A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
Find a file
Offensive Security 86f822c557 DB: 2017-06-23
11 new exploits

Microsoft Windows - ASN.1 LSASS.exe Remote Exploit (MS04-007)
Microsoft Windows - ASN.1 'LSASS.exe' Remote Exploit (MS04-007)

Slackware Linux - /usr/bin/ppp-off Insecure /tmp Call Exploit
Slackware Linux - '/usr/bin/ppp-off' Insecure /tmp Call Exploit

Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool
Microsoft Windows XP/2000 - TCP Connection Reset Remote Exploit

PostgreSQL 8.01 - Remote Reboot Denial of Service
PostgreSQL 8.01 - Remote Reboot (Denial of Service)

Cisco IP Phone 7940 - (Reboot) Denial of Service
Cisco IP Phone 7940 - Reboot (Denial of Service)

Cisco Aironet Wireless Access Points - Memory Exhaustion ARP Attack Denial of Service
Cisco Aironet Wireless Access Points - Memory Exhaustion ARP (Denial of Service)

Dropbear / OpenSSH Server - (MAX_UNAUTH_CLIENTS) Denial of Service
Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIENTS' Denial of Service

2WIRE Modems/Routers - CRLF Denial of Service
2WIRE Modems/Routers - 'CRLF' Denial of Service

FTP Explorer 1.0.1 Build 047 - (CPU Consumption) Remote Denial of Service
FTP Explorer 1.0.1 Build 047 - Remote CPU Consumption (Denial of Service)

Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service
Cisco Phone 7940/7960 - 'SIP INVITE' Remote Denial of Service

Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Hang / Crash (Denial of Service)
Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 - Hang / Crash (Denial of Service)

Linksys SPA941 - (remote reboot) Remote Denial of Service
Linksys SPA941 - Remote Reboot (Denial of Service)
CA BrightStor Backup 11.5.2.0 - caloggderd.exe Denial of Service
CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service
CA BrightStor Backup 11.5.2.0 - 'caloggderd.exe' Denial of Service
CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Denial of Service

Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service
Galaxy FTP Server 1.0 (Neostrada Livebox DSL Router) - Denial of Service

Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service
Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service

Xerox Phaser 8400 - (reboot) Remote Denial of Service
Xerox Phaser 8400 - Remote Reboot (Denial of Service)

Microsoft Windows Mobile 6.0 - Device long name Remote Reboot Exploit
Microsoft Windows Mobile 6.0 - Device Long Name Remote Reboot (Denial of Service)

Linksys WAG54G v2 (Wireless ADSL Router) - httpd Denial of Service
Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service

Netgear SSL312 Router - Denial of Service
NETGEAR SSL312 Router - Denial of Service

Netgear WGR614v9 Wireless Router - Denial of Service
NETGEAR WGR614v9 Wireless Router - Denial of Service

Gigaset SE461 WiMAX router - Remote Denial of Service
Gigaset SE461 WiMAX Router - Remote Denial of Service

Netgear DG632 Router - Remote Denial of Service
NETGEAR DG632 Router - Remote Denial of Service

Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC)

Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot Exploit
Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot (Denial of Service)

Siemens Gigaset SE361 WLAN - Remote Reboot Exploit
Siemens Gigaset SE361 WLAN - Remote Reboot (Denial of Service)

Apple Mac OSX 10.6 - HFS File System Attack (Denial of Service)
Apple Mac OSX 10.6 - HFS FileSystem Exploit (Denial of Service)

HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - 'webappmon.exe' 'execvp_nc' Remote Code Execution

Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe Denial of Service (PoC)
Cyclope Internet Filtering Proxy 4.0 - 'CEPMServer.exe' Denial of Service (PoC)

AirTies-4450 - Unauthorized Remote Reboot
AirTies-4450 - Unauthorized Remote Reboot (Denial of Service)
Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit
SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit
SunOS 4.1.1 - /usr/release/bin/winstall Exploit
Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Exploit
SunOS 4.1.1 - '/usr/release/bin/makeinstall' Exploit
SunOS 4.1.1 - '/usr/release/bin/winstall' Exploit

Linux Kernel 2.2 - 'ldd core' Force Reboot
Linux Kernel 2.2 - 'ldd core' Force Reboot (Denial of Service)

Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service
Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - 'visiadmin.exe' Denial of Service

OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow
OReilly WebSite 1.x/2.0 - 'win-c-sample.exe' Buffer Overflow

Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption
Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption (Denial of Service)

ID Software Quake 3 - 'smurf attack' Denial of Service
ID Software Quake 3 - 'SMURF' Denial of Service

Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow
Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow

Microsoft Windows NT/2000 - cmd.exe CD Buffer Overflow
Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow

Gordano Messaging Suite 9.0 - WWW.exe Denial of Service
Gordano Messaging Suite 9.0 - 'WWW.exe' Denial of Service

TYPSoft FTP Server 1.1 - Remote CPU Consumption Denial of Service
TYPSoft FTP Server 1.1 - Remote CPU Consumption (Denial of Service)

Microsoft Windows XP - explorer.exe Remote Denial of Service
Microsoft Windows XP - 'explorer.exe' Remote Denial of Service

VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions
VMware Workstation - 'vprintproxy.exe' JPEG2000 Images Multiple Memory Corruptions

Gattaca Server 2003 - web.tmpl Language Variable CPU Consumption Denial of Service
Gattaca Server 2003 - 'web.tmpl' 'Language' Parameter CPU Consumption (Denial of Service)

VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow
VMware Workstation - 'vprintproxy.exe' TrueType NAME Tables Heap Buffer Overflow

Microsoft Windows XP - explorer.exe .tiff Image Denial of Service
Microsoft Windows XP - 'explorer.exe' '.tiff' Image Denial of Service

Microsoft Windows XP - TSShutdn.exe Remote Denial of Service
Microsoft Windows XP - 'TSShutdn.exe' Remote Denial of Service

Orenosv HTTP/FTP Server 0.8.1 - CGISSI.exe Remote Buffer Overflow
Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow

PHPMailer 1.7 - Data() Function Remote Denial of Service
PHPMailer 1.7 - 'Data()' Function Remote Denial of Service

Sights 'N Sounds Streaming Media Server 2.0.3 - SWS.exe Buffer Overflow
Sights 'N Sounds Streaming Media Server 2.0.3 - 'SWS.exe' Buffer Overflow

DSocks 1.3 - Name Variable Buffer Overflow
DSocks 1.3 - 'Name' Parameter Buffer Overflow

Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow
Microsoft Class Package Export Tool 5.0.2752 - 'Clspack.exe' Local Buffer Overflow

Android Zygote - Socket and Fork bomb Attack
Android Zygote - Socket and Fork Bomb (Denial of Service)

Nvidia NView 3.5 - Keystone.exe Local Denial of Service
Nvidia NView 3.5 - 'Keystone.exe' Local Denial of Service

Ipswitch WS_FTP 2007 Professional - WSFTPURL.exe Local Memory Corruption
Ipswitch WS_FTP 2007 Professional - 'WSFTPURL.exe' Local Memory Corruption

Larson Network Print Server 9.4.2 build 105 - (LstNPS) NPSpcSVR.exe License Command Remote Overflow
Larson Network Print Server 9.4.2 build 105 (LstNPS) - 'NPSpcSVR.exe' License Command Remote Overflow

Linksys WRH54G 1.1.3 - (Wireless-G Router) Malformed HTTP Request Denial of Service
Linksys WRH54G 1.1.3 Wireless-G Router - Malformed HTTP Request Denial of Service

Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote Denial of Service
Ability FTP Server 2.1.4 - 'afsmain.exe' USER Command Remote Denial of Service

Adobe Flash - Setting Variable Use-After-Free
Adobe Flash - 'Setting' Variable Use-After-Free

Git 1.9.5 - ssh-agent.exe Buffer Overflow
Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow

Apple Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow
Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow
Adobe Flash TextField Variable - Use-After Free
Adobe Flash TextField.Variable Setter - Use-After-Free
Adobe Flash - 'TextField' Variable Use-After Free
Adobe Flash - TextField.Variable Setter Use-After-Free

Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/reboot.cgi Unauthenticated Remote Reboot Denial of Service
Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Unauthenticated Remote Reboot (Denial of Service)

Microsoft WinDbg - logviewer.exe Crash (PoC)
Microsoft WinDbg - 'logviewer.exe' Crash (PoC)

Microsoft Windows - 'win32k!NtGdiExtGetObjectW' Kernel Stack Memory Disclosure
Microsoft Windows - 'win32k!NtGdiGetOutlineTextMetricsInternalW' Kernel Stack Memory Disclosure
Microsoft Windows - 'win32k!NtGdiGetTextMetricsW' Kernel Stack Memory Disclosure
Microsoft Windows - 'win32k!NtGdiGetRealizationInfo' Kernel Stack Memory Disclosure
Microsoft Windows - 'win32k!ClientPrinterThunk' Kernel Stack Memory Disclosure
Microsoft Windows - 'nt!NtQueryInformationJobObject (BasicLimitInformation_ ExtendedLimitInformation)' Kernel Stack Memory Disclosure
Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessVmCounters)' Kernel Stack Memory Disclosure
Microsoft Windows - 'win32k!NtGdiMakeFontDir' Kernel Stack Memory Disclosure
Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 12)' Kernel Stack Memory Disclosure
Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 28)' Kernel Stack Memory Disclosure
Microsoft Windows - 'nt!NtQueryInformationTransaction (information class 1)' Kernel Stack Memory Disclosure

UUCP Exploit - File Creation/Overwriting (symlinks) Exploit
UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit

HP-UX 11.0 - /bin/cu Privilege Escalation
HP-UX 11.0 - '/bin/cu' Privilege Escalation

Solaris 2.6 / 2.7 - /usr/bin/write Local Overflow
Solaris 2.6 / 2.7 - '/usr/bin/write' Local Overflow
IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/bin/lpstat Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/lib/print/netprint' Local Exploit
Tru64 UNIX 4.0g - /usr/bin/at Privilege Escalation
Slackware 7.1 - /usr/bin/mail Local Exploit
Tru64 UNIX 4.0g - '/usr/bin/at' Privilege Escalation
Slackware 7.1 - '/usr/bin/mail' Local Exploit
Solaris 2.4 - /bin/fdformat Local Buffer Overflows
Solaris 2.5.1 lp and lpsched - Symlink Vulnerabilities
Solaris 2.4 - '/bin/fdformat' Local Buffer Overflow
Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities

AIX 4.2 - /usr/dt/bin/dtterm Local Buffer Overflow
AIX 4.2 - '/usr/dt/bin/dtterm' Local Buffer Overflow
SGI IRIX - /bin/login Local Buffer Overflow
IRIX 5.3 - /usr/sbin/iwsh Buffer Overflow Privilege Escalation
SGI IRIX - '/bin/login Local' Buffer Overflow
IRIX 5.3 - '/usr/sbin/iwsh' Buffer Overflow Privilege Escalation

Apple Mac OSX 10.3.7 - mRouter Privilege Escalation
Apple Mac OSX 10.3.7 - 'mRouter' Privilege Escalation

Sudo 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Privilege Escalation
Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation

Appfluent Database IDS < 2.1.0.103 - (Env Variable) Local Exploit
Appfluent Database IDS < 2.1.0.103 - Environment Variable Local Exploit

HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation
HP-UX 11i - 'LIBC TZ' Enviroment Variable Privilege Escalation

Xcode OpenBase 10.0.0 (OSX) - (symlink) Privilege Escalation
Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation

Adobe Photoshop CS2 - / CS3 Unspecified '.bmp' File Buffer Overflow
Adobe Photoshop CS2 / CS3 - Unspecified '.bmp' File Buffer Overflow

Debian - (symlink attack in login) Arbitrary File Ownership (PoC)
Debian - (Symlink In Login) Arbitrary File Ownership (PoC)

Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow
Cain & Abel 4.9.25 - 'Cisco IOS-MD5' Local Buffer Overflow

xscreensaver 5.01 - Arbitrary File Disclosure Symlink Attack
xscreensaver 5.01 - Arbitrary File Disclosure Symlink Exploit

PHP 5.2.12/5.3.1 - symlink() open_basedir Bypass
PHP 5.2.12/5.3.1 - 'symlink()' open_basedir Bypass

HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Buffer Overflow (SEH)

Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL
Microsoft Windows 7 - 'wab32res.dll' 'wab.exe' DLL Hijacking

Oracle 10/11g - exp.exe Parameter file Local Buffer Overflow (PoC)
Oracle 10/11g - 'exp.exe' 'file' Parameter Local Buffer Overflow (PoC)

ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT symlink
ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT Symlink Exploit

Hancom Office 2007 - Reboot.ini Clear-Text Passwords
Hancom Office 2007 - 'Reboot.ini' Clear-Text Passwords

G. Wilford man 2.3.10 - Symlink
G. Wilford man 2.3.10 - Symlink Exploit

X11R6 3.3.3 - Symlink
X11R6 3.3.3 - Symlink Exploit

SGI IRIX 6.2 - /usr/lib/netaddpr Exploit
SGI IRIX 6.2 - '/usr/lib/netaddpr' Exploit

SCO Open Server 5.0.5 - 'userOsa' symlink
SCO Open Server 5.0.5 - 'userOsa' Symlink Exploit

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Spoolss.exe DLL Insertion
Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Spoolss.exe' DLL Insertion

FreeBSD 3.3 gdc - Symlink
FreeBSD 3.3 gdc - Symlink Exploit

SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink Exploit

FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - /proc File Sytem
FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - '/proc' FileSystem Exploit

Debian 2.1 - apcd Symlink
Debian 2.1 - apcd Symlink Exploit

SCO Unixware 7.1/7.1.1 - ARCserver /tmp symlink
SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink Exploit

Sun Workshop 5.0 - Licensing Manager Symlink
Sun Workshop 5.0 - Licensing Manager Symlink Exploit

Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - /tmp Symlink
Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink Exploit

OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink
OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink Exploit

KDE 1.1 - /1.1.1/1.1.2/1.2 kdesud DISPLAY Environment Variable Overflow
KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow

HP-UX 10.20/11.0 man - /tmp Symlink Exploit
HP-UX 10.20/11.0 - man '/tmp' Symlink Exploit

HP-UX 10.20/11.0 crontab - /tmp File
HP-UX 10.20/11.0 - crontab '/tmp' File Exploit

Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation
Solaris 10 Patch 137097-01 - Symlink Privilege Escalation

Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow
Tower Toppler 0.99.1 - 'Display' Parameter Local Buffer Overflow

Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow
Microsoft Windows Server 2000 - 'RegEdit.exe' Registry Key Value Buffer Overflow

RedHat 9.0 / Slackware 8.1 - /bin/mail Carbon Copy Field Buffer Overrun
RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun

Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure
Linux Kernel 2.2.x / 2.4.x - '/proc' Filesystem Potential Information Disclosure

Microsoft Windows XP/2000 - RunDLL32.exe Buffer Overflow
Microsoft Windows XP/2000 - 'RunDLL32.exe' Buffer Overflow

Tower Toppler 0.96 - HOME Environment Variable Local Buffer Overflow
Tower Toppler 0.96 - 'HOME Environment' Parameter Local Buffer Overflow

Top 1.x/2.0 - Home Environment Variable Local Buffer Overflow
Top 1.x/2.0 - 'Home Environment' Parameter Local Buffer Overflow

XBlast 2.6.1 - HOME Environment Variable Buffer Overflow
XBlast 2.6.1 - 'HOME Environment' Variable Buffer Overflow

XPCD 2.0.8 - Home Environment Variable Local Buffer Overflow
XPCD 2.0.8 - 'Home Environment' Variable Local Buffer Overflow

XSOK 1.0 2 - LANG Environment Variable Local Buffer Overrun
XSOK 1.0 2 - 'LANG Environment' Variable Local Buffer Overrun

Linux Kernel 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure
Linux Kernel 2.6.32-5 (Debian 6.0.5) - '/dev/ptmx' Key Stroke Timing Local Disclosure

ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution
ELinks Relative 0.10.6 / 011.1 - Path Arbitrary Code Execution

Oracle - HtmlConverter.exe Buffer Overflow
Oracle - 'HtmlConverter.exe' Buffer Overflow

Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation
Linux Kernel 2.6.32 (Ubuntu 10.04) - '/proc' Handling SUID Privilege Escalation

Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit
Linux pam_lib_smb < 1.1.6 - '/bin/login' Remote Exploit

Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)
Microsoft Windows - DHCP Client Broadcast Exploit (MS06-036)

Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - (FTP) Remote Exploit
Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - 'FTP' Remote Exploit

Oracle 9i / 10g - 'utl_file' File System Access Exploit
Oracle 9i / 10g - 'utl_file' FileSystem Access Exploit

HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'ovalarmsrv.exe' Remote Overflow

Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)
Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB)

Sagem F@ST (Routers) - (dhcp hostname attack) Cross-Site Request Forgery
Sagem F@ST Routers - DHCP Hostname Cross-Site Request Forgery

Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload (PoC)

Microsoft Windows - SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)
Microsoft Windows - SmbRelay3 NTLM Replay Exploit (MS08-068)

Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting Attack
Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting

Apple Safari 3.2.x - (XXE attack) Local File Theft
Apple Safari 3.2.x - (XXE) Local File Theft

Netgear DG632 Router - Authentication Bypass
NETGEAR DG632 Router - Authentication Bypass

BRS Webweaver 1.33 - /Scripts Access Restriction Bypass
BRS Webweaver 1.33 - '/Scripts' Access Restriction Bypass

Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow
Ada Image Server 0.6.7 - 'imgsrv.exe' Buffer Overflow

HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Unauthenticated Remote Buffer Overflow
HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow
Cisco ASA 8.x - VPN SSL module Clientless URL-list control Bypass
HMS HICP Protocol + Intellicom - 'NetBiterConfig.exe' Remote Buffer Overflow
Cisco ASA 8.x - VPN SSL Module Clientless URL-list control Bypass

HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow
HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Topic Overflow
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid Hostname Remote Code Execution

minerCPP 0.4b - Remote Buffer Overflow / Format String Attack Exploit
minerCPP 0.4b - Remote Buffer Overflow / Format String

Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution
COMTREND ADSL Router CT-5367 C01_R12 - Remote Code Execution

HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1)
HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (1)

HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2)
HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (2)

Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit)
Microsoft Internet Explorer - 'Winhlp32.exe' MsgBox Code Execution (MS10-023) (Metasploit)

IBM Lotus Domino Sametime - STMux.exe Stack Buffer Overflow (Metasploit)
IBM Lotus Domino Sametime - 'STMux.exe' Stack Buffer Overflow (Metasploit)

HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Unauthenticated Stack Buffer Overflow (Metasploit)

HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'Snmp.exe' CGI Buffer Overflow (Metasploit)

HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Buffer Overflow (Metasploit)

HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Buffer Overflow (Metasploit)

HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'ovalarm.exe' CGI Buffer Overflow (Metasploit)

HP OpenView Network Node Manager - OpenView5.exe CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'OpenView5.exe' CGI Buffer Overflow (Metasploit)

IBM TPM for OS Deployment 5.1.0.x - rembo.exe Buffer Overflow (Metasploit)
IBM TPM for OS Deployment 5.1.0.x - 'rembo.exe' Buffer Overflow (Metasploit)

Trend Micro ServerProtect 5.58 - EarthAgent.exe Buffer Overflow (Metasploit)
Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'OvJavaLocale' Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'execvp' Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - snmpviewer.exe Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovwebsnmpsrv.exe ovutil Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe' 'schdParams' Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'snmpviewer.exe' Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'ICount' CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'main' Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' Unrecognized Option Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'ovutil' Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'Hostname' CGI Buffer Overflow (Metasploit)

7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow (Metasploit)
7-Technologies IGSS 9.00.00 b11063 - 'IGSSdataServer.exe' Stack Overflow (Metasploit)

Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow (Metasploit)
Citrix Provisioning Services 5.6 - 'streamprocess.exe' Buffer Overflow (Metasploit)

FactoryLink - vrn.exe Opcode 9 Buffer Overflow (Metasploit)
FactoryLink - 'vrn.exe' Opcode 9 Buffer Overflow (Metasploit)

HP - OmniInet.exe Opcode 27 Buffer Overflow (Metasploit)
HP - 'OmniInet.exe' Opcode 27 Buffer Overflow (Metasploit)

Symantec Backup Exec 12.5 - MiTM Attack
Symantec Backup Exec 12.5 - Man In The Middle Exploit

HP OpenView Network Node Manager - Toolbar.exe CGI Cookie Handling Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Cookie Handling Buffer Overflow (Metasploit)

Sunway Force Control SCADA 6.1 SP3 - httpsrv.exe Exploit
Sunway Force Control SCADA 6.1 SP3 - 'httpsrv.exe' Exploit

Procyon Core Server HMI 1.13 - Coreservice.exe Stack Buffer Overflow (Metasploit)
Procyon Core Server HMI 1.13 - 'Coreservice.exe' Stack Buffer Overflow (Metasploit)

HP Diagnostics Server - magentservice.exe Overflow (Metasploit)
HP Diagnostics Server - 'magentservice.exe' Overflow (Metasploit)

Sunway ForceControl - SNMP NetDBServer.exe Opcode 0x57 (Metasploit)
Sunway ForceControl - SNMP 'NetDBServer.exe' Opcode 0x57 (Metasploit)

Trend Micro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow (Metasploit)
Trend Micro Control Manger 5.5 - 'CmdProcessor.exe' Stack Buffer Overflow (Metasploit)

Antelope Software W4-Server 2.6 a/Win32 - Cgitest.exe Buffer Overflow
Antelope Software W4-Server 2.6 a/Win32 - 'Cgitest.exe' Buffer Overflow

Netscape Enterprise Server / Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities
Netscape Enterprise Server / Novell Groupwise 5.2/5.5 - 'GWWEB.EXE' Multiple Vulnerabilities

FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - htimage.exe File Existence Disclosure
FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - 'htimage.exe' File Existence Disclosure

NAI Net Tools PKI Server 1.0 - strong.exe Buffer Overflow
NAI Net Tools PKI Server 1.0 - 'strong.exe' Buffer Overflow

Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure
Mandrake 6.1/7.0/7.1 - '/perl' HTTP Directory Disclosure

Microsoft IIS 3.0 - newdsn.exe File Creation
Microsoft IIS 3.0 - 'newdsn.exe' File Creation

Greg Matthews - Classifieds.cgi 1.0 Hidden Variable
Greg Matthews - 'Classifieds.cgi' 1.0 Hidden Variable
WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access
WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access
WebCom datakommunikation Guestbook 0.1 - 'wguest.exe' Arbitrary File Access
WebCom datakommunikation Guestbook 0.1 - 'rguest.exe' Arbitrary File Access

MetaProducts Offline Explorer 1.x - File System Disclosure
MetaProducts Offline Explorer 1.x - FileSystem Disclosure

Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Attack Detection Evasion
Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Detection Evasion

Webmin 1.580 - /file/show.cgi Remote Command Execution (Metasploit)
Webmin 1.580 - '/file/show.cgi' Remote Command Execution (Metasploit)
HP Operations Agent Opcode - coda.exe 0x8c Buffer Overflow (Metasploit)
HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow (Metasploit)
HP Operations Agent - Opcode 'coda.exe' 0x8c Buffer Overflow (Metasploit)
HP Operations Agent - Opcode 'coda.exe' 0x34 Buffer Overflow (Metasploit)

Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure
NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure

Netgear FM114P ProSafe Wireless Router - Rule Bypass
NETGEAR FM114P ProSafe Wireless Router - Rule Bypass
M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Cross-Site Scripting
M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Cross-Site Scripting
M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Cross-Site Scripting
M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Cross-Site Scripting

Microsoft Internet Explorer 6 -' %USERPROFILE%' File Execution
Microsoft Internet Explorer 6 - '%USERPROFILE%' File Execution

EZMeeting 3.x - EZNet.exe Long HTTP Request Remote Buffer Overflow
EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow
Enterasys NetSight - nssyslogd.exe Buffer Overflow (Metasploit)
IBM Cognos - tm1admsd.exe Overflow (Metasploit)
Enterasys NetSight - 'nssyslogd.exe' Buffer Overflow (Metasploit)
IBM Cognos - 'tm1admsd.exe' Overflow (Metasploit)

Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-Site Scripting
Webcam Corp Webcam Watchdog 4.0.1 - 'sresult.exe' Cross-Site Scripting

Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow
Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow

Oracle 8.x/9.x/10.x - Database Multiple SQL Injection
Oracle 8.x/9.x/10.x Database - Multiple SQL Injections
SAP Business Connector 4.6/4.7 - chopSAPLog.dsp fullName Variable Arbitrary File Disclosure
SAP Business Connector 4.6/4.7 - deleteSingle fullName Variable Arbitrary File Deletion
SAP Business Connector 4.6/4.7 - adapter-index.dsp url Variable Arbitrary Site Redirect
SAP Business Connector 4.6/4.7 - 'chopSAPLog.dsp' 'fullName' Parameter Arbitrary File Disclosure
SAP Business Connector 4.6/4.7 - 'deleteSingle' 'fullName' Parameter Arbitrary File Deletion
SAP Business Connector 4.6/4.7 - 'adapter-index.dsp' 'url' Parameter Arbitrary Site Redirect

Microsoft PowerPoint 2003 - powerpnt.exe Unspecified Issue
Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue
Cruiseworks 1.09 - Cws.exe Doc Directory Traversal
Cruiseworks 1.09 - Cws.exe Doc Buffer Overflow
Cruiseworks 1.09 - 'Cws.exe' Doc Directory Traversal
Cruiseworks 1.09 - 'Cws.exe' Doc Buffer Overflow

aBitWhizzy - whizzypic.php d Variable Traversal Arbitrary Directory Listing
aBitWhizzy - 'whizzypic.php' 'd' ParameterTraversal Arbitrary Directory Listing

LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Buffer Overflow

Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Based Buffer Overflow
Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Based Buffer Overflow

ABB MicroSCADA - wserver.exe Remote Code Execution (Metasploit)
ABB MicroSCADA - 'wserver.exe' Remote Code Execution (Metasploit)

SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
SAP DB 7.x Web Server - 'WAHTTP.exe' Multiple Buffer Overflow Vulnerabilities

Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSUserCGI.exe Help Facility Cross-Site Scripting
Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSUserCGI.exe' Help Facility Cross-Site Scripting

HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access
HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe' Action Parameter Traversal Arbitrary File Access
F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter Cross-Site Scripting
F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter Cross-Site Scripting
F5 FirePass 6.0.2.3 - '/vdesk/admincon/webyfiers.php' 'css_exceptions' Parameter Cross-Site Scripting
F5 FirePass 6.0.2.3 - '/vdesk/admincon/index.php' 'sql_matchscope' Parameter Cross-Site Scripting

GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution (Metasploit)
GE Proficy CIMPLICITY - 'gefebt.exe' Remote Code Execution (Metasploit)

SolidWorks Workgroup PDM 2014 - pdmwService.exe Arbitrary File Write (Metasploit)
SolidWorks Workgroup PDM 2014 - 'pdmwService.exe' Arbitrary File Write (Metasploit)
Yokogawa CENTUM CS 3000 - BKHOdeq.exe Buffer Overflow (Metasploit)
Yokogawa CENTUM CS 3000 - BKBCopyD.exe Buffer Overflow (Metasploit)
Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Buffer Overflow (Metasploit)
Yokogawa CENTUM CS 3000 - 'BKBCopyD.exe' Buffer Overflow (Metasploit)

Apache Geronimo 2.1.x - /console/portal/Server/Monitoring Multiple Parameter Cross-Site Scripting
Apache Geronimo 2.1.x - '/console/portal/Server/Monitoring' Multiple Parameter Cross-Site Scripting

Comtrend CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting
COMTREND CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting
Juniper Junos 8.5/9.0 J-Web Interface - /diagnose Multiple Parameter Cross-Site Scripting
Juniper Junos 8.5/9.0 J-Web Interface - /configuration Multiple Parameter Cross-Site Scripting
Juniper Junos 8.5/9.0 J-Web Interface - /scripter.php Multiple Parameter Cross-Site Scripting
Juniper Junos 8.5/9.0 J-Web Interface - '/diagnose' Multiple Parameter Cross-Site Scripting
Juniper Junos 8.5/9.0 J-Web Interface - '/configuration' Multiple Parameter Cross-Site Scripting
Juniper Junos 8.5/9.0 J-Web Interface - '/scripter.php' Multiple Parameter Cross-Site Scripting

Yokogawa CS3000 - BKESimmgr.exe Buffer Overflow (Metasploit)
Yokogawa CS3000 - 'BKESimmgr.exe' Buffer Overflow (Metasploit)

Yokogawa CS3000 - BKFSim_vhfd.exe Buffer Overflow (Metasploit)
Yokogawa CS3000 - 'BKFSim_vhfd.exe' Buffer Overflow (Metasploit)

U.S.Robotics USR5463 0.06 - Firmware setup_ddns.exe HTML Injection
U.S.Robotics USR5463 0.06 Firmware - 'setup_ddns.exe' HTML Injection
WhatsApp 2.11.476 - Remote Reboot/Crash App Android
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu.maf jdeowpBackButtonProtect Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_Menu.mafService e1.namespace Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_OCL.mafService e1.namespace Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/MafletClose.mafService RENDER_MAFLET Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter Cross-Site Scripting
WhatsApp 2.11.476 (Android) - Remote Reboot/Crash App (Denial of Service)
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf' 'jdeowpBackButtonProtect' Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService' 'e1.namespace' Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService' 'e1.namespace' Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/MafletClose.mafService' 'RENDER_MAFLET' Parameter Cross-Site Scripting
Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/JASMafletMafBrowserClose.mafService' 'jdemafjasLinkTarget' Parameter Cross-Site Scripting

Linksys WRT54GL (Wireless Router) - Cross-Site Request Forgery
Linksys WRT54GL Wireless Router - Cross-Site Request Forgery

Cisco Linksys E4200 - /apply.cgi Multiple Parameter Cross-Site Scripting
Cisco Linksys E4200 - '/apply.cgi' Multiple Parameter Cross-Site Scripting

Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/diagnostic.cgi ping_ipaddr Parameter Remote Code Execution
Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi' 'ping_ipaddr' Parameter Remote Code Execution

Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
Netgear D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution

Comtrend CT-5361T Router - Password.cgi Cross-Site Request Forgery (Admin Password Manipulation)
COMTREND CT-5361T Router - 'Password.cgi' Cross-Site Request Forgery (Admin Password Manipulation)
Alfresco - /proxy endpoint Parameter Server-Side Request Forgery
Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery
Alfresco - '/proxy' 'endpoint' Parameter Server-Side Request Forgery
Alfresco - '/cmisbrowser' 'url' Parameter Server-Side Request Forgery

PhpTagCool 1.0.3 - SQL Injection Attacks Exploit
PhpTagCool 1.0.3 - SQL Injection

phpBB 2.0.18 - Remote Brute Force/Dictionary Attack Tool (2)
phpBB 2.0.18 - Remote Brute Force/Dictionary (2)

Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Attack Vectors
Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting

Yrch 1.0 - 'plug.inc.php path Variable' Remote File Inclusion
Yrch 1.0 - 'plug.inc.php' 'path' Parameter Remote File Inclusion

Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection
Vizayn Haber - 'haberdetay.asp' 'id' Parameter SQL Injection

iG Calendar 1.0 - 'user.php id Variable' SQL Injection
iG Calendar 1.0 - 'user.php' 'id' Parameter SQL Injection

MGB 0.5.4.5 - 'email.php id Variable' SQL Injection
MGB 0.5.4.5 - 'email.php' 'id' Parameter SQL Injection

Alstrasoft e-Friends 4.98 - (seid) Multiple SQL Injection
Alstrasoft e-Friends 4.98 - 'seid' Multiple SQL Injections

MyPHP Forum 3.0 - (Final) Multiple SQL Injection
MyPHP Forum 3.0 (Final) - Multiple SQL Injections

File Store PRO 3.2 - Multiple Blind SQL Injection
File Store PRO 3.2 - Multiple Blind SQL Injections

AssetMan 2.5-b - SQL Injection using Session Fixation Attack
AssetMan 2.5-b - SQL Injection using Session Fixation

Kasra CMS - 'index.php' Multiple SQL Injection
Kasra CMS - 'index.php' Multiple SQL Injections

NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injection
NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injections

T-HTB Manager 0.5 - Multiple Blind SQL Injection
T-HTB Manager 0.5 - Multiple Blind SQL Injections

Joomla! Component com_oziogallery2 - / IMAGIN Arbitrary file write
Joomla! Component com_oziogallery2 / IMAGIN - Arbitrary File Write

Open Bulletin Board - Multiple Blind SQL Injection
Open Bulletin Board - Multiple Blind SQL Injections

AJ Matrix 3.1 - 'id' Multiple SQL Injection
AJ Matrix 3.1 - 'id' Multiple SQL Injections

Zylone IT - Multiple Blind SQL Injection
Zylone IT - Multiple Blind SQL Injections

WhiteBoard 0.1.30 - Multiple Blind SQL Injection
WhiteBoard 0.1.30 - Multiple Blind SQL Injections

AV Arcade 3 - Cookie SQL Injection Authentication Bypass
AV Arcade 3 - Cookie SQL Injection / Authentication Bypass

Joomla! Component Teams - Multiple Blind SQL Injection
Joomla! Component Teams - Multiple Blind SQL Injections

AneCMS - /registre/next SQL Injection
AneCMS - '/registre/next' SQL Injection

Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injection
Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injections

Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection
Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injections

ColdOfficeView 2.04 - Multiple Blind SQL Injection
ColdOfficeView 2.04 - Multiple Blind SQL Injections

Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection
Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injections

Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injection
Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injections

Projekt Shop - 'details.php' Multiple SQL Injection
Projekt Shop - 'details.php' Multiple SQL Injections

PixelPost 1.7.3 - Multiple POST Variables SQL Injection
PixelPost 1.7.3 - Multiple POST Parameter SQL Injections

Webcat - Multiple Blind SQL Injection
Webcat - Multiple Blind SQL Injections

LiteRadius 3.2 - Multiple Blind SQL Injection
LiteRadius 3.2 - Multiple Blind SQL Injections

PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection
PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injections

Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit
COMTREND CT-5624 Router - Root/Support Password Disclosure/Change Exploit

Sagem F@ST 2604 (ADSL Router) - Cross-Site Request Forgery
Sagem F@ST 2604 ADSL Router - Cross-Site Request Forgery

Rivettracker 1.03 - Multiple SQL Injection
Rivettracker 1.03 - Multiple SQL Injections

ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injection
ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injections

PHP Ticket System Beta 1 - 'index.php p Parameter' SQL Injection
PHP Ticket System Beta 1 - 'index.php' 'p' Parameter SQL Injection

X-Cart Gold 4.5 - 'products_map.php symb Parameter' Cross-Site Scripting
X-Cart Gold 4.5 - 'products_map.php' 'symb' Parameter Cross-Site Scripting

Symantec Web Gateway 5.0.2 - 'blocked.php id Parameter' Blind SQL Injection
Symantec Web Gateway 5.0.2 - 'blocked.php' 'id' Parameter Blind SQL Injection

Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid Parameter' Blind SQL Injection
Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php' 'groupid' Parameter Blind SQL Injection

Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injection
Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injections

YourArcadeScript 2.4 - 'index.php id Parameter' SQL Injection
YourArcadeScript 2.4 - 'index.php' 'id' Parameter SQL Injection

AV Arcade Free Edition - 'add_rating.php id Parameter' Blind SQL Injection
AV Arcade Free Edition - 'add_rating.php' 'id' Parameter Blind SQL Injection

QNAP Turbo NAS TS-1279U-RP - Multiple Path Injection
QNAP Turbo NAS TS-1279U-RP - Multiple Path Injections

Blog Mod 0.1.9 - 'index.php month Parameter' SQL Injection
Blog Mod 0.1.9 - 'index.php' 'month' Parameter SQL Injection

Authoria HR Suite - AthCGI.exe Cross-Site Scripting
Authoria HR Suite - 'AthCGI.exe' Cross-Site Scripting

MyBB Profile Albums Plugin 0.9 - 'albums.php album Parameter' SQL Injection
MyBB Profile Albums Plugin 0.9 - 'albums.php' 'album' Parameter SQL Injection
M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Remote File Inclusion
M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Remote File Inclusion
M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Remote File Inclusion
M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Remote File Inclusion

friendsinwar FAQ Manager - SQL Injection (Authentication Bypass)
friendsinwar FAQ Manager - SQL Injection / Authentication Bypass

friendsinwar FAQ Manager - 'view_faq.php question Parameter' SQL Injection
friendsinwar FAQ Manager - 'view_faq.php' 'question' Parameter SQL Injection

SmartCMS - 'index.php idx Parameter' SQL Injection
SmartCMS - 'index.php' 'idx' Parameter SQL Injection

SmartCMS - 'index.php menuitem Parameter' SQL Injection / Cross-Site Scripting
SmartCMS - 'index.php' 'menuitem' Parameter SQL Injection / Cross-Site Scripting

Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection
Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injections

MyBB AwayList Plugin - 'index.php id Parameter' SQL Injection
MyBB AwayList Plugin - 'index.php' 'id' Parameter SQL Injection
PHP-Nuke Error Manager Module 2.1 - error.php language Variable Full Path Disclosure
PHP-Nuke Error Manager Module 2.1 - error.php Multiple Variables Cross-Site Scripting
PHP-Nuke Error Manager Module 2.1 - 'error.php' 'language' Parameter Full Path Disclosure
PHP-Nuke Error Manager Module 2.1 - 'error.php' Multiple Parameters Cross-Site Scripting

phpHeaven phpMyChat 0.14.5 - edituser.php3 do_not_login Variable Authentication Bypass
phpHeaven phpMyChat 0.14.5 - 'edituser.php3' 'do_not_login' Parameter Authentication Bypass

NConf 1.3 - 'detail.php detail_admin_items.php id Parameter' SQL Injection
NConf 1.3 - 'detail.php' 'detail_admin_items.php' 'id' Parameter SQL Injection

Gattaca Server 2003 - Language Variable Path Exposure
Gattaca Server 2003 - 'Language' Parameter Path Exposure

AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injection
AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injections

Scripts Genie Gallery Personals - 'gallery.php L Parameter' SQL Injection
Scripts Genie Gallery Personals - 'gallery.php' L' Parameter SQL Injection

AdaptCMS 2.0.4 - 'config.php question Parameter' SQL Injection
AdaptCMS 2.0.4 - 'config.php' 'question' Parameter SQL Injection

Scripts Genie Domain Trader - 'catalog.php id Parameter' SQL Injection
Scripts Genie Domain Trader - 'catalog.php' 'id' Parameter SQL Injection

Scripts Genie Games Site Script - 'index.php id Parameter' SQL Injection
Scripts Genie Games Site Script - 'index.php' 'id' Parameter SQL Injection

Scripts Genie Top Sites - 'out.php id Parameter' SQL Injection
Scripts Genie Top Sites - 'out.php' 'id' Parameter SQL Injection

Scripts Genie Hot Scripts Clone - 'showcategory.php cid Parameter' SQL Injection
Scripts Genie Hot Scripts Clone - 'showcategory.php' 'cid' Parameter SQL Injection

PHPMyRecipes 1.2.2 - 'viewrecipe.php r_id Parameter' SQL Injection
PHPMyRecipes 1.2.2 - 'viewrecipe.php' 'r_id' Parameter SQL Injection

MTP Image Gallery 1.0 - 'edit_photos.php title Parameter' Cross-Site Scripting
MTP Image Gallery 1.0 - 'edit_photos.php' 'title' Parameter Cross-Site Scripting

D-Link DSL-2740B (ADSL Router) - Authentication Bypass
D-Link DSL-2740B ADSL Router - Authentication Bypass

TIPS MailPost 5.1.1 - APPEND Variable Cross-Site Scripting
TIPS MailPost 5.1.1 - 'APPEND' Parameter Cross-Site Scripting

DUclassified 4.x - adDetail.asp Multiple Parameter SQL Injection
DUclassified 4.x - 'adDetail.asp' Multiple Parameter SQL Injections

Rebus:list - 'list.php list_id Parameter' SQL Injection
Rebus:list - 'list.php' 'list_id' Parameter SQL Injection

SynConnect Pms - 'index.php loginid Parameter' SQL Injection
SynConnect Pms - 'index.php' 'loginid' Parameter SQL Injection
AWS Xms 2.5 - 'importer.php what Parameter' Directory Traversal
Pollen CMS 0.6 - 'index.php p Parameter' Local File Disclosure
AWS Xms 2.5 - 'importer.php' 'what' Parameter Directory Traversal
Pollen CMS 0.6 - 'index.php' 'p' Paramete' Local File Disclosure

WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php hash Parameter' SQL Injection
WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php' 'hash Parameter SQL Injection

Kayako eSupport 2.x - Ticket System Multiple SQL Injection
Kayako eSupport 2.x - Ticket System Multiple SQL Injections

BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection
BibORB 1.3.2 Login Module - Multiple Parameter SQL Injections

Active Auction House - default.asp Multiple SQL Injection
Active Auction House - 'default.asp' Multiple SQL Injections
CubeCart 2.0.x - 'index.php' Multiple Variable Full Path Disclosure
CubeCart 2.0.x - tellafriend.php product Variable Full Path Disclosure
CubeCart 2.0.x - view_cart.php add Variable Full Path Disclosure
CubeCart 2.0.x - view_product.php product Variable Full Path Disclosure
CubeCart 2.0.x - 'index.php' Multiple Parameter Full Path Disclosure
CubeCart 2.0.x - 'tellafriend.php' 'product' Parameter Full Path Disclosure
CubeCart 2.0.x - 'view_cart.php' 'add' Parameter Full Path Disclosure
CubeCart 2.0.x - 'view_product.php' 'product' Parameter Full Path Disclosure

OneWorldStore - 'OWListProduct.asp' Multiple SQL Injection
OneWorldStore - 'OWListProduct.asp' Multiple SQL Injections

WHMCS 4.x - 'invoicefunctions.php id Parameter' SQL Injection
WHMCS 4.x - 'invoicefunctions.php' 'id' Parameter SQL Injection

DUportal Pro 3.4 - default.asp Multiple Parameter SQL Injection
DUportal Pro 3.4 - 'default.asp' Multiple Parameter SQL Injections
DUportal Pro 3.4 - inc_vote.asp Multiple Parameter SQL Injection
DUportal Pro 3.4 - result.asp Multiple Parameter SQL Injection
DUportal Pro 3.4 - cat.asp Multiple Parameter SQL Injection
DUportal Pro 3.4 - detail.asp Multiple Parameter SQL Injection
DUportal Pro 3.4 - 'inc_vote.asp' Multiple Parameter SQL Injections
DUportal Pro 3.4 - 'result.asp' Multiple Parameter SQL Injections
DUportal Pro 3.4 - 'cat.asp' Multiple Parameter SQL Injections
DUportal Pro 3.4 - 'detail.asp' Multiple Parameter SQL Injections

DUportal 3.1.2 - inc_rating.asp Multiple Parameter SQL Injection
DUportal 3.1.2 - 'inc_rating.asp' Multiple Parameter SQL Injections

StorePortal 2.63 - default.asp Multiple SQL Injection
StorePortal 2.63 - 'default.asp' Multiple SQL Injections

MetaCart2 - SearchAction.asp Multiple SQL Injection
MetaCart2 - 'SearchAction.asp' Multiple SQL Injections

Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - 'userInfo.php' Multiple Parameter SQL Injections

JGS-Portal 3.0.1 - ID Variable SQL Injection
JGS-Portal 3.0.1 - 'ID' Parameter SQL Injection

AVE.CMS 2.09 - 'index.php module Parameter' Blind SQL Injection
AVE.CMS 2.09 - 'index.php' 'module' Parameter Blind SQL Injection

RadioCMS 2.2 - 'menager.php playlist_id Parameter' SQL Injection
RadioCMS 2.2 - 'menager.php' 'playlist_id' Parameter SQL Injection

NPDS 4.8 - /5.0 modules.php Lettre Parameter Cross-Site Scripting
NPDS 4.8 /5.0 - 'modules.php' Lettre Parameter Cross-Site Scripting

Ampache 3.4.3 - 'login.php' Multiple SQL Injection
Ampache 3.4.3 - 'login.php' Multiple SQL Injections

FlatNuke 2.5.x - 'index.php' where Variable Full Path Disclosure
FlatNuke 2.5.x - 'index.php' 'where' Parameter Full Path Disclosure

CarLine Forum Russian Board 4.2 - reply_in.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - 'reply_in.php' Multiple Parameter SQL Injections
CarLine Forum Russian Board 4.2 - memory.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - line.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - in.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - enter.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - 'memory.php' Multiple Parameter SQL Injections
CarLine Forum Russian Board 4.2 - 'line.php' Multiple Parameter SQL Injections
CarLine Forum Russian Board 4.2 - 'in.php' Multiple Parameter SQL Injections
CarLine Forum Russian Board 4.2 - 'enter.php' Multiple Parameter SQL Injections

osTicket 1.2/1.3 - view.php inc Variable Arbitrary Local File Inclusion
osTicket 1.2/1.3 - 'view.php' 'inc' Parameter Arbitrary Local File Inclusion

Ruubikcms 1.1.1 - 'tinybrowser.php folder Parameter' Directory Traversal
Ruubikcms 1.1.1 - 'tinybrowser.php' 'folder' Parameter Directory Traversal

Simple PHP Agenda 2.2.8 - 'edit_event.php eventid Parameter' SQL Injection
Simple PHP Agenda 2.2.8 - 'edit_event.php' 'eventid' Parameter SQL Injection

PHPFreeNews 1.40 - searchresults.php Multiple SQL Injection
PHPFreeNews 1.40 - searchresults.php Multiple SQL Injections
Aenovo - /Password/default.asp Password Field SQL Injection
Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
Aenovo - '/Password/default.asp' Password Field SQL Injection
Aenovo - '/incs/searchdisplay.asp' strSQL Parameter SQL Injection
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php Multiple Parameter SQL Injection
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertitle.php usertitleid Parameter SQL Injection
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertools.php ids Parameter SQL Injection
NooToplist 1.0 - 'index.php' Multiple SQL Injection
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/css.php group Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/index.php Multiple Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php email Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/language.php goto Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/modlog.php orderby Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - /admincp/template.php Multiple Parameter Cross-Site Scripting
MX Shop 3.2 - 'index.php' Multiple SQL Injection
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' Multiple Parameter SQL Injection
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php' 'usertitleid' Parameter SQL Injection
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php' 'ids' Parameter SQL Injection
NooToplist 1.0 - 'index.php' Multiple SQL Injections
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php' 'group' Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/index.php' Multiple Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' 'email' Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php' 'goto' Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php' 'orderby' Parameter Cross-Site Scripting
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/template.php' Multiple Parameter Cross-Site Scripting
MX Shop 3.2 - 'index.php' Multiple SQL Injections

Top Games Script 1.2 - 'play.php gid Parameter' SQL Injection
Top Games Script 1.2 - 'play.php' 'gid' Parameter SQL Injection

Elemata CMS RC3.0 - 'global.php id Parameter' SQL Injection
Elemata CMS RC3.0 - 'global.php' 'id' Parameter SQL Injection

Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection
Woltlab 1.1/2.x - 'Info-DB Info_db.php' Multiple SQL Injections

OaBoard 1.0 - forum.php Multiple SQL Injection
OaBoard 1.0 - 'forum.php' Multiple SQL Injections

Comersus Backoffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure
Comersus Backoffice 4.x/5.0/6.0 - '/comersus/database/comersus.mdb' Direct Request Database Disclosure

PHP-Charts 1.0 - 'index.php type Parameter' Remote Code Execution
PHP-Charts 1.0 - 'index.php' 'type' Parameter Remote Code Execution
PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection
PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection
PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter Cross-Site Scripting
PHPList Mailing List Manager 2.x - /admin/configure.php id Parameter Cross-Site Scripting
PHPList Mailing List Manager 2.x - /admin/users.php find Parameter Cross-Site Scripting
PHPList Mailing List Manager 2.x - '/admin/admin.php' 'id' Parameter SQL Injection
PHPList Mailing List Manager 2.x - '/admin/editattributes.php' 'id' Parameter SQL Injection
PHPList Mailing List Manager 2.x - '/admin/eventlog.php' Multiple Parameter Cross-Site Scripting
PHPList Mailing List Manager 2.x - '/admin/configure.php' 'id' Parameter Cross-Site Scripting
PHPList Mailing List Manager 2.x - '/admin/users.php' 'find' Parameter Cross-Site Scripting
Walla TeleSite 3.0 - ts.exe tsurl Variable Arbitrary Article Access
Walla TeleSite 3.0 - ts.exe sug Parameter Cross-Site Scripting
Walla TeleSite 3.0 - ts.exe sug Parameter SQL Injection
Walla TeleSite 3.0 - 'ts.exe' 'tsurl' Parameter Arbitrary Article Access
Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter Cross-Site Scripting
Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter SQL Injection

Pearl Forums 2.0 - 'index.php' Multiple SQL Injection
Pearl Forums 2.0 - 'index.php' Multiple SQL Injections

Helpdesk Issue Manager 0.x - find.php Multiple Parameter SQL Injection
Helpdesk Issue Manager 0.x - 'find.php' Multiple Parameter SQL Injection
PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injection
Cars Portal 1.1 - 'index.php' Multiple SQL Injection
PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injections
Cars Portal 1.1 - 'index.php' Multiple SQL Injections
IceWarp Universal WebMail - /accounts/inc/include.php Multiple Parameter Remote File Inclusion
IceWarp Universal WebMail - /admin/inc/include.php Multiple Parameter Remote File Inclusion
IceWarp Universal WebMail - /dir/include.html lang Parameter Local File Inclusion
IceWarp Universal WebMail - /mail/settings.html Language Parameter Local File Inclusion
IceWarp Universal WebMail - /mail/index.html lang_settings Parameter Remote File Inclusion
IceWarp Universal WebMail - /mail/include.html Crafted HTTP_USER_AGENT Arbitrary File Access
IceWarp Universal WebMail - '/accounts/inc/include.php' Multiple Parameter Remote File Inclusion
IceWarp Universal WebMail - '/admin/inc/include.php' Multiple Parameter Remote File Inclusion
IceWarp Universal WebMail - '/dir/include.html' 'lang' Parameter Local File Inclusion
IceWarp Universal WebMail - '/mail/settings.html' 'Language' Parameter Local File Inclusion
IceWarp Universal WebMail - '/mail/index.html' 'lang_settings' Parameter Remote File Inclusion
IceWarp Universal WebMail - '/mail/include.html' Crafted HTTP_USER_AGENT Arbitrary File Access

PHPJournaler 1.0 - Readold Variable SQL Injection
PHPJournaler 1.0 - 'Readold' Parameter SQL Injection

ScozNet ScozBook 1.1 - AdminName Variable SQL Injection
ScozNet ScozBook 1.1 - 'AdminName' Parameter SQL Injection
OnePlug CMS - /press/details.asp Press_Release_ID Parameter SQL Injection
OnePlug CMS - /services/details.asp Service_ID Parameter SQL Injection
OnePlug CMS - /products/details.asp Product_ID Parameter SQL Injection
OnePlug CMS - '/press/details.asp' 'Press_Release_ID' Parameter SQL Injection
OnePlug CMS - '/services/details.asp' 'Service_ID' Parameter SQL Injection
OnePlug CMS - '/products/details.asp' 'Product_ID' Parameter SQL Injection

Venom Board - Post.php3 Multiple SQL Injection
Venom Board - 'Post.php3' Multiple SQL Injections

microBlog 2.0 - 'index.php' Multiple SQL Injection
microBlog 2.0 - 'index.php' Multiple SQL Injections

NewsPHP - 'index.php' Multiple SQL Injection
NewsPHP - 'index.php' Multiple SQL Injections

ZixForum 1.12 - forum.asp Multiple SQL Injection
ZixForum 1.12 - forum.asp Multiple SQL Injections
HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution
HiveMail 1.2.2/1.3 - folders.update.php folderid Variable Arbitrary PHP Command Execution
HiveMail 1.2.2/1.3 - 'addressbook.update.php' 'contactgroupid' Parameter Arbitrary PHP Command Execution
HiveMail 1.2.2/1.3 - 'folders.update.php' 'folderid' Parameter Arbitrary PHP Command Execution

ImageVue 0.16.1 - readfolder.php path Variable Arbitrary Directory Listing
ImageVue 0.16.1 - 'readfolder.php' 'path' Parameter Arbitrary Directory Listing
dotProject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion
dotProject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion
dotProject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion
dotProject 2.0 - /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion
dotProject 2.0 - /modules/projects/vw_files.php dPconfig[root_dir] Parameter Remote File Inclusion
dotProject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion
dotProject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion
dotProject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion
dotProject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion
dotProject 2.0 - '/modules/projects/gantt.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion
dotProject 2.0 - '/includes/db_connect.php' 'baseDir' Parameter Remote File Inclusion
dotProject 2.0 - '/includes/session.php' 'baseDir' Parameter Remote File Inclusion
dotProject 2.0 - '/modules/projects/gantt2.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion
dotProject 2.0 - '/modules/projects/vw_files.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion
dotProject 2.0 - '/modules/admin/vw_usr_roles.php' 'baseDir' Parameter Remote File Inclusion
dotProject 2.0 - '/modules/public/calendar.php' 'baseDir' Parameter Remote File Inclusion
dotProject 2.0 - '/modules/public/date_format.php' 'baseDir' Parameter Remote File Inclusion
dotProject 2.0 - '/modules/tasks/gantt.php' 'baseDir' Parameter Remote File Inclusion

MyBB 1.0.3 - private.php Multiple SQL Injection
MyBB 1.0.3 - 'private.php' Multiple SQL Injections

Ginkgo CMS - 'index.php rang Parameter' SQL Injection
Ginkgo CMS - 'index.php' 'rang' Parameter SQL Injection

Telmanik CMS Press 1.01b - 'pages.php page_name Parameter' SQL Injection
Telmanik CMS Press 1.01b - 'pages.php' 'page_name' Parameter SQL Injection
DCI-Taskeen 1.03 - basket.php Multiple Parameter SQL Injection
DCI-Taskeen 1.03 - cat.php Multiple Parameter SQL Injection
DCI-Taskeen 1.03 - 'basket.php' Multiple Parameter SQL Injections
DCI-Taskeen 1.03 - 'cat.php' Multiple Parameter SQL Injections
sBlog 0.7.2 - search.php keyword Variable POST Method Cross-Site Scripting
sBlog 0.7.2 - comments_do.php Multiple Variable POST Method Cross-Site Scripting
sBlog 0.7.2 - 'search.php' 'keyword' Parameter POST Method Cross-Site Scripting
sBlog 0.7.2 - 'comments_do.php' Multiple Variable POST Method Cross-Site Scripting

PHPFox 3.6.0 (build3) - Multiple SQL Injection
PHPFox 3.6.0 (build3) - Multiple SQL Injections

Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting
Verisign MPKI 6.0 - 'Haydn.exe' Cross-Site Scripting

DSLogin 1.0 - 'index.php' Multiple SQL Injection
DSLogin 1.0 - 'index.php' Multiple SQL Injections

MLMAuction Script - 'gallery.php id Parameter' SQL Injection
MLMAuction Script - 'gallery.php' 'id' Parameter SQL Injection

PHPMyForum 4.0 - 'index.php' type Variable CRLF Injection
PHPMyForum 4.0 - 'index.php' 'type' Parameter CRLF Injection

APT-webshop 3.0/4.0 - modules.php Multiple SQL Injection
APT-webshop 3.0/4.0 - modules.php Multiple SQL Injections
Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter Cross-Site Scripting
Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp Cross-Site Scripting
Cisco CallManager 3.x/4.x - Web Interface 'ccmadmin/phonelist.asp' Pattern Parameter Cross-Site Scripting
Cisco CallManager 3.x/4.x - Web Interface 'ccmuser/logon.asp' Cross-Site Scripting

321soft PHP-Gallery 0.9 - 'index.php' path Variable Arbitrary Directory Listing
321soft PHP-Gallery 0.9 - 'index.php' 'path' Parameter Arbitrary Directory Listing

Pacheckbook 1.1 - 'index.php' Multiple SQL Injection
Pacheckbook 1.1 - 'index.php' Multiple SQL Injections

Creative Software UK Community Portal 1.1 - PollResults.php Multiple Parameter SQL Injection
Creative Software UK Community Portal 1.1 - 'PollResults.php' Multiple Parameter SQL Injections
EvoTopsite 2.0 - 'index.php' Multiple SQL Injection
timobraun Dynamic Galerie 1.0 - 'index.php' pfad Variable Arbitrary Directory Listing
timobraun Dynamic Galerie 1.0 - galerie.php pfad Variable Arbitrary Directory Listing
EvoTopsite 2.0 - 'index.php' Multiple SQL Injections
timobraun Dynamic Galerie 1.0 - 'index.php' 'pfad' Parameter Arbitrary Directory Listing
timobraun Dynamic Galerie 1.0 - 'galerie.php' 'pfad' Parameter Arbitrary Directory Listing

Gphotos 1.4/1.5 - 'index.php' rep Variable Traversal Arbitrary Directory Listing
Gphotos 1.4/1.5 - 'index.php' 'rep' Parameter Traversal Arbitrary Directory Listing

Mini-NUKE 2.3 - Your_Account.asp Multiple SQL Injection
Mini-NUKE 2.3 - 'Your_Account.asp' Multiple SQL Injections

Woltlab Burning Board FLVideo Addon - 'video.php value Parameter' SQL Injection
Woltlab Burning Board FLVideo Addon - 'video.php' 'value' Parameter SQL Injection

glFusion 1.3.0 - 'search.php cat_id Parameter' SQL Injection
glFusion 1.3.0 - 'search.php' 'cat_id' Parameter SQL Injection

Geodesic Solutions Multiple Products - 'index.php' b Parameter SQL Injection
Geodesic Solutions Multiple Products - 'index.php' 'b' Parameter SQL Injection

RadScripts - a_editpage.php Filename Variable Arbitrary File Overwrite
RadScripts - 'a_editpage.php' 'Filename' Parameter Arbitrary File Overwrite

Banex PHP MySQL Banner Exchange 2.21 - admin.php Multiple Parameter SQL Injection
Banex PHP MySQL Banner Exchange 2.21 - 'admin.php' Multiple Parameter SQL Injections

XennoBB 2.1 - profile.php Multiple SQL Injection
XennoBB 2.1 - 'profile.php' Multiple SQL Injections

Vtiger CRM 5.4.0 - 'index.php onlyforuser Parameter' SQL Injection
Vtiger CRM 5.4.0 - 'index.php' 'onlyforuser' Parameter SQL Injection

CubeCart 3.0.x - /admin/print_order.php order_id Parameter Cross-Site Scripting
CubeCart 3.0.x - '/admin/print_order.php' 'order_id' Parameter Cross-Site Scripting
CubeCart 3.0.x - /admin/nav.php Multiple Parameter Cross-Site Scripting
CubeCart 3.0.x - /admin/image.php image Parameter Cross-Site Scripting
CubeCart 3.0.x - /admin/header.inc.php Multiple Parameter Cross-Site Scripting
CubeCart 3.0.x - /footer.inc.php la_pow_by Parameter Cross-Site Scripting
CubeCart 3.0.x - '/admin/nav.php' Multiple Parameter Cross-Site Scripting
CubeCart 3.0.x - '/admin/image.php' 'image' Parameter Cross-Site Scripting
CubeCart 3.0.x - '/admin/header.inc.php' Multiple Parameter Cross-Site Scripting
CubeCart 3.0.x - '/footer.inc.php' 'la_pow_by' Parameter Cross-Site Scripting

AckerTodo 4.2 - 'login.php' Multiple SQL Injection
AckerTodo 4.2 - 'login.php' Multiple SQL Injections

Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php sondage Parameter' SQL Injection
Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php' 'sondage' Parameter SQL Injection

INFINICART - browsesubcat.asp Multiple Parameter SQL Injection
INFINICART - 'browsesubcat.asp' Multiple Parameter SQL Injection

Car Site Manager - csm/asp/listings.asp Multiple Parameter SQL Injection
Car Site Manager - 'csm/asp/listings.asp' Multiple Parameter SQL Injections
Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injection
ASPIntranet 2.1 - Multiple SQL Injection
Dragon Internet Events Listing 2.0.01 - 'admin_login.asp' Multiple Field SQL Injections
ASPIntranet 2.1 - Multiple SQL Injections

Image Gallery with Access Database - default.asp Multiple Parameter SQL Injection
Image Gallery with Access Database - 'default.asp' Multiple Parameter SQL Injection

20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection
20/20 Applications Data Shed 1.0 - 'listings.asp' Multiple Parameter SQL Injections

BestWebApp Dating Site Login Component - Multiple Field SQL Injection
BestWebApp Dating Site Login Component - Multiple Field SQL Injections

Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection
Enthrallweb eClassifieds - 'ad.asp' Multiple Parameter SQL Injection
BirdBlog 1.4 - /admin/admincore.php msg Parameter Cross-Site Scripting
BirdBlog 1.4 - /admin/comments.php month Parameter Cross-Site Scripting
BirdBlog 1.4 - /admin/entries.php month Parameter Cross-Site Scripting
BirdBlog 1.4 - /admin/logs.php page Parameter Cross-Site Scripting
BirdBlog 1.4 - '/admin/admincore.php' 'msg' Parameter Cross-Site Scripting
BirdBlog 1.4 - '/admin/comments.php' 'month' Parameter Cross-Site Scripting
BirdBlog 1.4 - '/admin/entries.php' 'month' Parameter Cross-Site Scripting
BirdBlog 1.4 - '/admin/logs.php' 'page' Parameter Cross-Site Scripting

Grandora Rialto 1.6 - /admin/default.asp Multiple Field SQL Injection
Grandora Rialto 1.6 - '/admin/default.asp' Multiple Field SQL Injection
Grandora Rialto 1.6 - searchkey.asp Multiple Parameter SQL Injection
Grandora Rialto 1.6 - searchmain.asp Multiple Parameter SQL Injection
Grandora Rialto 1.6 - searchoption.asp Multiple Parameter SQL Injection
Grandora Rialto 1.6 - 'searchkey.asp' Multiple Parameter SQL Injection
Grandora Rialto 1.6 - 'searchmain.asp' Multiple Parameter SQL Injection
Grandora Rialto 1.6 - 'searchoption.asp' Multiple Parameter SQL Injection
Enthrallweb eHomes - compareHomes.asp Multiple Parameter SQL Injection
Enthrallweb eHomes - result.asp Multiple Parameter SQL Injection
Enthrallweb eHomes - 'compareHomes.asp' Multiple Parameter SQL Injection
Enthrallweb eHomes - 'result.asp' Multiple Parameter SQL Injection

DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection
DUdownload 1.0/1.1 - 'detail.asp' Multiple Parameter SQL Injections

Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injection
Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injections

ClickContact - default.asp Multiple SQL Injection
ClickContact - 'default.asp' Multiple SQL Injections

Dol Storye - Dettaglio.asp Multiple SQL Injection
Dol Storye - 'Dettaglio.asp' Multiple SQL Injections

Efkan Forum 1.0 - Grup Variable SQL Injection
Efkan Forum 1.0 - 'Grup' Parameter SQL Injection
EditTag 1.2 - edittag.cgi file Variable Arbitrary File Disclosure
EditTag 1.2 - edittag.pl file Variable Arbitrary File Disclosure
EditTag 1.2 - edittag_mp.cgi file Variable Arbitrary File Disclosure
EditTag 1.2 - edittag_mp.pl file Variable Arbitrary File Disclosure
EditTag 1.2 - 'edittag.cgi' 'file' Parameter Arbitrary File Disclosure
EditTag 1.2 - 'edittag.pl' 'file' Parameter Arbitrary File Disclosure
EditTag 1.2 - 'edittag_mp.cgi' 'file' Parameter Arbitrary File Disclosure
EditTag 1.2 - 'edittag_mp.pl' 'file' Parameter Arbitrary File Disclosure

Indexu 5.0/5.3 - mailing_list.php Multiple Variables Cross-Site Scripting
Indexu 5.0/5.3 - 'mailing_list.php' Multiple Parameters Cross-Site Scripting

Project'Or RIA 3.4.0 - 'objectDetail.php objectId Parameter' SQL Injection
Project'Or RIA 3.4.0 - 'objectDetail.php' 'objectId' Parameter SQL Injection
WordPress 2.1.1 - 'wp-includes/theme.php' iz Variable Arbitrary Command Execution
Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection
WordPress 2.1.1 - 'wp-includes/theme.php' 'iz' Parameter Arbitrary Command Execution
Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Parameter SQL Injection

aBitWhizzy - whizzylink.php d Variable Traversal Arbitrary Directory Listing
aBitWhizzy - 'whizzylink.php' 'd' Parameter Traversal Arbitrary Directory Listing

MyBloggie 2.1.x - 'index.php' Multiple SQL Injection
MyBloggie 2.1.x - 'index.php' Multiple SQL Injections

PHPLive! 3.2.2 - super/info.php BASE_URL Variable Parameter Cross-Site Scripting
PHPLive! 3.2.2 - 'super/info.php' 'BASE_URL' Parameter Parameter Cross-Site Scripting

JFFNms 0.8.3 - auth.php Multiple Parameter SQL Injection
JFFNms 0.8.3 - 'auth.php' Multiple Parameter SQL Injection
DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting
DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter Cross-Site Scripting
DotClear 1.2.x - '/ecrire/trackback.php' 'post_id' Parameter Cross-Site Scripting
DotClear 1.2.x - '/tools/thememng/index.php' 'tool_url' Parameter Cross-Site Scripting

PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection
PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injections

Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing
Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php' 'icodir' Parameter Traversal Arbitrary Directory Listing

Phorum 5.1.20 - admin.php module[] Variable Full Path Disclosure
Phorum 5.1.20 - 'admin.php' 'module[]' Parameter Full Path Disclosure
Chamilo Lms 1.9.6 - 'profile.php password0 Parameter' SQL Injection
Dokeos 2.2 RC2 - 'index.php language Parameter' SQL Injection
Chamilo Lms 1.9.6 - 'profile.php' 'password0 Parameter SQL Injection
Dokeos 2.2 RC2 - 'index.php' 'language' Parameter SQL Injection

UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure
UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Parameters Full Path Disclosure

PHPAccounts 0.5 - 'index.php' Multiple SQL Injection
PHPAccounts 0.5 - 'index.php' Multiple SQL Injections
NetFlow Analyzer 5 - /jspui/applicationList.jsp alpha Parameter Cross-Site Scripting
NetFlow Analyzer 5 - /jspui/appConfig.jsp task Parameter Cross-Site Scripting
NetFlow Analyzer 5 - '/jspui/applicationList.jsp' 'alpha' Parameter Cross-Site Scripting
NetFlow Analyzer 5 - '/jspui/appConfig.jsp' 'task' Parameter Cross-Site Scripting
NetFlow Analyzer 5 - /jspui/selectDevice.jsp rtype Parameter Cross-Site Scripting
NetFlow Analyzer 5 - /jspui/customReport.jsp rtype Parameter Cross-Site Scripting
NetFlow Analyzer 5 - '/jspui/selectDevice.jsp' 'rtype' Parameter Cross-Site Scripting
NetFlow Analyzer 5 - '/jspui/customReport.jsp' 'rtype' Parameter Cross-Site Scripting
geoBlog MOD_1.0 - deletecomment.php id Variable Arbitrary Comment Deletion
geoBlog MOD_1.0 - deleteblog.php id Variable Arbitrary Blog Deletion
geoBlog MOD_1.0 - 'deletecomment.php' 'id' Parameter Arbitrary Comment Deletion
geoBlog MOD_1.0 - 'deleteblog.php' 'id' Parameter Arbitrary Blog Deletion

Next Gen Portfolio Manager - default.asp Multiple SQL Injection
Next Gen Portfolio Manager - 'default.asp' Multiple SQL Injections
ACG News 1.0 - 'index.php' Multiple SQL Injection
Cisco CallManager 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection
ACG News 1.0 - 'index.php' Multiple SQL Injections
Cisco CallManager 4.2 / CUCM 4.2 - Logon Page 'lang' Parameter SQL Injection
WebBatch - webbatch.exe URL Cross-Site Scripting
WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure
WebBatch - 'webbatch.exe' URL Cross-Site Scripting
WebBatch - 'webbatch.exe' 'dumpinputdata' Parameter Remote Information Disclosure

NetWin DNews - Dnewsweb.exe Multiple Cross-Site Scripting Vulnerabilities
NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities

Scott Manktelow Design Stride 1.0 - Courses detail.php Multiple SQL Injection
Scott Manktelow Design Stride 1.0 Courses - 'detail.php' Multiple SQL Injections

Article Dashboard - 'admin/login.php' Multiple SQL Injection
Article Dashboard - 'admin/login.php' Multiple SQL Injections

Multi-Forums - Directory.php Multiple SQL Injection
Multi-Forums - 'Directory.php' Multiple SQL Injections

JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection
JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injections
Absolute News Manager .NET 5.1 - 'pages/default.aspx' template Variable Remote File Access
Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injection
Absolute News Manager .NET 5.1 - 'pages/default.aspx' 'template' Parameter Remote File Access
Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injections

phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking
phpRPG 0.8 - '/tmp' Directory PHPSESSID Cookie Session Hijacking

Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injection
Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injections
eTicket 1.5.5.2 - search.php Multiple Parameter SQL Injection
eTicket 1.5.5.2 - admin.php Multiple Parameter SQL Injection
eTicket 1.5.5.2 - 'search.php' Multiple Parameter SQL Injection
eTicket 1.5.5.2 - 'admin.php' Multiple Parameter SQL Injection
Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/login.jsp Multiple Parameter Cross-Site Scripting
Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/account/findForSelect.jsp resultsForm Parameter Cross-Site Scripting
Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/help/index.jsp helpUrl Variable Remote Frame Injection
Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/user/main.jsp activeControl Parameter Cross-Site Scripting
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/login.jsp' Multiple Parameter Cross-Site Scripting
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp' 'resultsForm' Parameter Cross-Site Scripting
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp' 'helpUrl' Parameter Remote Frame Injection
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp' 'activeControl' Parameter Cross-Site Scripting

MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection
MyBB 1.2.10 - 'moderation.php' Multiple SQL Injections

PacerCMS 0.6 - 'id' Parameter Multiple SQL Injection
PacerCMS 0.6 - 'id' Parameter Multiple SQL Injections

Ipswitch WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass
Ipswitch WS_FTP Server 6 - '/WSFTPSVR/FTPLogServer/LogViewer.asp' Authentication Bypass

Cacti 0.8.7 - tree.php Multiple Parameter SQL Injection
Cacti 0.8.7 - 'tree.php' Multiple Parameter SQL Injections

Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injection
Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections
WebcamXP 3.72.440/4.05.280 Beta - /pocketpc camnum Variable Arbitrary Memory Disclosure
WebcamXP 3.72.440/4.05.280 Beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure
WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc' 'camnum' Parameter Arbitrary Memory Disclosure
WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic' 'id' Parameter Arbitrary Memory Disclosure

Elastic Path 4.1 - 'manager/FileManager.jsp' dir Variable Traversal Arbitrary Directory Listing
Elastic Path 4.1 - 'manager/FileManager.jsp' 'dir' Parameter Traversal Arbitrary Directory Listing

osCommerce 2.3.3.4 - 'geo_zones.php zID Parameter' SQL Injection
osCommerce 2.3.3.4 - 'geo_zones.php' 'zID' Parameter SQL Injection

D-Link DSL-2750B (ADSL Router) - Cross-Site Request Forgery
D-Link DSL-2750B ADSL Route) - Cross-Site Request Forgery

Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
NETGEAR DGN2200 N300 Wireless Router - Multiple Vulnerabilities

Concrete5 5.6.2.1 - 'index.php cID Parameter' SQL Injection
Concrete5 5.6.2.1 - 'index.php' 'cID' Parameter SQL Injection

TLM CMS 1.1 - 'index.php' Multiple SQL Injection
TLM CMS 1.1 - 'index.php' Multiple SQL Injections

RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection
RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injections

IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection
IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injections

WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php track Parameter' SQL Injection
WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php' 'track' Parameter SQL Injection
JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injection
Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injection
dvbbs 8.2 - 'login.asp' Multiple SQL Injection
JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injections
Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injections
dvbbs 8.2 - 'login.asp' Multiple SQL Injections

Te Ecard - 'id' Parameter Multiple SQL Injection
Te Ecard - 'id' Parameter Multiple SQL Injections

Benja CMS 0.1 - /admin/admin_edit_submenu.php URL Cross-Site Scripting
Benja CMS 0.1 - '/admin/admin_edit_submenu.php' URL Cross-Site Scripting

Benja CMS 0.1 - /admin/admin_edit_topmenu.php URL Cross-Site Scripting
Benja CMS 0.1 - '/admin/admin_edit_topmenu.php' URL Cross-Site Scripting

PHP Ticket System Beta 1 - 'get_all_created_by_user.php id Parameter' SQL Injection
PHP Ticket System Beta 1 - 'get_all_created_by_user.php' 'id' Parameter SQL Injection

webERP 4.11.3 - 'SalesInquiry.php SortBy Parameter' SQL Injection
webERP 4.11.3 - 'SalesInquiry.php' 'SortBy' Parameter SQL Injection

couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injection
couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injections

Claroline 1.8.9 - claroline/redirector.php url Variable Arbitrary Site Redirect
Claroline 1.8.9 - 'claroline/redirector.php' 'url' Parameter Arbitrary Site Redirect

EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection / Cross-Site Scripting
EasyPublish 3.0 - 'read' Parameter Multiple SQL Injections / Cross-Site Scripting

ownCloud 4.0.x/4.5.x - 'upload.php Filename Parameter' Remote Code Execution
ownCloud 4.0.x/4.5.x - 'upload.php' 'Filename' Parameter Remote Code Execution

Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injection
Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injections

ZYXEL Router P-660HN-T1A - Login Bypass
ZYXEL P-660HN-T1A Router - Login Bypass

PromoProducts - 'view_product.php' Multiple SQL Injection
PromoProducts - 'view_product.php' Multiple SQL Injections

EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection
EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injections

OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections

InterWorx Control Panel 5.0.13 build 574 - 'xhr.php i Parameter' SQL Injection
InterWorx Control Panel 5.0.13 build 574 - 'xhr.php' 'i' Parameter SQL Injection

Tandis CMS 2.5 - 'index.php' Multiple SQL Injection
Tandis CMS 2.5 - 'index.php' Multiple SQL Injections
TWiki 4.x - SEARCH Variable Remote Command Execution
TWiki 4.x - URLPARAM Variable Cross-Site Scripting
TWiki 4.x - 'SEARCH' Parameter Remote Command Execution
TWiki 4.x - 'URLPARAM' Parameter Cross-Site Scripting

DO-CMS 3.0 - 'p' Parameter Multiple SQL Injection
DO-CMS 3.0 - 'p' Parameter Multiple SQL Injections
MKPortal 1.2.1 - /modules/blog/index.php Home Template Textarea SQL Injection
MKPortal 1.2.1 - /modules/rss/handler_image.php i Parameter Cross-Site Scripting
MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection
MKPortal 1.2.1 - '/modules/rss/handler_image.php' 'i' Parameter Cross-Site Scripting

Banking@Home 2.1 - 'login.asp' Multiple SQL Injection
Banking@Home 2.1 - 'login.asp' Multiple SQL Injections

kitForm CRM Extension 0.43 - 'sorter.php sorter_value Parameter' SQL Injection
kitForm CRM Extension 0.43 - 'sorter.ph' 'sorter_value' Parameter SQL Injection

dompdf 0.6.0 - 'dompdf.php read Parameter' Arbitrary File Read
dompdf 0.6.0 - 'dompdf.php' 'read' Parameter Arbitrary File Read

Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection
Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injections

VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injection
VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injections

Pars CMS - 'RP' Parameter Multiple SQL Injection
Pars CMS - 'RP' Parameter Multiple SQL Injections

tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injection
tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injections

MODx 1.0.3 - 'index.php' Multiple SQL Injection
MODx 1.0.3 - 'index.php' Multiple SQL Injections

HuronCMS - 'index.php' Multiple SQL Injection
HuronCMS - 'index.php' Multiple SQL Injections

4x CMS - 'login.php' Multiple SQL Injection
4x CMS - 'login.php' Multiple SQL Injections

Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injection
Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injections

ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injection
ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injections

GREEZLE - Global Real Estate Agent Login Multiple SQL Injection
(GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections

SaffaTunes CMS - 'news.php' Multiple SQL Injection
SaffaTunes CMS - 'news.php' Multiple SQL Injections

pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injection
pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injections
DiamondList - /user/main/update_settings setting[site_title] Parameter Cross-Site Scripting
DiamondList - /user/main/update_category category[description] Parameter Cross-Site Scripting
DiamondList - '/user/main/update_settings' 'setting[site_title]' Parameter Cross-Site Scripting
DiamondList - '/user/main/update_category' 'category[description]' Parameter Cross-Site Scripting

vBulletin 4.0.x < 4.1.2 - 'search.php cat Parameter' SQL Injection
vBulletin 4.0.x < 4.1.2 - 'search.php' 'cat' Parameter SQL Injection

Mulitple WordPress Themes - 'admin-ajax.php img Parameter' Arbitrary File Download
Mulitple WordPress Themes - 'admin-ajax.php' 'img' Parameter Arbitrary File Download

tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection
tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injections

APBook 1.3 - Admin Login Multiple SQL Injection
APBook 1.3 - Admin Login Multiple SQL Injections

MODx manager - /controllers/default/resource/tvs.php class_key Parameter Traversal Local File Inclusion
MODx manager - '/controllers/default/resource/tvs.php' 'class_key' Parameter Traversal Local File Inclusion

Bacula-Web 5.2.10 - 'joblogs.php jobid Parameter' SQL Injection
Bacula-Web 5.2.10 - 'joblogs.php' 'jobid Parameter SQL Injection
PHP Scripts Now Riddles - /riddles/results.php searchQuery Parameter Cross-Site Scripting
PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection
PHP Scripts Now Riddles - '/riddles/results.php' 'searchQuery' Parameter Cross-Site Scripting
PHP Scripts Now Riddles - '/riddles/list.php' 'catid' Parameter SQL Injection

Easy Banner 2009.05.18 - member.php Multiple Parameter SQL Injection Authentication Bypass
Easy Banner 2009.05.18 - 'member.php' Multiple Parameter SQL Injection / Authentication Bypass

E-lokaler CMS 2 - Admin Login Multiple SQL Injection
E-lokaler CMS 2 - Admin Login Multiple SQL Injections

Blog:CMS 4.2.1 e - Multiple HTML Injection / Cross-Site Scripting
Blog:CMS 4.2.1 e - Multiple HTML Injections / Cross-Site Scripting

Piwigo 2.6.0 - 'picture.php rate Parameter' SQL Injection
Piwigo 2.6.0 - 'picture.php' 'rate' Parameter SQL Injection

Eleanor CMS - Cross-Site Scripting / Multiple SQL Injection
Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections

Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit
NETGEAR WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit

PHPMyRecipes 1.2.2 - 'dosearch.php words_exact Parameter' SQL Injection
PHPMyRecipes 1.2.2 - 'dosearch.php' 'words_exact Parameter SQL Injection

Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection
Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections

BoutikOne - search.php Multiple Parameter SQL Injection
BoutikOne - 'search.php' Multiple Parameter SQL Injections

Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection
Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injections

Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection
Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injections

Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection
Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections

GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injection
GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injections

Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass
Soitec SmartEnergy 1.4 - SCADA Login SQL Injection / Authentication Bypass

CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution
CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution

PHPMyRecipes 1.2.2 - 'browse.php category Parameter' SQL Injection
PHPMyRecipes 1.2.2 - 'browse.php' 'category' Parameter SQL Injection

4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection
4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections

TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection
TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injections

Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injection
Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injections

Mambo Component Docman 1.3.0 - Multiple SQL Injection
Mambo Component Docman 1.3.0 - Multiple SQL Injections

ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injection
ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injections

Paliz Portal - Cross-Site Scripting / Multiple SQL Injection
Paliz Portal - Cross-Site Scripting / Multiple SQL Injections

Sphider 1.3.x - Admin Panel Multiple SQL Injection
Sphider 1.3.x - Admin Panel Multiple SQL Injections

Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injection
Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injections

Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injection
Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections

EasyGallery 5 - 'index.php' Multiple SQL Injection
EasyGallery 5 - 'index.php' Multiple SQL Injections

Xenon - 'id' Parameter Multiple SQL Injection
Xenon - 'id' Parameter Multiple SQL Injections

eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection
eFront 3.6.10 - 'professor.php' Script Multiple SQL Injections

eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injection
eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injections
Dolibarr ERP/CRM - /user/index.php Multiple Parameter SQL Injection
Dolibarr ERP/CRM - /user/info.php id Parameter SQL Injection
Dolibarr ERP/CRM - /admin/boxes.php rowid Parameter SQL Injection
Dolibarr ERP/CRM - '/user/index.php' Multiple Parameter SQL Injections
Dolibarr ERP/CRM - '/user/info.php' 'id' Parameter SQL Injection
Dolibarr ERP/CRM - '/admin/boxes.php' 'rowid' Parameter SQL Injection
PrestaShop 1.4.4.1 - /modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition Parameter Cross-Site Scripting
PrestaShop 1.4.4.1 - /admin/ajaxfilemanager/ajax_save_text.php Multiple Parameter Cross-Site Scripting
PrestaShop 1.4.4.1 - '/modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php' 'Expedition' Parameter Cross-Site Scripting
PrestaShop 1.4.4.1 - '/admin/ajaxfilemanager/ajax_save_text.php' Multiple Parameter Cross-Site Scripting
Manx 1.0.1 - /admin/admin_blocks.php Filename Parameter Traversal Arbitrary File Access
Manx 1.0.1 - /admin/admin_pages.php Filename Parameter Traversal Arbitrary File Access
Manx 1.0.1 - '/admin/admin_blocks.php' 'Filename' Parameter Traversal Arbitrary File Access
Manx 1.0.1 - '/admin/admin_pages.php' 'Filename' Parameter Traversal Arbitrary File Access

SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection
SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injections

Balero CMS 0.7.2 - Multiple Blind SQL Injection
Balero CMS 0.7.2 - Multiple Blind SQL Injections

WordPress Plugin'WP Mobile Edition 2.7 - Remote File Disclosure
WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure

CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injection
CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injections
Dotclear 2.4.1.2 - /admin/auth.php login_data Parameter Cross-Site Scripting
Dotclear 2.4.1.2 - /admin/blogs.php nb Parameter Cross-Site Scripting
Dotclear 2.4.1.2 - /admin/comments.php Multiple Parameter Cross-Site Scripting
Dotclear 2.4.1.2 - /admin/plugin.php page Parameter Cross-Site Scripting
Dotclear 2.4.1.2 - '/admin/auth.php' 'login_data' Parameter Cross-Site Scripting
Dotclear 2.4.1.2 - '/admin/blogs.php' 'nb' Parameter Cross-Site Scripting
Dotclear 2.4.1.2 - '/admin/comments.php' Multiple Parameter Cross-Site Scripting
Dotclear 2.4.1.2 - '/admin/plugin.php' 'page' Parameter Cross-Site Scripting
SAP Business Objects InfoView System - /help/helpredir.aspx guide Parameter Cross-Site Scripting
SAP Business Objects InfoView System - /webi/webi_modify.aspx id Parameter Cross-Site Scripting
SAP Business Objects InfoView System - '/help/helpredir.aspx' 'guide' Parameter Cross-Site Scripting
SAP Business Objects InfoView System - '/webi/webi_modify.aspx' 'id' Parameter Cross-Site Scripting

Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method Cross-Site Scripting
Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php' 'String::stripUnsafeHtml()' Method Cross-Site Scripting

PHP Designer 2007 - Personal Multiple SQL Injection
PHP Designer 2007 Personal - Multiple SQL Injections

WordPress Plugin All-in-One Event Calendar 1.4 agenda-widget.php Multiple Parameter Cross-Site Scripting
WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Parameter Cross-Site Scripting
XOOPS 2.5.4 - /modules/pm/pmlite.php to_userid Parameter Cross-Site Scripting
XOOPS 2.5.4 - /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter Cross-Site Scripting
XOOPS 2.5.4 - '/modules/pm/pmlite.php' 'to_userid' Parameter Cross-Site Scripting
XOOPS 2.5.4 - '/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php' Multiple Parameter Cross-Site Scripting

XM Forum - 'id' Parameter Multiple SQL Injection
XM Forum - 'id' Parameter Multiple SQL Injections

AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection
AdaptCMS 2.0.2 TinyURL Plugin - 'admin.php' Multiple Parameter SQL Injections

Classified Ads Script PHP - 'admin.php' Multiple SQL Injection
Classified Ads Script PHP - 'admin.php' Multiple SQL Injections

Limny - 'index.php' Multiple SQL Injection
Limny - 'index.php' Multiple SQL Injections
TCExam 11.2.x - /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection
TCExam 11.2.x - /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection
TCExam 11.2.x - '/admin/code/tce_edit_answer.php' Multiple Parameter SQL Injection
TCExam 11.2.x - '/admin/code/tce_edit_question.php' 'subject_module_id' Parameter SQL Injection

jCore - /admin/index.php path Parameter Cross-Site Scripting
jCore - '/admin/index.php' 'path' Parameter Cross-Site Scripting

Netsweeper 4.0.8 - SQL Injection Authentication Bypass
Netsweeper 4.0.8 - SQL Injection / Authentication Bypass

dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injection
dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injections

MantisBT 1.2.19 - Host Header Attack
MantisBT 1.2.19 - Host Header Exploit

WordPress Plugin RokBox Plugin - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting
WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf' 'abouttext' Parameter Cross-Site Scripting

cPanel WebHost Manager (WHM) - /webmail/x3/mail/clientconf.html acct Parameter Cross-Site Scripting
cPanel WebHost Manager (WHM) - '/webmail/x3/mail/clientconf.html' 'acct' Parameter Cross-Site Scripting
WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection
WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection
WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php' 'reqID' Parameter SQL Injection
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php' 'reqID' Parameter SQL Injection
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php' 'reqID' Parameter SQL Injection

PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injection
PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injections

ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter Cross-Site Scripting
ezStats for Battlefield 3 - '/ezStats2/compare.php' Multiple Parameter Cross-Site Scripting
PHP Address Book - /addressbook/register/delete_user.php id Parameter SQL Injection
PHP Address Book - /addressbook/register/edit_user.php id Parameter SQL Injection
PHP Address Book - /addressbook/register/edit_user_save.php Multiple Parameter SQL Injection
PHP Address Book - /addressbook/register/linktick.php site Parameter SQL Injection
PHP Address Book - /addressbook/register/reset_password.php Multiple Parameter SQL Injection
PHP Address Book - /addressbook/register/reset_password_save.php Multiple Parameter SQL Injection
PHP Address Book - /addressbook/register/router.php BasicLogin Cookie Parameter SQL Injection
PHP Address Book - /addressbook/register/traffic.php var Parameter SQL Injection
PHP Address Book - /addressbook/register/user_add_save.php email Parameter SQL Injection
PHP Address Book - /addressbook/register/checklogin.php 'Username' Parameter SQL Injection
PHP Address Book - /addressbook/register/admin_index.php q Parameter SQL Injection
PHP Address Book - '/addressbook/register/delete_user.php' 'id' Parameter SQL Injection
PHP Address Book - '/addressbook/register/edit_user.php' 'id' Parameter SQL Injection
PHP Address Book - '/addressbook/register/edit_user_save.php' Multiple Parameter SQL Injection
PHP Address Book - '/addressbook/register/linktick.php' 'site' Parameter SQL Injection
PHP Address Book - '/addressbook/register/reset_password.php' Multiple Parameter SQL Injection
PHP Address Book - '/addressbook/register/reset_password_save.php' Multiple Parameter SQL Injection
PHP Address Book - '/addressbook/register/router.php' 'BasicLogin' Cookie Parameter SQL Injection
PHP Address Book - '/addressbook/register/traffic.php' 'var' Parameter SQL Injection
PHP Address Book - '/addressbook/register/user_add_save.php' 'email' Parameter SQL Injection
PHP Address Book - '/addressbook/register/checklogin.php' 'Username' Parameter SQL Injection
PHP Address Book - '/addressbook/register/admin_index.php' 'q' Parameter SQL Injection
Hero Framework - /users/login 'Username' Parameter Cross-Site Scripting
Hero Framework - /users/forgot_password error Parameter Cross-Site Scripting
Hero Framework - '/users/login' 'Username' Parameter Cross-Site Scripting
Hero Framework - '/users/forgot_password' 'error' Parameter Cross-Site Scripting

RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injection
RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injections
NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting
NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting
NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting
NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Parameter Cross-Site Scripting

Jahia xCM - /engines/manager.jsp site Parameter Cross-Site Scripting
Jahia xCM - '/engines/manager.jsp' 'site' Parameter Cross-Site Scripting

D-Link DIR-816L (Wireless Router) - Cross-Site Request Forgery
D-Link DIR-816L Wireless Router - Cross-Site Request Forgery

Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection
Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injections
NeoBill - /modules/nullregistrar/PHPwhois/example.php query Parameter Remote Code Execution
NeoBill - /install/include/solidstate.php Multiple Parameter SQL Injection
NeoBill - '/modules/nullregistrar/PHPwhois/example.php' 'query' Parameter Remote Code Execution
NeoBill - '/install/include/solidstate.php' Multiple Parameter SQL Injection
C2C Forward Auction Creator 2.0 - /auction/asp/list.asp pa Parameter SQL Injection
C2C Forward Auction Creator - /auction/casp/Admin.asp SQL Injection Admin Authentication Bypass
C2C Forward Auction Creator 2.0 - '/auction/asp/list.asp' 'pa' Parameter SQL Injection
C2C Forward Auction Creator - '/auction/casp/Admin.asp' SQL Injection (Admin Authentication Bypass)

Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass
Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injections / Authentication Bypass
Command School Student Management System - /sw/admin_grades.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_terms.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_school_years.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_sgrades.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_media_codes_1.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_infraction_codes.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_generations.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_relations.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_titles.php id Parameter SQL Injection
Command School Student Management System - /sw/health_allergies.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_school_names.php id Parameter SQL Injection
Command School Student Management System - /sw/admin_subjects.php id Parameter SQL Injection
Command School Student Management System - /sw/backup/backup_ray2.php Database Backup Direct Request Information Disclosure
Command School Student Management System - /sw/Admin_change_Password.php Cross-Site Request Forgery (Admin Password Manipulation)
Command School Student Management System - /sw/add_topic.php Cross-Site Request Forgery (Topic Creation)
Command School Student Management System - '/sw/admin_grades.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_terms.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_school_years.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_sgrades.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_media_codes_1.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_infraction_codes.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_generations.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_relations.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_titles.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/health_allergies.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_school_names.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/admin_subjects.php' 'id' Parameter SQL Injection
Command School Student Management System - '/sw/backup/backup_ray2.php' Database Backup Direct Request Information Disclosure
Command School Student Management System - '/sw/Admin_change_Password.php' Cross-Site Request Forgery (Admin Password Manipulation)
Command School Student Management System - '/sw/add_topic.php' Cross-Site Request Forgery (Topic Creation)
Dredge School Administration System - /DSM/loader.php Id Parameter SQL Injection
Dredge School Administration System - /DSM/loader.php Account Information Disclosure
Dredge School Administration System - /DSM/loader.php Cross-Site Request Forgery (Admin Account Manipulation)
Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure
Dredge School Administration System - '/DSM/loader.php' 'Id' Parameter SQL Injection
Dredge School Administration System - '/DSM/loader.php' Account Information Disclosure
Dredge School Administration System - '/DSM/loader.php' Cross-Site Request Forgery (Admin Account Manipulation)
Dredge School Administration System - '/DSM/Backup/processbackup.php' Database Backup Information Disclosure
UAEPD Shopping Script - /products.php Multiple Parameter SQL Injection
UAEPD Shopping Script - /news.php id Parameter SQL Injection
UAEPD Shopping Script - '/products.php' Multiple Parameter SQL Injection
UAEPD Shopping Script - '/news.php' 'id' Parameter SQL Injection
BloofoxCMS - /bloofox/index.php 'Username' Parameter SQL Injection
BloofoxCMS - /bloofox/admin/index.php 'Username' Parameter SQL Injection
BloofoxCMS - /admin/index.php Cross-Site Request Forgery (Add Admin)
BloofoxCMS - '/bloofox/index.php' 'Username' Parameter SQL Injection
BloofoxCMS - '/bloofox/admin/index.php' 'Username' Parameter SQL Injection
BloofoxCMS - '/admin/index.php' Cross-Site Request Forgery (Add Admin)
Professional Designer E-Store - 'id' Parameter Multiple SQL Injection
GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injection
Professional Designer E-Store - 'id' Parameter Multiple SQL Injections
GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injections
Xangati - /servlet/MGConfigData Multiple Parameter Directory Traversal
Xangati - /servlet/Installer file Parameter Directory Traversal
Xangati - '/servlet/MGConfigData' Multiple Parameter Directory Traversal
Xangati - '/servlet/Installer' 'file' Parameter Directory Traversal
Caldera - /costview2/jobs.php tr Parameter SQL Injection
Caldera - /costview2/printers.php tr Parameter SQL Injection
Caldera - '/costview2/jobs.php' 'tr' Parameter SQL Injection
Caldera - '/costview2/printers.php' 'tr' Parameter SQL Injection

WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injection
WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injections
ol-commerce - /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection
ol-commerce - /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection
ol-commerce - /OL-Commerce/create_account.php country Parameter SQL Injection
ol-commerce - /OL-Commerce/admin/create_account.php entry_country_id Parameter SQL Injection
OL-Commerce - '/OL-Commerce/affiliate_signup.php' 'a_country' Parameter SQL Injection
OL-Commerce - '/OL-Commerce/affiliate_show_banner.php' 'affiliate_banner_id' Parameter SQL Injection
OL-Commerce - '/OL-Commerce/create_account.php' 'country' Parameter SQL Injection
OL-Commerce - '/OL-Commerce/admin/create_account.php' 'entry_country_id' Parameter SQL Injection

NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection
NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections

Multiple Netgear Routers - Password Disclosure
Multiple NETGEAR Routers - Password Disclosure

WebKit - Stealing Variables via Page Navigation in FrameLoader::clear
WebKit - Stealing Variables via Page Navigation in 'FrameLoader::clear'
2017-06-23 05:01:28 +00:00
platforms DB: 2017-06-23 2017-06-23 05:01:28 +00:00
files.csv DB: 2017-06-23 2017-06-23 05:01:28 +00:00
README.md Add "--exclude" to remove values from results 2017-06-14 15:58:54 +01:00
searchsploit Add "--exclude" to remove values from results 2017-06-14 15:58:54 +01:00

The Exploit Database Git Repository

This is the official repository of The Exploit Database, a project sponsored by Offensive Security.

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.

This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.

Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms. For more information, please see the SearchSploit manual.

root@kali:~# searchsploit -h
  Usage: searchsploit [options] term1 [term2] ... [termN]

==========
 Examples
==========
  searchsploit afd windows local
  searchsploit -t oracle windows
  searchsploit -p 39446
  searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"

  For more examples, see the manual: https://www.exploit-db.com/searchsploit/

=========
 Options
=========
   -c, --case     [Term]      Perform a case-sensitive search (Default is inSEnsITiVe).
   -e, --exact    [Term]      Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
   -h, --help                 Show this help screen.
   -j, --json     [Term]      Show result in JSON format.
   -m, --mirror   [EDB-ID]    Mirror (aka copies) an exploit to the current working directory.
   -o, --overflow [Term]      Exploit titles are allowed to overflow their columns.
   -p, --path     [EDB-ID]    Show the full path to an exploit (and also copies the path to the clipboard if possible).
   -t, --title    [Term]      Search JUST the exploit title (Default is title AND the file's path).
   -u, --update               Check for and install any exploitdb package updates (deb or git).
   -w, --www      [Term]      Show URLs to Exploit-DB.com rather than the local path.
   -x, --examine  [EDB-ID]    Examine (aka opens) the exploit using $PAGER.
       --colour               Disable colour highlighting in search results.
       --id                   Display the EDB-ID value rather than local path.
       --nmap     [file.xml]  Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
                                Use "-v" (verbose) to try even more combinations
       --exclude="term"       Remove values from results. By using "|" to separated you can chain multiple values.
                                e.g. --exclude="term1|term2|term3".

=======
 Notes
=======
 * You can use any number of search terms.
 * Search terms are not case-sensitive (by default), and ordering is irrelevant.
   * Use '-c' if you wish to reduce results by case-sensitive searching.
   * And/Or '-e' if you wish to filter results by using an exact match.
 * Use '-t' to exclude the file's path to filter the search results.
   * Remove false positives (especially when searching using numbers - i.e. versions).
 * When updating or displaying help, search terms will be ignored.

root@kali:~#
root@kali:~# searchsploit afd windows local
---------------------------------------------------------------------------------------- -----------------------------------
 Exploit Title                                                                          |  Path
                                                                                        | (/usr/share/exploitdb/platforms/)
---------------------------------------------------------------------------------------- -----------------------------------
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service                         | windows/dos/17133.c
Microsoft Windows - 'afd.sys' Local Kernel Exploit (PoC) (MS11-046)                     | windows/dos/18755.c
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)        | windows/local/6757.txt
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)                   | windows/local/18176.py
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit)          | windows/local/21844.rb
Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)  | win_x86/local/39446.py
Microsoft Windows 7 (x64) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)  | win_x86-64/local/39525.py
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)                     | win_x86/local/40564.c
---------------------------------------------------------------------------------------- -----------------------------------
root@kali:~#
root@kali:~# searchsploit -p 39446
Exploit: Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
    URL: https://www.exploit-db.com/exploits/39446/
   Path: /usr/share/exploitdb/platforms/win_x86/local/39446.py

Copied EDB-ID 39446's path to the clipboard.

root@kali:~#

SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash, sed, grep, awk, etc.) for the core features to work. The self updating function will require git, and the Nmap XML option to work, will require xmllint (found in the libxml2-utils package in Debian-based systems).