay Vulnerability Netgear SPH200D Multiple Vulnerabilities Netgear SPH200D - Multiple Vulnerabilities Fortinet FortiMail 400 IBE Multiple Vulnerabilities Fortinet FortiMail 400 IBE - Multiple Vulnerabilities Cisco Unity Express Multiple Vulnerabilities Cisco Unity Express - Multiple Vulnerabilities Linux Kernel - /dev/ptmx Key Stroke Timing Local Disclosure Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure SAP Netweaver Message Server Multiple Vulnerabilities SAP Netweaver Message Server - Multiple Vulnerabilities Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Vulnerability Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC Vulnerability Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag - Multiple Vulnerabilities Ubuntu 12.10 - (64-Bit) sock_diag_handlers - Local Root Exploit Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit event calendar Multiple Vulnerabilities event calendar - Multiple Vulnerabilities opera Web browser 7.54 java implementation Multiple Vulnerabilities (1) opera Web browser 7.54 java implementation Multiple Vulnerabilities (2) opera Web browser 7.54 java implementation Multiple Vulnerabilities (3) opera Web browser 7.54 java implementation Multiple Vulnerabilities (4) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3) opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4) ca3de Multiple Vulnerabilities ca3de - Multiple Vulnerabilities Vivotek IP Cameras Multiple Vulnerabilities Vivotek IP Cameras - Multiple Vulnerabilities Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (1) Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (2) Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (1) Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (2) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (1) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (2) Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1) Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2) Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Icecast 2.x - XSL Parser Multiple Vulnerabilities Icecast 2.x - XSL Parser - Multiple Vulnerabilities Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (1) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (2) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (3) Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (4) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4) Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 StrSubCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - IntCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection Vulnerability MetaCart2 - CurCatalogID Parameter Remote SQL Injection Vulnerability neteyes nexusway border gateway Multiple Vulnerabilities neteyes nexusway border gateway - Multiple Vulnerabilities McAfee IntruShield Security Management System Multiple Vulnerabilities McAfee IntruShield Security Management System - Multiple Vulnerabilities Gaim AIM/ICQ Protocols Multiple Vulnerabilities Gaim AIM/ICQ Protocols - Multiple Vulnerabilities bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities Linux Kernel <= 2.6 - Console Keymap Local Command Injection Vulnerability Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection QuickPayPro 3.1 tracking.details.php trackingid Parameter SQL Injection QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection oracle application server discussion forum portlet Multiple Vulnerabilities oracle application server discussion forum portlet - Multiple Vulnerabilities Linux Kernel - 'MSR' Driver Local Privilege Escalation Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation Linux Kernel 2.4.x/2.5.x/2.6.x - Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Apache James 2.2 SMTP Denial of Service Vulnerability Apache James 2.2 - SMTP Denial of Service Vulnerability Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Vulnerability Microsoft windows xp/2000/2003 help Multiple Vulnerabilities Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities ArticleSetup Multiple Vulnerabilities ArticleSetup - Multiple Vulnerabilities PhotoStore details.php gid Parameter XSS PhotoStore view_photog.php photogid Parameter XSS PhotoStore details.php - gid Parameter XSS PhotoStore view_photog.php - photogid Parameter XSS MailEnable 2.x SMTP NTLM Authentication Multiple Vulnerabilities MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities Simplog 0.9.3 BlogID Parameter Multiple SQL Injection Vulnerabilities Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities Oracle January 2007 Security Update Multiple Vulnerabilities Oracle January 2007 Security Update - Multiple Vulnerabilities Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS Vulnerability E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection OpenBase 10.0.x - Multiple Vulnerabilities (Buffer Overflow & Remote Command Execution) OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities ZyXEL P-330W Multiple Vulnerabilities ZyXEL P-330W - Multiple Vulnerabilities WinComLPD Total 3.0.2.623 - Multiple Vulnerabilities (Buffer Overflow and Authentication Bypass) WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities Linux Kernel 3.4 < 3.13.2 - Arbitrary write with CONFIG_X86_X32 Linux Kernel 3.4 < 3.13.2 - Local Root (CONFIG_X86_X32=y) Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y) IBM solidDB 6.0.10 - Multiple Vulnerabilities (Format String and Denial of Service) IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities Linux Kernel < 3.4.5 - Local Root Exploit (ARM - Android 4.2.2 / 4.4) Linux Kernel < 3.4.5 (ARM - Android 4.2.2 / 4.4) - Local Root Exploit Catia V5-6R2013 - _CATV5_AllApplications_ - Stack Buffer Overflow Catia V5-6R2013 - 'CATV5_AllApplications' - Stack Buffer Overflow Catia V5-6R2013 - _CATV5_Backbone_Bus_ - Stack Buffer Overflow Catia V5-6R2013 - 'CATV5_Backbone_Bus' - Stack Buffer Overflow Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (1) Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (2) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (1) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (2) EasyE-Cards 3.10 - Multiple Vulnerabilities (SQL Injection and Cross-Site Scripting) EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities Jamroom <= 3.3.8 - Multiple Vulnerabilities (Cookie Authentication Bypass and Unspecified Security Issues) Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection) LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness PG Roommate Finder Solution quick_search.php part Parameter XSS PG Roommate Finder Solution viewprofile.php part Parameter XSS PG Roommate Finder Solution - quick_search.php part Parameter XSS PG Roommate Finder Solution - viewprofile.php part Parameter XSS Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow Vulnerability e107 0.7.x - Multiple Vulnerabilities ('CAPTCHA' Security Bypass and Cross-Site Scripting) e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (1) Linux Kernel 2.6.x - pipe.c Local Privilege Escalation Vulnerability (2) Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation Vulnerability (1) Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (2) Linux Kernel 3.3 < 3.8 - SOCK_DIAG Local Root Exploit Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit Linux Kernel - 'find_keyring_by_name()' Local Memory Corruption Vulnerability Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption Vulnerability Linux Kernel - ptrace/sysret - Local Privilege Escalation Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities ServletExec - Multiple Vulnerabilities (Directory Traversal and Authentication-Bypass) ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities Creative Contact Form - Arbitrary File Upload Creative Contact Form 0.9.7 - Arbitrary File Upload Aireplay-ng 1.2 beta3 - _tcp_test_ Length Parameter Stack Overflow Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060) Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060) Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities Xerox Multifunction Printers (MFP) _Patch_ DLM Vulnerability Xerox Multifunction Printers (MFP) 'Patch' DLM Vulnerability Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2) Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2) Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control - Multiple Vulnerabilities Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406 Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 - ActiveX Control Multiple Vulnerabilities RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities OS X networkd _effective_audit_token_ XPC Type Confusion Sandbox Escape OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Vulnerability Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept AJ Classifieds 'listingid' Parameter SQL Injection Vulnerability AJ Classifieds 'listingid' Parameter - SQL Injection Vulnerability BlueSoft Social Networking CMS SQL Injection Vulnerability BlueSoft Social Networking CMS - SQL Injection Vulnerability Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC Linux Kernel Associative Array Garbage Collection - Crash PoC Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC Linux Kernel - Network Namespace Remote Denial of Service Vulnerability Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service Vulnerability Kayako SupportSuite 3.x Multiple Vulnerabilities Kayako SupportSuite 3.x - Multiple Vulnerabilities Linux Kernel splice() System Call - Local DoS Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS Mac OS X - _Rootpipe_ Privilege Escalation Mac OS X - 'Rootpipe' Privilege Escalation Apport - Local Linux Root Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit SixApart MovableType Storable Perl Code Execution SixApart MovableType - Storable Perl Code Execution WordPress TagGator 'tagid' Parameter SQL Injection Vulnerability WordPress TagGator 'tagid' Parameter - SQL Injection Vulnerability JSPMyAdmin 1.1 Multiple Vulnerabilities JSPMyAdmin 1.1 - Multiple Vulnerabilities WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities ESC 8832 Data Controller Multiple Vulnerabilities ESC 8832 Data Controller - Multiple Vulnerabilities ZTE AC 3633R USB Modem Multiple Vulnerabilities ZTE AC 3633R USB Modem - Multiple Vulnerabilities OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shell) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell) Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shadow File) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File) OSSEC WUI 0.8 - Denial of Service Adobe Flash Use-After-Free in Drawing Methods _this_ Adobe Flash - Use-After-Free in Drawing Methods 'this' Kaspersky Antivirus _Yoda's Protector_ Unpacking Memory Corruption Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability Kallithea 0.2.9 - (came_from) HTTP Response Splitting Vulnerability Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities WordPress WP Private Messages Plugin 'msgid' Parameter SQL Injection Vulnerability WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection Vulnerability Microsoft Windows Media Center Library Parsing RCE Vulnerability aka _self-executing_ MCL File Microsoft Windows Media Center Library - Parsing RCE Vulnerability aka 'self-executing' MCL File MyBB 'misc.php' Remote Denial of Service Vulnerability MyBB 1.6.12 - 'misc.php' Remote Denial of Service Vulnerability WHMCS 'cart.php' Denial of Service Vulnerability phpBB <= 3.0.8 Remote Denial of Service Vulnerability WHMCS 5.12 - 'cart.php' Denial of Service Vulnerability phpBB <= 3.0.8 - Remote Denial of Service Vulnerability Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit Linux Kernel overlayfs - Local Privilege Escalation Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Linux Kernel - prima WLAN Driver Heap Overflow Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability WordPress Wordfence Security Plugin Multiple Vulnerabilities WordPress Wordfence Security Plugin - Multiple Vulnerabilities STIMS Buffer - Buffer Overflow SEH - DoS STIMS Cutter - Buffer Overflow DoS STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS) STIMS Cutter 1.1.3.20 - Buffer Overflow DoS Linux Kernel - digi_acceleport Nullpointer Dereference Linux Kernel - Wacom Multiple Nullpointer Dereferences Linux Kernel - visor (treo_attach) Nullpointer Dereference Linux Kernel - visor clie_5_attach Nullpointer Dereference Linux Kernel - cypress_m8 Nullpointer Dereference Linux Kernel - mct_u232 Nullpointer Dereference Linux Kernel - cdc_acm Nullpointer Dereference Linux Kernel - aiptek Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference RHEL 7.1 Kernel - snd-usb-audio Crash PoC RHEL 7.1 Kernel - iowarrior driver Crash PoC RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC LShell <= 0.9.15 - Remote Code Execution LShell <= 0.9.15 - Remote Code Execution Exim _perl_startup_ Privilege Escalation Exim - 'perl_startup' Privilege Escalation NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit i.FTP 2.21 - Host Address / URL Field SEH Exploit All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes MediaInfo 0.7.61 - Crash PoC Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC Core FTP Server 32-bit Build 587 - Heap Overflow Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities Adobe Reader DC 15.010.20060 - Memory Corruption Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities	2016-05-11 05:03:54 +00:00
Offensive Security	1f79ff2236	DB: 2016-04-09 3 new exploits WordPress Freshmail - Unauthenticated SQL Injection WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection Express Zip <= 2.40 - Path Traversal Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation op5 7.1.9 - Remote Command Execution	2016-04-09 05:02:52 +00:00
Offensive Security	13d072b592	DB: 2016-04-05 4 new exploits Outlook ATTACH_BY_REF_ONLY File Execution Outlook - ATTACH_BY_REF_ONLY File Execution HB Ecommerce SQL Injection Vulnerability HB Ecommerce - SQL Injection Vulnerability SCO Open Server <= 5.0.4 POP Server Buffer Overflow Vulnerability SCO Open Server <= 5.0.4 - POP Server Buffer Overflow Vulnerability Debian Linux <= 2.1 Print Queue Control Vulnerability Debian Linux <= 2.1 - Print Queue Control Vulnerability FreeBSD 3.3 gdc Buffer Overflow Vulnerability FreeBSD 3.3 gdc - Buffer Overflow Vulnerability Netscape FastTrack Server 2.0.1 a GET Buffer Overflow Vulnerability Netscape FastTrack Server 2.0.1a - GET Buffer Overflow Vulnerability NullSoft Winamp 2.10 Playlist Vulnerability NullSoft Winamp 2.10 - Playlist Vulnerability S.u.S.E. 4.x/5.x/6.x/7.0_Slackware 3.x/4.0_Turbolinux 6_OpenLinux 7.0 fdmount Buffer Overflow (2) S.u.S.E. 4.x/5.x/6.x/7.0_Slackware 3.x/4.0_Turbolinux 6_OpenLinux 7.0 fdmount - Buffer Overflow (2) Computer Associates InoculateIT 4.53 Microsoft Exchange Agent Vulnerability Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent Vulnerability NetcPlus SmartServer3 3.75 Weak Encryption Vulnerability NetcPlus SmartServer3 3.75 - Weak Encryption Vulnerability NetcPlus BrowseGate 2.80.2 Weak Encryption Vulnerability NetcPlus BrowseGate 2.80.2 - Weak Encryption Vulnerability My Postcards 6.0 MagicCard.CGI Arbitrary File Disclosure Vulnerability My Postcards 6.0 - MagicCard.CGI Arbitrary File Disclosure Vulnerability Gom Player 2.1.44.5123 (Unicode) NULL Pointer Dereference Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference Tower Toppler 0.99.1 Display Variable Local Buffer Overflow Vulnerability Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow Vulnerability Ximian Evolution 1.x UUEncoding Denial of Service Vulnerability Ximian Evolution 1.x - UUEncoding Denial of Service Vulnerability IDA Pro 6.3 Crash PoC IDA Pro 6.3 - Crash PoC Confixx 2 Perl Debugger Remote Command Execution Vulnerability Confixx 2 - Perl Debugger Remote Command Execution Vulnerability Microsoft Outlook Express 4.x/5.x/6.0 Attachment Processing File Extension Obfuscation Vulnerability Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation Vulnerability Novell NetMail 3.x Automatic Script Execution Vulnerability Novell NetMail 3.x - Automatic Script Execution Vulnerability Juniper Netscreen 5.0 VPN Username Enumeration Vulnerability Juniper Netscreen 5.0 - VPN Username Enumeration Vulnerability Microsoft Internet Explorer 7.0 MHTML Denial of Service Vulnerability Microsoft Internet Explorer 7.0 - MHTML Denial of Service Vulnerability WordPress Freshmail Unauthenticated SQL Injection WordPress Freshmail - Unauthenticated SQL Injection WordPress Download Manager Free 2.7.94 & Pro 4 Authenticated Stored XSS WordPress Download Manager Free 2.7.94 & Pro 4 - Authenticated Stored XSS Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass ADH-Web Server IP-Cameras - Multiple Vulnerabilities Xion Audio Player <= 1.5 (build 160) - .mp3 Crash PoC Hexchat IRC Client 2.11.0 - Directory Traversal Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX - Multiple Vulnerabilities	2016-04-05 05:03:46 +00:00
Offensive Security	dfc00ffd48	DB: 2016-03-24 22 new exploits Windows NDProxy - Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002) Windows XP SP3 x86 and 2003 SP2 x86 - NDProxy Privilege Escalation (MS14-002) exim <= 4.84-3 - Local Root Exploit Exim <= 4.84-3 - Local Root Exploit CoolPlayer (Standalone) build 2.19 - .m3u Stack Overflow OS X / iOS Suid Binary Logic Error Kernel Code Execution Multiple CCTV-DVR Vendors - Remote Code Execution MiCollab 7.0 - SQL Injection Vulnerability Comodo Antivirus Forwards Emulated API Calls to the Real API During Scans Avira - Heap Underflow Parsing PE Section Headers Comodo - PackMan Unpacker Insufficient Parameter Validation Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents Wireshark - dissect_ber_integer Static Out-of-Bounds Write Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation Comodo Antivirus - Heap Overflow in LZX Decompression OS X Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort Adobe Flash - Shape Rendering Crash Adobe Flash - Zlib Codec Heap Overflow Adobe Flash - Sprite Creation Use-After-Free Adobe Flash - Uninitialized Stack Parameter Access in AsBroadcaster.broadcastMessage UaF Fix Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix OS X Kernel - AppleKeyStore Use-After-Free OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in nVidia Geforce Driver OS X Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver	2016-03-24 05:03:51 +00:00
Offensive Security	477bcbdcc0	DB: 2016-03-17 5 new exploits phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities My Book World Edition NAS Multiple Vulnerability My Book World Edition NAS - Multiple Vulnerabilities Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php) DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities New-CMS - Multiple Vulnerability New-CMS - Multiple Vulnerabilities Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities i-Gallery - Multiple Vulnerability i-Gallery - Multiple Vulnerabilities My Kazaam Notes Management System Multiple Vulnerability My Kazaam Notes Management System - Multiple Vulnerabilities Omnidocs - Multiple Vulnerability Omnidocs - Multiple Vulnerabilities Web Cookbook Multiple Vulnerability Web Cookbook - Multiple Vulnerabilities KikChat - (LFI/RCE) Multiple Vulnerability KikChat - (LFI/RCE) Multiple Vulnerabilities Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability xEpan 1.0.4 - Multiple Vulnerability xEpan 1.0.4 - Multiple Vulnerabilities AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow Cisco UCS Manager 2.1(1b) - Shellshock Exploit OpenSSH <= 7.2p1 - xauth Injection FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow	2016-03-17 07:07:56 +00:00
Offensive Security	b761aa35c0	DB: 2016-03-04 3 new exploits	2016-03-04 05:02:58 +00:00
Offensive Security	3b34885ebf	DB: 2016-02-11 7 new exploits	2016-02-11 05:03:33 +00:00
Offensive Security	386bdfe50d	DB: 2016-01-26 13 new exploits	2016-01-26 05:03:56 +00:00
Offensive Security	257c020493	DB: 2016-01-22 8 new exploits	2016-01-22 05:03:46 +00:00
Offensive Security	cecdd9a527	DB: 2016-01-13 5 new exploits	2016-01-13 05:04:32 +00:00
Offensive Security	6894064148	DB: 2016-01-11 10 new exploits	2016-01-11 05:03:03 +00:00
Offensive Security	86d0c5fe16	DB: 2016-01-09 10 new exploits	2016-01-09 05:02:44 +00:00
Offensive Security	5aeeaef0a2	DB: 2016-01-04 9 new exploits	2016-01-04 05:02:55 +00:00

1 2 3 4 5

210 commits