exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	d86bdf5f80	DB: 2016-09-29 2 new exploits Symantec Messaging Gateway 10.6.1 - Directory Traversal VLC Media Player 2.2.1 - Buffer Overflow	2016-09-29 05:01:16 +00:00
Offensive Security	f421077feb	DB: 2016-09-28 6 new exploits UUCP Exploit - file creation/overwriting (symlinks) UUCP Exploit - File Creation/Overwriting (symlinks) Exploit Serv-U 3.x < 5.x - Privilege Escalation Serv-U FTP Server 3.x < 5.x - Privilege Escalation TiTan FTP Server - Long Command Heap Overflow (PoC) Titan FTP Server - Long Command Heap Overflow (PoC) Serv-U < 5.2 - Remote Denial of Service Serv-U FTP Server < 5.2 - Remote Denial of Service chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC) Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow WS_FTP Server 5.03 - (RNFR) Buffer Overflow Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow TYPSoft FTP Server 1.11 - (RETR) Denial of Service TYPSoft FTP Server 1.11 - 'RETR' Denial of Service XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC) XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC) WinFtp Server 2.0.2 - (PASV) Remote Denial of Service WinFTP Server 2.0.2 - (PASV) Remote Denial of Service DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service MiniWeb Http Server 0.8.x - Remote Denial of Service MiniWeb HTTP Server 0.8.x - Remote Denial of Service JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion JAF CMS 4.0 RC2 - Multiple Remote File Inclusion XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service Belkin wireless G router + ADSL2 modem - Authentication Bypass Belkin Wireless G router + ADSL2 modem - Authentication Bypass Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement WinFTP 2.3.0 - (PASV mode) Remote Denial of Service WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service Titan FTP server 6.26 build 630 - Remote Denial of Service Titan FTP Server 6.26 build 630 - Remote Denial of Service Netgear WG102 - Leaks SNMP write Password with read access Netgear WG102 - Leaks SNMP Write Password With Read Access WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Netgear embedded Linux for the SSL312 router - Denial of Service Netgear SSL312 Router - Denial of Service Belkin BullDog Plus UPS-Service - Buffer Overflow Belkin BullDog Plus - UPS-Service Buffer Overflow Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit Firebird SQL - op_connect_request main listener shutdown Firebird SQL - op_connect_request main listener shutdown Exploit HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service TYPSoft 1.10 - APPE DELE Denial of Service TYPSoft FTP Server 1.10 - APPE DELE Denial of Service WingFTP Server 3.2.4 - Cross-Site Request Forgery Wing FTP Server 3.2.4 - Cross-Site Request Forgery Quick Player 1.2 -Unicode BoF - bindshell Quick Player 1.2 - Unicode Buffer Overflow (Bindshell) UplusFtp Server 1.7.0.12 - Remote Buffer Overflow UplusFTP Server 1.7.0.12 - Remote Buffer Overflow Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC TopDownloads MP3 Player 1.0 - '.m3u' crash TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) uhttp Server - Directory Traversal uhttp Server 0.1.0-alpha - Directory Traversal eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - RETR Command Denial of Service SmallFTPd 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service SolarWinds 10.4.0.10 - TFTP Denial of Service SolarWinds TFTP Server 10.4.0.10 - Denial of Service e107 - Code Exec e107 - Code Exection HomeFTP Server r1.10.3 (build 144) - Denial of Service Home FTP Server r1.10.3 (build 144) - Denial of Service TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE) TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service SolarWinds 10.4.0.13 - Denial of Service SolarWinds TFTP Server 10.4.0.13 - Denial of Service ISC-DHCPD - Denial of Service ISC DHCPD - Denial of Service Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow deepin tftp server 1.25 - Directory Traversal Deepin TFTP Server 1.25 - Directory Traversal Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit JCMS 2010 - file download JCMS 2010 - File Download Exploit SolarFTP 2.0 - Multiple Commands Denial of Service Solar FTP Server 2.0 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - RETR CMD Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service Xynph 1.0 - USER Denial of Service Xynph FTP Server 1.0 - USER Denial of Service XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service Solar FTP 2.1 - Denial of Service Solar FTP Server 2.1 - Denial of Service Red Hat Linux - stickiness of /tmp Red Hat Linux - stickiness of /tmp Exploit home ftp server 1.12 - Directory Traversal Home FTP Server 1.12 - Directory Traversal NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit) RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit) Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow SmallFTPd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 - Denial of Service PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) Solar FTP 2.1.1 - PASV Buffer Overflow (PoC) Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC) BisonFTP Server 3.5 - Remote Buffer Overflow BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit) Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit) BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery zFTP Server - 'cwd/stat' Remote Denial of Service zFTPServer - 'cwd/stat' Remote Denial of Service Serv-U FTP - Jail Break Serv-U FTP Server - Jail Break Typsoft FTP Server 1.10 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service PeerBlock 1.1 - BSOD PeerBlock 1.1 - BSOD Exploit distinct tftp server 3.01 - Directory Traversal Distinct TFTP Server 3.01 - Directory Traversal PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection Berkeley Sendmail 5.58 - DEBUG Berkeley Sendmail 5.58 - Debug exploit SunView (SunOS 4.1.1) - selection_svc Digital Ultrix 4.0/4.1 - /usr/bin/chroot SunOS 4.1.1 - /usr/release/bin/makeinstall SunOS 4.1.1 - /usr/release/bin/winstall SunView (SunOS 4.1.1) - selection_svc Exploit Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit SunOS 4.1.3 - kmem setgid /etc/crash SunOS 4.1.3 - kmem setgid /etc/crash Exploit IRIX 6.4 - pfdisplay.cgi IRIX 6.4 - 'pfdisplay.cgi' Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit FreePBX < 13.0.188 - Remote Command Execution (Metasploit) HP JetAdmin 1.0.9 Rev. D - symlink HP JetAdmin 1.0.9 Rev. D - symlink Exploit Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation TP-Link Archer CR-700 - Cross-Site Scripting BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit Cat Soft Serv-U 2.5 - Buffer Overflow BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit Linux Kernel 2.0 / 2.1 / 2.2 - autofs Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit Debian 2.1 - httpd S.u.S.E. 5.2 - gnuplot Debian 2.1 - httpd Exploit S.u.S.E. Linux 5.2 - gnuplot Exploit Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit SGI IRIX 6.2 - /usr/lib/netaddpr SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - day5notifier SGI IRIX 6.2 - day5notifier Exploit SGI IRIX 6.4 - datman/cdman SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.3 - cgi-bin webdist.cgi SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit SGI IRIX 6.4 - cgi-bin handler SGI IRIX 6.4 - cgi-bin handler Exploit SGI IRIX 6.4 - login SGI IRIX 6.4 - login Exploit IBM AIX 3.2.5 - IFS IBM AIX 3.2.5 - IFS Exploit IBM AIX 3.2.5 - login(1) IBM AIX 3.2.5 - login(1) Exploit Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2) Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit GNU glibc 2.1/2.1.1 -6 - pt_chown GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit ProFTPd 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Exploit Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit S.u.S.E. Linux 6.1/6.2 - cwdtools S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit SCO Unixware 7.1 - 'pkg' commands SCO Unixware 7.1 - 'pkg' command Exploit Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service Nortel Networks Optivity NETarchitect 2.0 - PATH Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit SGI IRIX 6.2 - midikeys/soundplayer SGI IRIX 6.2 - midikeys/soundplayer Exploit Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Microsoft Windows 95/98/NT 4.0 - autorun.inf Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit Corel Linux OS 1.0 - buildxconfig Corel Linux OS 1.0 - setxconf Corel Linux OS 1.0 - buildxconfig Exploit Corel Linux OS 1.0 - setxconf Exploit TP Link Gateway 3.12.4 - Multiple Vulnerabilities TP-Link Gateway 3.12.4 - Multiple Vulnerabilities SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2) Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit Cisco IOS 11.x/12.x - HTTP %% Cisco IOS 11.x/12.x - HTTP %% Exploit RedHat Linux 6.0/6.1/6.2 - pam_console RedHat Linux 6.0/6.1/6.2 - pam_console Exploit HP-UX 10.20/11.0 man - /tmp symlink HP-UX 10.20/11.0 man - /tmp Symlink Exploit IRIX 5.3/6.x - mail IRIX 5.3/6.x - mail Exploit TYPSoft 0.7 x - FTP Server Remote Denial of Service TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service Oracle Internet Directory 2.0.6 - oidldap Oracle Internet Directory 2.0.6 - oidldap Exploit CatSoft FTP Serv-U 2.5.x - Brute Force Cat Soft Serv-U FTP Server 2.5.x - Brute Force Small HTTP server 2.0 1 - Non-Existent File Denial of Service Small HTTP Server 2.0 1 - Non-Existent File Denial of Service NCSA httpd-campas 1.2 - sample script NCSA httpd-campas 1.2 - sample script Exploit Novell NetWare Web Server 2.x - convert.bas Novell NetWare Web Server 2.x - convert.bas Exploit Serv-U 2.4/2.5 - FTP Directory Traversal Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal Novell Netware Web Server 3.x - files.pl Novell Netware Web Server 3.x - files.pl Exploit guido frassetto sedum http server 2.0 - Directory Traversal Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal robin twombly a1 http server 1.0 - Directory Traversal Robin Twombly A1 HTTP Server 1.0 - Directory Traversal SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit michael lamont savant http server 2.1 - Directory Traversal Michael Lamont Savant HTTP Server 2.1 - Directory Traversal zeroo http server 1.5 - Directory Traversal (1) zeroo http server 1.5 - Directory Traversal (2) Zeroo HTTP Server 1.5 - Directory Traversal (1) Zeroo HTTP Server 1.5 - Directory Traversal (2) Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting XLight FTP Server 1.x - Long Directory Request Remote Denial of Service Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service XLight FTP Server 1.52 - Remote Send File Request Denial of Service Xlight FTP Server 1.52 - Remote Send File Request Denial of Service gweb http server 0.5/0.6 - Directory Traversal GWeb HTTP Server 0.5/0.6 - Directory Traversal MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server (build 300) - Crash (PoC) TP-Link Print Server TL PS110U - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration PCMan's FTP Server 2.0.7 - Buffer Overflow PCMan FTP Server 2.0.7 - Buffer Overflow PCMan's FTP Server 2.0 - Remote Buffer Overflow PCMan FTP Server 2.0 - Remote Buffer Overflow PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3-5 - ZendEngine ECalloc Integer Overflow PHP 3 < 5 - ZendEngine ECalloc Integer Overflow NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static Http Server 1.0 - Denial of Service TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static HTTP Server 1.0 - Denial of Service NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2) Ipswitch 8.0 - WS_FTP Client Format String Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String NETGEAR WGR614 - Administration Interface Remote Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NetMan 204 - Backdoor Account NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Serv-U 11.1.0.3 - Denial of Service / Security Bypass Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND9 - TKEY (PoC) Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND 9 - TKEY (PoC) ISC BIND9 - TKEY Remote Denial of Service (PoC) ISC BIND 9 - TKEY Remote Denial of Service (PoC) NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Android (Stagefright) - Remote Code Execution Android - 'Stagefright' Remote Code Execution Microsoft Windows Media Center - MCL (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) Android libstagefright - Integer Overflow Remote Code Execution Android - libstagefright Integer Overflow Remote Code Execution NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution pdfium IsFlagSet (v8 memory management) - SIGSEGV pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) TallSoft SNMP TFTP Server 1.0.0 - Denial of Service TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service Metaphor - Stagefright Exploit with ASLR Bypass Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)	2016-09-28 11:55:43 +00:00
Offensive Security	35000196e1	DB: 2016-09-27 11 new exploits Berlios gpsd 2.7.x - Remote Format String Berlios GPSD 2.7.x - Remote Format String bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1) boastMachine 3.1 - (mail.php id) SQL Injection BoastMachine 3.1 - 'mail.php' id SQL Injection BIGACE 2.4 - Multiple Remote File Inclusion BigACE 2.4 - Multiple Remote File Inclusion attachmax dolphin 2.1.0 - Multiple Vulnerabilities Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH) AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH) BIGACE CMS 2.5 - 'Username' SQL Injection BigACE CMS 2.5 - 'Username' SQL Injection BIGACE CMS 2.6 - (cmd) Local File Inclusion BigACE CMS 2.6 - (cmd) Local File Inclusion Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (1) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1) Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption bitrix site manager 4.0.5 - Remote File Inclusion Bitrix Site Manager 4.0.5 - Remote File Inclusion boastMachine 3.1 - Arbitrary File Upload BoastMachine 3.1 - Arbitrary File Upload blog system 1.5 - Multiple Vulnerabilities Blog System 1.5 - Multiple Vulnerabilities b2b gold script - 'id' SQL Injection B2B Gold Script - 'id' SQL Injection TinyBrowser - Arbitrary File Upload Wordpress Plugin TinyBrowser - Arbitrary File Upload Nginx http server 0.6.36 - Directory Traversal Nginx 0.6.36 - Directory Traversal atomic photo album 1.0.2 - Multiple Vulnerabilities Atomic Photo Album 1.0.2 - Multiple Vulnerabilities Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1) Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC) bitweaver 2.8.1 - Persistent Cross-Site Scripting Bitweaver 2.8.1 - Persistent Cross-Site Scripting bitweaver 2.8.0 - Multiple Vulnerabilities Bitweaver 2.8.0 - Multiple Vulnerabilities Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2) DistCC Daemon - Command Execution (Metasploit) DistCC Daemon - Command Execution (Metasploit) (2) Bigace 2.7.5 - Arbitrary File Upload BigACE 2.7.5 - Arbitrary File Upload atutor 2.0.2 - Multiple Vulnerabilities ATutor 2.0.2 - Multiple Vulnerabilities boastMachine 3.1 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin) Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111) atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution Macro Expert 4.0 - Multiple Privilege Escalations axigen mail server 8.0.1 - Persistent Cross-Site Scripting Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation Joomla! Component Event Booking 2.10.1 - SQL Injection NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation bitweaver 2.8.1 - Multiple Vulnerabilities Bitweaver 2.8.1 - Multiple Vulnerabilities Contrexx CMS egov Module 1.0.0 - SQL Injection Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting atutor 1.2 - Multiple Vulnerabilities ATutor 1.2 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection Clockstone and other CMSMasters Theme - Arbitrary File Upload Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload Nginx HTTP Server 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit) BuilderEngine 3.5.0 - Arbitrary File Upload PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution Bigace CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BoastMachine 3.1 - admin.php Cross-Site Scripting BoastMachine 3.1 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (1) Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery boastMachine 2.8 - 'index.php' Local File Inclusion BoastMachine 2.8 - 'index.php' Local File Inclusion TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting boastMachine 3.1 - 'key' Parameter Cross-Site Scripting BoastMachine 3.1 - 'key' Parameter Cross-Site Scripting Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Creative Contact Form 0.9.7 - Arbitrary File Upload Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Paid Memberships Pro 1.7.14.2 - Directory Traversal Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal DukaPress 2.5.2 - Directory Traversal Wordpress Plugin DukaPress 2.5.2 - Directory Traversal Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Duplicator 0.5.8 - Privilege Escalation Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Shareaholic 7.6.0.3 - Cross-Site Scripting Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting Paypal Currency Converter Basic For WooCommerce - File Read Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Western Digital Arkeia - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (2) Multiple WordPress Themes WPScientist - Arbitrary File Upload Multiple WordPress WPScientist Themes - Arbitrary File Upload EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Avast AntiVirus - X.509 Error Rendering Command Execution Avast! AntiVirus - X.509 Error Rendering Command Execution Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Avast - OOB Write Decrypting PEncrypt Packed executables Avast - JetDb::IsExploited4x Performs Unbounded Search on Input Avast - Heap Overflow Unpacking MoleBox Archives Avast - Integer Overflow Verifying numFonts in TTC Header Avast! - OOB Write Decrypting PEncrypt Packed executables Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input Avast! - Heap Overflow Unpacking MoleBox Archives Avast! - Integer Overflow Verifying numFonts in TTC Header BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal Simple Ads Manager 2.9.4.116 - SQL Injection Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation Avast - Authenticode Parsing Memory Corruption Avast! - Authenticode Parsing Memory Corruption Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Job Script by Scubez - Remote Code Execution Wordpress Plugin Job Script by Scubez - Remote Code Execution Premium SEO Pack 1.9.1.3 - wp_options Overwrite Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite Ocomon 2.0 - SQL Injection	2016-09-27 05:01:25 +00:00
Offensive Security	a387f0befc	DB: 2016-09-26	2016-09-26 05:05:50 +00:00
Offensive Security	102574cb3e	DB: 2016-09-24 5 new exploits EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby) Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3) Adobe Acrobat Reader 7<9 - U3D Buffer Overflow Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit) Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit) Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit) Adobe Flash - Crash When Freeing Memory After AVC decoding Adobe Flash - Video Decompression Memory Corruption Linux - SELinux W+X Protection Bypass via AIO Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass Microsoft Excel 95<2004 - Malformed Graphic File Code Execution Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution Git-1.9.5 - ssh-agent.exe Buffer Overflow Git 1.9.5 - ssh-agent.exe Buffer Overflow Skybox Platform <=7.0.611 - Multiple Vulnerabilities Skybox Platform <= 7.0.611 - Multiple Vulnerabilities SOLIDserver <=5.0.4 - Local File Inclusion SOLIDserver <= 5.0.4 - Local File Inclusion WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)	2016-09-24 05:05:07 +00:00
Offensive Security	12047d93f1	DB: 2016-09-23 9 new exploits Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Slackware Linux 3.5 - Missing /etc/group Privilege Escalation Matrimonial Website Script 1.0.2 - SQL Injection Metasploit Web UI - Diagnostic Console Command Execution Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection Exponent CMS 2.3.9 - Blind SQL Injection JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101) phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - 'PHPWS_SOURCE_DIR' Parameter Multiple Remote File Inclusion Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution Microix Timesheet Module - SQL Injection Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities	2016-09-23 05:05:20 +00:00
Offensive Security	b8ebed3824	DB: 2016-09-22 6 new exploits Setuid perl - PerlIO_Debug() Root owned file creation Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation Kaltura 11.1.0-2 - Remote Code Execution (Metasploit) Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5) Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1) Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1) VideoCache 1.9.2 - vccleaner Root VideoCache 1.9.2 - 'vccleaner' Privilege Escalation UK One Media CMS - 'id' Error Based SQL Injection UK One Media CMS - 'id' Error-Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) Ultimate eShop - Error Based SQL Injection Ultimate eShop - Error-Based SQL Injection WordPress Plugin Multiple - timthumb.php Vulnerabilities Multiple WordPress Plugins - timthumb.php File Upload Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service Slackware Linux 3.5 - /etc/group missing results in Root access Slackware Linux 3.5 - /etc/group Missing Privilege Escalation Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service Sudo 1.6.3 - Unclean Environment Variable Root Program Execution Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure Microsoft Office PowerPoint 2010 - Invalid Pointer Reference Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass Microweber 0.905 - Error Based SQL Injection Microweber 0.905 - Error-Based SQL Injection WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution	2016-09-22 05:06:28 +00:00
Offensive Security	fdd9fd65e2	DB: 2016-09-21 2 new exploits Dolphin 7.3.0 - Error-Based SQL Injection VegaDNS 0.13.2 - Remote Command Injection	2016-09-21 05:07:40 +00:00
Offensive Security	91fedcad08	Merge branch 'g0tmi1k-searchsploit'	2016-09-20 22:38:15 +00:00
g0tmi1k	01cd5bae40	Fix an clipboard issue if it there wasn't $DISPLAY	2016-09-20 23:28:07 +01:00
Offensive Security	235761b103	DB: 2016-09-20 12 new exploits OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs ZineBasic 1.1 - Arbitrary File Disclosure SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities MyBB 1.8.6 - SQL Injection Kajona 4.7 - Cross-Site Scripting / Directory Traversal Docker Daemon - Privilege Escalation (Metasploit) SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow	2016-09-20 05:07:15 +00:00
Offensive Security	99fb353a74	Merge branch 'g0tmi1k-searchsploit'	2016-09-19 22:39:07 +00:00
g0tmi1k	52d612d57a	Able to update via package management	2016-09-19 23:37:14 +01:00
Offensive Security	c663f43049	DB: 2016-09-18	2016-09-18 05:06:48 +00:00
Offensive Security	4aa6d571e7	DB: 2016-09-17 3 new exploits Too many to list!	2016-09-17 05:08:43 +00:00
Offensive Security	54446fef7a	Merge branch 'g0tmi1k-searchsploit'	2016-09-16 15:53:11 +00:00
g0tmi1k	a53a982fb2	Fixed a few minor bugs in SearchSploit & more verbose output.	2016-09-16 16:22:52 +01:00
Offensive Security	5fefdd465d	Merge PR #46 , closes #44	2016-09-16 11:07:30 +00:00
Offensive Security	751e61a6bf	DB: 2016-09-16 3 new exploits Avaya IP Office Phone Manager - Local Password Disclosure BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities PA168 Chipset IP Phones - Weak Session Management Exploit CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash phpMyAdmin - '/scripts/setup.php' PHP Code Injection NScan 0.9.1 - (Target) Buffer Overflow NScan 0.9.1 - 'Target' Buffer Overflow Xerox WorkCentre - Multiple Models Denial of Service Xerox WorkCentre (Multiple Models) - Denial of Service Cisco EPC 3925 - Multiple Vulnerabilities httpdx 1.4 - h_handlepeer Buffer Overflow (Metasploit) Novell eDirectory 8.8sp5 - Buffer Overflow Uebimiau Webmail 3.2.0-2.0 - Email Disclosure ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC) Integard Home and Pro 2 - Remote HTTP Buffer Overflow Multiple D-Link Router Models - Authentication Bypass D-Link Router (Multiple Models) - Authentication Bypass iSO Air Files 2.6 - Directory Traversal iOS FtpDisc 1.0 - Directory Traversal iOS SideBooks 1.0 - Directory Traversal iOS FtpDisc 1.0 - Directory Traversal iOS SideBooks 1.0 - Directory Traversal iSO Filer Lite 2.1.0 - Directory Traversal iOS iDocManager 1.0.0 - Directory Traversal iOS myDBLite 1.1.10 - Directory Traversal iSO Filer Lite 2.1.0 - Directory Traversal iOS iDocManager 1.0.0 - Directory Traversal iOS myDBLite 1.1.10 - Directory Traversal iOS Share 1.0 - Directory Traversal iOS TIOD 1.3.3 - Directory Traversal Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation Zapya Desktop 1.803 - 'ZapyaService.exe' Privilege Escalation Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure Apache/mod_ssl 2.0.x - Remote Denial of Service SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation Airlive IP Cameras - Multiple Vulnerabilities Monkey CMS - Multiple Vulnerabilities NetBSD mail.local - Privilege Escalation (Metasploit) Apache Mina 2.0.13 - Remote Command Execution Apache Mina 2.0.13 - Remote Command Execution DeepOfix SMTP Server 3.3 - Authentication Bypass xEpan 1.0.4 - Multiple Vulnerabilities Humhub 0.10.0-rc.1 - SQL Injection Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities Humhub 0.10.0-rc.1 - SQL Injection Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness Koha 3.20.1 - Multiple SQL Injections Koha 3.20.1 - Directory Traversal Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities Koha 3.20.1 - Multiple SQL Injections Koha 3.20.1 - Directory Traversal Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities 8 TOTOLINK Router Models - Backdoor and Remote Code Execution 8 TOTOLINK Router Models - Backdoor / Remote Code Execution Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow TestLink 1.9.14 - Cross-Site Request Forgery PaKnPost Pro 1.14 - Multiple Vulnerabilities zFTP Client 20061220 - (Connection Name) Local Buffer Overflow zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access Cisco ASA 8.x - Authentication Bypass (EXTRABACON) Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass Watchguard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN) Cisco ASA / PIX - Privilege Escalation (EPICBANANA) TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT) TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE) TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL) TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR) Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER) Watchguard Firewalls - 'ESCALATEPLOWMAN' ifconfig Privilege Escalation Cisco ASA / PIX - 'EPICBANANA' Privilege Escalation TOPSEC Firewalls - 'ELIGIBLECONTESTANT' Remote Code Execution TOPSEC Firewalls - 'ELIGIBLECANDIDATE' Remote Code Execution TOPSEC Firewalls - 'ELIGIBLEBOMBSHELL' Remote Code Execution TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote Exploit Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution tcPbX - (tcpbx_lang) Local File Inclusion tcPbX - 'tcpbx_lang' Local File Inclusion	2016-09-16 05:08:37 +00:00
Offensive Security	f1e68e0b1d	DB: 2016-09-15 3 new exploits Android - getpidcon Usage binder Service Replacement Race Condition PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure Apache Mina 2.0.13 - Remote Command Execution	2016-09-15 05:07:49 +00:00
Offensive Security	d5138d6962	DB: 2016-09-14 17 new exploits Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script Cherry Music 0.35.1 - Arbitrary File Disclosure Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation Windows x86 - Password Protected TCP Bind Shell (637 bytes) wdCalendar 2 - SQL Injection Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change Open-Xchange App Suite 7.8.2 - Cross Site Scripting Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting Multiple Icecream Apps - Insecure File Permissions Privilege Escalation WinSMS 3.43 - Insecure File Permissions Privilege Escalation Microsoft Internet Explorer 11.0.9600.18482 - Use After Free AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure AIOCP 1.3.x - Multiple Vulnerabilities ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change COMTREND ADSL Router CT-5367 C01_R12_ CT-5624 C01_R03 - Unauthenticated DNS Change Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change PIKATEL 96338WS_ 96338L-2M-8M - Unauthenticated DNS Change Inteno EG101R1 VoIP Router - Unauthenticated DNS Change	2016-09-14 05:08:39 +00:00
Offensive Security	28e25eeea1	DB: 2016-09-13 1 new exploits Too many to list!	2016-09-13 05:08:52 +00:00
xtrm0	5512cfc6f3	Gets the physical script path in case of link	2016-09-13 02:14:42 +01:00
Offensive Security	79d7b397e6	Merge branch 'unix-ninja-master'	2016-09-12 22:07:44 +00:00
Chris Baal	51ac261a7f	Adjust usage info and README to reflect new flags	2016-09-12 17:48:40 -04:00
Chris Baal	2ce9b3fd51	Remove -X flag and replace with -m for mirror only	2016-09-12 17:42:29 -04:00
Chris Baal	a30ebe3ca1	Add two flags for viewing exploits in terminal pager	2016-09-12 17:19:32 -04:00
Offensive Security	094f4ef355	DB: 2016-09-12	2016-09-12 05:08:21 +00:00
Offensive Security	b621d13801	DB: 2016-09-11	2016-09-11 05:08:43 +00:00
Offensive Security	7607be84a3	DB: 2016-09-10 3 new exploits freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated) freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow freeSSHd 1.2.1 - Authenticated Remote SEH Overflow Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service Serv-U 7.3 - (Authenticated) Remote FTP File Replacement Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow PoC LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow PoC Hannon Hill Cascade Server - (Authenticated) Command Execution Hannon Hill Cascade Server - Authenticated Command Execution Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - Authenticated Multiple Vulnerabilities Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities Femitter FTP Server 1.x - Authenticated Multiple Vulnerabilities Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service NetAccess IP3 - (Authenticated) (ping option) Command Injection NetAccess IP3 - Authenticated (ping option) Command Injection Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting Apache Axis2 Administration console - Authenticated Cross-Site Scripting Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow ActFax Server FTP - (Authenticated) Remote Buffer Overflow ActFax Server FTP - Authenticated Remote Buffer Overflow Oracle Database - Protocol Authentication Bypass Oracle Database - Protocol Authentication Bypass IRIS Citations Management Tool - (Authenticated) Remote Command Execution IRIS Citations Management Tool - Authenticated Remote Command Execution Airmail 3.0.2 - Cross-Site Scripting LamaHub 0.0.6.2 - Buffer Overflow Vodafone Mobile Wifi - Reset Admin Password Zabbix 2.0 - 3.0.3 - SQL Injection Zabbix 2.0 < 3.0.3 - SQL Injection Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF) Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF) Alfresco - /proxy endpoint Parameter Server Side Request Forgery Alfresco - /cmisbrowser url Parameter Server Side Request Forgery vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF) vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery	2016-09-10 05:08:39 +00:00
Offensive Security	0be1ea959a	DB: 2016-09-09 11 new exploits Samba 3.0.4 - SWAT Authorization Buffer Overflow Samba 3.0.4 SWAT - Authorisation Buffer Overflow Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2) HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit) HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit) WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC) WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC) FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service Multiple Applications - Local Credentials Disclosure Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2) Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2) IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC) Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC) Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC) Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC) Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC) Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC) SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC) MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow Joomla Component JPad 1.0 - Post-Authentication SQL Injection Joomla Component JPad 1.0 - Authenticated SQL Injection CMS Made Simple 1.2.4 - (FileManager module) File Upload CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication) freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated) freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection AvailScript Jobs Portal Script - (Post-Authentication) File Upload AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service Serv-U 7.3 - (Authenticated) Remote FTP File Replacement Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC) Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC) Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC AJ Auction Authentication - Bypass Exploit AJ Auction - Authentication Bypass Simple Directory Listing 2 - Cross-Site File Upload Simple Directory Listing 2 - Cross-Site Arbitrary File Upload Mini File Host 1.x - Arbitrary PHP File Upload Mini File Host 1.x - Arbitrary .PHP File Upload Memberkit 1.0 - Remote PHP File Upload Memberkit 1.0 - Remote Arbitrary .PHP File Upload WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC) Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC) WikkiTikkiTavi 1.11 - Remote PHP File Upload WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation zFeeder 1.6 - 'admin.php' Pre-Authentication zFeeder 1.6 - 'admin.php' Unauthenticated Addonics NAS Adapter - Post-Authentication Denial of Service Addonics NAS Adapter - Authenticated Denial of Service Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Hannon Hill Cascade Server - (Post-Authentication) Command Execution Hannon Hill Cascade Server - (Authenticated) Command Execution Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC) XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC) Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal Adobe JRun 4 - (logfile) Authenticated Directory Traversal FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service NetAccess IP3 - (Post-Authentication) (ping option) Command Injection NetAccess IP3 - (Authenticated) (ping option) Command Injection Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC) httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC) httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC) Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC) Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) uTorrent WebUI 0.370 - Authorization header Denial of Service uTorrent WebUI 0.370 - Authorisation Header Denial of Service Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass) ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass) Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass) BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass) dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting) dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting) Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit) UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow Achievo 1.4.3 - Multiple Authorization Flaws Achievo 1.4.3 - Multiple Authorisation Flaws PHPMotion 1.62 - 'FCKeditor' File Upload PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal Home FTP Server 1.11.1.149 - Authenticated Directory Traversal News Script PHP Pro - 'FCKeditor' File Upload News Script PHP Pro - 'FCKeditor' Arbitrary File Upload Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow MailEnable - Authorization Header Buffer Overflow MailEnable - Authorisation Header Buffer Overflow ColdFusion 8.0.1 - Arbitrary File Upload and Execution Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution ColdFusion 8.0.1 - Arbitrary File Upload / Execution Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution OpenX - banner-edit.php File Upload PHP Code Execution OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution Joomla 1.5.12 - tinybrowser File Upload Code Execution Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit If-CMS 2.07 - Pre-Authentication Local File Inclusion (1) If-CMS 2.07 - Unauthenticated Local File Inclusion (1) IPComp - encapsulation Pre-Authentication kernel memory Corruption IPComp - encapsulation Unauthenticated kernel memory Corruption SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass) Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass) Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow ActFax Server FTP - (Authenticated) Remote Buffer Overflow If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2) If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2) DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass) DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass) DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit TomatoCart 1.1 - Post-Authentication Local File Inclusion TomatoCart 1.1 - Authenticated Local File Inclusion BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass QuiXplorer 2.3 - Bugtraq File Upload QuiXplorer 2.3 - Bugtraq Arbitrary File Upload QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit) QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit) Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter) Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter) BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection Dolibarr ERP & CRM 3 - Authenticated OS Command Injection V-CMS - PHP File Upload and Execution V-CMS - Arbitrary .PHP File Upload / Execution WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection WebCalendar 1.2.4 - Unauthenticated Remote Code Injection appRain CMF - Arbitrary PHP File Upload appRain CMF - Arbitrary .PHP File Upload EGallery - PHP File Upload EGallery - Arbitrary .PHP File Upload SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload WebPageTest - Arbitrary PHP File Upload WebPageTest - Arbitrary .PHP File Upload XODA 0.4.5 - Arbitrary PHP File Upload XODA 0.4.5 - Arbitrary .PHP File Upload Elcom CMS 7.4.10 - Community Manager Insecure File Upload Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1) OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2) Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1) Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit qdPM 7.0 - Arbitrary PHP File Upload qdPM 7.0 - Arbitrary .PHP File Upload Oracle Database - Authentication Protocol Security Bypass Oracle Database - Protocol Authentication Bypass Mod_NTLM 0.x - Authorization Heap Overflow Mod_NTLM 0.x - Authorisation Heap Overflow Mod_NTLM 0.x - Authorization Format String Mod_NTLM 0.x - Authorisation Format String Geeklog 1.3.x - Authentication SQL Injection Geeklog 1.3.x - Authenticated SQL Injection NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution MySQL - Remote Pre-Authentication User Enumeration MySQL - Remote Unauthenticated User Enumeration vbPortal 2.0 alpha 8.1 - Authentication SQL Injection vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3) WordPress WP-Property Plugin - PHP File Upload WordPress Asset-Manager Plugin - PHP File Upload WordPress WP-Property Plugin - Arbitrary .PHP File Upload WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2) Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun Novell NCP - Pre-Authentication Remote Root Exploit Novell NCP - Unauthenticated Remote Root Exploit Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass Polar Helpdesk 3.0 - Cookie Based Authentication Bypass IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution IRIS Citations Management Tool - (Authenticated) Remote Command Execution Polycom HDX - Telnet Authorization Bypass (Metasploit) Polycom HDX - Telnet Authentication Bypass (Metasploit) OpenEMR - PHP File Upload OpenEMR - Arbitrary .PHP File Upload PolarPearCMS - PHP File Upload PolarPearCMS - Arbitrary .PHP File Upload Apache 2.0.x - mod_ssl Remote Denial of Service Apache/mod_ssl 2.0.x - Remote Denial of Service phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal MoinMoin - twikidraw Action Traversal File Upload MoinMoin - twikidraw Action Traversal Arbitrary File Upload Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow FlexWATCH 3.0 - AIndex.asp Authorization Bypass FlexWATCH 3.0 - AIndex.asp Authentication Bypass HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload WordPress Curvo Themes - Cross-Site Request Forgery File Upload WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass PHPBB2 - Admin_Ug_Auth.php Administrative Bypass Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass Castripper 2.50.70 - '.pls' DEP Exploit Castripper 2.50.70 - '.pls' DEP Bypass Exploit Google Urchin 5.7.3 - Report.cgi Authorization Bypass Google Urchin 5.7.3 - Report.cgi Authentication Bypass Adobe Flash - Method Calls Use-After-Free Adobe Flash - Transform.colorTranform Getter Info Leak RSA Authentication Agent for Web 5.3 - URI redirection RSA Authentication Agent for Web 5.3 - URI Redirection Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow Zabbix 2.0 - 3.0.3 - SQL Injection ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload Katello (Red Hat Satellite) - users/update_roles Missing Authorization Katello (Red Hat Satellite) - users/update_roles Missing Authorisation Freepbx 13.0.x < 13.0.154 - Remote Command Execution FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution Jobberbase 2.0 - Multiple Vulnerabilities Windows x86 - Bind Shell TCP Shellcode WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution Moab < 7.2.9 - Authorization Bypass Moab < 7.2.9 - Authentication Bypass Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection Drupal Core < 7.32 - Pre-Authentication SQL Injection Drupal Core < 7.32 - Unauthenticated SQL Injection Tincd - Post-Authentication Remote TCP Stack Buffer Overflow Tincd - Authenticated Remote TCP Stack Buffer Overflow PMB 4.1.3 - Post-Authentication SQL Injection PMB 4.1.3 - Authenticated SQL Injection Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution ManageEngine Multiple Products - Authenticated File Upload ManageEngine Multiple Products - Authenticated Arbitrary File Upload Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass) Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass) Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection Symantec Web Gateway 5 - restore.php Authenticated Command Injection JBoss Seam 2 - Arbitrary File Upload and Execution JBoss Seam 2 - Arbitrary File Upload / Execution Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit) Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass JibberBook 2.3 - 'Login_form.php' Authentication Bypass Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Zenoss 3.2.1 - Remote Post-Authentication Command Execution Zenoss 3.2.1 - Remote Authenticated Command Execution Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution Magento CE < 1.9.0.1 - Authenticated Remote Code Execution Netsweeper 4.0.9 - Arbitrary File Upload and Execution Netsweeper 4.0.9 - Arbitrary File Upload / Execution Netsweeper 4.0.8 - Arbitrary File Upload and Execution Netsweeper 4.0.8 - Arbitrary File Upload / Execution EasyITSP - 'customers_edit.php' Authentication Security Bypass EasyITSP - 'customers_edit.php' Authentication Bypass Wolf CMS - Arbitrary File Upload and Execution Wolf CMS - Arbitrary File Upload / Execution Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass) GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution vBulletin 5.1.x - Pre-Authentication Remote Code Execution vBulletin 5.1.x - Unauthenticated Remote Code Execution WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass WordPress WP to Twitter Plugin - Authorization Bypass WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass WordPress WP to Twitter Plugin - Authentication Bypass Novell ServiceDesk - Authenticated File Upload Novell ServiceDesk - Authenticated Arbitrary File Upload Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass) Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass) phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers) vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit) phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution phpMyAdmin 4.6.2 - Authenticated Remote Code Execution vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF) vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF) ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass	2016-09-09 05:09:09 +00:00
Offensive Security	2aa9d941de	DB: 2016-09-08 6 new exploits Too many to list!	2016-09-08 05:08:29 +00:00
Offensive Security	d36011b4f9	DB: 2016-09-07 3 new exploits Too many to list!	2016-09-07 05:09:19 +00:00
Offensive Security	479ae86249	DB: 2016-09-06 5 new exploits ProFTPD 1.2.9RC1 - (mod_sql) SQL Injection ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection PHPBB 2.0.4 - PHP Remote File Inclusion Exploit phpBB 2.0.4 - PHP Remote File Inclusion Exploit wu-ftpd 2.6.2 - Off-by-One Remote Root Exploit WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit wu-ftpd 2.6.2 - Remote Root Exploit WU-FTPD 2.6.2 - Remote Root Exploit ProFTPD 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service wu-ftpd 2.6.0 - Remote Root Exploit WU-FTPD 2.6.0 - Remote Root Exploit OpenBSD 2.6 / 2.7ftpd - Remote Exploit OpenBSD 2.6 / 2.7 ftpd - Remote Exploit wu-ftpd 2.6.0 - Remote Format Strings Exploit WU-FTPD 2.6.0 - Remote Format Strings Exploit ProFTPD 1.2.0 (rc2) - memory leakage example Exploit ProFTPd 1.2.0 (rc2) - memory leakage example Exploit ProFTPD 1.2.0pre10 - Remote Denial of Service ProFTPd 1.2.0pre10 - Remote Denial of Service wu-ftpd 2.6.1 - Remote Root Exploit WU-FTPD 2.6.1 - Remote Root Exploit OpenFTPD 0.30.2 - Remote Exploit OpenFTPD 0.30.1 - (message system) Remote Shell Exploit OpenFTPd 0.30.2 - Remote Exploit OpenFTPd 0.30.1 - (message system) Remote Shell Exploit PHP - (PHP-exec-dir) Patch Command Access Restriction Bypass PHP - (php-exec-dir) Patch Command Access Restriction Bypass ProFTPd (ftpdctl) - Local pr_ctrls_connect ProFTPd - (ftpdctl) Local pr_ctrls_connect ProFTPD 1.2.10 - Remote Users Enumeration Exploit ProFTPd 1.2.10 - Remote Users Enumeration Exploit PHPBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit PHP 4.3.9 + PHPBB 2.x - unserialize() Remote Exploit (Compiled) PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled) Apple QuickTime 6.5.2.10 - '.qtif'Image Parsing Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing wu-ftpd 2.6.2 - File Globbing Denial of Service WU-FTPD 2.6.2 - File Globbing Denial of Service RealPlayer 10 - '.smil'Local Buffer Overflow RealPlayer 10 - '.smil' Local Buffer Overflow PHPBB 2.0.13 - 'downloads.php' mod Remote Exploit phpBB 2.0.13 - 'downloads.php' mod Remote Exploit PHPPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting Invision Power Board 2.0.3 - login.php SQL Injection Invision Power Board 2.0.3 - login.php SQL Injection (tutorial) Invision Power Board 2.0.3 - 'login.php' SQL Injection Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) Invision Power Board 1.3.1 - login.php SQL Injection Invision Power Board 1.3.1 - 'login.php' SQL Injection PHPBB 2.0.15 - (highlight) Remote PHP Code Execution phpBB 2.0.15 - (highlight) Remote PHP Code Execution Solaris SPARC / x86 - Local Socket Hijack Exploit Solaris (SPARC / x86) - Local Socket Hijack Exploit PHPBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) Microsoft Windows XP SP2 - 'rdpwd.sys'Remote Kernel Denial of Service Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service PHPBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit FreeFTPD 1.0.8 - (USER) Remote Buffer Overflow freeFTPd 1.0.8 - (USER) Remote Buffer Overflow FreeFTPD 1.0.10 - (PORT Command) Denial of Service freeFTPd 1.0.10 - (PORT Command) Denial of Service Tftpd32 2.81 - (GET Request) Format String Denial of Service (PoC) TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC) Microsoft HTML Help Workshop - '.hhp'Denial of Service Microsoft HTML Help Workshop - '.hhp' Denial of Service PHPWebSite 0.10.0-full - (topics.php) SQL Injection phpWebSite 0.10.0-full - (topics.php) SQL Injection Microsoft Visual Studio 6.0 sp6 - '.dbp'Buffer Overflow Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow PHPBookingCalendar 1.0c - (details_view.php) SQL Injection phpBookingCalendar 1.0c - (details_view.php) SQL Injection Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure Microsoft Internet Explorer 6 - 'Internet.HHCtrl'Heap Overflow Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow PHPBB 3 - 'memberlist.php' SQL Injection phpBB 3 - 'memberlist.php' SQL Injection WoW Roster 1.70 - (/lib/PHPbb.php) Remote File Inclusion WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion PHPBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion phpBB XS 0.58a - (phpBB_root_path) Remote File Inclusion phpBB Static Topics 1.0 - phpbb_root_path File Include phpBB Static Topics 1.0 - phpBB_root_path File Include PHPBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpBB_root_path) Remote File Inclusions PHP News Reader 2.6.4 - (PHPbb.inc.php) Remote File Inclusion Exploit PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exploit PHPBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit PHPBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit PHPBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit PHPBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit PHPBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit PGOSD - 'misc/function.php3'Remote File Inclusion PGOSD - 'misc/function.php3' Remote File Inclusion HP-UX 11i - (LIBC TZ enviroment variable) Privilege Escalation HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPD 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit Yrch 1.0 - (plug.inc.php path variable) Remote File Inclusion Exploit Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Exploit Vizayn Haber - 'haberdetay.asp id variable'SQL Injection Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection newsCMSlite - 'newsCMS.mdb'Remote Password Disclosure newsCMSlite - 'newsCMS.mdb' Remote Password Disclosure iG Calendar 1.0 - (user.php id variable) SQL Injection iG Calendar 1.0 - (user.php id Variable) SQL Injection uniForum 4 - 'wbsearch.aspx'SQL Injection uniForum 4 - 'wbsearch.aspx' SQL Injection MGB 0.5.4.5 - (email.php id variable) SQL Injection MGB 0.5.4.5 - (email.php id Variable) SQL Injection Microsoft Help Workshop 4.03.0002 - '.CNT'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow Microsoft Visual C++ - '.RC Resource Files'Local Buffer Overflow Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow Phpbb Tweaked 3 - (phpbb_root_path) Remote File Inclusion phpBB Tweaked 3 - (phpBB_root_path) Remote File Inclusion phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit phpBB++ Build 100 - (phpBB_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpBB_root_path) Remote File Inclusion Exploit ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) News Bin Pro 5.33 - '.NBI'Local Buffer Overflow News Bin Pro 5.33 - '.nbi' Local Buffer Overflow Extreme PHPBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite'Local Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit Microsoft Windows - '.doc'Malformed Pointers Denial of Service Microsoft Windows - '.doc' Malformed Pointers Denial of Service GestArt Beta 1 - 'aide.php aide'Remote File Inclusion GestArt Beta 1 - 'aide.php aide' Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path'Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion Corel Wordperfect X3 13.0.0.565 - '.PRS'Local Buffer Overflow Corel Wordperfect X3 13.0.0.565 - '.prs' Local Buffer Overflow ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) Winamp 5.3 - '.WMV'Remote Denial of Service Winamp 5.3 - '.wmv' Remote Denial of Service ACDSee 9.0 - '.XPM'Local Buffer Overflow XnView 1.90.3 - '.XPM'Local Buffer Overflow WEBInsta FM 0.1.4 - login.php absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.CLP'Buffer Overflow ACDSee 9.0 - '.xpm' Local Buffer Overflow XnView 1.90.3 - '.xpm' Local Buffer Overflow WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow ABC-View Manager 1.42 - '.PSP'Buffer Overflow FreshView 7.15 - '.PSP'Buffer Overflow ABC-View Manager 1.42 - '.psp' Buffer Overflow FreshView 7.15 - '.psp' Buffer Overflow Gimp 2.2.14 - '.ras'SUNRAS Plugin Buffer Overflow Gimp 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow IrfanView 4.00 - '.iff'Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png'Buffer Overflow Exploit IrfanView 4.00 - '.iff' Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit RealPlayer 10 - '.ra'Remote Denial of Service RealPlayer 10 - '.ra' Remote Denial of Service Winamp 5.34 - '.mp4'Code Execution Exploit Winamp 5.34 - '.mp4' Code Execution Exploit Wikivi5 - 'show.php sous_rep'Remote File Inclusion Wikivi5 - 'show.php sous_rep' Remote File Inclusion LeadTools Raster Thumbnail Object Library - 'LTRTM14e.DLL'Buffer Overflow Exploit LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow Exploit Scallywag - 'template.php path'Remote File Inclusion Scallywag - 'template.php path' Remote File Inclusion Simple Invoices 2007 05 25 - 'index.php submit'SQL Injection Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection Traffic Stats - 'referralUrl.php offset'SQL Injection Traffic Stats - 'referralUrl.php offset' SQL Injection BBS E-Market - 'postscript.php p_mode'Remote File Inclusion BBS E-Market - 'postscript.php p_mode' Remote File Inclusion PHPBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion bwired - 'index.php newsID'SQL Injection bwired - 'index.php newsID' SQL Injection CrystalPlayer 1.98 - '.mls'Local Buffer Overflow CrystalPlayer 1.98 - '.mls' Local Buffer Overflow PHP123 Top Sites - 'category.php cat'SQL Injection PHP123 Top Sites - 'category.php cat' SQL Injection Live for Speed S1/S2/Demo - '.mpr replay'Buffer Overflow Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe'Stack Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow Live for Speed S1/S2/Demo - '.ply'Buffer Overflow Live for Speed S1/S2/Demo - '.spr'Buffer Overflow CartWeaver - 'Details.cfm ProdID'SQL Injection Prozilla Pub Site Directory - 'directory.php cat'SQL Injection Live for Speed S1/S2/Demo - '.ply' Buffer Overflow Live for Speed S1/S2/Demo - '.spr' Buffer Overflow CartWeaver - 'Details.cfm ProdID' SQL Injection Prozilla Pub Site Directory - 'directory.php cat' SQL Injection Prozilla Webring Website Script - 'category.php cat'SQL Injection Prozilla Webring Website Script - 'category.php cat' SQL Injection GetMyOwnArcade - 'search.php query'SQL Injection GetMyOwnArcade - 'search.php query' SQL Injection ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow Sisfo Kampus 2006 - 'dwoprn.php f'Remote File Download Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download Gelato - 'index.php post'SQL Injection Gelato - 'index.php post' SQL Injection modifyform - 'modifyform.html'Remote File Inclusion modifyform - 'modifyform.html' Remote File Inclusion phpBB Plus 1.53 - (phpbb_root_path) Remote File Inclusion phpBB Plus 1.53 - (phpBB_root_path) Remote File Inclusion Black Lily 2007 - 'products.php class'SQL Injection Black Lily 2007 - 'products.php class' SQL Injection PHPBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion wzdftpd 0.8.0 - (USER) Remote Denial of Service WzdFTPD 0.8.0 - (USER) Remote Denial of Service Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc) Solaris 10 (sparc/x86) - sysinfo Kernel Memory Disclosure Exploit Solaris (sparc/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit Mcms Easy Web Make - 'index.php template'Local File Inclusion Mcms Easy Web Make - 'index.php template' Local File Inclusion MOG-WebShop - 'index.php group'SQL Injection MOG-WebShop - 'index.php group' SQL Injection ClipShare - 'uprofile.php UID'SQL Injection ClipShare - 'uprofile.php UID' SQL Injection samPHPweb - 'db.php commonpath'Remote File Inclusion samPHPweb - 'db.php commonpath' Remote File Inclusion RichStrong CMS - 'showproduct.asp cat'SQL Injection RichStrong CMS - 'showproduct.asp cat' SQL Injection Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr'File Handling Buffer Overflow Exploit Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit IrfanView 4.10 - '.fpx'Memory Corruption Exploit IrfanView 4.10 - '.fpx' Memory Corruption Exploit Fully Modded PHPBB - 'kb.php' SQL Injection Fully Modded phpBB - 'kb.php' SQL Injection ASPapp - 'links.asp CatId'SQL Injection ASPapp - 'links.asp CatId' SQL Injection HIS-Webshop - 'his-webshop.pl t'Remote File Disclosure HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure Easynet Forum Host - 'forum.php forum'SQL Injection Easynet Forum Host - 'forum.php forum' SQL Injection Blog PixelMotion - 'index.php categorie'SQL Injection Blog PixelMotion - 'index.php categorie' SQL Injection Prozilla Forum Service - 'forum.php forum'SQL Injection Prozilla Forum Service - 'forum.php forum' SQL Injection Ksemail - 'index.php language'Local File Inclusion Ksemail - 'index.php language' Local File Inclusion RX Maxsoft - 'popup_img.php fotoID'SQL Injection RX Maxsoft - 'popup_img.php fotoID' SQL Injection Apartment Search Script - 'listtest.php r'SQL Injection Apartment Search Script - 'listtest.php r' SQL Injection Jokes Site Script - 'jokes.php?catagorie'SQL Injection Jokes Site Script - 'jokes.php?catagorie' SQL Injection Anserv Auction XL - 'viewfaqs.php cat'SQL Injection Anserv Auction XL - 'viewfaqs.php cat' SQL Injection fipsCMS - 'print.asp lg'SQL Injection fipsCMS - 'print.asp lg' SQL Injection PostcardMentor - 'step1.asp cat_fldAuto'SQL Injection PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection HispaH Model Search - 'cat.php cat'SQL Injection HispaH Model Search - 'cat.php cat' SQL Injection EMO Realty Manager - 'news.php ida'SQL Injection The Real Estate Script - 'dpage.php docID'SQL Injection EMO Realty Manager - 'news.php ida' SQL Injection The Real Estate Script - 'dpage.php docID' SQL Injection GLLCTS2 - 'listing.php sort'Blind SQL Injection GLLCTS2 - 'listing.php sort' Blind SQL Injection PHPMyCart - 'shop.php cat'SQL Injection PHPMyCart - 'shop.php cat' SQL Injection BaSiC-CMS - 'index.php r'SQL Injection BaSiC-CMS - 'index.php r' SQL Injection Mybizz-Classifieds - 'index.php cat'SQL Injection Mybizz-Classifieds - 'index.php cat' SQL Injection Carscripts Classifieds - 'index.php cat'SQL Injection BoatScripts Classifieds - 'index.php type'SQL Injection Carscripts Classifieds - 'index.php cat' SQL Injection BoatScripts Classifieds - 'index.php type' SQL Injection RSS-Aggregator - 'display.php path'Remote File Inclusion RSS-Aggregator - 'display.php path' Remote File Inclusion MyBlog: PHP and MySQL Blog/CMS software - SQL / Cross-Site Scripting MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting CodeDB - 'list.php lang'Local File Inclusion CodeDB - 'list.php lang' Local File Inclusion HRS Multi - 'picture_pic_bv.asp key'Blind SQL Injection HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo'Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo'Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo'Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection Youtuber Clone - 'ugroups.php UID'SQL Injection Youtuber Clone - 'ugroups.php UID' SQL Injection ZeeReviews - 'comments.php ItemID'SQL Injection ZeeReviews - 'comments.php ItemID' SQL Injection Acoustica Beatcraft 1.02 Build 19 - '.bcproj'Local Buffer Overflow Exploit Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow Exploit Living Local Website - 'listtest.php r'SQL Injection Living Local Website - 'listtest.php r' SQL Injection AWStats Totals - 'AWStatstotals.php sort'Remote Code Execution Exploit AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Exploit Pre Real Estate Listings - 'search.php c'SQL Injection Pre Real Estate Listings - 'search.php c' SQL Injection Hotel reservation System - 'city.asp city'Blind SQL Injection Hotel reservation System - 'city.asp city' Blind SQL Injection Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward'Local Denial of Service Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service Availscript Article Script - 'view.php v'SQL Injection Availscript Article Script - 'view.php v' SQL Injection JETIK-WEB Software - 'sayfa.php kat'SQL Injection JETIK-WEB Software - 'sayfa.php kat' SQL Injection Microsoft Windows GDI+ - '.ico'Remote Division By Zero Exploit Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit ArabCMS - 'rss.php rss'Local File Inclusion ArabCMS - 'rss.php rss' Local File Inclusion Easynet4u faq Host - 'faq.php faq'SQL Injection Easynet4u faq Host - 'faq.php faq' SQL Injection Real Estate Scripts 2008 - 'index.php cat'SQL Injection Real Estate Scripts 2008 - 'index.php cat' SQL Injection RaidenFTPD 2.4 build 3620 - Remote Denial of Service RaidenFTPd 2.4 build 3620 - Remote Denial of Service XOOPS Module xhresim - 'index.php no'SQL Injection XOOPS Module xhresim - 'index.php no' SQL Injection Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit DorsaCMS - 'ShowPage.aspx'SQL Injection YDC - 'kdlist.php cat'SQL Injection DorsaCMS - 'ShowPage.aspx' SQL Injection YDC - 'kdlist.php cat' SQL Injection Aj RSS Reader - 'EditUrl.php url'SQL Injection Aj RSS Reader - 'EditUrl.php url' SQL Injection Aiocp 1.4 - (poll_id) SQL Injection AIOCP 1.4 - 'poll_id' SQL Injection SFS EZ Auction - 'viewfaqs.php cat'Blind SQL Injection SFS EZ Career - 'content.php topic'SQL Injection SFS EZ Top Sites - 'topsite.php ts'SQL Injection SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection SFS EZ Career - 'content.php topic' SQL Injection SFS EZ Top Sites - 'topsite.php ts' SQL Injection SFS EZ Pub Site - 'directory.php cat'SQL Injection SFS EZ Pub Site - 'directory.php cat' SQL Injection AJ ARTICLE - 'featured_article.php mode'SQL Injection AJ ARTICLE - 'featured_article.php mode' SQL Injection YourFreeWorld Shopping Cart - 'index.php c'Blind SQL Injection Maran PHP Shop - 'prod.php cat'SQL Injection YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection Maran PHP Shop - 'prod.php cat' SQL Injection PHP Auto Listings - 'moreinfo.php pg'SQL Injection PHP Auto Listings - 'moreinfo.php pg' SQL Injection VLC Media Player < 0.9.6 - '.rt'Stack Buffer Overflow VLC Media Player < 0.9.6 - '.rt' Stack Buffer Overflow Minigal b13 - 'index.php list'Remote File Disclosure Exploit Minigal b13 - 'index.php list' Remote File Disclosure Exploit VCalendar - 'VCalendar.mdb'Remote Database Disclosure VCalendar - 'VCalendar.mdb' Remote Database Disclosure VideoGirls BiZ - 'view_snaps.php type'Blind SQL Injection VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection ParsBlogger - 'blog.asp wr'SQL Injection ParsBlogger - 'blog.asp wr' SQL Injection BaSiC-CMS - 'acm2000.mdb'Remote Database Disclosure BaSiC-CMS - 'acm2000.mdb' Remote Database Disclosure cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp'Stack Overflow cpCommerce 1.2.6 - (URL Rewrite) Input Variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp' Stack Overflow Ocean12 Mailing List Manager Gold - DD / SQL / Cross-Site Scripting Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting Cain & Abel 4.9.23 - '.rdp'Buffer Overflow Exploit Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Exploit User Engine Lite ASP - 'users.mdb'Database Disclosure User Engine Lite ASP - 'users.mdb' Database Disclosure Easy News Content Management - 'News.mdb'Database Disclosure Easy News Content Management - 'News.mdb' Database Disclosure RankEm - 'rankup.asp siteID'SQL Injection RankEm - 'rankup.asp siteID' SQL Injection Cold BBS - 'cforum.mdb'Remote Database Disclosure Cold BBS - 'cforum.mdb' Remote Database Disclosure ASP PORTAL - 'xportal.mdb'Remote Database Disclosure ASP PORTAL - 'xportal.mdb' Remote Database Disclosure Webmaster Marketplace - 'member.php u'SQL Injection Webmaster Marketplace - 'member.php u' SQL Injection CF_Calendar - 'calendarevent.cfm'SQL Injection CF_Calendar - 'calendarevent.cfm' SQL Injection CFMBLOG - 'index.cfm categorynbr'Blind SQL Injection CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection MyCal Personal Events Calendar - 'mycal.mdb'Database Disclosure MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure ASPired2Quote - 'quote.mdb'Remote Database Disclosure ASPired2Quote - 'quote.mdb' Remote Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb'Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb'Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb'Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb'Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb'Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure CFAGCMS 1 - 'right.php title'SQL Injection CFAGCMS 1 - 'right.php title' SQL Injection click&rank - SQL / Cross-Site Scripting click&rank - SQL Injection / Cross-Site Scripting Liberum Help Desk 0.97.3 - SQL / DD Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb'Database Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure MyPHPsite - 'index.php mod'Local File Inclusion MyPHPsite - 'index.php mod' Local File Inclusion MyPBS - 'index.php seasonID'SQL Injection MyPBS - 'index.php seasonID' SQL Injection Extract Website - 'download.php filename'File Disclosure Extract Website - 'download.php filename' File Disclosure CoolPlayer 2.19 - '.Skin'Local Buffer Overflow CoolPlayer 2.19 - '.Skin' Local Buffer Overflow Sepcity Shopping Mall - 'shpdetails.asp ID'SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID'SQL Injection Sepcity Shopping Mall - 'shpdetails.asp ID' SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID' SQL Injection Sepcity Classified - 'classdis.asp ID'SQL Injection Sepcity Classified - 'classdis.asp ID' SQL Injection Ayemsis Emlak Pro - 'acc.mdb'Database Disclosure Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure VUPlayer 2.49 - '.wax'Local Buffer Overflow VUPlayer 2.49 - '.wax' Local Buffer Overflow BlogHelper - 'common_db.inc'Remote Config File Disclosure PollHelper - 'poll.inc'Remote Config File Disclosure BlogHelper - 'common_db.inc' Remote Config File Disclosure PollHelper - 'poll.inc' Remote Config File Disclosure Audacity 1.6.2 - '.aup'Remote Off-by-One Crash Exploit Audacity 1.6.2 - '.aup' Remote Off-by-One Crash Exploit QuoteBook - 'poll.inc'Remote Config File Disclosure QuoteBook - 'poll.inc' Remote Config File Disclosure XOOPS Module tadbook2 - 'open_book.php book_sn'SQL Injection XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection Social Engine - 'browse_classifieds.php s'SQL Injection Social Engine - 'browse_classifieds.php s' SQL Injection Realtor 747 - 'define.php INC_DIR'Remote File Inclusion Realtor 747 - 'define.php INC_DIR' Remote File Inclusion OTSTurntables 1.00.027 - '.ofl'Local Stack Overflow OTSTurntables 1.00.027 - '.ofl' Local Stack Overflow SCMS 1 - 'index.php p'Local File Inclusion SCMS 1 - 'index.php p' Local File Inclusion Graugon Gallery 1.0 - Cross-Site Scripting / SQL / Cookie Bypass Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / Cross-Site Scripting / CM Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / CM pHNews Alpha 1 - 'header.php mod'SQL Injection pHNews Alpha 1 - 'header.php mod' SQL Injection i-dreams GB Server - 'admin.dat'File Disclosure i-dreams GB Server - 'admin.dat' File Disclosure VUplayer 2.49 - '.cue'Local Buffer Overflow VUplayer 2.49 - '.cue' Local Buffer Overflow VUPlayer 2.49 - '.cue'Universal Buffer Overflow VUPlayer 2.49 - '.cue' Universal Buffer Overflow Chasys Media Player 1.1 - '.cue'Stack Overflow Chasys Media Player 1.1 - '.cue' Stack Overflow Chasys Media Player - '.lst Playlist'Local Buffer Overflow Chasys Media Player - '.lst Playlist' Local Buffer Overflow BS.Player 2.34 - '.bsl'Universal SEH Overwrite BS.Player 2.34 - '.bsl' Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml'Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite Abee Chm Maker 1.9.5 - '.CMP'Stack Overflow Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow ActiveKB Knowledgebase - 'loadpanel.php Panel'Local File Inclusion ActiveKB Knowledgebase - 'loadpanel.php Panel' Local File Inclusion ftpdmin 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) ftpdmin 0.96 - Arbitrary File Disclosure Exploit FTPDMIN 0.96 - Arbitrary File Disclosure Exploit Jamroom - 'index.php t'Local File Inclusion Jamroom - 'index.php t' Local File Inclusion W2B phpEmployment - 'conf.inc'File Disclosure W2B phpEmployment - 'conf.inc' File Disclosure phpAdBoard - 'conf.inc'Remote Config File Disclosure phpGreetCards - 'conf.inc'Config File Disclosure phpAdBoard - 'conf.inc' Remote Config File Disclosure phpGreetCards - 'conf.inc' Config File Disclosure phpAdBoardPro - 'config.inc'Config File Disclosure phpDatingClub - 'conf.inc'File Disclosure Job2C - 'conf.inc'Config File Disclosure phpAdBoardPro - 'config.inc' Config File Disclosure phpDatingClub - 'conf.inc' File Disclosure Job2C - 'conf.inc' Config File Disclosure Star Downloader Free 1.45 - '.dat'Universal SEH Overwrite Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite Destiny Media Player 1.61 - '.rdl'Local Buffer Overflow Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow Thickbox Gallery 2 - 'index.php ln'Local File Inclusion Thickbox Gallery 2 - 'index.php ln' Local File Inclusion Symantec Fax Viewer Control 10 - 'DCCFAXVW.DLL'Remote Buffer Overflow Exploit Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit Mercury Audio Player 1.21 - '.b4s'Local Stack Overflow Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow RM Downloader - '.smi'Local Stack Overflow RM Downloader - '.smi' Local Stack Overflow RM Downloader - '.smi'Universal Local Buffer Overflow RM Downloader - '.smi' Universal Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM'Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM'Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF'Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM'Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM' Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM'Local Buffer Overflow Exploit Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Exploit MPLAB IDE 8.30 - '.mcp'Universal Seh Overwrite MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite Pinnacle Studio 12 - '.hfz'Directory Traversal Pinnacle Studio 12 - '.hfz' Directory Traversal COWON America jetCast 2.0.4.1109 - '.mp3'Local Overflow COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow R2 Newsletter Lite/Pro/Stats - 'admin.mdb'Database Disclosure R2 Newsletter Lite/Pro/Stats - 'admin.mdb' Database Disclosure phpDatingClub 3.7 - SQL / Cross-Site Scripting Injection phpDatingClub 3.7 - SQL Injection / Cross-Site Scripting Injection ClearContent - 'image.php url'Remote File Inclusion / Local File Inclusion ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion DJ Calendar - 'DJcalendar.cgi TEMPLATE'File Disclosure DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure Icarus 2.0 - '.ICP'Local Stack Overflow Exploit Icarus 2.0 - '.ICP' Local Stack Overflow Exploit MixSense 1.0.0.1 DJ Studio - '.mp3'Crash Exploit MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit htmldoc 1.8.27.1 - '.html'Universal Stack Overflow htmldoc 1.8.27.1 - '.html' Universal Stack Overflow Acoustica MP3 Audio Mixer 2.471 - '.sgp'Crash Exploit Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash Exploit PHP Paid 4 Mail Script - 'paidbanner.php ID'SQL Injection PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection Microsoft Windows XP - 'win32k.sys'Privilege Escalation Microsoft Windows XP - 'win32k.sys' Privilege Escalation Portel 2008 - 'decide.php patron'Blind SQL Injection Portel 2008 - 'decide.php patron' Blind SQL Injection Microsoft Windows 2003 - '.EOT'BSOD Crash Exploit Microsoft Windows 2003 - '.EOT' BSOD Crash Exploit THOMSON ST585 - 'user.ini'Arbitrary Download THOMSON ST585 - 'user.ini' Arbitrary Download PHP Email Manager - 'remove.php ID'SQL Injection PHP Email Manager - 'remove.php ID' SQL Injection WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service War-FTPD 1.65 - (MKD/CD Requests) Denial of Service EMO Breader Manager - 'video.php movie'SQL Injection EMO Breader Manager - 'video.php movie' SQL Injection Invisible Browsing 5.0.52 - '.ibkey'Local Buffer Overflow Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow HotWeb Rentals - 'details.asp PropId'Blind SQL Injection HotWeb Rentals - 'details.asp PropId' Blind SQL Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend'Command Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection Blender 2.49b - '.blend'Remote Command Execution Blender 2.49b - '.blend' Remote Command Execution Aiocp 1.4.001 - File Inclusion AIOCP 1.4.001 - File Inclusion BibTeX - '.bib'File Handling Memory Corruption BibTeX - '.bib' File Handling Memory Corruption PHP 5.0.0 - domxml_open_file() Local Denial of Service PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service PHP 5.0.0 - simplexml_load_file() Local Denial of Service PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows Audacity 1.2.6 - '.gro'Buffer Overflow Audacity 1.2.6 - '.gro' Buffer Overflow gAlan - '.galan'Universal Buffer Overflow gAlan - '.galan' Universal Buffer Overflow ASPGuest - 'edit.asp ID'Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam'Blind SQL Injection ASPGuest - 'edit.asp ID' Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection dblog - 'dblog.mdb'Remote Database Disclosure dblog - 'dblog.mdb' Remote Database Disclosure PHP 5.0.0 - xmldocfile() Local Denial of Service PHP 5.0.0 - 'xmldocfile()' Local Denial of Service Apollo Player 37.0.0.0 - '.aap'Buffer Overflow Denial of Service Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service OpenOffice - '.slk'Parsing Null Pointer OpenOffice - '.slk' Parsing Null Pointer crownweb - 'page.cfm'SQL Injection crownweb - 'page.cfm' SQL Injection OtsTurntables Free 1.00.047 - '.olf'Universal Buffer Overflow OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg'Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow Orbital Viewer 1.04 - '.orb'Local Universal SEH Overflow Orbital Viewer 1.04 - '.orb' Local Universal SEH Overflow iPhone / iTouch FTPDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service JAD java decompiler 1.5.8g - '.class'Stack Overflow Denial of Service JAD java decompiler 1.5.8g - '.class' Stack Overflow Denial of Service Media Player 6.4.9.1 with K-Lite Codec Pack - Denial of Service/Crash '.avi' Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' Denial of Service/Crash no$gba 2.5c - '.nds'Local crash no$gba 2.5c - '.nds' Local crash Xilisoft Blackberry Ring Tone Maker - '.wma'Local Crash Xilisoft Blackberry Ring Tone Maker - '.wma' Local Crash Dualis 20.4 - '.bin'Local Daniel Of Service Dualis 20.4 - '.bin' Local Daniel Of Service DSEmu 0.4.10 - '.nds'Local Crash Exploit DSEmu 0.4.10 - '.nds' Local Crash Exploit MP3 Wav Editor 3.80 - '.mp3'Local Denial of Service MP3 Wav Editor 3.80 - '.mp3' Local Denial of Service FontForge - .BDF Font File Stack-Based Buffer Overflow FontForge - .BDF Font File Stack Based Buffer Overflow Dolphin 2.0 - '.elf'Local Daniel Of Service Dolphin 2.0 - '.elf' Local Daniel Of Service e-webtech - 'new.asp?id='SQL Injection e-webtech - 'new.asp?id=' SQL Injection SmallFTPD FTP Server 1.0.3 - DELE Command Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service RahnemaCo - page.php PageID Remote File Inclusion RahnemaCo - 'page.php' PageID Remote File Inclusion goffgrafix - Design's SQL Injection goffgrafix - Design's - SQL Injection Spaceacre - SQL / Cross-Site Scripting / HTML Injection Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection ZipExplorer 7.0 - '.zar'Denial of Service ZipExplorer 7.0 - '.zar' Denial of Service ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation iOS - Version-independent shellcode iOS - Version-independent Shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 Shellcode Win32 - SEH omelet shellcode Win32 - SEH omelet Shellcode Win32 - Connectback_ receive_ save and execute shellcode Win32 - Connectback_ receive_ save and execute Shellcode Windows XP - download and exec source shellcode Windows XP - download and exec source Shellcode Win32 XP SP3 - ShellExecuteA shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode Win32 XP SP3 - ShellExecuteA Shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) Shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 Shellcode Win32 - JITed stage-0 shellcode Win32 - JITed stage-0 Shellcode Windows - JITed egg-hunter stage-0 shellcode Windows - JITed egg-hunter stage-0 Shellcode Linux/x86 - nc -lvve/bin/sh -p13377 shellcode Linux/x86 - nc -lvve/bin/sh -p13377 Shellcode Corel VideoStudio Pro X3 - '.mp4'Buffer Overflow Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow Boat Classifieds - 'printdetail.asp?Id'SQL Injection Boat Classifieds - 'printdetail.asp?Id' SQL Injection PHPBB MOD 2.0.19 - Invitation Only (PassCode Bypass) phpBB MOD 2.0.19 - Invitation Only (PassCode Bypass) SnoGrafx - 'cat.php?cat'SQL Injection SnoGrafx - 'cat.php?cat' SQL Injection Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Mediacoder 0.7.5.4710 - ' Universal' SEH Buffer Overflow PlayPad Music Player 1.12 - '.mp3'Denial of Service PlayPad Music Player 1.12 - '.mp3' Denial of Service Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscal'l Emulation Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation xt:Commerce Gambio 2008 - 2010 - ERROR Based SQL Injection 'reviews.php' xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection CuteNews - 'index.php?page'Local File Inclusion CuteNews - 'index.php?page' Local File Inclusion Hanso Converter 1.4.0 - '.ogg'Denial of Service Hanso Converter 1.4.0 - '.ogg' Denial of Service ARM - Bindshell port 0x1337 shellcode ARM - Bind Connect UDP Port 68 shellcode ARM - Loader Port 0x1337 shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode ARM - Bindshell port 0x1337 Shellcode ARM - Bind Connect UDP Port 68 Shellcode ARM - Loader Port 0x1337 Shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode SmallFTPD 1.0.3 - Remote Directory Traversal SmallFTPd 1.0.3 - Remote Directory Traversal HtaEdit 3.2.3.0 - '.hta'Buffer Overflow HtaEdit 3.2.3.0 - '.hta' Buffer Overflow ProFTPD IAC 1.3.x - Remote Root Exploit ProFTPd IAC 1.3.x - Remote Root Exploit VbsEdit 4.7.2.0 - '.vbs'Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda'Denial of Service VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda' Denial of Service Sitefinity CMS - 'ASP.NET'Arbitrary File Upload Sitefinity CMS - 'ASP.NET' Arbitrary File Upload Native Instruments Traktor Pro 1.2.6 - Stack-based Buffer Overflow Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow ProFTPD 1.3.3c - Compromised Source Remote Root Trojan ProFTPd 1.3.3c - Compromised Source Remote Root Trojan Dejcom Market CMS - 'showbrand.aspx'SQL Injection Dejcom Market CMS - 'showbrand.aspx' SQL Injection Aesop GIF Creator 2.1 - '.aep'Buffer Overflow Aesop GIF Creator 2.1 - '.aep' Buffer Overflow Apple iPhone Safari - 'JS .'Remote Crash Apple iPhone Safari - 'JS .' Remote Crash Microsoft Windows Fax Services Cover Page Editor - '.cov'Memory Corruption Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption Win32 - speaking shellcode Win32 - speaking Shellcode ProFTPD mod_sftp - Integer Overflow Denial of Service (PoC) ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC) BWMeter 5.4.0 - '.csv'Denial of Service BWMeter 5.4.0 - '.csv' Denial of Service Magic Music Editor - '.cda'Denial of Service Magic Music Editor - '.cda' Denial of Service wu-ftpd - SITE EXEC/INDEX Format String WU-FTPD - SITE EXEC/INDEX Format String Samba - trans2open Overflow (Solaris SPARC) Samba (Solaris SPARC) - trans2open Overflow FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow Microsoft IIS 4.0 - '.htr'Path Overflow Microsoft IIS 4.0 - '.htr' Path Overflow VariCAD 2010-2.05 EN - '.DWB'Stack Buffer Overflow VariCAD 2010-2.05 EN - '.DWB' Stack Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack-based Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPD 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow PHPBB - viewtopic.php Arbitrary Code Execution phpBB - viewtopic.php Arbitrary Code Execution ProFTPD-1.3.3c - Backdoor Command Execution ProFTPd-1.3.3c - Backdoor Command Execution ABBS Electronic Flash Cards 2.1 - '.fcd'Buffer Overflow ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj'Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow Wordtrainer 3.0 - '.ord'Buffer Overflow Wordtrainer 3.0 - '.ord' Buffer Overflow PlaylistMaker 1.5 - '.txt'Buffer Overflow PlaylistMaker 1.5 - '.txt' Buffer Overflow libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow (PoC) libmodplug 0.8.8.2 - (.abc) Stack Based Buffer Overflow (PoC) MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m'Stack Buffer Overflow MJM Core Player 2011 - '.s3m'Stack Buffer Overflow MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow MJM Core Player 2011 - '.s3m' Stack Buffer Overflow Magix Musik Maker 16 - '.mmm'Stack Buffer Overflow Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow Smallftpd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 FTP Server - Denial of Service FreeAmp 2.0.7 - '.fat'Buffer Overflow FreeAmp 2.0.7 - '.fat' Buffer Overflow VSFTPD 2.3.4 - Backdoor Command Execution vsftpd 2.3.4 - Backdoor Command Execution OS-X - Universal ROP shellcode OS-X - Universal ROP Shellcode Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow Citrix XenApp / XenDesktop - Stack Based Buffer Overflow World Of Warcraft - 'chat-cache.txt'Local Stack Overflow Denial of Service World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service Wav Player 1.1.3.6 - '.pll'Buffer Overflow Wav Player 1.1.3.6 - '.pll' Buffer Overflow Norman Security Suite 8 - 'nprosec.sys'Privilege Escalation Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation Ashampoo Burning Studio Elements 10.0.9 - '.ashprj'Heap Overflow Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow Cytel Studio 9.0 - '.CY3'Stack Buffer Overflow Cytel Studio 9.0 - '.CY3' Stack Buffer Overflow Xion Audio Player 1.0.127 - '.aiff'Denial of Service Xion Audio Player 1.0.127 - '.aiff' Denial of Service SnackAmp 3.1.3 - '.aiff'Denial of Service SnackAmp 3.1.3 - '.aiff' Denial of Service PHP Ticket System Beta 1 - 'index.php p parameter'SQL Injection PHP Ticket System Beta 1 - 'index.php p parameter' SQL Injection Nokia PC Suite Video Manager 7.1.180.64 - '.mp4'Denial of Service Nokia PC Suite Video Manager 7.1.180.64 - '.mp4' Denial of Service Multimedia Builder 4.9.8 - '.mef'Denial of Service Multimedia Builder 4.9.8 - '.mef' Denial of Service Tftpd32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf'FileOpen Crash TFTPD32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf' FileOpen Crash Microsoft Wordpad 5.1 - '.doc'Null Pointer Dereference Microsoft Wordpad 5.1 - '.doc' Null Pointer Dereference Lattice Semiconductor PAC-Designer 6.21 - '.PAC'Exploit Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (1) wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (2) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (1) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (2) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPD 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Washington University wu-ftpd 2.5.0 - message Buffer Overflow Washington University WU-FTPD 2.5.0 - message Buffer Overflow GlFtpd 1.17.2 - Exploit glFTPd 1.17.2 - Exploit Oracle Outside-In - .LWP File Parsing Stack-Based Buffer Overflow Oracle Outside-In - .LWP File Parsing Stack Based Buffer Overflow wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw'Cross-Site Scripting Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw' Cross-Site Scripting Microsoft Windows Media Player 7.0 - '.wms'Arbitrary Script Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit ProFTPD 1.2 - SIZE Remote Denial of Service ProFTPd 1.2 - SIZE Remote Denial of Service Microsoft Windows Media Player 7.0 - '.wmz'Arbitrary Java Applet Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet wu-ftpd 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion Wu-Ftpd 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String Joe Text Editor 2.8 - '.joerc'Arbitrary Command Execution Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal WhitSoft slimserve ftpd 1.0/2.0 - Directory Traversal wu-ftpd 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPD 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion freebsd 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities FreeBSD 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities raidenftpd 2.1 - Directory Traversal RaidenFTPd 2.1 - Directory Traversal AV Arcade Free Edition - 'add_rating.php id parameter'Blind SQL Injection AV Arcade Free Edition - 'add_rating.php id parameter' Blind SQL Injection Solaris 2.6/7/8 - SPARC xlock Heap Overflow Solaris 2.6/7/8 -(SPARC) xlock Heap Overflow glFTPD 1.x - LIST Denial of Service glFTPd 1.x - 'LIST' Denial of Service Wu-Ftpd 2.6 - File Globbing Heap Corruption WU-FTPD 2.6 - File Globbing Heap Corruption Joomla RokModule Component - 'index.php module parameter'Blind SQL Injection Joomla RokModule Component - 'index.php module parameter' Blind SQL Injection PHPWebsite 0.8.2 - PHP File Include phpWebSite 0.8.2 - PHP File Include PHPWebSite 0.8.3 - News Message HTML Injection phpWebSite 0.8.3 - News Message HTML Injection PHPWebSite 0.8.3 - article.php Cross-Site Scripting phpWebSite 0.8.3 - article.php Cross-Site Scripting PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion phpBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion PHPBB 2.0.3 - search.php Cross-Site Scripting phpBB 2.0.3 - search.php Cross-Site Scripting ProFTPD 1.2.x - STAT Command Denial of Service ProFTPd 1.2.x - STAT Command Denial of Service Joomla Tags - 'index.php tag parameter'SQL Injection Joomla Tags - 'index.php tag parameter' SQL Injection Joomla Commedia Plugin - 'index.php task parameter'SQL Injection Joomla Kunena Component - 'index.php search parameter'SQL Injection Joomla Commedia Plugin - 'index.php task parameter' SQL Injection Joomla Kunena Component - 'index.php search parameter' SQL Injection PHPBB 2.0.3 - privmsg.php SQL Injection phpBB 2.0.3 - privmsg.php SQL Injection Joomla Spider Catalog - 'index.php product_id parameter'SQL Injection Joomla Spider Catalog - 'index.php product_id parameter' SQL Injection Battleaxe Software BTTLXE Forum - login.asp SQL Injection Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection SudBox Boutique 1.2 - login.php Authentication Bypass SudBox Boutique 1.2 - 'login.php' Authentication Bypass friendsinwar FAQ Manager - 'view_faq.php question parameter'SQL Injection friendsinwar FAQ Manager - 'view_faq.php question parameter' SQL Injection GuildFTPD 0.999.8 - CWD Command Denial of Service GuildFTPd 0.999.8 - CWD Command Denial of Service ProductCart 1.5/1.6/2.0 - login.asp SQL Injection ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection SmartCMS - 'index.php idx parameter'SQL Injection SmartCMS - 'index.php idx parameter' SQL Injection mcrypt 2.6.8 - stack-based Buffer Overflow (PoC) mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC) wu-ftpd 2.6.2 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 - realpath() Off-by-One Buffer Overflow wu-ftpd 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow freeBSD 4.8 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow SmartCMS - 'index.php menuitem parameter'SQL Injection / Cross-Site Scripting SmartCMS - 'index.php menuitem parameter' SQL Injection / Cross-Site Scripting FreeFTPD - Remote Authentication Bypass Exploit freeFTPd - Remote Authentication Bypass Exploit PHPBB 2.0.6 - URL BBCode HTML Injection phpBB 2.0.6 - URL BBCode HTML Injection wzdftpd 0.1 rc5 - Login Remote Denial of Service ProFTPD 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun WzdFTPD 0.1 rc5 - Login Remote Denial of Service ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun PHPBB 2.0.x - profile.php SQL Injection phpBB 2.0.x - profile.php SQL Injection PHPBB 2.0.6 - privmsg.php Cross-Site Scripting phpBB 2.0.6 - privmsg.php Cross-Site Scripting Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET'Arbitrary File Upload Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload MyBB AwayList Plugin - 'index.php id parameter'SQL Injection MyBB AwayList Plugin - 'index.php id parameter' SQL Injection SmallFTPD 1.0.3 - Remote Denial of Service SmallFTPd 1.0.3 - Remote Denial of Service MyBB - 'editpost.php posthash'SQL Injection Joomla Spider Calendar - 'index.php date parameter'Blind SQL Injection MyBB - 'editpost.php posthash' SQL Injection Joomla Spider Calendar - 'index.php date parameter' Blind SQL Injection Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting PHPBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection phpBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection Inmatrix Ltd. Zoom Player 8.5 - '.jpeg'Exploit Inmatrix Ltd. Zoom Player 8.5 - '.jpeg' Exploit PHPBB 2.0.x - album_portal.php Remote File Inclusion phpBB 2.0.x - album_portal.php Remote File Inclusion PHPBB 2.0.x - viewtopic.php PHP Script Injection phpBB 2.0.x - viewtopic.php PHP Script Injection JShop E-Commerce Suite 3.0 - page.php Cross-Site Scripting JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting NullSoft Winamp 2-5 - '.wsz'Remote Code Execution NullSoft Winamp 2-5 - '.wsz' Remote Code Execution phpWebsite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting Scripts Genie Gallery Personals - 'gallery.php L parameter'SQL Injection Scripts Genie Gallery Personals - 'gallery.php L parameter' SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter'SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter' SQL Injection Scripts Genie Games Site Script - 'index.php id parameter'SQL Injection Scripts Genie Games Site Script - 'index.php id parameter' SQL Injection Photodex ProShow Producer 5.0.3297 - '.pxs'Memory Corruption Exploit Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit Scripts Genie Top Sites - 'out.php id parameter'SQL Injection Scripts Genie Top Sites - 'out.php id parameter' SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter'SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter' SQL Injection W-Agora 4.1.6 - a login.php loginuser Parameter Cross-Site Scripting W-Agora 4.1.6 - a 'login.php' loginuser Parameter Cross-Site Scripting PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack-Based Buffer Overflow Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Based Buffer Overflow PHPBB 2.0.x - admin_cash.php Remote PHP File Include phpBB 2.0.x - admin_cash.php Remote PHP File Include UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter Cross-Site Scripting UBBCentral UBB.threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Newlanguage Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting Rebus:list - 'list.php list_id parameter'SQL Injection Rebus:list - 'list.php list_id parameter' SQL Injection SynConnect Pms - 'index.php loginid parameter'SQL Injection SynConnect Pms - 'index.php loginid parameter' SQL Injection Groovy Media Player 3.2.0 - '.mp3'Buffer Overflow Groovy Media Player 3.2.0 - '.mp3' Buffer Overflow glFTPD 1.x/2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities PHPWebSite 0.x - Image File Processing Arbitrary PHP File Upload phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload PHPBB 2.0.x - Authentication Bypass (1) PHPBB 2.0.x - Authentication Bypass (2) PHPBB 2.0.x - Authentication Bypass (3) phpBB 2.0.x - Authentication Bypass (1) phpBB 2.0.x - Authentication Bypass (2) phpBB 2.0.x - Authentication Bypass (3) PHPCOIN 1.2 - login.php Multiple Parameter Cross-Site Scripting PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow PHPBB 2.0.13 DLMan Pro Module - SQL Injection PHPBB 2.0.13 Linkz Pro Module - SQL Injection phpBB 2.0.13 DLMan Pro Module - SQL Injection phpBB 2.0.13 Linkz Pro Module - SQL Injection PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting phpBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter'SQL Injection Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter' SQL Injection PHPBB Remote - mod.php SQL Injection Datenbank Module For PHPBB - Remote mod.php Cross-Site Scripting phpBB Remote - mod.php SQL Injection Datenbank Module For phpBB - Remote mod.php Cross-Site Scripting PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection RaidenFTPD 2.4 - Unauthorized File Access RaidenFTPd 2.4 - Unauthorized File Access CartWIZ 1.10 - login.asp Redirect Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting CartWIZ 1.10 - login.asp Message Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting PHPBB 2.0.x - profile.php Cross-Site Scripting PHPBB 2.0.x - viewtopic.php Cross-Site Scripting phpBB 2.0.x - profile.php Cross-Site Scripting phpBB 2.0.x - viewtopic.php Cross-Site Scripting Notes Module for PHPBB - SQL Injection Notes Module for phpBB - SQL Injection PHPCOIN 1.2 - login.php PHPcoinsessid Parameter SQL Injection PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection CodetoSell ViArt Shop Enterprise 2.1.6 - page.php page Parameter Cross-Site Scripting CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting PHPBB 2.0.x - URL Tag BBCode.php phpBB 2.0.x - URL Tag BBCode.php Active News Manager - login.asp SQL Injection Active News Manager - 'login.asp' SQL Injection FunkyASP AD Systems 1.1 - login.asp SQL Injection FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow OS4E - login.asp SQL Injection OS4E - 'login.asp' SQL Injection JiRo's Upload System 1.0 - login.asp SQL Injection NEXTWEB - (i)Site login.asp SQL Injection JiRo's Upload System 1.0 - 'login.asp' SQL Injection NEXTWEB - (i)Site 'login.asp' SQL Injection Livingcolor Livingmailing 1.3 - login.asp SQL Injection Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection WWWeb Concepts Events System 1.0 - login.asp SQL Injection WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection Cool Cafe Chat 1.2.1 - login.asp SQL Injection Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection LaGarde StoreFront 5.0 Shopping Cart - login.asp SQL Injection LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection PHPWebsite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal phpWebSite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal Cuppa CMS - 'alertConfigField.php urlConfig parameter'Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php urlConfig parameter' Remote / Local File Inclusion VBZoom 1.0/1.11 - login.php UserID Parameter Cross-Site Scripting VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting PHP Lite Calendar Express 2.2 - login.php cid Parameter SQL Injection PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection ATutor 1.5.1 - login.php course Parameter Cross-Site Scripting ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting Adrenalin Player 2.2.5.3 - '.wax'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow PHPwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access PHPwcms 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access AVS Media Player 4.1.11.100 - '.ac3'Denial of Service AVS Media Player 4.1.11.100 - '.ac3' Denial of Service Adrenalin Player 2.2.5.3 - '.wvx'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow WinAmp 5.63 - Stack-based Buffer Overflow WinAmp 5.63 - Stack Based Buffer Overflow PHPX 3.5.x - Admin login.php SQL Injection PHPX 3.5.x - Admin 'login.php' SQL Injection DRZES Hms 3.2 - login.php Cross-Site Scripting DRZES Hms 3.2 - 'login.php' Cross-Site Scripting PortalApp 3.3/4.0 - login.asp Cross-Site Scripting SiteEnable 3.3 - login.asp Cross-Site Scripting IntranetApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting PortalApp 3.3/4.0 - 'login.asp' Cross-Site Scripting SiteEnable 3.3 - 'login.asp' Cross-Site Scripting IntranetApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting VbsEdit 5.9.3 - '.smi'Buffer Overflow VbsEdit 5.9.3 - '.smi' Buffer Overflow Artweaver 3.1.5 - '.awd'Buffer Overflow Artweaver 3.1.5 - '.awd' Buffer Overflow XnView 2.03 - '.pct'Buffer Overflow XnView 2.03 - '.pct' Buffer Overflow aoblogger 2.3 - login.php username Field SQL Injection aoblogger 2.3 - 'login.php' username Field SQL Injection WebspotBlogging 3.0 - login.php SQL Injection WebspotBlogging 3.0 - 'login.php' SQL Injection miniBloggie 1.0 - login.php SQL Injection miniBloggie 1.0 - 'login.php' SQL Injection ASPThai Forums 8.0 - login.asp SQL Injection ASPThai Forums 8.0 - 'login.asp' SQL Injection Windows RT ARM - Bind Shell (Port 4444) shellcode Windows RT ARM - Bind Shell (Port 4444) Shellcode Virtual Hosting Control System 2.2/2.4 - login.php check_login() Function Authentication Bypass Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass Siteframe Beaumont 5.0.1/5.0.2 - page.php HTML Injection Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection Ginkgo CMS - 'index.php rang parameter'SQL Injection Ginkgo CMS - 'index.php rang parameter' SQL Injection Game-Panel 2.6 - login.php Cross-Site Scripting Game-Panel 2.6 - 'login.php' Cross-Site Scripting QwikiWiki 1.4/1.5 - login.php Multiple Parameter Cross-Site Scripting QwikiWiki 1.4/1.5 - 'login.php' Multiple Parameter Cross-Site Scripting PHPWebsite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection PHPWebsite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection PhxContacts 0.93 - login.php Cross-Site Scripting PhxContacts 0.93 - 'login.php' Cross-Site Scripting MLMAuction Script - 'gallery.php id parameter'SQL Injection MLMAuction Script - 'gallery.php id parameter' SQL Injection RedCMS 0.1 - login.php Multiple Parameter SQL Injection RedCMS 0.1 - 'login.php' Multiple Parameter SQL Injection ShopWeezle 2.0 - login.php itemID Parameter SQL Injection ShopWeezle 2.0 - 'login.php' itemID Parameter SQL Injection ContentBoxx - login.php Cross-Site Scripting ContentBoxx - 'login.php' Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter SQL Injection phpBB Chart Mod 1.1 - charts.php id Parameter SQL Injection PHPBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion JSBoard 2.0.10/2.0.11 - login.php Cross-Site Scripting JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting CyberBuild - login.asp SessionID Parameter SQL Injection CyberBuild - 'login.asp' SessionID Parameter SQL Injection CyberBuild - login.asp SessionID Parameter Cross-Site Scripting CyberBuild - 'login.asp' SessionID Parameter Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting phpBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting PHPBB 2.0.20 - Unauthorized HTTP Proxy phpBB 2.0.20 - Unauthorized HTTP Proxy PHPBB 2.0.x - template.php Remote File Inclusion phpBB 2.0.x - template.php Remote File Inclusion PHPBB - BBRSS.php Remote File Inclusion RahnemaCo - page.php Remote File Inclusion phpBB - BBRSS.php Remote File Inclusion RahnemaCo - 'page.php' Remote File Inclusion BlueDragon Server 6.2.1 - '.cfm'Denial of Service BlueDragon Server 6.2.1 - '.cfm' Denial of Service MyMail 1.0 - login.php Cross-Site Scripting MyMail 1.0 - 'login.php' Cross-Site Scripting Woltlab Burning Board FLVideo Addon - 'video.php value parameter'SQL Injection Woltlab Burning Board FLVideo Addon - 'video.php value parameter' SQL Injection PHPBB 1.2.4 For Mambo - Multiple Remote File Inclusion phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion PHPbb-auction 1.x - auction_room.php ar Parameter SQL Injection PHPbb-auction 1.x - auction_store.php u Parameter SQL Injection phpBB-auction 1.x - auction_room.php ar Parameter SQL Injection phpBB-auction 1.x - auction_store.php u Parameter SQL Injection Linux/x86 - Multi-Egghunter shellcode Linux/x86 - Multi-Egghunter Shellcode Jamroom 3.0.16 - login.php Cross-Site Scripting Jamroom 3.0.16 - 'login.php' Cross-Site Scripting DCP-Portal 6.0 - login.php username Parameter SQL Injection DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection PhpBB XS 0.58 - Multiple Remote File Inclusion phpBB XS 0.58 - Multiple Remote File Inclusion AckerTodo 4.2 - login.php Multiple SQL Injection AckerTodo 4.2 - 'login.php' Multiple SQL Injection PHPWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion PHPBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico'Buffer Overflow phpBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico' Buffer Overflow Evandor Easy notesManager 0.0.1 - login.php username Parameter SQL Injection Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php Multiple Parameter Cross-Site Scripting AIOCP 1.3.x - cp_dpage.php choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - cp_show_ec_products.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_links_search.php orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion AIOCP 1.3.x - cp_dpage.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_edit_user.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_contact_us.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_login.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_users_online.php order_field Parameter SQL Injection AIOCP 1.3.x - cp_codice_fiscale.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_links_search.php orderdir Parameter SQL Injection AIOCP 1.3.x - cp_dpage.php Full Path Disclosure AIOCP 1.3.x - cp_show_ec_products.php Full Path Disclosure AIOCP 1.3.x - cp_show_page_help.php Full Path Disclosure AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting Windows x86 - Persistent Reverse Shell TCP (494 Bytes) AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure INFINICART - login.asp Multiple Parameter Cross-Site Scripting INFINICART - 'login.asp' Multiple Parameter Cross-Site Scripting Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion SIAP CMS - login.asp SQL Injection SIAP CMS - 'login.asp' SQL Injection AppIntellect SpotLight CRM - login.asp SQL Injection AppIntellect SpotLight CRM - 'login.asp' SQL Injection DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection PHPBB 2.0.21 - privmsg.php HTML Injection phpBB 2.0.21 - privmsg.php HTML Injection Indexu 5.0/5.3 - login.php error_msg Parameter Cross-Site Scripting Indexu 5.0/5.3 - 'login.php' error_msg Parameter Cross-Site Scripting myBloggie 2.1.5 - login.php PATH_INFO Parameter Cross-Site Scripting myBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Avira Secure Backup 1.0.0.1 Build 3616 - '.reg'Buffer Overflow Avira Secure Backup 1.0.0.1 Build 3616 - '.reg' Buffer Overflow Boilsoft RM TO MP3 Converter 1.72 - Crash PoC '.wav' Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC Tyger Bug Tracking System 1.1.3 - login.php PATH_INFO Parameter Cross-Site Scripting Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Horde Framework 3.1.3 - login.php Cross-Site Scripting Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting PHPStats 0.1.9 - Multiple SQL Injections PHPStats 0.1.9 - PHP-Stats-options.php Remote Code Execution phpStats 0.1.9 - Multiple SQL Injections phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion Free File Hosting System 1.1 - 'login.php' AD_BODY_TEMP Parameter Remote File Inclusion DeskPro 2.0.1 - login.php HTML Injection DeskPro 2.0.1 - 'login.php' HTML Injection plesk 8.1.1 - login.php3 Directory Traversal plesk 8.1.1 - 'login.php3' Directory Traversal Ahhp Portal - page.php Multiple Remote File Inclusion Ahhp Portal - 'page.php' Multiple Remote File Inclusion Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion PHPPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting Maia Mailguard 1.0.2 - login.php Multiple Local File Inclusion Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusion Nukedit 4.9.x - login.asp Cross-Site Scripting Nukedit 4.9.x - 'login.asp' Cross-Site Scripting Pay Roll Time Sheet and Punch Card Application With Web UI - login.asp SQL Injection Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp'Version Attribute Buffer Overflow RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow PHPGedView 4.1 - login.php Cross-Site Scripting PHPGedView 4.1 - 'login.php' Cross-Site Scripting E-Smart Cart 1.0 - login.asp SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow E-Smart Cart 1.0 - 'login.asp' SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection AfterLogic MailBee WebMail Pro 3.x - login.php mode Parameter Cross-Site Scripting AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting JiRo's Banner System 2.0 - login.asp Multiple SQL Injection JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection WinUAE 1.4.4 - 'zfile.c' Stack-Based Buffer Overflow WinUAE 1.4.4 - 'zfile.c' Stack Based Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color() MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color() Android Web Browser - GIF File Heap-Based Buffer Overflow Android Web Browser - GIF File Heap Based Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP'Project File Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow PHPstats 0.1_alpha - 'PHPstats.php' Cross-Site Scripting phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting Publish-It 3.6d - '.pui'SEH Buffer Overflow Publish-It 3.6d - '.pui' SEH Buffer Overflow LeadTools Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities PHPBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion LeadTools Multimedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion PHPBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion EsContacts 1.0 - login.php msg Parameter Cross-Site Scripting EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting NASA Ames Research Center BigView 1.8 - '.PNM'Stack-Based Buffer Overflow NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter'SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter' SQL Injection VCDGear 3.50 - '.cue'Stack Buffer Overflow VCDGear 3.50 - '.cue' Stack Buffer Overflow FaName 1.0 - page.php name Parameter Cross-Site Scripting FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - login.php Multiple Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - 'login.php' Multiple Parameter Cross-Site Scripting Claroline 1.8.9 - PHPbb/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/reply.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/viewtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting Trixbox - 'endpoint_aastra.php mac parameter'Remote Code Injection Trixbox - 'endpoint_aastra.php mac parameter' Remote Code Injection Free Download Manager - Stack-based Buffer Overflow Free Download Manager - Stack Based Buffer Overflow XRms 1.99.2 - login.php target Parameter Cross-Site Scripting XRms 1.99.2 - 'login.php' target Parameter Cross-Site Scripting Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service Microsoft DebugDiag 1.0 - ' CrashHangExt.dll' ActiveX Control Remote Denial of Service PHPWebSite 0.9.3 - 'links.php' SQL Injection phpWebSite 0.9.3 - 'links.php' SQL Injection Easyedit CMS - page.php intPageID Parameter SQL Injection Easyedit CMS - 'page.php' intPageID Parameter SQL Injection aMSN - '.ctt'Remote Denial of Service aMSN - '.ctt' Remote Denial of Service 68 Classifieds 4.1 - login.php goto Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting ProFTPD 1.3 - 'mod_sql' Username SQL Injection ProFTPd 1.3 - 'mod_sql' Username SQL Injection LinPHA 1.3.2/1.3.3 - login.php Cross-Site Scripting LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting Recover Data for Novell Netware 1.0 - '.sav'Remote Denial of Service Recover Data for Novell Netware 1.0 - '.sav' Remote Denial of Service J. River Media Jukebox 12 - '.mp3'Remote Heap Buffer Overflow J. River Media Jukebox 12 - '.mp3' Remote Heap Buffer Overflow Invision Power Board 3.0.3 - '.txt'MIME-Type Cross-Site Scripting Invision Power Board 3.0.3 - '.txt' MIME-Type Cross-Site Scripting OpenOffice 3.1 - '.csv'Remote Denial of Service OpenOffice 3.1 - '.csv' Remote Denial of Service OpenOffice 3.1 - '.slk'NULL Pointer Dereference Remote Denial of Service OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service BS.Player 2.51 - '.mp3'Buffer Overflow BS.Player 2.51 - '.mp3' Buffer Overflow netKar PRO 1.1 - '.nkuser'File Creation NULL Pointer Denial Of Service netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service Aqua Real Screensaver - '.ar'Buffer Overflow Aqua Real Screensaver - '.ar' Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3'Remote Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow Sonique 2.0 - '.xpl'Remote Stack-Based Buffer Overflow Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow Property Watch - login.php redirect Parameter Cross-Site Scripting Property Watch - 'login.php' redirect Parameter Cross-Site Scripting Xilisoft Video Converter 3.1.8.0720b - '.ogg'Buffer Overflow Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow Mulitple Wordpress Themes - 'admin-ajax.php img parameter'Arbitrary File Download Mulitple Wordpress Themes - 'admin-ajax.php img parameter' Arbitrary File Download Crystal Player 1.98 - '.mls'Buffer Overflow Crystal Player 1.98 - '.mls' Buffer Overflow Wordpress Acento Theme - 'view-pdf.php file parameter'Arbitrary File Download Wordpress Acento Theme - 'view-pdf.php file parameter' Arbitrary File Download GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution DragDropCart - login.php redirect Parameter Cross-Site Scripting DragDropCart - 'login.php' redirect Parameter Cross-Site Scripting Microsoft Bluetooth Personal Area Networking - 'BthPan.sys'Privilege Escalation Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation WordPress RB Agency Plugin 2.4.7 - Local File Disclosure Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'Buffer Overflow/Denial of Service EIP Overwrite Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite Wireshark 1.4.3 - '.pcap'Memory Corruption Wireshark 1.4.3 - '.pcap' Memory Corruption Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'SEH Buffer Overflow Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf'Remote Buffer Overflow DivX Player 6.x - '.dps'Remote Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow DivX Player 6.x - '.dps' Remote Buffer Overflow VLC Media Player 1.0.5 - '.ape'Denial of Service VLC Media Player 1.0.5 - '.ape' Denial of Service RealPlayer 11 - '.rmp'Remote Buffer Overflow RealPlayer 11 - '.rmp' Remote Buffer Overflow Advantech AdamView 4.30.003 - '.gni'SEH Buffer Overflow Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f'Remote Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow eXPert PDF 7.0.880.0 - '.pj'Heab-based Buffer Overflow eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack Based Buffer Overflow PHPWebSite 1.7.1 - 'upload.php' Arbitrary File Upload phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution PHPWebSite 1.7.1 - 'mod.php' SQL Injection phpWebSite 1.7.1 - 'mod.php' SQL Injection Linux/x86 - custom execve-shellcode Encoder/Decoder Linux/x86 - custom execve-Shellcode Encoder/Decoder ProFTPd 1.3.5 (mod_copy) - Remote Command Execution ProFTPd 1.3.5 - (mod_copy) Remote Command Execution ProFTPD 1.3.5 - Mod_Copy Command Execution ProFTPd 1.3.5 - 'Mod_Copy' Command Execution Linux/x86 - Download & Execute shellcode Linux/x86 - Download & Execute Shellcode Adobe Flash - Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File Valhala Honeypot 1.8 - Stack-Based Buffer Overflow Valhala Honeypot 1.8 - Stack Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass WebKit Cross-Site Scripting Filter - ' Cross-Site ScriptingAuditor.cpp' Security Bypass Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow Mpxplay Multimedia Commander 2.00a - .m3u Stack Based Buffer Overflow Linux/x86-64 - /bin/sh shellcode Linux/x86-64 - /bin/sh Shellcode Last PassBroker 3.2.16 - Stack-Based Buffer Overflow Last PassBroker 3.2.16 - Stack Based Buffer Overflow C2 WebResource - 'File' Parameter Cross-Site Scripting C2 WebResource - ' File' Parameter Cross-Site Scripting SmallFTPD - Unspecified Denial of Service SmallFTPd - Unspecified Denial of Service VLC 2.2.1 libvlccore - '.mp3'Stack Overflow VLC 2.2.1 libvlccore - '.mp3' Stack Overflow FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read FBZX 2.10 - Local Stack-Based Buffer Overflow FBZX 2.10 - Local Stack Based Buffer Overflow TACK 1.07 - Local Stack-Based Buffer Overflow TACK 1.07 - Local Stack Based Buffer Overflow Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp Multiple Field SQL Injection Authentication Bypass Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass Wireshark - iseries_parse_packet Heap-Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow Wireshark - iseries_parse_packet Heap Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow Wireshark - find_signature Stack-Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow Wireshark - getRate Stack-Based Out-of-Bounds Read Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow Wireshark - find_signature Stack Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow Wireshark - getRate Stack Based Out-of-Bounds Read Adobe Flash TextField.variable Setter - Use-After-Free Adobe Flash TextField.Variable Setter - Use-After-Free Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read eshtery CMS - 'FileManager.aspx' Local File Disclosure eshtery CMS - ' FileManager.aspx' Local File Disclosure pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read pdfium CPDF_Function::Call - Stack-Based Buffer Overflow pdfium CPDF_Function::Call - Stack Based Buffer Overflow MySQL 5.5.45 (64bit) - Local Credentials Disclosure pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read Tftpd32 and Tftpd64 - Denial Of Service TFTPD32 and Tftpd64 - Denial Of Service glibc - getaddrinfo Stack-Based Buffer Overflow glibc - getaddrinfo Stack Based Buffer Overflow Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow libxml2 - xmlDictAddString Heap-Based Buffer Overread libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread libxml2 - htmlCurrentChar Heap-Based Buffer Overread Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow libxml2 - xmlDictAddString Heap Based Buffer Overread libxml2 - xmlParseEndTag2 Heap Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap Based Buffer Overread libxml2 - htmlCurrentChar Heap Based Buffer Overread Kamailio 4.3.4 - Heap-Based Buffer Overflow Kamailio 4.3.4 - Heap Based Buffer Overflow Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow Wireshark - dissect_2008_16_security_4 Stack Based Buffer Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow NRSS Reader 0.3.9 - Local Stack-Based Overflow NRSS Reader 0.3.9 - Local Stack Based Overflow Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap-Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads Graphite2 - GlyphCache::GlyphCache Heap Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Based Memory Corruption Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) PHP 5.0.0 - imap_mail() Local Denial of Service PHP 5.0.0 - 'imap_mail()' Local Denial of Service PHP 5.0.0 - html_doc_file() Local Denial of Service PHP 5.0.0 - 'html_doc_file()' Local Denial of Service	2016-09-06 05:08:08 +00:00
Offensive Security	51bcf38036	DB: 2016-09-05 1 new exploits Too many to list!	2016-09-05 05:09:09 +00:00
Offensive Security	b2749125b0	DB: 2016-09-04	2016-09-04 05:08:08 +00:00
Offensive Security	5e2fc10125	DB: 2016-09-03	2016-09-03 13:13:25 +00:00
Offensive Security	31a21bb68d	DB: 2016-09-03 14 new exploits Too many to list!	2016-09-03 05:08:42 +00:00
Offensive Security	f96ddba143	DB: 2016-09-02 2 new exploits SAPID Blog beta 2 - (root_path) Remote File Inclusion SAPID Gallery 1.0 - (root_path) Remote File Inclusion SAPID Shop 1.2 - (root_path) Remote File Inclusion SAPID Blog beta 2 - (root_path) Remote File Inclusion SAPID Gallery 1.0 - (root_path) Remote File Inclusion SAPID Shop 1.2 - (root_path) Remote File Inclusion PHPCodeCabinet 0.5 - (Core.php) Remote File Inclusion phNNTP 1.3 - (article-raw.php) Remote File Inclusion Cwfm 0.9.1 - (Language) Remote File Inclusion PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow PoC Cwfm 0.9.1 - (Language) Remote File Inclusion PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow PoC PgMarket 2.2.3 - (CFG[libdir]) Remote File Inclusion PHPMyRing 4.2.0 - (view_com.php) SQL Injection SAPID CMS 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit phpwcms 1.1-RC4 - (spaw) Remote File Inclusion Spaminator 1.7 - (page) Remote File Inclusion Thatware 0.4.6 - (root_path) Remote File Inclusion Spaminator 1.7 - (page) Remote File Inclusion Thatware 0.4.6 - (root_path) Remote File Inclusion phpPrintAnalyzer 1.2 - Remote File Inclusion Wheatblog 1.1 - (session.php) Remote File Inclusion phPay 2.02 - (nu_mail.inc.php) Remote mail() Injection Exploit WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload FortiClient SSLVPN 5.4 - Credentials Disclosure	2016-09-02 05:08:35 +00:00
Offensive Security	3a2154afbd	DB: 2016-09-01 15 new exploits WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload PHP 5.0.0 - snmpwalkoid() Local Denial of Service PHP 5.0.0 - fbird_[p]connect() Local Denial of Service PHP 5.0.0 - snmpwalk() Local Denial of Service PHP 5.0.0 - snmprealwalk() Local Denial of Service PHP 5.0.0 - snmpset() Local Denial of Service PHP 7.0 - AppendIterator::append Local Denial of Service ZKTeco ZKTime.Net 3.0.1.6 - Insecure File Permissions Privilege Escalation ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery ZKTeco ZKBioSecurity 3.0 - Directory Traversal ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service	2016-09-01 05:08:40 +00:00
Offensive Security	1f0c845486	DB: 2016-08-31 3 new exploits Too many to list!	2016-08-31 05:07:37 +00:00
Offensive Security	760d823bc8	DB: 2016-08-30 18 new exploits Too many to list!	2016-08-30 05:08:40 +00:00
Offensive Security	4011b4f053	DB: 2016-08-27	2016-08-27 05:08:40 +00:00
Offensive Security	9be5679994	DB: 2016-08-26 1 new exploits Too many to list!	2016-08-26 05:06:52 +00:00
Offensive Security	8650c53f70	DB: 2016-08-25	2016-08-25 10:41:52 +00:00
Offensive Security	4c43b1da2b	DB: 2016-08-25	2016-08-25 05:07:18 +00:00
Offensive Security	6be90e9280	DB: 2016-08-24 5 new exploits Too many to list!	2016-08-24 05:06:46 +00:00
Offensive Security	0be2139745	DB: 2016-08-23 7 new exploits Too many to list!	2016-08-23 05:06:48 +00:00
Offensive Security	a1d85642d6	DB: 2016-08-22	2016-08-22 05:08:19 +00:00
Offensive Security	32bd251480	DB: 2016-08-20 17 new exploits Too many to list!	2016-08-20 05:06:28 +00:00

... 3 4 5 6 7 ...

1192 commits