A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
479ae86249
5 new exploits ProFTPD 1.2.9RC1 - (mod_sql) SQL Injection ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection PHPBB 2.0.4 - PHP Remote File Inclusion Exploit phpBB 2.0.4 - PHP Remote File Inclusion Exploit wu-ftpd 2.6.2 - Off-by-One Remote Root Exploit WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit wu-ftpd 2.6.2 - Remote Root Exploit WU-FTPD 2.6.2 - Remote Root Exploit ProFTPD 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service wu-ftpd 2.6.0 - Remote Root Exploit WU-FTPD 2.6.0 - Remote Root Exploit OpenBSD 2.6 / 2.7ftpd - Remote Exploit OpenBSD 2.6 / 2.7 ftpd - Remote Exploit wu-ftpd 2.6.0 - Remote Format Strings Exploit WU-FTPD 2.6.0 - Remote Format Strings Exploit ProFTPD 1.2.0 (rc2) - memory leakage example Exploit ProFTPd 1.2.0 (rc2) - memory leakage example Exploit ProFTPD 1.2.0pre10 - Remote Denial of Service ProFTPd 1.2.0pre10 - Remote Denial of Service wu-ftpd 2.6.1 - Remote Root Exploit WU-FTPD 2.6.1 - Remote Root Exploit OpenFTPD 0.30.2 - Remote Exploit OpenFTPD 0.30.1 - (message system) Remote Shell Exploit OpenFTPd 0.30.2 - Remote Exploit OpenFTPd 0.30.1 - (message system) Remote Shell Exploit PHP - (PHP-exec-dir) Patch Command Access Restriction Bypass PHP - (php-exec-dir) Patch Command Access Restriction Bypass ProFTPd (ftpdctl) - Local pr_ctrls_connect ProFTPd - (ftpdctl) Local pr_ctrls_connect ProFTPD 1.2.10 - Remote Users Enumeration Exploit ProFTPd 1.2.10 - Remote Users Enumeration Exploit PHPBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit PHP 4.3.9 + PHPBB 2.x - unserialize() Remote Exploit (Compiled) PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled) Apple QuickTime 6.5.2.10 - '.qtif'Image Parsing Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing wu-ftpd 2.6.2 - File Globbing Denial of Service WU-FTPD 2.6.2 - File Globbing Denial of Service RealPlayer 10 - '.smil'Local Buffer Overflow RealPlayer 10 - '.smil' Local Buffer Overflow PHPBB 2.0.13 - 'downloads.php' mod Remote Exploit phpBB 2.0.13 - 'downloads.php' mod Remote Exploit PHPPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting Invision Power Board 2.0.3 - login.php SQL Injection Invision Power Board 2.0.3 - login.php SQL Injection (tutorial) Invision Power Board 2.0.3 - 'login.php' SQL Injection Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) PHPStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1) phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2) Invision Power Board 1.3.1 - login.php SQL Injection Invision Power Board 1.3.1 - 'login.php' SQL Injection PHPBB 2.0.15 - (highlight) Remote PHP Code Execution phpBB 2.0.15 - (highlight) Remote PHP Code Execution Solaris SPARC / x86 - Local Socket Hijack Exploit Solaris (SPARC / x86) - Local Socket Hijack Exploit PHPBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit) Microsoft Windows XP SP2 - 'rdpwd.sys'Remote Kernel Denial of Service Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service PHPBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit FreeFTPD 1.0.8 - (USER) Remote Buffer Overflow freeFTPd 1.0.8 - (USER) Remote Buffer Overflow FreeFTPD 1.0.10 - (PORT Command) Denial of Service freeFTPd 1.0.10 - (PORT Command) Denial of Service Tftpd32 2.81 - (GET Request) Format String Denial of Service (PoC) TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC) Microsoft HTML Help Workshop - '.hhp'Denial of Service Microsoft HTML Help Workshop - '.hhp' Denial of Service PHPWebSite 0.10.0-full - (topics.php) SQL Injection phpWebSite 0.10.0-full - (topics.php) SQL Injection Microsoft Visual Studio 6.0 sp6 - '.dbp'Buffer Overflow Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow PHPBookingCalendar 1.0c - (details_view.php) SQL Injection phpBookingCalendar 1.0c - (details_view.php) SQL Injection Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure Microsoft Internet Explorer 6 - 'Internet.HHCtrl'Heap Overflow Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow PHPBB 3 - 'memberlist.php' SQL Injection phpBB 3 - 'memberlist.php' SQL Injection WoW Roster 1.70 - (/lib/PHPbb.php) Remote File Inclusion WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion PHPBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58 - (functions.php) Remote File Inclusion phpBB XS 0.58a - (phpbb_root_path) Remote File Inclusion phpBB XS 0.58a - (phpBB_root_path) Remote File Inclusion phpBB Static Topics 1.0 - phpbb_root_path File Include phpBB Static Topics 1.0 - phpBB_root_path File Include PHPBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion Dimension of phpBB 0.2.6 - (phpBB_root_path) Remote File Inclusions PHP News Reader 2.6.4 - (PHPbb.inc.php) Remote File Inclusion Exploit PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exploit PHPBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit PHPBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit PHPBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit PHPBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit PHPBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit PGOSD - 'misc/function.php3'Remote File Inclusion PGOSD - 'misc/function.php3' Remote File Inclusion HP-UX 11i - (LIBC TZ enviroment variable) Privilege Escalation HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit) ProFTPD 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC) ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit Yrch 1.0 - (plug.inc.php path variable) Remote File Inclusion Exploit Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Exploit Vizayn Haber - 'haberdetay.asp id variable'SQL Injection Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection newsCMSlite - 'newsCMS.mdb'Remote Password Disclosure newsCMSlite - 'newsCMS.mdb' Remote Password Disclosure iG Calendar 1.0 - (user.php id variable) SQL Injection iG Calendar 1.0 - (user.php id Variable) SQL Injection uniForum 4 - 'wbsearch.aspx'SQL Injection uniForum 4 - 'wbsearch.aspx' SQL Injection MGB 0.5.4.5 - (email.php id variable) SQL Injection MGB 0.5.4.5 - (email.php id Variable) SQL Injection Microsoft Help Workshop 4.03.0002 - '.CNT'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ'Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow Microsoft Visual C++ - '.RC Resource Files'Local Buffer Overflow Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow Phpbb Tweaked 3 - (phpbb_root_path) Remote File Inclusion phpBB Tweaked 3 - (phpBB_root_path) Remote File Inclusion phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit phpBB++ Build 100 - (phpBB_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) Remote File Inclusion Exploit Categories hierarchy phpBB Mod 2.1.2 - (phpBB_root_path) Remote File Inclusion Exploit ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1) ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2) News Bin Pro 5.33 - '.NBI'Local Buffer Overflow News Bin Pro 5.33 - '.nbi' Local Buffer Overflow Extreme PHPBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite'Local Exploit Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit Microsoft Windows - '.doc'Malformed Pointers Denial of Service Microsoft Windows - '.doc' Malformed Pointers Denial of Service GestArt Beta 1 - 'aide.php aide'Remote File Inclusion GestArt Beta 1 - 'aide.php aide' Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path'Remote File Inclusion ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion Corel Wordperfect X3 13.0.0.565 - '.PRS'Local Buffer Overflow Corel Wordperfect X3 13.0.0.565 - '.prs' Local Buffer Overflow ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield) Winamp 5.3 - '.WMV'Remote Denial of Service Winamp 5.3 - '.wmv' Remote Denial of Service ACDSee 9.0 - '.XPM'Local Buffer Overflow XnView 1.90.3 - '.XPM'Local Buffer Overflow WEBInsta FM 0.1.4 - login.php absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.CLP'Buffer Overflow ACDSee 9.0 - '.xpm' Local Buffer Overflow XnView 1.90.3 - '.xpm' Local Buffer Overflow WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion Exploit Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow ABC-View Manager 1.42 - '.PSP'Buffer Overflow FreshView 7.15 - '.PSP'Buffer Overflow ABC-View Manager 1.42 - '.psp' Buffer Overflow FreshView 7.15 - '.psp' Buffer Overflow Gimp 2.2.14 - '.ras'SUNRAS Plugin Buffer Overflow Gimp 2.2.14 - '.ras' SUNRAS Plugin Buffer Overflow IrfanView 4.00 - '.iff'Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png'Buffer Overflow Exploit IrfanView 4.00 - '.iff' Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit RealPlayer 10 - '.ra'Remote Denial of Service RealPlayer 10 - '.ra' Remote Denial of Service Winamp 5.34 - '.mp4'Code Execution Exploit Winamp 5.34 - '.mp4' Code Execution Exploit Wikivi5 - 'show.php sous_rep'Remote File Inclusion Wikivi5 - 'show.php sous_rep' Remote File Inclusion LeadTools Raster Thumbnail Object Library - 'LTRTM14e.DLL'Buffer Overflow Exploit LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow Exploit Scallywag - 'template.php path'Remote File Inclusion Scallywag - 'template.php path' Remote File Inclusion Simple Invoices 2007 05 25 - 'index.php submit'SQL Injection Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection Traffic Stats - 'referralUrl.php offset'SQL Injection Traffic Stats - 'referralUrl.php offset' SQL Injection BBS E-Market - 'postscript.php p_mode'Remote File Inclusion BBS E-Market - 'postscript.php p_mode' Remote File Inclusion PHPBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion bwired - 'index.php newsID'SQL Injection bwired - 'index.php newsID' SQL Injection CrystalPlayer 1.98 - '.mls'Local Buffer Overflow CrystalPlayer 1.98 - '.mls' Local Buffer Overflow PHP123 Top Sites - 'category.php cat'SQL Injection PHP123 Top Sites - 'category.php cat' SQL Injection Live for Speed S1/S2/Demo - '.mpr replay'Buffer Overflow Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe'Stack Overflow Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow Live for Speed S1/S2/Demo - '.ply'Buffer Overflow Live for Speed S1/S2/Demo - '.spr'Buffer Overflow CartWeaver - 'Details.cfm ProdID'SQL Injection Prozilla Pub Site Directory - 'directory.php cat'SQL Injection Live for Speed S1/S2/Demo - '.ply' Buffer Overflow Live for Speed S1/S2/Demo - '.spr' Buffer Overflow CartWeaver - 'Details.cfm ProdID' SQL Injection Prozilla Pub Site Directory - 'directory.php cat' SQL Injection Prozilla Webring Website Script - 'category.php cat'SQL Injection Prozilla Webring Website Script - 'category.php cat' SQL Injection GetMyOwnArcade - 'search.php query'SQL Injection GetMyOwnArcade - 'search.php query' SQL Injection ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow Sisfo Kampus 2006 - 'dwoprn.php f'Remote File Download Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download Gelato - 'index.php post'SQL Injection Gelato - 'index.php post' SQL Injection modifyform - 'modifyform.html'Remote File Inclusion modifyform - 'modifyform.html' Remote File Inclusion phpBB Plus 1.53 - (phpbb_root_path) Remote File Inclusion phpBB Plus 1.53 - (phpBB_root_path) Remote File Inclusion Black Lily 2007 - 'products.php class'SQL Injection Black Lily 2007 - 'products.php class' SQL Injection PHPBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion wzdftpd 0.8.0 - (USER) Remote Denial of Service WzdFTPD 0.8.0 - (USER) Remote Denial of Service Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc) Solaris 10 (sparc/x86) - sysinfo Kernel Memory Disclosure Exploit Solaris (sparc/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit Mcms Easy Web Make - 'index.php template'Local File Inclusion Mcms Easy Web Make - 'index.php template' Local File Inclusion MOG-WebShop - 'index.php group'SQL Injection MOG-WebShop - 'index.php group' SQL Injection ClipShare - 'uprofile.php UID'SQL Injection ClipShare - 'uprofile.php UID' SQL Injection samPHPweb - 'db.php commonpath'Remote File Inclusion samPHPweb - 'db.php commonpath' Remote File Inclusion RichStrong CMS - 'showproduct.asp cat'SQL Injection RichStrong CMS - 'showproduct.asp cat' SQL Injection Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr'File Handling Buffer Overflow Exploit Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit IrfanView 4.10 - '.fpx'Memory Corruption Exploit IrfanView 4.10 - '.fpx' Memory Corruption Exploit Fully Modded PHPBB - 'kb.php' SQL Injection Fully Modded phpBB - 'kb.php' SQL Injection ASPapp - 'links.asp CatId'SQL Injection ASPapp - 'links.asp CatId' SQL Injection HIS-Webshop - 'his-webshop.pl t'Remote File Disclosure HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure Easynet Forum Host - 'forum.php forum'SQL Injection Easynet Forum Host - 'forum.php forum' SQL Injection Blog PixelMotion - 'index.php categorie'SQL Injection Blog PixelMotion - 'index.php categorie' SQL Injection Prozilla Forum Service - 'forum.php forum'SQL Injection Prozilla Forum Service - 'forum.php forum' SQL Injection Ksemail - 'index.php language'Local File Inclusion Ksemail - 'index.php language' Local File Inclusion RX Maxsoft - 'popup_img.php fotoID'SQL Injection RX Maxsoft - 'popup_img.php fotoID' SQL Injection Apartment Search Script - 'listtest.php r'SQL Injection Apartment Search Script - 'listtest.php r' SQL Injection Jokes Site Script - 'jokes.php?catagorie'SQL Injection Jokes Site Script - 'jokes.php?catagorie' SQL Injection Anserv Auction XL - 'viewfaqs.php cat'SQL Injection Anserv Auction XL - 'viewfaqs.php cat' SQL Injection fipsCMS - 'print.asp lg'SQL Injection fipsCMS - 'print.asp lg' SQL Injection PostcardMentor - 'step1.asp cat_fldAuto'SQL Injection PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection HispaH Model Search - 'cat.php cat'SQL Injection HispaH Model Search - 'cat.php cat' SQL Injection EMO Realty Manager - 'news.php ida'SQL Injection The Real Estate Script - 'dpage.php docID'SQL Injection EMO Realty Manager - 'news.php ida' SQL Injection The Real Estate Script - 'dpage.php docID' SQL Injection GLLCTS2 - 'listing.php sort'Blind SQL Injection GLLCTS2 - 'listing.php sort' Blind SQL Injection PHPMyCart - 'shop.php cat'SQL Injection PHPMyCart - 'shop.php cat' SQL Injection BaSiC-CMS - 'index.php r'SQL Injection BaSiC-CMS - 'index.php r' SQL Injection Mybizz-Classifieds - 'index.php cat'SQL Injection Mybizz-Classifieds - 'index.php cat' SQL Injection Carscripts Classifieds - 'index.php cat'SQL Injection BoatScripts Classifieds - 'index.php type'SQL Injection Carscripts Classifieds - 'index.php cat' SQL Injection BoatScripts Classifieds - 'index.php type' SQL Injection RSS-Aggregator - 'display.php path'Remote File Inclusion RSS-Aggregator - 'display.php path' Remote File Inclusion MyBlog: PHP and MySQL Blog/CMS software - SQL / Cross-Site Scripting MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting CodeDB - 'list.php lang'Local File Inclusion CodeDB - 'list.php lang' Local File Inclusion HRS Multi - 'picture_pic_bv.asp key'Blind SQL Injection HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo'Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo'Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo'Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection Youtuber Clone - 'ugroups.php UID'SQL Injection Youtuber Clone - 'ugroups.php UID' SQL Injection ZeeReviews - 'comments.php ItemID'SQL Injection ZeeReviews - 'comments.php ItemID' SQL Injection Acoustica Beatcraft 1.02 Build 19 - '.bcproj'Local Buffer Overflow Exploit Acoustica Beatcraft 1.02 Build 19 - '.bcproj' Local Buffer Overflow Exploit Living Local Website - 'listtest.php r'SQL Injection Living Local Website - 'listtest.php r' SQL Injection AWStats Totals - 'AWStatstotals.php sort'Remote Code Execution Exploit AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Exploit Pre Real Estate Listings - 'search.php c'SQL Injection Pre Real Estate Listings - 'search.php c' SQL Injection Hotel reservation System - 'city.asp city'Blind SQL Injection Hotel reservation System - 'city.asp city' Blind SQL Injection Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward'Local Denial of Service Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service Availscript Article Script - 'view.php v'SQL Injection Availscript Article Script - 'view.php v' SQL Injection JETIK-WEB Software - 'sayfa.php kat'SQL Injection JETIK-WEB Software - 'sayfa.php kat' SQL Injection Microsoft Windows GDI+ - '.ico'Remote Division By Zero Exploit Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit ArabCMS - 'rss.php rss'Local File Inclusion ArabCMS - 'rss.php rss' Local File Inclusion Easynet4u faq Host - 'faq.php faq'SQL Injection Easynet4u faq Host - 'faq.php faq' SQL Injection Real Estate Scripts 2008 - 'index.php cat'SQL Injection Real Estate Scripts 2008 - 'index.php cat' SQL Injection RaidenFTPD 2.4 build 3620 - Remote Denial of Service RaidenFTPd 2.4 build 3620 - Remote Denial of Service XOOPS Module xhresim - 'index.php no'SQL Injection XOOPS Module xhresim - 'index.php no' SQL Injection Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit DorsaCMS - 'ShowPage.aspx'SQL Injection YDC - 'kdlist.php cat'SQL Injection DorsaCMS - 'ShowPage.aspx' SQL Injection YDC - 'kdlist.php cat' SQL Injection Aj RSS Reader - 'EditUrl.php url'SQL Injection Aj RSS Reader - 'EditUrl.php url' SQL Injection Aiocp 1.4 - (poll_id) SQL Injection AIOCP 1.4 - 'poll_id' SQL Injection SFS EZ Auction - 'viewfaqs.php cat'Blind SQL Injection SFS EZ Career - 'content.php topic'SQL Injection SFS EZ Top Sites - 'topsite.php ts'SQL Injection SFS EZ Auction - 'viewfaqs.php cat' Blind SQL Injection SFS EZ Career - 'content.php topic' SQL Injection SFS EZ Top Sites - 'topsite.php ts' SQL Injection SFS EZ Pub Site - 'directory.php cat'SQL Injection SFS EZ Pub Site - 'directory.php cat' SQL Injection AJ ARTICLE - 'featured_article.php mode'SQL Injection AJ ARTICLE - 'featured_article.php mode' SQL Injection YourFreeWorld Shopping Cart - 'index.php c'Blind SQL Injection Maran PHP Shop - 'prod.php cat'SQL Injection YourFreeWorld Shopping Cart - 'index.php c' Blind SQL Injection Maran PHP Shop - 'prod.php cat' SQL Injection PHP Auto Listings - 'moreinfo.php pg'SQL Injection PHP Auto Listings - 'moreinfo.php pg' SQL Injection VLC Media Player < 0.9.6 - '.rt'Stack Buffer Overflow VLC Media Player < 0.9.6 - '.rt' Stack Buffer Overflow Minigal b13 - 'index.php list'Remote File Disclosure Exploit Minigal b13 - 'index.php list' Remote File Disclosure Exploit VCalendar - 'VCalendar.mdb'Remote Database Disclosure VCalendar - 'VCalendar.mdb' Remote Database Disclosure VideoGirls BiZ - 'view_snaps.php type'Blind SQL Injection VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection ParsBlogger - 'blog.asp wr'SQL Injection ParsBlogger - 'blog.asp wr' SQL Injection BaSiC-CMS - 'acm2000.mdb'Remote Database Disclosure BaSiC-CMS - 'acm2000.mdb' Remote Database Disclosure cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp'Stack Overflow cpCommerce 1.2.6 - (URL Rewrite) Input Variable overwrite / Authentication Bypass Cain & Abel 4.9.24 - '.rdp' Stack Overflow Ocean12 Mailing List Manager Gold - DD / SQL / Cross-Site Scripting Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting Cain & Abel 4.9.23 - '.rdp'Buffer Overflow Exploit Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Exploit User Engine Lite ASP - 'users.mdb'Database Disclosure User Engine Lite ASP - 'users.mdb' Database Disclosure Easy News Content Management - 'News.mdb'Database Disclosure Easy News Content Management - 'News.mdb' Database Disclosure RankEm - 'rankup.asp siteID'SQL Injection RankEm - 'rankup.asp siteID' SQL Injection Cold BBS - 'cforum.mdb'Remote Database Disclosure Cold BBS - 'cforum.mdb' Remote Database Disclosure ASP PORTAL - 'xportal.mdb'Remote Database Disclosure ASP PORTAL - 'xportal.mdb' Remote Database Disclosure Webmaster Marketplace - 'member.php u'SQL Injection Webmaster Marketplace - 'member.php u' SQL Injection CF_Calendar - 'calendarevent.cfm'SQL Injection CF_Calendar - 'calendarevent.cfm' SQL Injection CFMBLOG - 'index.cfm categorynbr'Blind SQL Injection CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection MyCal Personal Events Calendar - 'mycal.mdb'Database Disclosure MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure ASPired2Quote - 'quote.mdb'Remote Database Disclosure ASPired2Quote - 'quote.mdb' Remote Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb'Database Disclosure CodeAvalanche FreeForum - 'CAForum.mdb' Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb'Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb'Database Disclosure CodeAvalanche Directory - 'CADirectory.mdb' Database Disclosure CodeAvalanche FreeForAll - 'CAFFAPage.mdb' Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb'Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb'Database Disclosure CodeAvalanche Articles - 'CAArticles.mdb' Database Disclosure CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure CFAGCMS 1 - 'right.php title'SQL Injection CFAGCMS 1 - 'right.php title' SQL Injection click&rank - SQL / Cross-Site Scripting click&rank - SQL Injection / Cross-Site Scripting Liberum Help Desk 0.97.3 - SQL / DD Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb'Database Disclosure QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure MyPHPsite - 'index.php mod'Local File Inclusion MyPHPsite - 'index.php mod' Local File Inclusion MyPBS - 'index.php seasonID'SQL Injection MyPBS - 'index.php seasonID' SQL Injection Extract Website - 'download.php filename'File Disclosure Extract Website - 'download.php filename' File Disclosure CoolPlayer 2.19 - '.Skin'Local Buffer Overflow CoolPlayer 2.19 - '.Skin' Local Buffer Overflow Sepcity Shopping Mall - 'shpdetails.asp ID'SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID'SQL Injection Sepcity Shopping Mall - 'shpdetails.asp ID' SQL Injection Sepcity Lawyer Portal - 'deptdisplay.asp ID' SQL Injection Sepcity Classified - 'classdis.asp ID'SQL Injection Sepcity Classified - 'classdis.asp ID' SQL Injection Ayemsis Emlak Pro - 'acc.mdb'Database Disclosure Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure VUPlayer 2.49 - '.wax'Local Buffer Overflow VUPlayer 2.49 - '.wax' Local Buffer Overflow BlogHelper - 'common_db.inc'Remote Config File Disclosure PollHelper - 'poll.inc'Remote Config File Disclosure BlogHelper - 'common_db.inc' Remote Config File Disclosure PollHelper - 'poll.inc' Remote Config File Disclosure Audacity 1.6.2 - '.aup'Remote Off-by-One Crash Exploit Audacity 1.6.2 - '.aup' Remote Off-by-One Crash Exploit QuoteBook - 'poll.inc'Remote Config File Disclosure QuoteBook - 'poll.inc' Remote Config File Disclosure XOOPS Module tadbook2 - 'open_book.php book_sn'SQL Injection XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection Social Engine - 'browse_classifieds.php s'SQL Injection Social Engine - 'browse_classifieds.php s' SQL Injection Realtor 747 - 'define.php INC_DIR'Remote File Inclusion Realtor 747 - 'define.php INC_DIR' Remote File Inclusion OTSTurntables 1.00.027 - '.ofl'Local Stack Overflow OTSTurntables 1.00.027 - '.ofl' Local Stack Overflow SCMS 1 - 'index.php p'Local File Inclusion SCMS 1 - 'index.php p' Local File Inclusion Graugon Gallery 1.0 - Cross-Site Scripting / SQL / Cookie Bypass Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass Baran CMS 1.0 - Arbitrary ASP File Upload / DB / SQL / Cross-Site Scripting / CM Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / CM pHNews Alpha 1 - 'header.php mod'SQL Injection pHNews Alpha 1 - 'header.php mod' SQL Injection i-dreams GB Server - 'admin.dat'File Disclosure i-dreams GB Server - 'admin.dat' File Disclosure VUplayer 2.49 - '.cue'Local Buffer Overflow VUplayer 2.49 - '.cue' Local Buffer Overflow VUPlayer 2.49 - '.cue'Universal Buffer Overflow VUPlayer 2.49 - '.cue' Universal Buffer Overflow Chasys Media Player 1.1 - '.cue'Stack Overflow Chasys Media Player 1.1 - '.cue' Stack Overflow Chasys Media Player - '.lst Playlist'Local Buffer Overflow Chasys Media Player - '.lst Playlist' Local Buffer Overflow BS.Player 2.34 - '.bsl'Universal SEH Overwrite BS.Player 2.34 - '.bsl' Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml'Universal SEH Overwrite POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite Abee Chm Maker 1.9.5 - '.CMP'Stack Overflow Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow ActiveKB Knowledgebase - 'loadpanel.php Panel'Local File Inclusion ActiveKB Knowledgebase - 'loadpanel.php Panel' Local File Inclusion ftpdmin 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) ftpdmin 0.96 - Arbitrary File Disclosure Exploit FTPDMIN 0.96 - Arbitrary File Disclosure Exploit Jamroom - 'index.php t'Local File Inclusion Jamroom - 'index.php t' Local File Inclusion W2B phpEmployment - 'conf.inc'File Disclosure W2B phpEmployment - 'conf.inc' File Disclosure phpAdBoard - 'conf.inc'Remote Config File Disclosure phpGreetCards - 'conf.inc'Config File Disclosure phpAdBoard - 'conf.inc' Remote Config File Disclosure phpGreetCards - 'conf.inc' Config File Disclosure phpAdBoardPro - 'config.inc'Config File Disclosure phpDatingClub - 'conf.inc'File Disclosure Job2C - 'conf.inc'Config File Disclosure phpAdBoardPro - 'config.inc' Config File Disclosure phpDatingClub - 'conf.inc' File Disclosure Job2C - 'conf.inc' Config File Disclosure Star Downloader Free 1.45 - '.dat'Universal SEH Overwrite Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite Destiny Media Player 1.61 - '.rdl'Local Buffer Overflow Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow Thickbox Gallery 2 - 'index.php ln'Local File Inclusion Thickbox Gallery 2 - 'index.php ln' Local File Inclusion Symantec Fax Viewer Control 10 - 'DCCFAXVW.DLL'Remote Buffer Overflow Exploit Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit Mercury Audio Player 1.21 - '.b4s'Local Stack Overflow Mercury Audio Player 1.21 - '.b4s' Local Stack Overflow RM Downloader - '.smi'Local Stack Overflow RM Downloader - '.smi' Local Stack Overflow RM Downloader - '.smi'Universal Local Buffer Overflow RM Downloader - '.smi' Universal Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM'Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM'Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF'Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM'Local Buffer Overflow RM Downloader 3.0.0.9 - '.RAM' Local Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow Exploit Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM'Local Buffer Overflow Exploit Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Exploit MPLAB IDE 8.30 - '.mcp'Universal Seh Overwrite MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite Pinnacle Studio 12 - '.hfz'Directory Traversal Pinnacle Studio 12 - '.hfz' Directory Traversal COWON America jetCast 2.0.4.1109 - '.mp3'Local Overflow COWON America jetCast 2.0.4.1109 - '.mp3' Local Overflow R2 Newsletter Lite/Pro/Stats - 'admin.mdb'Database Disclosure R2 Newsletter Lite/Pro/Stats - 'admin.mdb' Database Disclosure phpDatingClub 3.7 - SQL / Cross-Site Scripting Injection phpDatingClub 3.7 - SQL Injection / Cross-Site Scripting Injection ClearContent - 'image.php url'Remote File Inclusion / Local File Inclusion ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion DJ Calendar - 'DJcalendar.cgi TEMPLATE'File Disclosure DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure Icarus 2.0 - '.ICP'Local Stack Overflow Exploit Icarus 2.0 - '.ICP' Local Stack Overflow Exploit MixSense 1.0.0.1 DJ Studio - '.mp3'Crash Exploit MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit htmldoc 1.8.27.1 - '.html'Universal Stack Overflow htmldoc 1.8.27.1 - '.html' Universal Stack Overflow Acoustica MP3 Audio Mixer 2.471 - '.sgp'Crash Exploit Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash Exploit PHP Paid 4 Mail Script - 'paidbanner.php ID'SQL Injection PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection Microsoft Windows XP - 'win32k.sys'Privilege Escalation Microsoft Windows XP - 'win32k.sys' Privilege Escalation Portel 2008 - 'decide.php patron'Blind SQL Injection Portel 2008 - 'decide.php patron' Blind SQL Injection Microsoft Windows 2003 - '.EOT'BSOD Crash Exploit Microsoft Windows 2003 - '.EOT' BSOD Crash Exploit THOMSON ST585 - 'user.ini'Arbitrary Download THOMSON ST585 - 'user.ini' Arbitrary Download PHP Email Manager - 'remove.php ID'SQL Injection PHP Email Manager - 'remove.php ID' SQL Injection WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service War-FTPD 1.65 - (MKD/CD Requests) Denial of Service EMO Breader Manager - 'video.php movie'SQL Injection EMO Breader Manager - 'video.php movie' SQL Injection Invisible Browsing 5.0.52 - '.ibkey'Local Buffer Overflow Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow HotWeb Rentals - 'details.asp PropId'Blind SQL Injection HotWeb Rentals - 'details.asp PropId' Blind SQL Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend'Command Injection Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection Blender 2.49b - '.blend'Remote Command Execution Blender 2.49b - '.blend' Remote Command Execution Aiocp 1.4.001 - File Inclusion AIOCP 1.4.001 - File Inclusion BibTeX - '.bib'File Handling Memory Corruption BibTeX - '.bib' File Handling Memory Corruption PHP 5.0.0 - domxml_open_file() Local Denial of Service PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service PHP 5.0.0 - simplexml_load_file() Local Denial of Service PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows Audacity 1.2.6 - '.gro'Buffer Overflow Audacity 1.2.6 - '.gro' Buffer Overflow gAlan - '.galan'Universal Buffer Overflow gAlan - '.galan' Universal Buffer Overflow ASPGuest - 'edit.asp ID'Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam'Blind SQL Injection ASPGuest - 'edit.asp ID' Blind SQL Injection Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection dblog - 'dblog.mdb'Remote Database Disclosure dblog - 'dblog.mdb' Remote Database Disclosure PHP 5.0.0 - xmldocfile() Local Denial of Service PHP 5.0.0 - 'xmldocfile()' Local Denial of Service Apollo Player 37.0.0.0 - '.aap'Buffer Overflow Denial of Service Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service OpenOffice - '.slk'Parsing Null Pointer OpenOffice - '.slk' Parsing Null Pointer crownweb - 'page.cfm'SQL Injection crownweb - 'page.cfm' SQL Injection OtsTurntables Free 1.00.047 - '.olf'Universal Buffer Overflow OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg'Buffer Overflow Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow Orbital Viewer 1.04 - '.orb'Local Universal SEH Overflow Orbital Viewer 1.04 - '.orb' Local Universal SEH Overflow iPhone / iTouch FTPDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service JAD java decompiler 1.5.8g - '.class'Stack Overflow Denial of Service JAD java decompiler 1.5.8g - '.class' Stack Overflow Denial of Service Media Player 6.4.9.1 with K-Lite Codec Pack - Denial of Service/Crash '.avi' Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' Denial of Service/Crash no$gba 2.5c - '.nds'Local crash no$gba 2.5c - '.nds' Local crash Xilisoft Blackberry Ring Tone Maker - '.wma'Local Crash Xilisoft Blackberry Ring Tone Maker - '.wma' Local Crash Dualis 20.4 - '.bin'Local Daniel Of Service Dualis 20.4 - '.bin' Local Daniel Of Service DSEmu 0.4.10 - '.nds'Local Crash Exploit DSEmu 0.4.10 - '.nds' Local Crash Exploit MP3 Wav Editor 3.80 - '.mp3'Local Denial of Service MP3 Wav Editor 3.80 - '.mp3' Local Denial of Service FontForge - .BDF Font File Stack-Based Buffer Overflow FontForge - .BDF Font File Stack Based Buffer Overflow Dolphin 2.0 - '.elf'Local Daniel Of Service Dolphin 2.0 - '.elf' Local Daniel Of Service e-webtech - 'new.asp?id='SQL Injection e-webtech - 'new.asp?id=' SQL Injection SmallFTPD FTP Server 1.0.3 - DELE Command Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service RahnemaCo - page.php PageID Remote File Inclusion RahnemaCo - 'page.php' PageID Remote File Inclusion goffgrafix - Design's SQL Injection goffgrafix - Design's - SQL Injection Spaceacre - SQL / Cross-Site Scripting / HTML Injection Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection ZipExplorer 7.0 - '.zar'Denial of Service ZipExplorer 7.0 - '.zar' Denial of Service ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation iOS - Version-independent shellcode iOS - Version-independent Shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 Shellcode Win32 - SEH omelet shellcode Win32 - SEH omelet Shellcode Win32 - Connectback_ receive_ save and execute shellcode Win32 - Connectback_ receive_ save and execute Shellcode Windows XP - download and exec source shellcode Windows XP - download and exec source Shellcode Win32 XP SP3 - ShellExecuteA shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode Win32 XP SP3 - ShellExecuteA Shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) Shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 Shellcode Win32 - JITed stage-0 shellcode Win32 - JITed stage-0 Shellcode Windows - JITed egg-hunter stage-0 shellcode Windows - JITed egg-hunter stage-0 Shellcode Linux/x86 - nc -lvve/bin/sh -p13377 shellcode Linux/x86 - nc -lvve/bin/sh -p13377 Shellcode Corel VideoStudio Pro X3 - '.mp4'Buffer Overflow Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow Boat Classifieds - 'printdetail.asp?Id'SQL Injection Boat Classifieds - 'printdetail.asp?Id' SQL Injection PHPBB MOD 2.0.19 - Invitation Only (PassCode Bypass) phpBB MOD 2.0.19 - Invitation Only (PassCode Bypass) SnoGrafx - 'cat.php?cat'SQL Injection SnoGrafx - 'cat.php?cat' SQL Injection Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Mediacoder 0.7.5.4710 - ' Universal' SEH Buffer Overflow PlayPad Music Player 1.12 - '.mp3'Denial of Service PlayPad Music Player 1.12 - '.mp3' Denial of Service Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscal'l Emulation Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation xt:Commerce Gambio 2008 - 2010 - ERROR Based SQL Injection 'reviews.php' xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection CuteNews - 'index.php?page'Local File Inclusion CuteNews - 'index.php?page' Local File Inclusion Hanso Converter 1.4.0 - '.ogg'Denial of Service Hanso Converter 1.4.0 - '.ogg' Denial of Service ARM - Bindshell port 0x1337 shellcode ARM - Bind Connect UDP Port 68 shellcode ARM - Loader Port 0x1337 shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode ARM - Bindshell port 0x1337 Shellcode ARM - Bind Connect UDP Port 68 Shellcode ARM - Loader Port 0x1337 Shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode SmallFTPD 1.0.3 - Remote Directory Traversal SmallFTPd 1.0.3 - Remote Directory Traversal HtaEdit 3.2.3.0 - '.hta'Buffer Overflow HtaEdit 3.2.3.0 - '.hta' Buffer Overflow ProFTPD IAC 1.3.x - Remote Root Exploit ProFTPd IAC 1.3.x - Remote Root Exploit VbsEdit 4.7.2.0 - '.vbs'Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda'Denial of Service VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow Power Audio Editor 7.4.3.230 - '.cda' Denial of Service Sitefinity CMS - 'ASP.NET'Arbitrary File Upload Sitefinity CMS - 'ASP.NET' Arbitrary File Upload Native Instruments Traktor Pro 1.2.6 - Stack-based Buffer Overflow Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow ProFTPD 1.3.3c - Compromised Source Remote Root Trojan ProFTPd 1.3.3c - Compromised Source Remote Root Trojan Dejcom Market CMS - 'showbrand.aspx'SQL Injection Dejcom Market CMS - 'showbrand.aspx' SQL Injection Aesop GIF Creator 2.1 - '.aep'Buffer Overflow Aesop GIF Creator 2.1 - '.aep' Buffer Overflow Apple iPhone Safari - 'JS .'Remote Crash Apple iPhone Safari - 'JS .' Remote Crash Microsoft Windows Fax Services Cover Page Editor - '.cov'Memory Corruption Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption Win32 - speaking shellcode Win32 - speaking Shellcode ProFTPD mod_sftp - Integer Overflow Denial of Service (PoC) ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC) BWMeter 5.4.0 - '.csv'Denial of Service BWMeter 5.4.0 - '.csv' Denial of Service Magic Music Editor - '.cda'Denial of Service Magic Music Editor - '.cda' Denial of Service wu-ftpd - SITE EXEC/INDEX Format String WU-FTPD - SITE EXEC/INDEX Format String Samba - trans2open Overflow (Solaris SPARC) Samba (Solaris SPARC) - trans2open Overflow FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow Microsoft IIS 4.0 - '.htr'Path Overflow Microsoft IIS 4.0 - '.htr' Path Overflow VariCAD 2010-2.05 EN - '.DWB'Stack Buffer Overflow VariCAD 2010-2.05 EN - '.DWB' Stack Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack-based Buffer Overflow AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPD 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow ProFTPD 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow PHPBB - viewtopic.php Arbitrary Code Execution phpBB - viewtopic.php Arbitrary Code Execution ProFTPD-1.3.3c - Backdoor Command Execution ProFTPd-1.3.3c - Backdoor Command Execution ABBS Electronic Flash Cards 2.1 - '.fcd'Buffer Overflow ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj'Buffer Overflow VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow Wordtrainer 3.0 - '.ord'Buffer Overflow Wordtrainer 3.0 - '.ord' Buffer Overflow PlaylistMaker 1.5 - '.txt'Buffer Overflow PlaylistMaker 1.5 - '.txt' Buffer Overflow libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow (PoC) libmodplug 0.8.8.2 - (.abc) Stack Based Buffer Overflow (PoC) MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m'Stack Buffer Overflow MJM Core Player 2011 - '.s3m'Stack Buffer Overflow MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow MJM Core Player 2011 - '.s3m' Stack Buffer Overflow Magix Musik Maker 16 - '.mmm'Stack Buffer Overflow Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow Smallftpd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 FTP Server - Denial of Service FreeAmp 2.0.7 - '.fat'Buffer Overflow FreeAmp 2.0.7 - '.fat' Buffer Overflow VSFTPD 2.3.4 - Backdoor Command Execution vsftpd 2.3.4 - Backdoor Command Execution OS-X - Universal ROP shellcode OS-X - Universal ROP Shellcode Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow Citrix XenApp / XenDesktop - Stack Based Buffer Overflow World Of Warcraft - 'chat-cache.txt'Local Stack Overflow Denial of Service World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service Wav Player 1.1.3.6 - '.pll'Buffer Overflow Wav Player 1.1.3.6 - '.pll' Buffer Overflow Norman Security Suite 8 - 'nprosec.sys'Privilege Escalation Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation Ashampoo Burning Studio Elements 10.0.9 - '.ashprj'Heap Overflow Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow Cytel Studio 9.0 - '.CY3'Stack Buffer Overflow Cytel Studio 9.0 - '.CY3' Stack Buffer Overflow Xion Audio Player 1.0.127 - '.aiff'Denial of Service Xion Audio Player 1.0.127 - '.aiff' Denial of Service SnackAmp 3.1.3 - '.aiff'Denial of Service SnackAmp 3.1.3 - '.aiff' Denial of Service PHP Ticket System Beta 1 - 'index.php p parameter'SQL Injection PHP Ticket System Beta 1 - 'index.php p parameter' SQL Injection Nokia PC Suite Video Manager 7.1.180.64 - '.mp4'Denial of Service Nokia PC Suite Video Manager 7.1.180.64 - '.mp4' Denial of Service Multimedia Builder 4.9.8 - '.mef'Denial of Service Multimedia Builder 4.9.8 - '.mef' Denial of Service Tftpd32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf'FileOpen Crash TFTPD32 DNS Server 4.00 - Denial of Service LibreOffice 3.5.3 - '.rtf' FileOpen Crash Microsoft Wordpad 5.1 - '.doc'Null Pointer Dereference Microsoft Wordpad 5.1 - '.doc' Null Pointer Dereference Lattice Semiconductor PAC-Designer 6.21 - '.PAC'Exploit Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (1) wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath Exploit (2) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (1) WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (2) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1) ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2) ProFTPD 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Washington University wu-ftpd 2.5.0 - message Buffer Overflow Washington University WU-FTPD 2.5.0 - message Buffer Overflow GlFtpd 1.17.2 - Exploit glFTPd 1.17.2 - Exploit Oracle Outside-In - .LWP File Parsing Stack-Based Buffer Overflow Oracle Outside-In - .LWP File Parsing Stack Based Buffer Overflow wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2) WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3) Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw'Cross-Site Scripting Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw' Cross-Site Scripting Microsoft Windows Media Player 7.0 - '.wms'Arbitrary Script Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit ProFTPD 1.2 - SIZE Remote Denial of Service ProFTPd 1.2 - SIZE Remote Denial of Service Microsoft Windows Media Player 7.0 - '.wmz'Arbitrary Java Applet Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet wu-ftpd 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion Wu-Ftpd 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String Joe Text Editor 2.8 - '.joerc'Arbitrary Command Execution Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal WhitSoft slimserve ftpd 1.0/2.0 - Directory Traversal wu-ftpd 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPD 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion freebsd 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities FreeBSD 4.2-stable ftpd - glob() Buffer Overflow Vulnerabilities raidenftpd 2.1 - Directory Traversal RaidenFTPd 2.1 - Directory Traversal AV Arcade Free Edition - 'add_rating.php id parameter'Blind SQL Injection AV Arcade Free Edition - 'add_rating.php id parameter' Blind SQL Injection Solaris 2.6/7/8 - SPARC xlock Heap Overflow Solaris 2.6/7/8 -(SPARC) xlock Heap Overflow glFTPD 1.x - LIST Denial of Service glFTPd 1.x - 'LIST' Denial of Service Wu-Ftpd 2.6 - File Globbing Heap Corruption WU-FTPD 2.6 - File Globbing Heap Corruption Joomla RokModule Component - 'index.php module parameter'Blind SQL Injection Joomla RokModule Component - 'index.php module parameter' Blind SQL Injection PHPWebsite 0.8.2 - PHP File Include phpWebSite 0.8.2 - PHP File Include PHPWebSite 0.8.3 - News Message HTML Injection phpWebSite 0.8.3 - News Message HTML Injection PHPWebSite 0.8.3 - article.php Cross-Site Scripting phpWebSite 0.8.3 - article.php Cross-Site Scripting PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion phpBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion PHPBB 2.0.3 - search.php Cross-Site Scripting phpBB 2.0.3 - search.php Cross-Site Scripting ProFTPD 1.2.x - STAT Command Denial of Service ProFTPd 1.2.x - STAT Command Denial of Service Joomla Tags - 'index.php tag parameter'SQL Injection Joomla Tags - 'index.php tag parameter' SQL Injection Joomla Commedia Plugin - 'index.php task parameter'SQL Injection Joomla Kunena Component - 'index.php search parameter'SQL Injection Joomla Commedia Plugin - 'index.php task parameter' SQL Injection Joomla Kunena Component - 'index.php search parameter' SQL Injection PHPBB 2.0.3 - privmsg.php SQL Injection phpBB 2.0.3 - privmsg.php SQL Injection Joomla Spider Catalog - 'index.php product_id parameter'SQL Injection Joomla Spider Catalog - 'index.php product_id parameter' SQL Injection Battleaxe Software BTTLXE Forum - login.asp SQL Injection Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection SudBox Boutique 1.2 - login.php Authentication Bypass SudBox Boutique 1.2 - 'login.php' Authentication Bypass friendsinwar FAQ Manager - 'view_faq.php question parameter'SQL Injection friendsinwar FAQ Manager - 'view_faq.php question parameter' SQL Injection GuildFTPD 0.999.8 - CWD Command Denial of Service GuildFTPd 0.999.8 - CWD Command Denial of Service ProductCart 1.5/1.6/2.0 - login.asp SQL Injection ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection SmartCMS - 'index.php idx parameter'SQL Injection SmartCMS - 'index.php idx parameter' SQL Injection mcrypt 2.6.8 - stack-based Buffer Overflow (PoC) mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC) wu-ftpd 2.6.2 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 - realpath() Off-by-One Buffer Overflow wu-ftpd 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow freeBSD 4.8 - realpath() Off-by-One Buffer Overflow WU-FTPD 2.6.2 / 2.6.0 / 2.6.1 - realpath() Off-by-One Buffer Overflow FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow SmartCMS - 'index.php menuitem parameter'SQL Injection / Cross-Site Scripting SmartCMS - 'index.php menuitem parameter' SQL Injection / Cross-Site Scripting FreeFTPD - Remote Authentication Bypass Exploit freeFTPd - Remote Authentication Bypass Exploit PHPBB 2.0.6 - URL BBCode HTML Injection phpBB 2.0.6 - URL BBCode HTML Injection wzdftpd 0.1 rc5 - Login Remote Denial of Service ProFTPD 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun WzdFTPD 0.1 rc5 - Login Remote Denial of Service ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun PHPBB 2.0.x - profile.php SQL Injection phpBB 2.0.x - profile.php SQL Injection PHPBB 2.0.6 - privmsg.php Cross-Site Scripting phpBB 2.0.6 - privmsg.php Cross-Site Scripting Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET'Arbitrary File Upload Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload MyBB AwayList Plugin - 'index.php id parameter'SQL Injection MyBB AwayList Plugin - 'index.php id parameter' SQL Injection SmallFTPD 1.0.3 - Remote Denial of Service SmallFTPd 1.0.3 - Remote Denial of Service MyBB - 'editpost.php posthash'SQL Injection Joomla Spider Calendar - 'index.php date parameter'Blind SQL Injection MyBB - 'editpost.php posthash' SQL Injection Joomla Spider Calendar - 'index.php date parameter' Blind SQL Injection Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting PHPBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection phpBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection Inmatrix Ltd. Zoom Player 8.5 - '.jpeg'Exploit Inmatrix Ltd. Zoom Player 8.5 - '.jpeg' Exploit PHPBB 2.0.x - album_portal.php Remote File Inclusion phpBB 2.0.x - album_portal.php Remote File Inclusion PHPBB 2.0.x - viewtopic.php PHP Script Injection phpBB 2.0.x - viewtopic.php PHP Script Injection JShop E-Commerce Suite 3.0 - page.php Cross-Site Scripting JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting NullSoft Winamp 2-5 - '.wsz'Remote Code Execution NullSoft Winamp 2-5 - '.wsz' Remote Code Execution phpWebsite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting Scripts Genie Gallery Personals - 'gallery.php L parameter'SQL Injection Scripts Genie Gallery Personals - 'gallery.php L parameter' SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter'SQL Injection Scripts Genie Domain Trader - 'catalog.php id parameter' SQL Injection Scripts Genie Games Site Script - 'index.php id parameter'SQL Injection Scripts Genie Games Site Script - 'index.php id parameter' SQL Injection Photodex ProShow Producer 5.0.3297 - '.pxs'Memory Corruption Exploit Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit Scripts Genie Top Sites - 'out.php id parameter'SQL Injection Scripts Genie Top Sites - 'out.php id parameter' SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter'SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter' SQL Injection W-Agora 4.1.6 - a login.php loginuser Parameter Cross-Site Scripting W-Agora 4.1.6 - a 'login.php' loginuser Parameter Cross-Site Scripting PHPWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack-Based Buffer Overflow Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Based Buffer Overflow PHPBB 2.0.x - admin_cash.php Remote PHP File Include phpBB 2.0.x - admin_cash.php Remote PHP File Include UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter Cross-Site Scripting UBBCentral UBB.threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - login.php Newlanguage Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting Rebus:list - 'list.php list_id parameter'SQL Injection Rebus:list - 'list.php list_id parameter' SQL Injection SynConnect Pms - 'index.php loginid parameter'SQL Injection SynConnect Pms - 'index.php loginid parameter' SQL Injection Groovy Media Player 3.2.0 - '.mp3'Buffer Overflow Groovy Media Player 3.2.0 - '.mp3' Buffer Overflow glFTPD 1.x/2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities PHPWebSite 0.x - Image File Processing Arbitrary PHP File Upload phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload PHPBB 2.0.x - Authentication Bypass (1) PHPBB 2.0.x - Authentication Bypass (2) PHPBB 2.0.x - Authentication Bypass (3) phpBB 2.0.x - Authentication Bypass (1) phpBB 2.0.x - Authentication Bypass (2) phpBB 2.0.x - Authentication Bypass (3) PHPCOIN 1.2 - login.php Multiple Parameter Cross-Site Scripting PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting Multiple Vendor Telnet Client - Env_opt_add Heap-Based Buffer Overflow Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow PHPBB 2.0.13 DLMan Pro Module - SQL Injection PHPBB 2.0.13 Linkz Pro Module - SQL Injection phpBB 2.0.13 DLMan Pro Module - SQL Injection phpBB 2.0.13 Linkz Pro Module - SQL Injection PHPBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting PHPBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting phpBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter'SQL Injection Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter' SQL Injection PHPBB Remote - mod.php SQL Injection Datenbank Module For PHPBB - Remote mod.php Cross-Site Scripting phpBB Remote - mod.php SQL Injection Datenbank Module For phpBB - Remote mod.php Cross-Site Scripting PHPBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection PHPBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection RaidenFTPD 2.4 - Unauthorized File Access RaidenFTPd 2.4 - Unauthorized File Access CartWIZ 1.10 - login.asp Redirect Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting CartWIZ 1.10 - login.asp Message Argument Cross-Site Scripting CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting PHPBB 2.0.x - profile.php Cross-Site Scripting PHPBB 2.0.x - viewtopic.php Cross-Site Scripting phpBB 2.0.x - profile.php Cross-Site Scripting phpBB 2.0.x - viewtopic.php Cross-Site Scripting Notes Module for PHPBB - SQL Injection Notes Module for phpBB - SQL Injection PHPCOIN 1.2 - login.php PHPcoinsessid Parameter SQL Injection PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection CodetoSell ViArt Shop Enterprise 2.1.6 - page.php page Parameter Cross-Site Scripting CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php' page Parameter Cross-Site Scripting PHPBB 2.0.x - URL Tag BBCode.php phpBB 2.0.x - URL Tag BBCode.php Active News Manager - login.asp SQL Injection Active News Manager - 'login.asp' SQL Injection FunkyASP AD Systems 1.1 - login.asp SQL Injection FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow OS4E - login.asp SQL Injection OS4E - 'login.asp' SQL Injection JiRo's Upload System 1.0 - login.asp SQL Injection NEXTWEB - (i)Site login.asp SQL Injection JiRo's Upload System 1.0 - 'login.asp' SQL Injection NEXTWEB - (i)Site 'login.asp' SQL Injection Livingcolor Livingmailing 1.3 - login.asp SQL Injection Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection WWWeb Concepts Events System 1.0 - login.asp SQL Injection WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection Cool Cafe Chat 1.2.1 - login.asp SQL Injection Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection LaGarde StoreFront 5.0 Shopping Cart - login.asp SQL Injection LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp SQL Injection Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection PHPWebsite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal phpWebSite 0.7.3/0.8.x/0.9.x - 'index.php' Directory Traversal Cuppa CMS - 'alertConfigField.php urlConfig parameter'Remote / Local File Inclusion Cuppa CMS - 'alertConfigField.php urlConfig parameter' Remote / Local File Inclusion VBZoom 1.0/1.11 - login.php UserID Parameter Cross-Site Scripting VBZoom 1.0/1.11 - 'login.php' UserID Parameter Cross-Site Scripting PHP Lite Calendar Express 2.2 - login.php cid Parameter SQL Injection PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection ATutor 1.5.1 - login.php course Parameter Cross-Site Scripting ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting Adrenalin Player 2.2.5.3 - '.wax'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow PHPwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access PHPwcms 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access AVS Media Player 4.1.11.100 - '.ac3'Denial of Service AVS Media Player 4.1.11.100 - '.ac3' Denial of Service Adrenalin Player 2.2.5.3 - '.wvx'SEH Buffer Overflow Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow WinAmp 5.63 - Stack-based Buffer Overflow WinAmp 5.63 - Stack Based Buffer Overflow PHPX 3.5.x - Admin login.php SQL Injection PHPX 3.5.x - Admin 'login.php' SQL Injection DRZES Hms 3.2 - login.php Cross-Site Scripting DRZES Hms 3.2 - 'login.php' Cross-Site Scripting PortalApp 3.3/4.0 - login.asp Cross-Site Scripting SiteEnable 3.3 - login.asp Cross-Site Scripting IntranetApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting PortalApp 3.3/4.0 - 'login.asp' Cross-Site Scripting SiteEnable 3.3 - 'login.asp' Cross-Site Scripting IntranetApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - login.asp ret_page Parameter Cross-Site Scripting ProjectApp 3.3 - 'login.asp' ret_page Parameter Cross-Site Scripting VbsEdit 5.9.3 - '.smi'Buffer Overflow VbsEdit 5.9.3 - '.smi' Buffer Overflow Artweaver 3.1.5 - '.awd'Buffer Overflow Artweaver 3.1.5 - '.awd' Buffer Overflow XnView 2.03 - '.pct'Buffer Overflow XnView 2.03 - '.pct' Buffer Overflow aoblogger 2.3 - login.php username Field SQL Injection aoblogger 2.3 - 'login.php' username Field SQL Injection WebspotBlogging 3.0 - login.php SQL Injection WebspotBlogging 3.0 - 'login.php' SQL Injection miniBloggie 1.0 - login.php SQL Injection miniBloggie 1.0 - 'login.php' SQL Injection ASPThai Forums 8.0 - login.asp SQL Injection ASPThai Forums 8.0 - 'login.asp' SQL Injection Windows RT ARM - Bind Shell (Port 4444) shellcode Windows RT ARM - Bind Shell (Port 4444) Shellcode Virtual Hosting Control System 2.2/2.4 - login.php check_login() Function Authentication Bypass Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass Siteframe Beaumont 5.0.1/5.0.2 - page.php HTML Injection Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection Ginkgo CMS - 'index.php rang parameter'SQL Injection Ginkgo CMS - 'index.php rang parameter' SQL Injection Game-Panel 2.6 - login.php Cross-Site Scripting Game-Panel 2.6 - 'login.php' Cross-Site Scripting QwikiWiki 1.4/1.5 - login.php Multiple Parameter Cross-Site Scripting QwikiWiki 1.4/1.5 - 'login.php' Multiple Parameter Cross-Site Scripting PHPWebsite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection PHPWebsite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection PhxContacts 0.93 - login.php Cross-Site Scripting PhxContacts 0.93 - 'login.php' Cross-Site Scripting MLMAuction Script - 'gallery.php id parameter'SQL Injection MLMAuction Script - 'gallery.php id parameter' SQL Injection RedCMS 0.1 - login.php Multiple Parameter SQL Injection RedCMS 0.1 - 'login.php' Multiple Parameter SQL Injection ShopWeezle 2.0 - login.php itemID Parameter SQL Injection ShopWeezle 2.0 - 'login.php' itemID Parameter SQL Injection ContentBoxx - login.php Cross-Site Scripting ContentBoxx - 'login.php' Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter SQL Injection phpBB Chart Mod 1.1 - charts.php id Parameter SQL Injection PHPBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion JSBoard 2.0.10/2.0.11 - login.php Cross-Site Scripting JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting CyberBuild - login.asp SessionID Parameter SQL Injection CyberBuild - 'login.asp' SessionID Parameter SQL Injection CyberBuild - login.asp SessionID Parameter Cross-Site Scripting CyberBuild - 'login.asp' SessionID Parameter Cross-Site Scripting PHPBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting phpBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting PHPBB 2.0.20 - Unauthorized HTTP Proxy phpBB 2.0.20 - Unauthorized HTTP Proxy PHPBB 2.0.x - template.php Remote File Inclusion phpBB 2.0.x - template.php Remote File Inclusion PHPBB - BBRSS.php Remote File Inclusion RahnemaCo - page.php Remote File Inclusion phpBB - BBRSS.php Remote File Inclusion RahnemaCo - 'page.php' Remote File Inclusion BlueDragon Server 6.2.1 - '.cfm'Denial of Service BlueDragon Server 6.2.1 - '.cfm' Denial of Service MyMail 1.0 - login.php Cross-Site Scripting MyMail 1.0 - 'login.php' Cross-Site Scripting Woltlab Burning Board FLVideo Addon - 'video.php value parameter'SQL Injection Woltlab Burning Board FLVideo Addon - 'video.php value parameter' SQL Injection PHPBB 1.2.4 For Mambo - Multiple Remote File Inclusion phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion PHPbb-auction 1.x - auction_room.php ar Parameter SQL Injection PHPbb-auction 1.x - auction_store.php u Parameter SQL Injection phpBB-auction 1.x - auction_room.php ar Parameter SQL Injection phpBB-auction 1.x - auction_store.php u Parameter SQL Injection Linux/x86 - Multi-Egghunter shellcode Linux/x86 - Multi-Egghunter Shellcode Jamroom 3.0.16 - login.php Cross-Site Scripting Jamroom 3.0.16 - 'login.php' Cross-Site Scripting DCP-Portal 6.0 - login.php username Parameter SQL Injection DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection PhpBB XS 0.58 - Multiple Remote File Inclusion phpBB XS 0.58 - Multiple Remote File Inclusion AckerTodo 4.2 - login.php Multiple SQL Injection AckerTodo 4.2 - 'login.php' Multiple SQL Injection PHPWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion PHPBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico'Buffer Overflow phpBB Add Name Module - Not_Mem.php Remote File Inclusion IcoFX 2.5.0.0 - '.ico' Buffer Overflow Evandor Easy notesManager 0.0.1 - login.php username Parameter SQL Injection Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php Multiple Parameter Cross-Site Scripting AIOCP 1.3.x - cp_dpage.php choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - cp_show_ec_products.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - cp_links_search.php orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion AIOCP 1.3.x - cp_dpage.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_forum_view.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_edit_user.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_contact_us.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection AIOCP 1.3.x - cp_login.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_users_online.php order_field Parameter SQL Injection AIOCP 1.3.x - cp_codice_fiscale.php choosed_language Parameter SQL Injection AIOCP 1.3.x - cp_links_search.php orderdir Parameter SQL Injection AIOCP 1.3.x - cp_dpage.php Full Path Disclosure AIOCP 1.3.x - cp_show_ec_products.php Full Path Disclosure AIOCP 1.3.x - cp_show_page_help.php Full Path Disclosure AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting Windows x86 - Persistent Reverse Shell TCP (494 Bytes) AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_show_ec_products.php' order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_users_online.php order_field Parameter Cross-Site Scripting AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter Cross-Site Scripting AIOCP 1.3.x - '/admin/code/index.php' load_page Parameter Remote File Inclusion AIOCP 1.3.x - 'cp_dpage.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_news.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_forum_view.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_edit_user.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_newsletter.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_links.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_contact_us.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_show_ec_products.php' Multiple Parameter SQL Injection AIOCP 1.3.x - 'cp_login.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_users_online.php' order_field Parameter SQL Injection AIOCP 1.3.x - 'cp_codice_fiscale.php' choosed_language Parameter SQL Injection AIOCP 1.3.x - 'cp_links_search.php' orderdir Parameter SQL Injection AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure INFINICART - login.asp Multiple Parameter Cross-Site Scripting INFINICART - 'login.asp' Multiple Parameter Cross-Site Scripting Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion SIAP CMS - login.asp SQL Injection SIAP CMS - 'login.asp' SQL Injection AppIntellect SpotLight CRM - login.asp SQL Injection AppIntellect SpotLight CRM - 'login.asp' SQL Injection DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection PHPBB 2.0.21 - privmsg.php HTML Injection phpBB 2.0.21 - privmsg.php HTML Injection Indexu 5.0/5.3 - login.php error_msg Parameter Cross-Site Scripting Indexu 5.0/5.3 - 'login.php' error_msg Parameter Cross-Site Scripting myBloggie 2.1.5 - login.php PATH_INFO Parameter Cross-Site Scripting myBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Avira Secure Backup 1.0.0.1 Build 3616 - '.reg'Buffer Overflow Avira Secure Backup 1.0.0.1 Build 3616 - '.reg' Buffer Overflow Boilsoft RM TO MP3 Converter 1.72 - Crash PoC '.wav' Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC Tyger Bug Tracking System 1.1.3 - login.php PATH_INFO Parameter Cross-Site Scripting Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting Horde Framework 3.1.3 - login.php Cross-Site Scripting Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting PHPStats 0.1.9 - Multiple SQL Injections PHPStats 0.1.9 - PHP-Stats-options.php Remote Code Execution phpStats 0.1.9 - Multiple SQL Injections phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution Free File Hosting System 1.1 - login.php AD_BODY_TEMP Parameter Remote File Inclusion Free File Hosting System 1.1 - 'login.php' AD_BODY_TEMP Parameter Remote File Inclusion DeskPro 2.0.1 - login.php HTML Injection DeskPro 2.0.1 - 'login.php' HTML Injection plesk 8.1.1 - login.php3 Directory Traversal plesk 8.1.1 - 'login.php3' Directory Traversal Ahhp Portal - page.php Multiple Remote File Inclusion Ahhp Portal - 'page.php' Multiple Remote File Inclusion Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - ' LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion PHPPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting phpPgAdmin 4.1.1 - SQLEDIT.php Cross-Site Scripting Maia Mailguard 1.0.2 - login.php Multiple Local File Inclusion Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusion Nukedit 4.9.x - login.asp Cross-Site Scripting Nukedit 4.9.x - 'login.asp' Cross-Site Scripting Pay Roll Time Sheet and Punch Card Application With Web UI - login.asp SQL Injection Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp'Version Attribute Buffer Overflow RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow PHPGedView 4.1 - login.php Cross-Site Scripting PHPGedView 4.1 - 'login.php' Cross-Site Scripting E-Smart Cart 1.0 - login.asp SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap-Based Buffer Overflow E-Smart Cart 1.0 - 'login.asp' SQL Injection AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection AfterLogic MailBee WebMail Pro 3.x - login.php mode Parameter Cross-Site Scripting AfterLogic MailBee WebMail Pro 3.x - 'login.php' mode Parameter Cross-Site Scripting Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting JiRo's Banner System 2.0 - login.asp Multiple SQL Injection JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection WinUAE 1.4.4 - 'zfile.c' Stack-Based Buffer Overflow WinUAE 1.4.4 - 'zfile.c' Stack Based Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' 1.0 - ActiveX Control Buffer Overflow Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color() MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color() Android Web Browser - GIF File Heap-Based Buffer Overflow Android Web Browser - GIF File Heap Based Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP'Project File Buffer Overflow NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow PHPstats 0.1_alpha - 'PHPstats.php' Cross-Site Scripting phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting Publish-It 3.6d - '.pui'SEH Buffer Overflow Publish-It 3.6d - '.pui' SEH Buffer Overflow LeadTools Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities PHPBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion LeadTools Multimedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion PHPBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion EsContacts 1.0 - login.php msg Parameter Cross-Site Scripting EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting NASA Ames Research Center BigView 1.8 - '.PNM'Stack-Based Buffer Overflow NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter'SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter' SQL Injection VCDGear 3.50 - '.cue'Stack Buffer Overflow VCDGear 3.50 - '.cue' Stack Buffer Overflow FaName 1.0 - page.php name Parameter Cross-Site Scripting FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - login.php Multiple Parameter Cross-Site Scripting TGS Content Management 0.3.2r2 - 'login.php' Multiple Parameter Cross-Site Scripting Claroline 1.8.9 - PHPbb/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/reply.php URL Cross-Site Scripting Claroline 1.8.9 - PHPbb/viewtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/newtopic.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/reply.php URL Cross-Site Scripting Claroline 1.8.9 - phpBB/viewtopic.php URL Cross-Site Scripting Trixbox - 'endpoint_aastra.php mac parameter'Remote Code Injection Trixbox - 'endpoint_aastra.php mac parameter' Remote Code Injection Free Download Manager - Stack-based Buffer Overflow Free Download Manager - Stack Based Buffer Overflow XRms 1.99.2 - login.php target Parameter Cross-Site Scripting XRms 1.99.2 - 'login.php' target Parameter Cross-Site Scripting Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service Microsoft DebugDiag 1.0 - ' CrashHangExt.dll' ActiveX Control Remote Denial of Service PHPWebSite 0.9.3 - 'links.php' SQL Injection phpWebSite 0.9.3 - 'links.php' SQL Injection Easyedit CMS - page.php intPageID Parameter SQL Injection Easyedit CMS - 'page.php' intPageID Parameter SQL Injection aMSN - '.ctt'Remote Denial of Service aMSN - '.ctt' Remote Denial of Service 68 Classifieds 4.1 - login.php goto Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting ProFTPD 1.3 - 'mod_sql' Username SQL Injection ProFTPd 1.3 - 'mod_sql' Username SQL Injection LinPHA 1.3.2/1.3.3 - login.php Cross-Site Scripting LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting Recover Data for Novell Netware 1.0 - '.sav'Remote Denial of Service Recover Data for Novell Netware 1.0 - '.sav' Remote Denial of Service J. River Media Jukebox 12 - '.mp3'Remote Heap Buffer Overflow J. River Media Jukebox 12 - '.mp3' Remote Heap Buffer Overflow Invision Power Board 3.0.3 - '.txt'MIME-Type Cross-Site Scripting Invision Power Board 3.0.3 - '.txt' MIME-Type Cross-Site Scripting OpenOffice 3.1 - '.csv'Remote Denial of Service OpenOffice 3.1 - '.csv' Remote Denial of Service OpenOffice 3.1 - '.slk'NULL Pointer Dereference Remote Denial of Service OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service BS.Player 2.51 - '.mp3'Buffer Overflow BS.Player 2.51 - '.mp3' Buffer Overflow netKar PRO 1.1 - '.nkuser'File Creation NULL Pointer Denial Of Service netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service Aqua Real Screensaver - '.ar'Buffer Overflow Aqua Real Screensaver - '.ar' Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3'Remote Buffer Overflow Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow Sonique 2.0 - '.xpl'Remote Stack-Based Buffer Overflow Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow Property Watch - login.php redirect Parameter Cross-Site Scripting Property Watch - 'login.php' redirect Parameter Cross-Site Scripting Xilisoft Video Converter 3.1.8.0720b - '.ogg'Buffer Overflow Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow Mulitple Wordpress Themes - 'admin-ajax.php img parameter'Arbitrary File Download Mulitple Wordpress Themes - 'admin-ajax.php img parameter' Arbitrary File Download Crystal Player 1.98 - '.mls'Buffer Overflow Crystal Player 1.98 - '.mls' Buffer Overflow Wordpress Acento Theme - 'view-pdf.php file parameter'Arbitrary File Download Wordpress Acento Theme - 'view-pdf.php file parameter' Arbitrary File Download GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution DragDropCart - login.php redirect Parameter Cross-Site Scripting DragDropCart - 'login.php' redirect Parameter Cross-Site Scripting Microsoft Bluetooth Personal Area Networking - 'BthPan.sys'Privilege Escalation Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation WordPress RB Agency Plugin 2.4.7 - Local File Disclosure Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'Buffer Overflow/Denial of Service EIP Overwrite Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite Wireshark 1.4.3 - '.pcap'Memory Corruption Wireshark 1.4.3 - '.pcap' Memory Corruption Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax'SEH Buffer Overflow Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf'Remote Buffer Overflow DivX Player 6.x - '.dps'Remote Buffer Overflow KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow DivX Player 6.x - '.dps' Remote Buffer Overflow VLC Media Player 1.0.5 - '.ape'Denial of Service VLC Media Player 1.0.5 - '.ape' Denial of Service RealPlayer 11 - '.rmp'Remote Buffer Overflow RealPlayer 11 - '.rmp' Remote Buffer Overflow Advantech AdamView 4.30.003 - '.gni'SEH Buffer Overflow Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f'Remote Buffer Overflow FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow eXPert PDF 7.0.880.0 - '.pj'Heab-based Buffer Overflow eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow BlueVoda Website Builder 11 - '.bvp' File Stack Based Buffer Overflow PHPWebSite 1.7.1 - 'upload.php' Arbitrary File Upload phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution PHPWebSite 1.7.1 - 'mod.php' SQL Injection phpWebSite 1.7.1 - 'mod.php' SQL Injection Linux/x86 - custom execve-shellcode Encoder/Decoder Linux/x86 - custom execve-Shellcode Encoder/Decoder ProFTPd 1.3.5 (mod_copy) - Remote Command Execution ProFTPd 1.3.5 - (mod_copy) Remote Command Execution ProFTPD 1.3.5 - Mod_Copy Command Execution ProFTPd 1.3.5 - 'Mod_Copy' Command Execution Linux/x86 - Download & Execute shellcode Linux/x86 - Download & Execute Shellcode Adobe Flash - Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File Valhala Honeypot 1.8 - Stack-Based Buffer Overflow Valhala Honeypot 1.8 - Stack Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass WebKit Cross-Site Scripting Filter - ' Cross-Site ScriptingAuditor.cpp' Security Bypass Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow Mpxplay Multimedia Commander 2.00a - .m3u Stack Based Buffer Overflow Linux/x86-64 - /bin/sh shellcode Linux/x86-64 - /bin/sh Shellcode Last PassBroker 3.2.16 - Stack-Based Buffer Overflow Last PassBroker 3.2.16 - Stack Based Buffer Overflow C2 WebResource - 'File' Parameter Cross-Site Scripting C2 WebResource - ' File' Parameter Cross-Site Scripting SmallFTPD - Unspecified Denial of Service SmallFTPd - Unspecified Denial of Service VLC 2.2.1 libvlccore - '.mp3'Stack Overflow VLC 2.2.1 libvlccore - '.mp3' Stack Overflow FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read FBZX 2.10 - Local Stack-Based Buffer Overflow FBZX 2.10 - Local Stack Based Buffer Overflow TACK 1.07 - Local Stack-Based Buffer Overflow TACK 1.07 - Local Stack Based Buffer Overflow Dynamic Biz Website Builder (QuickWeb) 1.0 - login.asp Multiple Field SQL Injection Authentication Bypass Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass Wireshark - iseries_parse_packet Heap-Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow Wireshark - iseries_parse_packet Heap Based Buffer Overflow Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow Wireshark - find_signature Stack-Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow Wireshark - getRate Stack-Based Out-of-Bounds Read Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow Wireshark - find_signature Stack Based Out-of-Bounds Read Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow Wireshark - getRate Stack Based Out-of-Bounds Read Adobe Flash TextField.variable Setter - Use-After-Free Adobe Flash TextField.Variable Setter - Use-After-Free Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read Wireshark infer_pkt_encap - Heap Based Out-of-Bounds Read Wireshark AirPDcapDecryptWPABroadcastKey - Heap Based Out-of-Bounds Read eshtery CMS - 'FileManager.aspx' Local File Disclosure eshtery CMS - ' FileManager.aspx' Local File Disclosure pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read pdfium CPDF_Function::Call - Stack-Based Buffer Overflow pdfium CPDF_Function::Call - Stack Based Buffer Overflow MySQL 5.5.45 (64bit) - Local Credentials Disclosure pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read Tftpd32 and Tftpd64 - Denial Of Service TFTPD32 and Tftpd64 - Denial Of Service glibc - getaddrinfo Stack-Based Buffer Overflow glibc - getaddrinfo Stack Based Buffer Overflow Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow libxml2 - xmlDictAddString Heap-Based Buffer Overread libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread libxml2 - htmlCurrentChar Heap-Based Buffer Overread Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow libxml2 - xmlDictAddString Heap Based Buffer Overread libxml2 - xmlParseEndTag2 Heap Based Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap Based Buffer Overread libxml2 - htmlCurrentChar Heap Based Buffer Overread Kamailio 4.3.4 - Heap-Based Buffer Overflow Kamailio 4.3.4 - Heap Based Buffer Overflow Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow Wireshark - dissect_2008_16_security_4 Stack Based Buffer Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow NRSS Reader 0.3.9 - Local Stack-Based Overflow NRSS Reader 0.3.9 - Local Stack Based Overflow Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap-Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads Graphite2 - GlyphCache::GlyphCache Heap Based Buffer Overflow Graphite2 - GlyphCache::Loader Heap Based Overreads Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Based Memory Corruption Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097) Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097) PHP 5.0.0 - imap_mail() Local Denial of Service PHP 5.0.0 - 'imap_mail()' Local Denial of Service PHP 5.0.0 - html_doc_file() Local Denial of Service PHP 5.0.0 - 'html_doc_file()' Local Denial of Service |
||
|---|---|---|
| platforms | ||
| files.csv | ||
| README.md | ||
| searchsploit | ||
The Exploit-Database Git Repository
This is the official repository of The Exploit Database, a project sponsored by Offensive Security.
The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.
Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms.
root@kali:~# searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
Example:
searchsploit afd windows local
searchsploit -t oracle windows
=========
Options
=========
-c, --case Perform a case-sensitive search (Default is inSEnsITiVe).
-e, --exact Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
-h, --help Show this help screen.
-j, --json Show result in JSON format.
-o, --overflow Exploit title's are allowed to overflow their columns.
-p, --path Show the full path to an exploit (Copies path to clipboard if possible).
-t, --title Search just the exploit title (Default is title AND the file's path).
-u, --update Update exploit database from git.
-w, --www Show URLs to Exploit-DB.com rather than local path.
--colour Disable colour highlighting.
--id Display EDB-ID value rather than local path.
=======
Notes
=======
* Use any number of search terms.
* Search terms are not case sensitive, and order is irrelevant.
* Use '-c' if you wish to reduce results by case-sensitive searching.
* And/Or '-e' if you wish to filter results by using an exact match.
* Use '-t' to exclude the file's path to filter the search results.
* Remove false positives (especially when searching numbers/major versions).
* When updating from git or displaying help, search terms will be ignored.
root@kali:~#
root@kali:~# searchsploit afd windows local
--------------------------------------------------------------------------------- ----------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/platforms)
--------------------------------------------------------------------------------- ----------------------------------
Microsoft Windows 2003/XP - afd.sys Privilege Escalation Exploit (K-plugin) | ./windows/local/6757.txt
Microsoft Windows XP - afd.sys Local Kernel Denial of Service | ./windows/dos/17133.c
Microsoft Windows XP/2003 - afd.sys Local Privilege Escalation Exploit (MS11-080)| ./windows/local/18176.py
Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080) | ./windows/local/21844.rb
Microsoft Windows - afd.sys Dangling Pointer Privilege Escalation (MS14-040) | ./win_x86/local/39446.py
Microsoft Windows 7 (x64) - afd.sys Privilege Escalation (MS14-040) | ./win_x86-64/local/39525.py
--------------------------------------------------------------------------------- ----------------------------------
root@kali:~#