1edbc5ecc4
14 new exploits Microsoft Windows - Metafile (.WMF) Remote File Download Exploit Generator Microsoft Windows - Metafile '.WMF' Arbitrary File Download (Generator) Redaxo CMS 3.2 - 'INCLUDE_PATH' Remote File Inclusion Redaxo 3.2 - 'INCLUDE_PATH' Remote File Inclusion Mambo Component com_loudmouth 4.0j - Remote File Inclusion Mambo Component com_loudmouth 4.0j - Remote File Inclusion Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download Sisfo Kampus 2006 - 'dwoprn.php f' Arbitrary File Download Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection Joomla! / Mambo Component com_catalogproduction - 'id' SQL Injection Joomla! / Mambo Component 'com_catalogproduction' - 'id' SQL Injection Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit Megacubo 5.0.7 - 'mega://' Arbitrary File Download and Execute DMXReady SDK 1.1 - Remote File Download DMXReady SDK 1.1 - Arbitrary File Download Joomla! 1.5.12 RCE via TinyMCE - Arbitrary File Upload Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload) Joomla! Component Jw_allVideos - Remote File Download Joomla! Component Jw_allVideos - Arbitrary File Download Trouble Ticket Software - ttx.cgi Remote File Download Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download Redaxo CMS 4.2.1 - Remote File Inclusion Redaxo 4.2.1 - Remote File Inclusion Joomla! Component Music Manager - Local File Inclusion Joomla! Component 'Music Manager' - Local File Inclusion Joomla! Component NeoRecruit (com_neorecruit Itemid) - Blind SQL Injection Joomla! Component 'com_neorecruit' - 'Itemid' Parameter Blind SQL Injection Joomla! Component artforms 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component PaymentsPlus - Mtree 2.1.5 - Blind SQL Injection Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component 'PaymentsPlus' 2.1.5 - Blind SQL Injection Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting Joomla! Component IXXO Cart - SQL Injection Joomla! Component com_jomtube - (user_id) Blind SQL Injection / SQL Injection Joomla! Component redSHOP 1.0 (com_redshop pid) - SQL Injection Joomla! Component QuickFAQ (com_quickfaq) - Blind SQL Injection Joomla! Component 'Minify4Joomla' - Arbitrary File Upload / Persistent Cross-Site Scripting Joomla! Component 'IXXO Cart' - SQL Injection Joomla! Component 'com_jomtube' - 'user_id' Parameter Blind SQL Injection Joomla! Component 'com_redshop' 1.0 - 'pid' Parameter SQL Injection Joomla! Component 'com_quickfaq' - Blind SQL Injection Joomla! Component MyHome (com_myhome) - Blind SQL Injection Joomla! Component MySms (com_mysms) - Arbitrary File Upload Joomla! Component Health & Fitness Stats - Persistent Cross-Site Scripting Joomla! Component 'com_myhome' - Blind SQL Injection Joomla! Component 'com_mysms' - Arbitrary File Upload Joomla! Component 'healthstats' - Persistent Cross-Site Scripting Joomla! Component Rapid Recipe - Persistent Cross-Site Scripting Joomla! Component 'Rapid-Recipe' - Persistent Cross-Site Scripting Joomla! Component EasyBlog - Persistent Cross-Site Scripting Joomla! Component 'EasyBlog' - Persistent Cross-Site Scripting Joomla! Component QContacts (com_qcontacts) - SQL Injection Joomla! Component 'com_qcontacts' - SQL Injection Joomla! Component RedShop 1.0.23.1 - Blind SQL Injection Joomla! Component 'com_redshop' 1.0.23.1 - Blind SQL Injection Joomla! Component com_spa - SQL Injection (2) Joomla! Component com_staticxt - SQL Injection Joomla! Component 'com_spa' - SQL Injection (2) Joomla! Component 'com_staticxt' - SQL Injection Joomla! Component com_spa - SQL Injection (1) Joomla! Component 'com_spa' - SQL Injection (1) Joomla! Component com_golfcourseguide) 0.9.6.0 (Beta) / 1 (Beta - SQL Injection Joomla! Component com_huruhelpdesk - SQL Injection Joomla! Component com_iproperty - SQL Injection Joomla! Component 'com_golfcourseguide' 0.9.6.0 - SQL Injection Joomla! Component 'com_huruhelpdesk' - SQL Injection Joomla! Component 'com_iproperty' - SQL Injection Joomla! Component Ozio Gallery (com_oziogallery) - SQL Injection Joomla! Component ITArmory (com_itarmory) - SQL Injection Joomla! Component 'com_oziogallery' - SQL Injection Joomla! Component 'com_itarmory' - SQL Injection Joomla! Component com_joomdle) 0.24 - SQL Injection Joomla! Component com_youtube - SQL Injection Joomla! Component 'com_joomdle' 0.24 - SQL Injection Joomla! Component 'com_youtube' - SQL Injection Joomla! Component com_Joomla-visites - Remote File Inclusion Joomla! Component 'com_Joomla-visites' - Remote File Inclusion Joomla! Component TTVideo 1.0 - SQL Injection Joomla! Component 'com_ttvideo' 1.0 - SQL Injection Joomla! Component appointinator 1.0.1 - Multiple Vulnerabilities Joomla! Component 'com_appointinator' 1.0.1 - Multiple Vulnerabilities Joomla! Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injections Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections Joomla! Component com_beamospetition - SQL Injection Joomla! Component 'com_beamospetition' - SQL Injection Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload ADA IMGSVR 0.4 - Remote File Download ADA IMGSVR 0.4 - Arbitrary File Download Joomla! / Mambo Component com_buslicense - 'aid' Parameter SQL Injection Joomla! / Mambo Component 'com_buslicense' - 'aid' Parameter SQL Injection Joomla! / Mambo Component com_sermon 0.2 - 'gid' Parameter SQL Injection Joomla! / Mambo Component 'com_sermon' 0.2 - 'gid' Parameter SQL Injection Joomla! / Mambo Component com_comments 0.5.8.5g - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_comments' 0.5.8.5g - 'id' Parameter SQL Injection Joomla! / Mambo Component com_iomezun - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_iomezun' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_Joomlavvz - 'id' Parameter SQL Injection Joomla! / Mambo Component com_most - 'secid' Parameter SQL Injection Joomla! / Mambo Component com_asortyment - 'katid' Parameter SQL Injection Joomla! / Mambo Component 'com_Joomlavvz' - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_most' - 'secid' Parameter SQL Injection Joomla! / Mambo Component 'com_asortyment' - 'katid' Parameter SQL Injection Joomla! / Mambo Component com_model - 'objid' Parameter SQL Injection Joomla! / Mambo Component com_omnirealestate - 'objid' Parameter SQL Injection Joomla! / Mambo Component 'com_model' - 'objid' Parameter SQL Injection Joomla! / Mambo Component 'com_omnirealestate' - 'objid' Parameter SQL Injection Joomla! / Mambo Component com_smslist - 'listid' Parameter SQL Injection Joomla! / Mambo Component com_activities - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_smslist' - 'listid' Parameter SQL Injection Joomla! / Mambo Component 'com_activities' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_lexikon - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_lexikon' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_team - SQL Injection Joomla! / Mambo Component com_iigcatalog - 'cat' Parameter SQL Injection Joomla! / Mambo Component com_formtool - 'catid' Parameter SQL Injection Joomla! / Mambo Component com_genealogy - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_team' - SQL Injection Joomla! / Mambo Component 'com_iigcatalog' - 'cat' Parameter SQL Injection Joomla! / Mambo Component 'com_formtool' - 'catid' Parameter SQL Injection Joomla! / Mambo Component 'com_genealogy' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_hello_world - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_hello_world' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_publication - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_blog - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_publication' - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_blog' - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_wines 1.0 - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_wines' 1.0 - 'id' Parameter SQL Injection Joomla! / Mambo Component com_inter - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_inter' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_guide - 'category' Parameter SQL Injection Joomla! / Mambo Component 'com_guide' - 'category' Parameter SQL Injection Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections Joomla! / Mambo Component 'com_is' 1.0.1 - Multiple SQL Injections Joomla! / Mambo Component com_utchat 0.2 - Multiple Remote File Inclusion Joomla! / Mambo Component 'com_utchat' 0.2 - Multiple Remote File Inclusion Vana CMS - 'Filename' Parameter Remote File Download Vana CMS - 'Filename' Parameter Arbitrary File Download Joomla! Component Rapid-Recipe - HTML Injection Joomla! Component 'Rapid-Recipe' - HTML Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Joomla! Component 'FreiChat' 1.0/2.x - Unspecified HTML Injection REDAXO - 'subpage' Parameter Cross-Site Scripting Redaxo CMS 5.0.0 - Multiple Vulnerabilities Redaxo 5.0.0 - Multiple Vulnerabilities DarkComet Server - Remote File Download Exploit (Metasploit) DarkComet Server - Arbitrary File Download (Metasploit) WinaXe 7.7 'FTP client' - Remote Buffer Overflow Rapid PHP Editor 14.1 - Remote Command Execution Memcached 1.4.33 - PoC (1) Memcached 1.4.33 - PoC (2) Memcached 1.4.33 - PoC (3) SweetRice 1.5.1 - Arbitrary File Download Axessh 4.2 - Denial Of Service SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution ETchat 3.7 - Cross-Site Request Forgery sNews 1.7.1 - Cross-Site Request Forgery sNews 1.7.1 - Arbitrary File Upload PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow nodCMS - Cross-Site Request Forgery Redaxo 5.2.0 - Cross-Site Request Forgery |
||
|---|---|---|
| .. | ||
| dos | ||
| local | ||
| remote | ||
| webapps | ||