bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/android
History
Offensive Security 9f1fdff37d DB: 2016-12-30 
6 new exploits

VicFTPS < 5.0 - (CWD) Remote Buffer Overflow (PoC)
VicFTPS < 5.0 - 'CWD' Remote Buffer Overflow (PoC)

SilverSHielD 1.0.2.34 - (opendir) Denial of Service
SilverSHielD 1.0.2.34 - Denial of Service

Android - get_user/put_user Exploit (Metasploit)

LoudBlog 0.4 - (path) Arbitrary Remote File Inclusion
LoudBlog 0.4 - Arbitrary Remote File Inclusion

MyEvent 1.3 - (myevent_path) Remote File Inclusion
MyEvent 1.3 - 'event.php' Remote File Inclusion

LoudBlog 0.5 - (id) SQL Injection / Admin Credentials Disclosure
LoudBlog 0.5 - SQL Injection / Admin Credentials Disclosure

yappa-ng 2.3.1 - (admin_modules) Remote File Inclusion
Yappa-ng 2.3.1 - (admin_modules) Remote File Inclusion

PHP Easy Downloader 1.5 - (save.php) Remote Code Execution
PHP Easy Downloader 1.5 - 'save.php' Remote Code Execution

Ip Reg 0.3 - Multiple SQL Injections
IP Reg 0.3 - Multiple SQL Injections

AstroSPACES - 'id' SQL Injection
AstroSPACES 1.1.1 - 'id' Parameter SQL Injection

myEvent 1.6 - (viewevent.php) SQL Injection
myEvent 1.6 - 'eventdate' Parameter SQL Injection

Mosaic Commerce - 'category.php cid' SQL Injection
Mosaic Commerce - 'cid' Parameter SQL Injection
PokerMax Poker League - Insecure Cookie Handling
Kure 0.6.3 - (index.php post & doc) Local File Inclusion
PokerMax Poker League 0.13 - Insecure Cookie Handling
Kure 0.6.3 - 'index.php' Local File Inclusion

PHP Easy Downloader 1.5 - (file) File Disclosure
PHP Easy Downloader 1.5 - 'file' Parameter File Disclosure

Post Affiliate Pro 2.0 - (index.php md) Local File Inclusion
Post Affiliate Pro 2.0 - 'md' Parameter Local File Inclusion

XOOPS Module GesGaleri - (kategorino) SQL Injection
XOOPS Module GesGaleri - SQL Injection

zeeproperty - 'adid' SQL Injection
zeeproperty - 'adid' Parameter SQL Injection
Fast Click SQL 1.1.7 Lite - (init.php) Remote File Inclusion
yappa-ng 2.3.3-beta0 - (album) Local File Inclusion
Fast Click SQL 1.1.7 Lite - 'init.php' Remote File Inclusion
Yappa-ng 2.3.3-beta0 - 'album' Parameter Local File Inclusion
WBB Plugin rGallery 1.09 - 'itemID' Blind SQL Injection
e107 <= 0.7.13 - (usersettings.php) Blind SQL Injection
Joomla! Component ds-syndicate - (feed_id) SQL Injection
XOOPS Module makale - SQL Injection
WBB Plugin rGallery 1.09 - 'itemID' Parameter Blind SQL Injection
e107 <= 0.7.13 - 'usersettings.php' Blind SQL Injection
Joomla! Component ds-syndicate - 'feed_id' Parameter SQL Injection
XOOPS Module makale 0.26 - SQL Injection
ShopMaker 1.0 - (product.php id) SQL Injection
Joomla! Component Daily Message 1.0.3 - 'id' SQL Injection
ShopMaker CMS 1.0 - 'id' Parameter SQL Injection
Joomla! Component Daily Message 1.0.3 - 'id' Parameter SQL Injection
phpcrs 2.06 - (importFunction) Local File Inclusion
LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection
phpcrs 2.06 - 'importFunction' Parameter Local File Inclusion
LoudBlog 0.8.0a - 'ajax.php' SQL Injection

YDC - 'kdlist.php cat' SQL Injection
YDC - 'cat' Parameter SQL Injection

txtshop 1.0b (Windows) - 'Language' Local File Inclusion
txtshop 1.0b (Windows) - 'Language' Parameter Local File Inclusion

MindDezign Photo Gallery 2.2 - (index.php id) SQL Injection
MindDezign Photo Gallery 2.2 - SQL Injection

websvn 2.0 - Cross-Site Scripting / File Handling / Code Execution
WebSVN 2.0 - Cross-Site Scripting / File Handling / Code Execution

Aj RSS Reader - 'EditUrl.php url' SQL Injection
Aj RSS Reader - 'url' Parameter SQL Injection
WordPress Plugin Media Holder - 'mediaHolder.php id' SQL Injection
SFS Ez Forum - 'forum.php id' SQL Injection
WordPress Plugin Media Holder - SQL Injection
SFS Ez Forum - SQL Injection

e107 Plugin EasyShop - (category_id) Blind SQL Injection
e107 Plugin EasyShop - 'category_id' Parameter Blind SQL Injection

Post Affiliate Pro 3 - (umprof_status) Blind SQL Injection
Post Affiliate Pro 3 - 'umprof_status' Parameter Blind SQL Injection

CafeEngine - 'index.php catid' SQL Injection
CafeEngine - 'catid' Parameter SQL Injection

shopmaker CMS 2.0 - Blind SQL Injection / Local File Inclusion
ShopMaker CMS 2.0 - Blind SQL Injection / Local File Inclusion

CafeEngine CMS 2.3 - SQL Injection
CafeEngine 2.3 - SQL Injection
Yappa-NG 1.x/2.x - Unspecified Remote File Inclusion
Yappa-NG 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting

LoudBlog 0.41 - podcast.php id Parameter SQL Injection
LoudBlog 0.41 - 'podcast.php' SQL Injection

LoudBlog 0.41 - backend_settings.php language Parameter Traversal Arbitrary File Access
LoudBlog 0.41 - 'backend_settings.php' Traversal Arbitrary File Access

Fast Click SQL Lite 1.1.2/1.1.3 - show.php Remote File Inclusion
Fast Click SQL Lite 1.1.2/1.1.3 - 'show.php' Remote File Inclusion

myEvent 1.2/1.3 - Myevent.php Remote File Inclusion
myEvent 1.2/1.3 - 'myevent.php' Remote File Inclusion
Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - search.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'day.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'week.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'month.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'search.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'report.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'help.php' Cross-Site Scripting
yappa-ng - 'index.php' album Parameter Cross-Site Scripting
yappa-ng - Query String Cross-Site Scripting
Yappa-ng - 'index.php' album Parameter Cross-Site Scripting
Yappa-ng - Query String Cross-Site Scripting

tinybrowser - /tiny_mce/plugins/tinybrowser/edit.php type Parameter Cross-Site Scripting
tinybrowser - /tiny_mce/plugins/tinybrowser/upload.php type Parameter Cross-Site Scripting
tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php type Parameter Cross-Site Scripting
tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php Empty type Parameter Directory Listing
tinybrowser - /tiny_mce/plugins/tinybrowser/edit.php Empty type Parameter Directory Listing
tinybrowser - 'type' Parameter Cross-Site Scripting
tinybrowser - 'tinybrowser.php' Directory Listing
tinybrowser - 'edit.php' Directory Listing
Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 - SQL Injection
PHPMailer < 5.2.18 - Remote Code Execution (Python)
WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site Request Forgery
2016-12-30 05:01:19 +00:00
..
dos DB: 2016-12-21 2016-12-21 05:01:18 +00:00
local DB: 2016-12-30 2016-12-30 05:01:19 +00:00
remote DB: 2016-12-08 2016-12-08 05:01:21 +00:00
shellcode DB: 2015-09-16 2015-09-16 05:02:44 +00:00
webapps DB: 2015-07-07 2015-07-07 05:03:01 +00:00