6ab9a26ee4
10 new exploits PHP Exif Extension - 'exif_read_data()' Function Remote Denial of Service PHP 'Exif' Extension - 'exif_read_data()' Function Remote Denial of Service PHP phar extension 1.1.1 - Heap Overflow PHP 'phar' Extension 1.1.1 - Heap Overflow PHP 5.2.1 GD Extension - '.WBMP' File Integer Overflow Vulnerabilities PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow Vulnerabilities PHP 5.3.1 - 'session_save_path()' 'Safe_mode' Restriction-Bypass PHP 5.3.1 - 'session_save_path()' 'Safe_mode()' Restriction Bypass Exploiot PHP 5.3.2 xmlrpc Extension - Multiple Remote Denial of Service Vulnerabilities PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities PHP 5.3.x - 'Intl' Extension 'NumberFormatter::setSymbol()' Function Denial of Service PHP 5.3.x - 'Zip' Extension 'stream_get_contents()' Function Denial of Service PHP 5.3.x 'Intl' Extension - 'NumberFormatter::setSymbol()' Function Denial of Service PHP 5.3.x 'Zip' Extension - 'stream_get_contents()' Function Denial of Service PHP < 5.3.6 OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak Denial of Service PHP < 5.3.6 OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak Denial of Service PHP < 5.3.6 'OpenSSL' Extension - 'openssl_encrypt' Function Plaintext Data Memory Leak Denial of Service PHP < 5.3.6 'OpenSSL' Extension - 'openssl_decrypt' Function Ciphertext Data Memory Leak Denial of Service unrar 5.40 - VMSF_DELTA Filter Arbitrary Memory Write unrar 5.40 - 'VMSF_DELTA' Filter Arbitrary Memory Write NTFS 3.1 - Master File Table Denial of Service LAME 3.99.5 - 'II_step_one' Buffer Overflow LAME 3.99.5 - 'III_dequantize_sample' Stack-Based Buffer Overflow IBM DB2 9.7 / 10.1 / 10.5 / 11.1 - Command Line Processor Buffer Overflow PHP COM extensions - (inconsistent Win32) Safe_mode Bypass Exploit PHP 'COM' Extensions - (inconsistent Win32) 'safe_mode' Bypass Exploit PHP 5.2.3 Tidy extension - Local Buffer Overflow PHP 5.2.3 'Tidy' Extension - Local Buffer Overflow PHP 5.2.3 - Win32std ext. Safe_mode/disable_functions Protections Bypass PHP 5.2.3 - Win32std ext. 'safe_mode' / 'disable_functions' Protections Bypass PHP 5.x - (Win32service) Local Safe Mode Bypass Exploit PHP 5.x - (Win32service) Local 'Safe_Mode()' Bypass Exploit PHP FFI Extension 5.0.5 - Local Safe_mode Bypass PHP Perl Extension - Safe_mode BypassExploit PHP 'FFI' Extension 5.0.5 - 'Safe_mode' Local Bypass Exploit PHP 'Perl' Extension - 'Safe_mode' Bypass Exploit PHP 4.4.7 / 5.2.3 - MySQL/MySQL Injection Safe Mode Bypass PHP 4.4.7 / 5.2.3 - MySQL/MySQLi 'Safe_Mode' Bypass Exploit PHP 5.2.4 ionCube extension - Safe_mode / disable_functions Bypass PHP 5.2.4 'ionCube' Extension - 'safe_mode' / disable_functions Bypass PHP 5.x - COM functions Safe_mode and disable_function Bypass PHP 5.x - COM functions 'Safe_mode()' / 'disable_function' Bypass PHP 5.2.6 - (error_log) Safe_mode Bypass PHP 5.2.6 - 'error_log' Safe_mode Bypass Exploit PHP - Safe_mode Bypass via proc_open() and custom Environment PHP - 'Safe_mode' Bypass via 'proc_open()' and custom Environment PHP python extension safe_mode - Bypass Local PHP 'python' Extension - 'safe_mode' Local Bypass Exploit PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3 < 5 - Ini_Restore() 'Safe_mode' / 'open_basedir' Restriction Bypass PHP 5.2 - Session.Save_Path() Safe_mode and open_basedir Restriction Bypass PHP 5.2 - Session.Save_Path() 'Safe_mode' / 'open_basedir' Restriction Bypass PHP 5.2 - FOpen Safe_mode Restriction-Bypass PHP 5.2 - FOpen 'Safe_mode' Restriction Bypass Exploit PHP 5.2.5 - Multiple functions 'safe_mode_exec_dir' and 'open_basedir' Restriction Bypass Vulnerabilities PHP 5.2.5 - Multiple functions 'safe_mode_exec_dir' / 'open_basedir' Restriction Bypass Vulnerabilities suPHP 0.7 - 'suPHP_ConfigPath' Safe Mode Restriction-Bypass suPHP 0.7 - 'suPHP_ConfigPath' Safe_Mode() Restriction Bypass Exploit PHP 5.2.9 cURL - 'Safe_mode' and 'open_basedir' Restriction-Bypass PHP 5.2.9 cURL - 'Safe_mode' / 'open_basedir' Restriction Bypass Exploit JAD Java Decompiler 1.5.8e - Buffer Overflow Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass/RCI Exploit Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass / Remote Code Injection Exploit Network Tool 0.2 PHP-Nuke Addon - MetaCharacter Filtering Command Execution PHP-Nuke Network Tool 0.2 Addon - MetaCharacter Filtering Command Execution PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure PHP 4.x/5.x - 'Html_Entity_Decode()' Information Disclosure PHP 4.x - copy() Function Safe Mode Bypass PHP 4.x - 'copy()' Function 'Safe_Mode' Bypass Exploit PHP 5.2.5 - cURL 'safe mode' Security Bypass PHP 5.2.5 - cURL 'safe_mode' Security Bypass Exploit PHP 5.x (5.3.x 5.3.2) - 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities PHP 5.3.x < 5.3.2 - 'ext/phar/stream.c' / 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities Apache 2.4.7 + PHP 7.0.2 - openssl_seal() Uninitialized Memory Code Execution Apache 2.4.7 + PHP 7.0.2 - 'openssl_seal()' Uninitialized Memory Code Execution Easy File Sharing HTTP Server 7.2 - POST Buffer Overflow (Metasploit) Crypttech CryptoLog - Remote Code Execution (Metasploit) Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution (Metasploit) Netgear DGN2200 - dnslookup.cgi Command Injection (Metasploit) Linux/x86 - Bind Shell Shellcode (75 bytes) JiRos Banner Experience 1.0 - (Create Authentication Bypass) Remote Exploit JiRos Banner Experience 1.0 - Create Authentication Bypass Remote Exploit XOOPS myAds Module - (lid) SQL Injection XOOPS myAds Module - 'lid' SQL Injection PHP-Update 2.7 - extract() Authentication Bypass / Shell Inject Exploit PHP-Update 2.7 - 'extract()' Authentication Bypass / Shell Inject Exploit Kolang - proc_open PHP safe mode Bypass 4.3.10 - 5.3.0 Exploit Kolang 4.3.10 < 5.3.0 - 'proc_open()' PHP 'safe_mode' Bypass Exploit SmarterMail 7.x (7.2.3925) - Persistent Cross-Site Scripting SmarterMail 7.x (7.2.3925) - LDAP Injection SmarterMail < 7.2.3925 - Persistent Cross-Site Scripting SmarterMail < 7.2.3925 - LDAP Injection MaticMarket 2.02 for PHP-Nuke - Local File Inclusion PHP-Nuke MaticMarket 2.02 - Local File Inclusion WordPress Plugin BuddyPress plugin 1.5.x < 1.5.5 - SQL Injection WordPress Plugin BuddyPress Plugin 1.5.x < 1.5.5 - SQL Injection Search Enhanced Module 1.1/2.0 for PHP-Nuke - HTML Injection PHP-Nuke Search Enhanced Module 1.1/2.0 - HTML Injection SonicWALL Gms 7.x - Filter Bypass & Persistent Exploit SonicWALL Gms 7.x - Filter Bypass / Persistent Exploit Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Exploit Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent Exploit PHP < 5.6.2 - Bypass disable_functions Exploit (Shellshock) PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock) phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection phpSFP Schedule Facebook Posts 1.5.6 - SQL Injection pragmaMx 1.12.1 - modules.php URI Cross-Site Scripting pragmaMx 1.12.1 - 'modules.php' URI Cross-Site Scripting Glossaire Module for XOOPS - '/modules/glossaire/glossaire-aff.php' SQL Injection XOOPS Glossaire Module- '/modules/glossaire/glossaire-aff.php' SQL Injection ATutor LMS - install_modules.php Cross-Site Request Forgery / Remote Code Execution ATutor LMS - 'install_modules.php' Cross-Site Request Forgery / Remote Code Execution vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x/5.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API Eltek SmartPack - Backdoor Account |
||
|---|---|---|
| .. | ||
| dos | ||
| local | ||
| remote | ||
| shellcode | ||
| webapps | ||