![]() 11 new exploits Microsoft Windows - ASN.1 LSASS.exe Remote Exploit (MS04-007) Microsoft Windows - ASN.1 'LSASS.exe' Remote Exploit (MS04-007) Slackware Linux - /usr/bin/ppp-off Insecure /tmp Call Exploit Slackware Linux - '/usr/bin/ppp-off' Insecure /tmp Call Exploit Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool Microsoft Windows XP/2000 - TCP Connection Reset Remote Exploit PostgreSQL 8.01 - Remote Reboot Denial of Service PostgreSQL 8.01 - Remote Reboot (Denial of Service) Cisco IP Phone 7940 - (Reboot) Denial of Service Cisco IP Phone 7940 - Reboot (Denial of Service) Cisco Aironet Wireless Access Points - Memory Exhaustion ARP Attack Denial of Service Cisco Aironet Wireless Access Points - Memory Exhaustion ARP (Denial of Service) Dropbear / OpenSSH Server - (MAX_UNAUTH_CLIENTS) Denial of Service Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIENTS' Denial of Service 2WIRE Modems/Routers - CRLF Denial of Service 2WIRE Modems/Routers - 'CRLF' Denial of Service FTP Explorer 1.0.1 Build 047 - (CPU Consumption) Remote Denial of Service FTP Explorer 1.0.1 Build 047 - Remote CPU Consumption (Denial of Service) Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Cisco Phone 7940/7960 - 'SIP INVITE' Remote Denial of Service Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Hang / Crash (Denial of Service) Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 - Hang / Crash (Denial of Service) Linksys SPA941 - (remote reboot) Remote Denial of Service Linksys SPA941 - Remote Reboot (Denial of Service) CA BrightStor Backup 11.5.2.0 - caloggderd.exe Denial of Service CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service CA BrightStor Backup 11.5.2.0 - 'caloggderd.exe' Denial of Service CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Denial of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service Galaxy FTP Server 1.0 (Neostrada Livebox DSL Router) - Denial of Service Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service Xerox Phaser 8400 - (reboot) Remote Denial of Service Xerox Phaser 8400 - Remote Reboot (Denial of Service) Microsoft Windows Mobile 6.0 - Device long name Remote Reboot Exploit Microsoft Windows Mobile 6.0 - Device Long Name Remote Reboot (Denial of Service) Linksys WAG54G v2 (Wireless ADSL Router) - httpd Denial of Service Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service Netgear SSL312 Router - Denial of Service NETGEAR SSL312 Router - Denial of Service Netgear WGR614v9 Wireless Router - Denial of Service NETGEAR WGR614v9 Wireless Router - Denial of Service Gigaset SE461 WiMAX router - Remote Denial of Service Gigaset SE461 WiMAX Router - Remote Denial of Service Netgear DG632 Router - Remote Denial of Service NETGEAR DG632 Router - Remote Denial of Service Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC) Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC) Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot Exploit Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot (Denial of Service) Siemens Gigaset SE361 WLAN - Remote Reboot Exploit Siemens Gigaset SE361 WLAN - Remote Reboot (Denial of Service) Apple Mac OSX 10.6 - HFS File System Attack (Denial of Service) Apple Mac OSX 10.6 - HFS FileSystem Exploit (Denial of Service) HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'webappmon.exe' 'execvp_nc' Remote Code Execution Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe Denial of Service (PoC) Cyclope Internet Filtering Proxy 4.0 - 'CEPMServer.exe' Denial of Service (PoC) AirTies-4450 - Unauthorized Remote Reboot AirTies-4450 - Unauthorized Remote Reboot (Denial of Service) Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Exploit SunOS 4.1.1 - '/usr/release/bin/makeinstall' Exploit SunOS 4.1.1 - '/usr/release/bin/winstall' Exploit Linux Kernel 2.2 - 'ldd core' Force Reboot Linux Kernel 2.2 - 'ldd core' Force Reboot (Denial of Service) Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - 'visiadmin.exe' Denial of Service OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow OReilly WebSite 1.x/2.0 - 'win-c-sample.exe' Buffer Overflow Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption (Denial of Service) ID Software Quake 3 - 'smurf attack' Denial of Service ID Software Quake 3 - 'SMURF' Denial of Service Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow Microsoft Windows NT/2000 - cmd.exe CD Buffer Overflow Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow Gordano Messaging Suite 9.0 - WWW.exe Denial of Service Gordano Messaging Suite 9.0 - 'WWW.exe' Denial of Service TYPSoft FTP Server 1.1 - Remote CPU Consumption Denial of Service TYPSoft FTP Server 1.1 - Remote CPU Consumption (Denial of Service) Microsoft Windows XP - explorer.exe Remote Denial of Service Microsoft Windows XP - 'explorer.exe' Remote Denial of Service VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions VMware Workstation - 'vprintproxy.exe' JPEG2000 Images Multiple Memory Corruptions Gattaca Server 2003 - web.tmpl Language Variable CPU Consumption Denial of Service Gattaca Server 2003 - 'web.tmpl' 'Language' Parameter CPU Consumption (Denial of Service) VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow VMware Workstation - 'vprintproxy.exe' TrueType NAME Tables Heap Buffer Overflow Microsoft Windows XP - explorer.exe .tiff Image Denial of Service Microsoft Windows XP - 'explorer.exe' '.tiff' Image Denial of Service Microsoft Windows XP - TSShutdn.exe Remote Denial of Service Microsoft Windows XP - 'TSShutdn.exe' Remote Denial of Service Orenosv HTTP/FTP Server 0.8.1 - CGISSI.exe Remote Buffer Overflow Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow PHPMailer 1.7 - Data() Function Remote Denial of Service PHPMailer 1.7 - 'Data()' Function Remote Denial of Service Sights 'N Sounds Streaming Media Server 2.0.3 - SWS.exe Buffer Overflow Sights 'N Sounds Streaming Media Server 2.0.3 - 'SWS.exe' Buffer Overflow DSocks 1.3 - Name Variable Buffer Overflow DSocks 1.3 - 'Name' Parameter Buffer Overflow Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow Microsoft Class Package Export Tool 5.0.2752 - 'Clspack.exe' Local Buffer Overflow Android Zygote - Socket and Fork bomb Attack Android Zygote - Socket and Fork Bomb (Denial of Service) Nvidia NView 3.5 - Keystone.exe Local Denial of Service Nvidia NView 3.5 - 'Keystone.exe' Local Denial of Service Ipswitch WS_FTP 2007 Professional - WSFTPURL.exe Local Memory Corruption Ipswitch WS_FTP 2007 Professional - 'WSFTPURL.exe' Local Memory Corruption Larson Network Print Server 9.4.2 build 105 - (LstNPS) NPSpcSVR.exe License Command Remote Overflow Larson Network Print Server 9.4.2 build 105 (LstNPS) - 'NPSpcSVR.exe' License Command Remote Overflow Linksys WRH54G 1.1.3 - (Wireless-G Router) Malformed HTTP Request Denial of Service Linksys WRH54G 1.1.3 Wireless-G Router - Malformed HTTP Request Denial of Service Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote Denial of Service Ability FTP Server 2.1.4 - 'afsmain.exe' USER Command Remote Denial of Service Adobe Flash - Setting Variable Use-After-Free Adobe Flash - 'Setting' Variable Use-After-Free Git 1.9.5 - ssh-agent.exe Buffer Overflow Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow Apple Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow Adobe Flash TextField Variable - Use-After Free Adobe Flash TextField.Variable Setter - Use-After-Free Adobe Flash - 'TextField' Variable Use-After Free Adobe Flash - TextField.Variable Setter Use-After-Free Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/reboot.cgi Unauthenticated Remote Reboot Denial of Service Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/reboot.cgi' Unauthenticated Remote Reboot (Denial of Service) Microsoft WinDbg - logviewer.exe Crash (PoC) Microsoft WinDbg - 'logviewer.exe' Crash (PoC) Microsoft Windows - 'win32k!NtGdiExtGetObjectW' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiGetOutlineTextMetricsInternalW' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiGetTextMetricsW' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiGetRealizationInfo' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!ClientPrinterThunk' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationJobObject (BasicLimitInformation_ ExtendedLimitInformation)' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessVmCounters)' Kernel Stack Memory Disclosure Microsoft Windows - 'win32k!NtGdiMakeFontDir' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 12)' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 28)' Kernel Stack Memory Disclosure Microsoft Windows - 'nt!NtQueryInformationTransaction (information class 1)' Kernel Stack Memory Disclosure UUCP Exploit - File Creation/Overwriting (symlinks) Exploit UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit HP-UX 11.0 - /bin/cu Privilege Escalation HP-UX 11.0 - '/bin/cu' Privilege Escalation Solaris 2.6 / 2.7 - /usr/bin/write Local Overflow Solaris 2.6 / 2.7 - '/usr/bin/write' Local Overflow IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/bin/lpstat Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Exploit IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/lib/print/netprint' Local Exploit Tru64 UNIX 4.0g - /usr/bin/at Privilege Escalation Slackware 7.1 - /usr/bin/mail Local Exploit Tru64 UNIX 4.0g - '/usr/bin/at' Privilege Escalation Slackware 7.1 - '/usr/bin/mail' Local Exploit Solaris 2.4 - /bin/fdformat Local Buffer Overflows Solaris 2.5.1 lp and lpsched - Symlink Vulnerabilities Solaris 2.4 - '/bin/fdformat' Local Buffer Overflow Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities AIX 4.2 - /usr/dt/bin/dtterm Local Buffer Overflow AIX 4.2 - '/usr/dt/bin/dtterm' Local Buffer Overflow SGI IRIX - /bin/login Local Buffer Overflow IRIX 5.3 - /usr/sbin/iwsh Buffer Overflow Privilege Escalation SGI IRIX - '/bin/login Local' Buffer Overflow IRIX 5.3 - '/usr/sbin/iwsh' Buffer Overflow Privilege Escalation Apple Mac OSX 10.3.7 - mRouter Privilege Escalation Apple Mac OSX 10.3.7 - 'mRouter' Privilege Escalation Sudo 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Privilege Escalation Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation Appfluent Database IDS < 2.1.0.103 - (Env Variable) Local Exploit Appfluent Database IDS < 2.1.0.103 - Environment Variable Local Exploit HP-UX 11i - (LIBC TZ enviroment Variable) Privilege Escalation HP-UX 11i - 'LIBC TZ' Enviroment Variable Privilege Escalation Xcode OpenBase 10.0.0 (OSX) - (symlink) Privilege Escalation Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation Adobe Photoshop CS2 - / CS3 Unspecified '.bmp' File Buffer Overflow Adobe Photoshop CS2 / CS3 - Unspecified '.bmp' File Buffer Overflow Debian - (symlink attack in login) Arbitrary File Ownership (PoC) Debian - (Symlink In Login) Arbitrary File Ownership (PoC) Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow Cain & Abel 4.9.25 - 'Cisco IOS-MD5' Local Buffer Overflow xscreensaver 5.01 - Arbitrary File Disclosure Symlink Attack xscreensaver 5.01 - Arbitrary File Disclosure Symlink Exploit PHP 5.2.12/5.3.1 - symlink() open_basedir Bypass PHP 5.2.12/5.3.1 - 'symlink()' open_basedir Bypass HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Buffer Overflow (SEH) Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL Microsoft Windows 7 - 'wab32res.dll' 'wab.exe' DLL Hijacking Oracle 10/11g - exp.exe Parameter file Local Buffer Overflow (PoC) Oracle 10/11g - 'exp.exe' 'file' Parameter Local Buffer Overflow (PoC) ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT symlink ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT Symlink Exploit Hancom Office 2007 - Reboot.ini Clear-Text Passwords Hancom Office 2007 - 'Reboot.ini' Clear-Text Passwords G. Wilford man 2.3.10 - Symlink G. Wilford man 2.3.10 - Symlink Exploit X11R6 3.3.3 - Symlink X11R6 3.3.3 - Symlink Exploit SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - '/usr/lib/netaddpr' Exploit SCO Open Server 5.0.5 - 'userOsa' symlink SCO Open Server 5.0.5 - 'userOsa' Symlink Exploit Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Spoolss.exe DLL Insertion Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Spoolss.exe' DLL Insertion FreeBSD 3.3 gdc - Symlink FreeBSD 3.3 gdc - Symlink Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink Exploit FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - /proc File Sytem FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - '/proc' FileSystem Exploit Debian 2.1 - apcd Symlink Debian 2.1 - apcd Symlink Exploit SCO Unixware 7.1/7.1.1 - ARCserver /tmp symlink SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink Exploit Sun Workshop 5.0 - Licensing Manager Symlink Sun Workshop 5.0 - Licensing Manager Symlink Exploit Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - /tmp Symlink Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink Exploit OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink Exploit KDE 1.1 - /1.1.1/1.1.2/1.2 kdesud DISPLAY Environment Variable Overflow KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow HP-UX 10.20/11.0 man - /tmp Symlink Exploit HP-UX 10.20/11.0 - man '/tmp' Symlink Exploit HP-UX 10.20/11.0 crontab - /tmp File HP-UX 10.20/11.0 - crontab '/tmp' File Exploit Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation Solaris 10 Patch 137097-01 - Symlink Privilege Escalation Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow Tower Toppler 0.99.1 - 'Display' Parameter Local Buffer Overflow Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows Server 2000 - 'RegEdit.exe' Registry Key Value Buffer Overflow RedHat 9.0 / Slackware 8.1 - /bin/mail Carbon Copy Field Buffer Overrun RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure Linux Kernel 2.2.x / 2.4.x - '/proc' Filesystem Potential Information Disclosure Microsoft Windows XP/2000 - RunDLL32.exe Buffer Overflow Microsoft Windows XP/2000 - 'RunDLL32.exe' Buffer Overflow Tower Toppler 0.96 - HOME Environment Variable Local Buffer Overflow Tower Toppler 0.96 - 'HOME Environment' Parameter Local Buffer Overflow Top 1.x/2.0 - Home Environment Variable Local Buffer Overflow Top 1.x/2.0 - 'Home Environment' Parameter Local Buffer Overflow XBlast 2.6.1 - HOME Environment Variable Buffer Overflow XBlast 2.6.1 - 'HOME Environment' Variable Buffer Overflow XPCD 2.0.8 - Home Environment Variable Local Buffer Overflow XPCD 2.0.8 - 'Home Environment' Variable Local Buffer Overflow XSOK 1.0 2 - LANG Environment Variable Local Buffer Overrun XSOK 1.0 2 - 'LANG Environment' Variable Local Buffer Overrun Linux Kernel 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure Linux Kernel 2.6.32-5 (Debian 6.0.5) - '/dev/ptmx' Key Stroke Timing Local Disclosure ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution ELinks Relative 0.10.6 / 011.1 - Path Arbitrary Code Execution Oracle - HtmlConverter.exe Buffer Overflow Oracle - 'HtmlConverter.exe' Buffer Overflow Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation Linux Kernel 2.6.32 (Ubuntu 10.04) - '/proc' Handling SUID Privilege Escalation Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit Linux pam_lib_smb < 1.1.6 - '/bin/login' Remote Exploit Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036) Microsoft Windows - DHCP Client Broadcast Exploit (MS06-036) Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - (FTP) Remote Exploit Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - 'FTP' Remote Exploit Oracle 9i / 10g - 'utl_file' File System Access Exploit Oracle 9i / 10g - 'utl_file' FileSystem Access Exploit HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'ovalarmsrv.exe' Remote Overflow Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb) Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB) Sagem F@ST (Routers) - (dhcp hostname attack) Cross-Site Request Forgery Sagem F@ST Routers - DHCP Hostname Cross-Site Request Forgery Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC) Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload (PoC) Microsoft Windows - SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068) Microsoft Windows - SmbRelay3 NTLM Replay Exploit (MS08-068) Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting Attack Optus/Huawei E960 HSDPA Router - Sms Cross-Site Scripting Apple Safari 3.2.x - (XXE attack) Local File Theft Apple Safari 3.2.x - (XXE) Local File Theft Netgear DG632 Router - Authentication Bypass NETGEAR DG632 Router - Authentication Bypass BRS Webweaver 1.33 - /Scripts Access Restriction Bypass BRS Webweaver 1.33 - '/Scripts' Access Restriction Bypass Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow Ada Image Server 0.6.7 - 'imgsrv.exe' Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Unauthenticated Remote Buffer Overflow HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow Cisco ASA 8.x - VPN SSL module Clientless URL-list control Bypass HMS HICP Protocol + Intellicom - 'NetBiterConfig.exe' Remote Buffer Overflow Cisco ASA 8.x - VPN SSL Module Clientless URL-list control Bypass HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Topic Overflow HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid MaxAge Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid ICount Remote Code Execution HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid Hostname Remote Code Execution minerCPP 0.4b - Remote Buffer Overflow / Format String Attack Exploit minerCPP 0.4b - Remote Buffer Overflow / Format String Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution COMTREND ADSL Router CT-5367 C01_R12 - Remote Code Execution HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1) HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (1) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2) HP - 'OmniInet.exe' MSG_PROTOCOL Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit) Microsoft Internet Explorer - 'Winhlp32.exe' MsgBox Code Execution (MS10-023) (Metasploit) IBM Lotus Domino Sametime - STMux.exe Stack Buffer Overflow (Metasploit) IBM Lotus Domino Sametime - 'STMux.exe' Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - 'OVAS.exe' Unauthenticated Stack Buffer Overflow (Metasploit) HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'Snmp.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - OvWebHelp.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovalarm.exe' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - OpenView5.exe CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'OpenView5.exe' CGI Buffer Overflow (Metasploit) IBM TPM for OS Deployment 5.1.0.x - rembo.exe Buffer Overflow (Metasploit) IBM TPM for OS Deployment 5.1.0.x - 'rembo.exe' Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - EarthAgent.exe Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'OvJavaLocale' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe' 'execvp' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit) HP OpenView Network Node Manager - snmpviewer.exe Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow (Metasploit) HP OpenView Network Node Manager - ovwebsnmpsrv.exe ovutil Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe' 'schdParams' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'snmpviewer.exe' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'ICount' CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'main' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' (MaxAge) CGI Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' Unrecognized Option Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe' 'ovutil' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' 'Hostname' CGI Buffer Overflow (Metasploit) 7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow (Metasploit) 7-Technologies IGSS 9.00.00 b11063 - 'IGSSdataServer.exe' Stack Overflow (Metasploit) Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow (Metasploit) Citrix Provisioning Services 5.6 - 'streamprocess.exe' Buffer Overflow (Metasploit) FactoryLink - vrn.exe Opcode 9 Buffer Overflow (Metasploit) FactoryLink - 'vrn.exe' Opcode 9 Buffer Overflow (Metasploit) HP - OmniInet.exe Opcode 27 Buffer Overflow (Metasploit) HP - 'OmniInet.exe' Opcode 27 Buffer Overflow (Metasploit) Symantec Backup Exec 12.5 - MiTM Attack Symantec Backup Exec 12.5 - Man In The Middle Exploit HP OpenView Network Node Manager - Toolbar.exe CGI Cookie Handling Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Cookie Handling Buffer Overflow (Metasploit) Sunway Force Control SCADA 6.1 SP3 - httpsrv.exe Exploit Sunway Force Control SCADA 6.1 SP3 - 'httpsrv.exe' Exploit Procyon Core Server HMI 1.13 - Coreservice.exe Stack Buffer Overflow (Metasploit) Procyon Core Server HMI 1.13 - 'Coreservice.exe' Stack Buffer Overflow (Metasploit) HP Diagnostics Server - magentservice.exe Overflow (Metasploit) HP Diagnostics Server - 'magentservice.exe' Overflow (Metasploit) Sunway ForceControl - SNMP NetDBServer.exe Opcode 0x57 (Metasploit) Sunway ForceControl - SNMP 'NetDBServer.exe' Opcode 0x57 (Metasploit) Trend Micro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow (Metasploit) Trend Micro Control Manger 5.5 - 'CmdProcessor.exe' Stack Buffer Overflow (Metasploit) Antelope Software W4-Server 2.6 a/Win32 - Cgitest.exe Buffer Overflow Antelope Software W4-Server 2.6 a/Win32 - 'Cgitest.exe' Buffer Overflow Netscape Enterprise Server / Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities Netscape Enterprise Server / Novell Groupwise 5.2/5.5 - 'GWWEB.EXE' Multiple Vulnerabilities FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - htimage.exe File Existence Disclosure FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - 'htimage.exe' File Existence Disclosure NAI Net Tools PKI Server 1.0 - strong.exe Buffer Overflow NAI Net Tools PKI Server 1.0 - 'strong.exe' Buffer Overflow Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure Mandrake 6.1/7.0/7.1 - '/perl' HTTP Directory Disclosure Microsoft IIS 3.0 - newdsn.exe File Creation Microsoft IIS 3.0 - 'newdsn.exe' File Creation Greg Matthews - Classifieds.cgi 1.0 Hidden Variable Greg Matthews - 'Classifieds.cgi' 1.0 Hidden Variable WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access WebCom datakommunikation Guestbook 0.1 - 'wguest.exe' Arbitrary File Access WebCom datakommunikation Guestbook 0.1 - 'rguest.exe' Arbitrary File Access MetaProducts Offline Explorer 1.x - File System Disclosure MetaProducts Offline Explorer 1.x - FileSystem Disclosure Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Attack Detection Evasion Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Detection Evasion Webmin 1.580 - /file/show.cgi Remote Command Execution (Metasploit) Webmin 1.580 - '/file/show.cgi' Remote Command Execution (Metasploit) HP Operations Agent Opcode - coda.exe 0x8c Buffer Overflow (Metasploit) HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow (Metasploit) HP Operations Agent - Opcode 'coda.exe' 0x8c Buffer Overflow (Metasploit) HP Operations Agent - Opcode 'coda.exe' 0x34 Buffer Overflow (Metasploit) Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure Netgear FM114P ProSafe Wireless Router - Rule Bypass NETGEAR FM114P ProSafe Wireless Router - Rule Bypass M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Cross-Site Scripting M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Cross-Site Scripting Microsoft Internet Explorer 6 -' %USERPROFILE%' File Execution Microsoft Internet Explorer 6 - '%USERPROFILE%' File Execution EZMeeting 3.x - EZNet.exe Long HTTP Request Remote Buffer Overflow EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow Enterasys NetSight - nssyslogd.exe Buffer Overflow (Metasploit) IBM Cognos - tm1admsd.exe Overflow (Metasploit) Enterasys NetSight - 'nssyslogd.exe' Buffer Overflow (Metasploit) IBM Cognos - 'tm1admsd.exe' Overflow (Metasploit) Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-Site Scripting Webcam Corp Webcam Watchdog 4.0.1 - 'sresult.exe' Cross-Site Scripting Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow Oracle 8.x/9.x/10.x - Database Multiple SQL Injection Oracle 8.x/9.x/10.x Database - Multiple SQL Injections SAP Business Connector 4.6/4.7 - chopSAPLog.dsp fullName Variable Arbitrary File Disclosure SAP Business Connector 4.6/4.7 - deleteSingle fullName Variable Arbitrary File Deletion SAP Business Connector 4.6/4.7 - adapter-index.dsp url Variable Arbitrary Site Redirect SAP Business Connector 4.6/4.7 - 'chopSAPLog.dsp' 'fullName' Parameter Arbitrary File Disclosure SAP Business Connector 4.6/4.7 - 'deleteSingle' 'fullName' Parameter Arbitrary File Deletion SAP Business Connector 4.6/4.7 - 'adapter-index.dsp' 'url' Parameter Arbitrary Site Redirect Microsoft PowerPoint 2003 - powerpnt.exe Unspecified Issue Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue Cruiseworks 1.09 - Cws.exe Doc Directory Traversal Cruiseworks 1.09 - Cws.exe Doc Buffer Overflow Cruiseworks 1.09 - 'Cws.exe' Doc Directory Traversal Cruiseworks 1.09 - 'Cws.exe' Doc Buffer Overflow aBitWhizzy - whizzypic.php d Variable Traversal Arbitrary Directory Listing aBitWhizzy - 'whizzypic.php' 'd' ParameterTraversal Arbitrary Directory Listing LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Buffer Overflow Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Based Buffer Overflow Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Based Buffer Overflow ABB MicroSCADA - wserver.exe Remote Code Execution (Metasploit) ABB MicroSCADA - 'wserver.exe' Remote Code Execution (Metasploit) SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities SAP DB 7.x Web Server - 'WAHTTP.exe' Multiple Buffer Overflow Vulnerabilities Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSUserCGI.exe Help Facility Cross-Site Scripting Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSUserCGI.exe' Help Facility Cross-Site Scripting HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe' Action Parameter Traversal Arbitrary File Access F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - '/vdesk/admincon/webyfiers.php' 'css_exceptions' Parameter Cross-Site Scripting F5 FirePass 6.0.2.3 - '/vdesk/admincon/index.php' 'sql_matchscope' Parameter Cross-Site Scripting GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution (Metasploit) GE Proficy CIMPLICITY - 'gefebt.exe' Remote Code Execution (Metasploit) SolidWorks Workgroup PDM 2014 - pdmwService.exe Arbitrary File Write (Metasploit) SolidWorks Workgroup PDM 2014 - 'pdmwService.exe' Arbitrary File Write (Metasploit) Yokogawa CENTUM CS 3000 - BKHOdeq.exe Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - BKBCopyD.exe Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - 'BKBCopyD.exe' Buffer Overflow (Metasploit) Apache Geronimo 2.1.x - /console/portal/Server/Monitoring Multiple Parameter Cross-Site Scripting Apache Geronimo 2.1.x - '/console/portal/Server/Monitoring' Multiple Parameter Cross-Site Scripting Comtrend CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting COMTREND CT-507 IT ADSL Router - 'scvrtsrv.cmd' Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - /diagnose Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - /configuration Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - /scripter.php Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - '/diagnose' Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - '/configuration' Multiple Parameter Cross-Site Scripting Juniper Junos 8.5/9.0 J-Web Interface - '/scripter.php' Multiple Parameter Cross-Site Scripting Yokogawa CS3000 - BKESimmgr.exe Buffer Overflow (Metasploit) Yokogawa CS3000 - 'BKESimmgr.exe' Buffer Overflow (Metasploit) Yokogawa CS3000 - BKFSim_vhfd.exe Buffer Overflow (Metasploit) Yokogawa CS3000 - 'BKFSim_vhfd.exe' Buffer Overflow (Metasploit) U.S.Robotics USR5463 0.06 - Firmware setup_ddns.exe HTML Injection U.S.Robotics USR5463 0.06 Firmware - 'setup_ddns.exe' HTML Injection WhatsApp 2.11.476 - Remote Reboot/Crash App Android Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu.maf jdeowpBackButtonProtect Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_Menu.mafService e1.namespace Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/E1Menu_OCL.mafService e1.namespace Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/MafletClose.mafService RENDER_MAFLET Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter Cross-Site Scripting WhatsApp 2.11.476 (Android) - Remote Reboot/Crash App (Denial of Service) Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf' 'jdeowpBackButtonProtect' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService' 'e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService' 'e1.namespace' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/MafletClose.mafService' 'RENDER_MAFLET' Parameter Cross-Site Scripting Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/JASMafletMafBrowserClose.mafService' 'jdemafjasLinkTarget' Parameter Cross-Site Scripting Linksys WRT54GL (Wireless Router) - Cross-Site Request Forgery Linksys WRT54GL Wireless Router - Cross-Site Request Forgery Cisco Linksys E4200 - /apply.cgi Multiple Parameter Cross-Site Scripting Cisco Linksys E4200 - '/apply.cgi' Multiple Parameter Cross-Site Scripting Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/diagnostic.cgi ping_ipaddr Parameter Remote Code Execution Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi' 'ping_ipaddr' Parameter Remote Code Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution Comtrend CT-5361T Router - Password.cgi Cross-Site Request Forgery (Admin Password Manipulation) COMTREND CT-5361T Router - 'Password.cgi' Cross-Site Request Forgery (Admin Password Manipulation) Alfresco - /proxy endpoint Parameter Server-Side Request Forgery Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery Alfresco - '/proxy' 'endpoint' Parameter Server-Side Request Forgery Alfresco - '/cmisbrowser' 'url' Parameter Server-Side Request Forgery PhpTagCool 1.0.3 - SQL Injection Attacks Exploit PhpTagCool 1.0.3 - SQL Injection phpBB 2.0.18 - Remote Brute Force/Dictionary Attack Tool (2) phpBB 2.0.18 - Remote Brute Force/Dictionary (2) Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Attack Vectors Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Yrch 1.0 - 'plug.inc.php path Variable' Remote File Inclusion Yrch 1.0 - 'plug.inc.php' 'path' Parameter Remote File Inclusion Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection Vizayn Haber - 'haberdetay.asp' 'id' Parameter SQL Injection iG Calendar 1.0 - 'user.php id Variable' SQL Injection iG Calendar 1.0 - 'user.php' 'id' Parameter SQL Injection MGB 0.5.4.5 - 'email.php id Variable' SQL Injection MGB 0.5.4.5 - 'email.php' 'id' Parameter SQL Injection Alstrasoft e-Friends 4.98 - (seid) Multiple SQL Injection Alstrasoft e-Friends 4.98 - 'seid' Multiple SQL Injections MyPHP Forum 3.0 - (Final) Multiple SQL Injection MyPHP Forum 3.0 (Final) - Multiple SQL Injections File Store PRO 3.2 - Multiple Blind SQL Injection File Store PRO 3.2 - Multiple Blind SQL Injections AssetMan 2.5-b - SQL Injection using Session Fixation Attack AssetMan 2.5-b - SQL Injection using Session Fixation Kasra CMS - 'index.php' Multiple SQL Injection Kasra CMS - 'index.php' Multiple SQL Injections NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injection NEWSolved 1.1.6 - 'login grabber' Multiple SQL Injections T-HTB Manager 0.5 - Multiple Blind SQL Injection T-HTB Manager 0.5 - Multiple Blind SQL Injections Joomla! Component com_oziogallery2 - / IMAGIN Arbitrary file write Joomla! Component com_oziogallery2 / IMAGIN - Arbitrary File Write Open Bulletin Board - Multiple Blind SQL Injection Open Bulletin Board - Multiple Blind SQL Injections AJ Matrix 3.1 - 'id' Multiple SQL Injection AJ Matrix 3.1 - 'id' Multiple SQL Injections Zylone IT - Multiple Blind SQL Injection Zylone IT - Multiple Blind SQL Injections WhiteBoard 0.1.30 - Multiple Blind SQL Injection WhiteBoard 0.1.30 - Multiple Blind SQL Injections AV Arcade 3 - Cookie SQL Injection Authentication Bypass AV Arcade 3 - Cookie SQL Injection / Authentication Bypass Joomla! Component Teams - Multiple Blind SQL Injection Joomla! Component Teams - Multiple Blind SQL Injections AneCMS - /registre/next SQL Injection AneCMS - '/registre/next' SQL Injection Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injection Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injections Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injections ColdOfficeView 2.04 - Multiple Blind SQL Injection ColdOfficeView 2.04 - Multiple Blind SQL Injections Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injections Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injection Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injections Projekt Shop - 'details.php' Multiple SQL Injection Projekt Shop - 'details.php' Multiple SQL Injections PixelPost 1.7.3 - Multiple POST Variables SQL Injection PixelPost 1.7.3 - Multiple POST Parameter SQL Injections Webcat - Multiple Blind SQL Injection Webcat - Multiple Blind SQL Injections LiteRadius 3.2 - Multiple Blind SQL Injection LiteRadius 3.2 - Multiple Blind SQL Injections PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injections Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit COMTREND CT-5624 Router - Root/Support Password Disclosure/Change Exploit Sagem F@ST 2604 (ADSL Router) - Cross-Site Request Forgery Sagem F@ST 2604 ADSL Router - Cross-Site Request Forgery Rivettracker 1.03 - Multiple SQL Injection Rivettracker 1.03 - Multiple SQL Injections ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injection ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injections PHP Ticket System Beta 1 - 'index.php p Parameter' SQL Injection PHP Ticket System Beta 1 - 'index.php' 'p' Parameter SQL Injection X-Cart Gold 4.5 - 'products_map.php symb Parameter' Cross-Site Scripting X-Cart Gold 4.5 - 'products_map.php' 'symb' Parameter Cross-Site Scripting Symantec Web Gateway 5.0.2 - 'blocked.php id Parameter' Blind SQL Injection Symantec Web Gateway 5.0.2 - 'blocked.php' 'id' Parameter Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid Parameter' Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php' 'groupid' Parameter Blind SQL Injection Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injection Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injections YourArcadeScript 2.4 - 'index.php id Parameter' SQL Injection YourArcadeScript 2.4 - 'index.php' 'id' Parameter SQL Injection AV Arcade Free Edition - 'add_rating.php id Parameter' Blind SQL Injection AV Arcade Free Edition - 'add_rating.php' 'id' Parameter Blind SQL Injection QNAP Turbo NAS TS-1279U-RP - Multiple Path Injection QNAP Turbo NAS TS-1279U-RP - Multiple Path Injections Blog Mod 0.1.9 - 'index.php month Parameter' SQL Injection Blog Mod 0.1.9 - 'index.php' 'month' Parameter SQL Injection Authoria HR Suite - AthCGI.exe Cross-Site Scripting Authoria HR Suite - 'AthCGI.exe' Cross-Site Scripting MyBB Profile Albums Plugin 0.9 - 'albums.php album Parameter' SQL Injection MyBB Profile Albums Plugin 0.9 - 'albums.php' 'album' Parameter SQL Injection M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - 'nph-psf.exe' 'css' Parameter Remote File Inclusion M-TECH P-Synch 6.2.5 - 'nph-psa.exe' 'css' Parameter Remote File Inclusion friendsinwar FAQ Manager - SQL Injection (Authentication Bypass) friendsinwar FAQ Manager - SQL Injection / Authentication Bypass friendsinwar FAQ Manager - 'view_faq.php question Parameter' SQL Injection friendsinwar FAQ Manager - 'view_faq.php' 'question' Parameter SQL Injection SmartCMS - 'index.php idx Parameter' SQL Injection SmartCMS - 'index.php' 'idx' Parameter SQL Injection SmartCMS - 'index.php menuitem Parameter' SQL Injection / Cross-Site Scripting SmartCMS - 'index.php' 'menuitem' Parameter SQL Injection / Cross-Site Scripting Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injections MyBB AwayList Plugin - 'index.php id Parameter' SQL Injection MyBB AwayList Plugin - 'index.php' 'id' Parameter SQL Injection PHP-Nuke Error Manager Module 2.1 - error.php language Variable Full Path Disclosure PHP-Nuke Error Manager Module 2.1 - error.php Multiple Variables Cross-Site Scripting PHP-Nuke Error Manager Module 2.1 - 'error.php' 'language' Parameter Full Path Disclosure PHP-Nuke Error Manager Module 2.1 - 'error.php' Multiple Parameters Cross-Site Scripting phpHeaven phpMyChat 0.14.5 - edituser.php3 do_not_login Variable Authentication Bypass phpHeaven phpMyChat 0.14.5 - 'edituser.php3' 'do_not_login' Parameter Authentication Bypass NConf 1.3 - 'detail.php detail_admin_items.php id Parameter' SQL Injection NConf 1.3 - 'detail.php' 'detail_admin_items.php' 'id' Parameter SQL Injection Gattaca Server 2003 - Language Variable Path Exposure Gattaca Server 2003 - 'Language' Parameter Path Exposure AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injection AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL Injections Scripts Genie Gallery Personals - 'gallery.php L Parameter' SQL Injection Scripts Genie Gallery Personals - 'gallery.php' L' Parameter SQL Injection AdaptCMS 2.0.4 - 'config.php question Parameter' SQL Injection AdaptCMS 2.0.4 - 'config.php' 'question' Parameter SQL Injection Scripts Genie Domain Trader - 'catalog.php id Parameter' SQL Injection Scripts Genie Domain Trader - 'catalog.php' 'id' Parameter SQL Injection Scripts Genie Games Site Script - 'index.php id Parameter' SQL Injection Scripts Genie Games Site Script - 'index.php' 'id' Parameter SQL Injection Scripts Genie Top Sites - 'out.php id Parameter' SQL Injection Scripts Genie Top Sites - 'out.php' 'id' Parameter SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php cid Parameter' SQL Injection Scripts Genie Hot Scripts Clone - 'showcategory.php' 'cid' Parameter SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php r_id Parameter' SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php' 'r_id' Parameter SQL Injection MTP Image Gallery 1.0 - 'edit_photos.php title Parameter' Cross-Site Scripting MTP Image Gallery 1.0 - 'edit_photos.php' 'title' Parameter Cross-Site Scripting D-Link DSL-2740B (ADSL Router) - Authentication Bypass D-Link DSL-2740B ADSL Router - Authentication Bypass TIPS MailPost 5.1.1 - APPEND Variable Cross-Site Scripting TIPS MailPost 5.1.1 - 'APPEND' Parameter Cross-Site Scripting DUclassified 4.x - adDetail.asp Multiple Parameter SQL Injection DUclassified 4.x - 'adDetail.asp' Multiple Parameter SQL Injections Rebus:list - 'list.php list_id Parameter' SQL Injection Rebus:list - 'list.php' 'list_id' Parameter SQL Injection SynConnect Pms - 'index.php loginid Parameter' SQL Injection SynConnect Pms - 'index.php' 'loginid' Parameter SQL Injection AWS Xms 2.5 - 'importer.php what Parameter' Directory Traversal Pollen CMS 0.6 - 'index.php p Parameter' Local File Disclosure AWS Xms 2.5 - 'importer.php' 'what' Parameter Directory Traversal Pollen CMS 0.6 - 'index.php' 'p' Paramete' Local File Disclosure WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php hash Parameter' SQL Injection WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php' 'hash Parameter SQL Injection Kayako eSupport 2.x - Ticket System Multiple SQL Injection Kayako eSupport 2.x - Ticket System Multiple SQL Injections BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection BibORB 1.3.2 Login Module - Multiple Parameter SQL Injections Active Auction House - default.asp Multiple SQL Injection Active Auction House - 'default.asp' Multiple SQL Injections CubeCart 2.0.x - 'index.php' Multiple Variable Full Path Disclosure CubeCart 2.0.x - tellafriend.php product Variable Full Path Disclosure CubeCart 2.0.x - view_cart.php add Variable Full Path Disclosure CubeCart 2.0.x - view_product.php product Variable Full Path Disclosure CubeCart 2.0.x - 'index.php' Multiple Parameter Full Path Disclosure CubeCart 2.0.x - 'tellafriend.php' 'product' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_cart.php' 'add' Parameter Full Path Disclosure CubeCart 2.0.x - 'view_product.php' 'product' Parameter Full Path Disclosure OneWorldStore - 'OWListProduct.asp' Multiple SQL Injection OneWorldStore - 'OWListProduct.asp' Multiple SQL Injections WHMCS 4.x - 'invoicefunctions.php id Parameter' SQL Injection WHMCS 4.x - 'invoicefunctions.php' 'id' Parameter SQL Injection DUportal Pro 3.4 - default.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - 'default.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - inc_vote.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - result.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - cat.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - detail.asp Multiple Parameter SQL Injection DUportal Pro 3.4 - 'inc_vote.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - 'result.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - 'cat.asp' Multiple Parameter SQL Injections DUportal Pro 3.4 - 'detail.asp' Multiple Parameter SQL Injections DUportal 3.1.2 - inc_rating.asp Multiple Parameter SQL Injection DUportal 3.1.2 - 'inc_rating.asp' Multiple Parameter SQL Injections StorePortal 2.63 - default.asp Multiple SQL Injection StorePortal 2.63 - 'default.asp' Multiple SQL Injections MetaCart2 - SearchAction.asp Multiple SQL Injection MetaCart2 - 'SearchAction.asp' Multiple SQL Injections Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection Claroline E-Learning 1.5/1.6 - 'userInfo.php' Multiple Parameter SQL Injections JGS-Portal 3.0.1 - ID Variable SQL Injection JGS-Portal 3.0.1 - 'ID' Parameter SQL Injection AVE.CMS 2.09 - 'index.php module Parameter' Blind SQL Injection AVE.CMS 2.09 - 'index.php' 'module' Parameter Blind SQL Injection RadioCMS 2.2 - 'menager.php playlist_id Parameter' SQL Injection RadioCMS 2.2 - 'menager.php' 'playlist_id' Parameter SQL Injection NPDS 4.8 - /5.0 modules.php Lettre Parameter Cross-Site Scripting NPDS 4.8 /5.0 - 'modules.php' Lettre Parameter Cross-Site Scripting Ampache 3.4.3 - 'login.php' Multiple SQL Injection Ampache 3.4.3 - 'login.php' Multiple SQL Injections FlatNuke 2.5.x - 'index.php' where Variable Full Path Disclosure FlatNuke 2.5.x - 'index.php' 'where' Parameter Full Path Disclosure CarLine Forum Russian Board 4.2 - reply_in.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - 'reply_in.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - memory.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - line.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - in.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - enter.php Multiple Parameter SQL Injection CarLine Forum Russian Board 4.2 - 'memory.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - 'line.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - 'in.php' Multiple Parameter SQL Injections CarLine Forum Russian Board 4.2 - 'enter.php' Multiple Parameter SQL Injections osTicket 1.2/1.3 - view.php inc Variable Arbitrary Local File Inclusion osTicket 1.2/1.3 - 'view.php' 'inc' Parameter Arbitrary Local File Inclusion Ruubikcms 1.1.1 - 'tinybrowser.php folder Parameter' Directory Traversal Ruubikcms 1.1.1 - 'tinybrowser.php' 'folder' Parameter Directory Traversal Simple PHP Agenda 2.2.8 - 'edit_event.php eventid Parameter' SQL Injection Simple PHP Agenda 2.2.8 - 'edit_event.php' 'eventid' Parameter SQL Injection PHPFreeNews 1.40 - searchresults.php Multiple SQL Injection PHPFreeNews 1.40 - searchresults.php Multiple SQL Injections Aenovo - /Password/default.asp Password Field SQL Injection Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection Aenovo - '/Password/default.asp' Password Field SQL Injection Aenovo - '/incs/searchdisplay.asp' strSQL Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php Multiple Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertitle.php usertitleid Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertools.php ids Parameter SQL Injection NooToplist 1.0 - 'index.php' Multiple SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - /admincp/css.php group Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/index.php Multiple Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php email Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/language.php goto Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/modlog.php orderby Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - /admincp/template.php Multiple Parameter Cross-Site Scripting MX Shop 3.2 - 'index.php' Multiple SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' Multiple Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php' 'usertitleid' Parameter SQL Injection vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php' 'ids' Parameter SQL Injection NooToplist 1.0 - 'index.php' Multiple SQL Injections vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php' 'group' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/index.php' Multiple Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' 'email' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php' 'goto' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php' 'orderby' Parameter Cross-Site Scripting vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/template.php' Multiple Parameter Cross-Site Scripting MX Shop 3.2 - 'index.php' Multiple SQL Injections Top Games Script 1.2 - 'play.php gid Parameter' SQL Injection Top Games Script 1.2 - 'play.php' 'gid' Parameter SQL Injection Elemata CMS RC3.0 - 'global.php id Parameter' SQL Injection Elemata CMS RC3.0 - 'global.php' 'id' Parameter SQL Injection Woltlab 1.1/2.x - Info-DB Info_db.php Multiple SQL Injection Woltlab 1.1/2.x - 'Info-DB Info_db.php' Multiple SQL Injections OaBoard 1.0 - forum.php Multiple SQL Injection OaBoard 1.0 - 'forum.php' Multiple SQL Injections Comersus Backoffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure Comersus Backoffice 4.x/5.0/6.0 - '/comersus/database/comersus.mdb' Direct Request Database Disclosure PHP-Charts 1.0 - 'index.php type Parameter' Remote Code Execution PHP-Charts 1.0 - 'index.php' 'type' Parameter Remote Code Execution PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - /admin/configure.php id Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - /admin/users.php find Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/admin.php' 'id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/editattributes.php' 'id' Parameter SQL Injection PHPList Mailing List Manager 2.x - '/admin/eventlog.php' Multiple Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/configure.php' 'id' Parameter Cross-Site Scripting PHPList Mailing List Manager 2.x - '/admin/users.php' 'find' Parameter Cross-Site Scripting Walla TeleSite 3.0 - ts.exe tsurl Variable Arbitrary Article Access Walla TeleSite 3.0 - ts.exe sug Parameter Cross-Site Scripting Walla TeleSite 3.0 - ts.exe sug Parameter SQL Injection Walla TeleSite 3.0 - 'ts.exe' 'tsurl' Parameter Arbitrary Article Access Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter Cross-Site Scripting Walla TeleSite 3.0 - 'ts.exe' 'sug' Parameter SQL Injection Pearl Forums 2.0 - 'index.php' Multiple SQL Injection Pearl Forums 2.0 - 'index.php' Multiple SQL Injections Helpdesk Issue Manager 0.x - find.php Multiple Parameter SQL Injection Helpdesk Issue Manager 0.x - 'find.php' Multiple Parameter SQL Injection PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injection Cars Portal 1.1 - 'index.php' Multiple SQL Injection PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injections Cars Portal 1.1 - 'index.php' Multiple SQL Injections IceWarp Universal WebMail - /accounts/inc/include.php Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - /admin/inc/include.php Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - /dir/include.html lang Parameter Local File Inclusion IceWarp Universal WebMail - /mail/settings.html Language Parameter Local File Inclusion IceWarp Universal WebMail - /mail/index.html lang_settings Parameter Remote File Inclusion IceWarp Universal WebMail - /mail/include.html Crafted HTTP_USER_AGENT Arbitrary File Access IceWarp Universal WebMail - '/accounts/inc/include.php' Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - '/admin/inc/include.php' Multiple Parameter Remote File Inclusion IceWarp Universal WebMail - '/dir/include.html' 'lang' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/settings.html' 'Language' Parameter Local File Inclusion IceWarp Universal WebMail - '/mail/index.html' 'lang_settings' Parameter Remote File Inclusion IceWarp Universal WebMail - '/mail/include.html' Crafted HTTP_USER_AGENT Arbitrary File Access PHPJournaler 1.0 - Readold Variable SQL Injection PHPJournaler 1.0 - 'Readold' Parameter SQL Injection ScozNet ScozBook 1.1 - AdminName Variable SQL Injection ScozNet ScozBook 1.1 - 'AdminName' Parameter SQL Injection OnePlug CMS - /press/details.asp Press_Release_ID Parameter SQL Injection OnePlug CMS - /services/details.asp Service_ID Parameter SQL Injection OnePlug CMS - /products/details.asp Product_ID Parameter SQL Injection OnePlug CMS - '/press/details.asp' 'Press_Release_ID' Parameter SQL Injection OnePlug CMS - '/services/details.asp' 'Service_ID' Parameter SQL Injection OnePlug CMS - '/products/details.asp' 'Product_ID' Parameter SQL Injection Venom Board - Post.php3 Multiple SQL Injection Venom Board - 'Post.php3' Multiple SQL Injections microBlog 2.0 - 'index.php' Multiple SQL Injection microBlog 2.0 - 'index.php' Multiple SQL Injections NewsPHP - 'index.php' Multiple SQL Injection NewsPHP - 'index.php' Multiple SQL Injections ZixForum 1.12 - forum.asp Multiple SQL Injection ZixForum 1.12 - forum.asp Multiple SQL Injections HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - folders.update.php folderid Variable Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - 'addressbook.update.php' 'contactgroupid' Parameter Arbitrary PHP Command Execution HiveMail 1.2.2/1.3 - 'folders.update.php' 'folderid' Parameter Arbitrary PHP Command Execution ImageVue 0.16.1 - readfolder.php path Variable Arbitrary Directory Listing ImageVue 0.16.1 - 'readfolder.php' 'path' Parameter Arbitrary Directory Listing dotProject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion dotProject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion dotProject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion dotProject 2.0 - /modules/projects/vw_files.php dPconfig[root_dir] Parameter Remote File Inclusion dotProject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion dotProject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/gantt.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/includes/db_connect.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/includes/session.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/gantt2.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/projects/vw_files.php' 'dPconfig[root_dir]' Parameter Remote File Inclusion dotProject 2.0 - '/modules/admin/vw_usr_roles.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/calendar.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/public/date_format.php' 'baseDir' Parameter Remote File Inclusion dotProject 2.0 - '/modules/tasks/gantt.php' 'baseDir' Parameter Remote File Inclusion MyBB 1.0.3 - private.php Multiple SQL Injection MyBB 1.0.3 - 'private.php' Multiple SQL Injections Ginkgo CMS - 'index.php rang Parameter' SQL Injection Ginkgo CMS - 'index.php' 'rang' Parameter SQL Injection Telmanik CMS Press 1.01b - 'pages.php page_name Parameter' SQL Injection Telmanik CMS Press 1.01b - 'pages.php' 'page_name' Parameter SQL Injection DCI-Taskeen 1.03 - basket.php Multiple Parameter SQL Injection DCI-Taskeen 1.03 - cat.php Multiple Parameter SQL Injection DCI-Taskeen 1.03 - 'basket.php' Multiple Parameter SQL Injections DCI-Taskeen 1.03 - 'cat.php' Multiple Parameter SQL Injections sBlog 0.7.2 - search.php keyword Variable POST Method Cross-Site Scripting sBlog 0.7.2 - comments_do.php Multiple Variable POST Method Cross-Site Scripting sBlog 0.7.2 - 'search.php' 'keyword' Parameter POST Method Cross-Site Scripting sBlog 0.7.2 - 'comments_do.php' Multiple Variable POST Method Cross-Site Scripting PHPFox 3.6.0 (build3) - Multiple SQL Injection PHPFox 3.6.0 (build3) - Multiple SQL Injections Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting Verisign MPKI 6.0 - 'Haydn.exe' Cross-Site Scripting DSLogin 1.0 - 'index.php' Multiple SQL Injection DSLogin 1.0 - 'index.php' Multiple SQL Injections MLMAuction Script - 'gallery.php id Parameter' SQL Injection MLMAuction Script - 'gallery.php' 'id' Parameter SQL Injection PHPMyForum 4.0 - 'index.php' type Variable CRLF Injection PHPMyForum 4.0 - 'index.php' 'type' Parameter CRLF Injection APT-webshop 3.0/4.0 - modules.php Multiple SQL Injection APT-webshop 3.0/4.0 - modules.php Multiple SQL Injections Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter Cross-Site Scripting Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp Cross-Site Scripting Cisco CallManager 3.x/4.x - Web Interface 'ccmadmin/phonelist.asp' Pattern Parameter Cross-Site Scripting Cisco CallManager 3.x/4.x - Web Interface 'ccmuser/logon.asp' Cross-Site Scripting 321soft PHP-Gallery 0.9 - 'index.php' path Variable Arbitrary Directory Listing 321soft PHP-Gallery 0.9 - 'index.php' 'path' Parameter Arbitrary Directory Listing Pacheckbook 1.1 - 'index.php' Multiple SQL Injection Pacheckbook 1.1 - 'index.php' Multiple SQL Injections Creative Software UK Community Portal 1.1 - PollResults.php Multiple Parameter SQL Injection Creative Software UK Community Portal 1.1 - 'PollResults.php' Multiple Parameter SQL Injections EvoTopsite 2.0 - 'index.php' Multiple SQL Injection timobraun Dynamic Galerie 1.0 - 'index.php' pfad Variable Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - galerie.php pfad Variable Arbitrary Directory Listing EvoTopsite 2.0 - 'index.php' Multiple SQL Injections timobraun Dynamic Galerie 1.0 - 'index.php' 'pfad' Parameter Arbitrary Directory Listing timobraun Dynamic Galerie 1.0 - 'galerie.php' 'pfad' Parameter Arbitrary Directory Listing Gphotos 1.4/1.5 - 'index.php' rep Variable Traversal Arbitrary Directory Listing Gphotos 1.4/1.5 - 'index.php' 'rep' Parameter Traversal Arbitrary Directory Listing Mini-NUKE 2.3 - Your_Account.asp Multiple SQL Injection Mini-NUKE 2.3 - 'Your_Account.asp' Multiple SQL Injections Woltlab Burning Board FLVideo Addon - 'video.php value Parameter' SQL Injection Woltlab Burning Board FLVideo Addon - 'video.php' 'value' Parameter SQL Injection glFusion 1.3.0 - 'search.php cat_id Parameter' SQL Injection glFusion 1.3.0 - 'search.php' 'cat_id' Parameter SQL Injection Geodesic Solutions Multiple Products - 'index.php' b Parameter SQL Injection Geodesic Solutions Multiple Products - 'index.php' 'b' Parameter SQL Injection RadScripts - a_editpage.php Filename Variable Arbitrary File Overwrite RadScripts - 'a_editpage.php' 'Filename' Parameter Arbitrary File Overwrite Banex PHP MySQL Banner Exchange 2.21 - admin.php Multiple Parameter SQL Injection Banex PHP MySQL Banner Exchange 2.21 - 'admin.php' Multiple Parameter SQL Injections XennoBB 2.1 - profile.php Multiple SQL Injection XennoBB 2.1 - 'profile.php' Multiple SQL Injections Vtiger CRM 5.4.0 - 'index.php onlyforuser Parameter' SQL Injection Vtiger CRM 5.4.0 - 'index.php' 'onlyforuser' Parameter SQL Injection CubeCart 3.0.x - /admin/print_order.php order_id Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/print_order.php' 'order_id' Parameter Cross-Site Scripting CubeCart 3.0.x - /admin/nav.php Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - /admin/image.php image Parameter Cross-Site Scripting CubeCart 3.0.x - /admin/header.inc.php Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - /footer.inc.php la_pow_by Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/nav.php' Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/image.php' 'image' Parameter Cross-Site Scripting CubeCart 3.0.x - '/admin/header.inc.php' Multiple Parameter Cross-Site Scripting CubeCart 3.0.x - '/footer.inc.php' 'la_pow_by' Parameter Cross-Site Scripting AckerTodo 4.2 - 'login.php' Multiple SQL Injection AckerTodo 4.2 - 'login.php' Multiple SQL Injections Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php sondage Parameter' SQL Injection Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php' 'sondage' Parameter SQL Injection INFINICART - browsesubcat.asp Multiple Parameter SQL Injection INFINICART - 'browsesubcat.asp' Multiple Parameter SQL Injection Car Site Manager - csm/asp/listings.asp Multiple Parameter SQL Injection Car Site Manager - 'csm/asp/listings.asp' Multiple Parameter SQL Injections Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injection ASPIntranet 2.1 - Multiple SQL Injection Dragon Internet Events Listing 2.0.01 - 'admin_login.asp' Multiple Field SQL Injections ASPIntranet 2.1 - Multiple SQL Injections Image Gallery with Access Database - default.asp Multiple Parameter SQL Injection Image Gallery with Access Database - 'default.asp' Multiple Parameter SQL Injection 20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection 20/20 Applications Data Shed 1.0 - 'listings.asp' Multiple Parameter SQL Injections BestWebApp Dating Site Login Component - Multiple Field SQL Injection BestWebApp Dating Site Login Component - Multiple Field SQL Injections Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection Enthrallweb eClassifieds - 'ad.asp' Multiple Parameter SQL Injection BirdBlog 1.4 - /admin/admincore.php msg Parameter Cross-Site Scripting BirdBlog 1.4 - /admin/comments.php month Parameter Cross-Site Scripting BirdBlog 1.4 - /admin/entries.php month Parameter Cross-Site Scripting BirdBlog 1.4 - /admin/logs.php page Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/admincore.php' 'msg' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/comments.php' 'month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/entries.php' 'month' Parameter Cross-Site Scripting BirdBlog 1.4 - '/admin/logs.php' 'page' Parameter Cross-Site Scripting Grandora Rialto 1.6 - /admin/default.asp Multiple Field SQL Injection Grandora Rialto 1.6 - '/admin/default.asp' Multiple Field SQL Injection Grandora Rialto 1.6 - searchkey.asp Multiple Parameter SQL Injection Grandora Rialto 1.6 - searchmain.asp Multiple Parameter SQL Injection Grandora Rialto 1.6 - searchoption.asp Multiple Parameter SQL Injection Grandora Rialto 1.6 - 'searchkey.asp' Multiple Parameter SQL Injection Grandora Rialto 1.6 - 'searchmain.asp' Multiple Parameter SQL Injection Grandora Rialto 1.6 - 'searchoption.asp' Multiple Parameter SQL Injection Enthrallweb eHomes - compareHomes.asp Multiple Parameter SQL Injection Enthrallweb eHomes - result.asp Multiple Parameter SQL Injection Enthrallweb eHomes - 'compareHomes.asp' Multiple Parameter SQL Injection Enthrallweb eHomes - 'result.asp' Multiple Parameter SQL Injection DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection DUdownload 1.0/1.1 - 'detail.asp' Multiple Parameter SQL Injections Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injection Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injections ClickContact - default.asp Multiple SQL Injection ClickContact - 'default.asp' Multiple SQL Injections Dol Storye - Dettaglio.asp Multiple SQL Injection Dol Storye - 'Dettaglio.asp' Multiple SQL Injections Efkan Forum 1.0 - Grup Variable SQL Injection Efkan Forum 1.0 - 'Grup' Parameter SQL Injection EditTag 1.2 - edittag.cgi file Variable Arbitrary File Disclosure EditTag 1.2 - edittag.pl file Variable Arbitrary File Disclosure EditTag 1.2 - edittag_mp.cgi file Variable Arbitrary File Disclosure EditTag 1.2 - edittag_mp.pl file Variable Arbitrary File Disclosure EditTag 1.2 - 'edittag.cgi' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag.pl' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.cgi' 'file' Parameter Arbitrary File Disclosure EditTag 1.2 - 'edittag_mp.pl' 'file' Parameter Arbitrary File Disclosure Indexu 5.0/5.3 - mailing_list.php Multiple Variables Cross-Site Scripting Indexu 5.0/5.3 - 'mailing_list.php' Multiple Parameters Cross-Site Scripting Project'Or RIA 3.4.0 - 'objectDetail.php objectId Parameter' SQL Injection Project'Or RIA 3.4.0 - 'objectDetail.php' 'objectId' Parameter SQL Injection WordPress 2.1.1 - 'wp-includes/theme.php' iz Variable Arbitrary Command Execution Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection WordPress 2.1.1 - 'wp-includes/theme.php' 'iz' Parameter Arbitrary Command Execution Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Parameter SQL Injection aBitWhizzy - whizzylink.php d Variable Traversal Arbitrary Directory Listing aBitWhizzy - 'whizzylink.php' 'd' Parameter Traversal Arbitrary Directory Listing MyBloggie 2.1.x - 'index.php' Multiple SQL Injection MyBloggie 2.1.x - 'index.php' Multiple SQL Injections PHPLive! 3.2.2 - super/info.php BASE_URL Variable Parameter Cross-Site Scripting PHPLive! 3.2.2 - 'super/info.php' 'BASE_URL' Parameter Parameter Cross-Site Scripting JFFNms 0.8.3 - auth.php Multiple Parameter SQL Injection JFFNms 0.8.3 - 'auth.php' Multiple Parameter SQL Injection DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter Cross-Site Scripting DotClear 1.2.x - '/ecrire/trackback.php' 'post_id' Parameter Cross-Site Scripting DotClear 1.2.x - '/tools/thememng/index.php' 'tool_url' Parameter Cross-Site Scripting PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injections Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php' 'icodir' Parameter Traversal Arbitrary Directory Listing Phorum 5.1.20 - admin.php module[] Variable Full Path Disclosure Phorum 5.1.20 - 'admin.php' 'module[]' Parameter Full Path Disclosure Chamilo Lms 1.9.6 - 'profile.php password0 Parameter' SQL Injection Dokeos 2.2 RC2 - 'index.php language Parameter' SQL Injection Chamilo Lms 1.9.6 - 'profile.php' 'password0 Parameter SQL Injection Dokeos 2.2 RC2 - 'index.php' 'language' Parameter SQL Injection UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Parameters Full Path Disclosure PHPAccounts 0.5 - 'index.php' Multiple SQL Injection PHPAccounts 0.5 - 'index.php' Multiple SQL Injections NetFlow Analyzer 5 - /jspui/applicationList.jsp alpha Parameter Cross-Site Scripting NetFlow Analyzer 5 - /jspui/appConfig.jsp task Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/applicationList.jsp' 'alpha' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/appConfig.jsp' 'task' Parameter Cross-Site Scripting NetFlow Analyzer 5 - /jspui/selectDevice.jsp rtype Parameter Cross-Site Scripting NetFlow Analyzer 5 - /jspui/customReport.jsp rtype Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/selectDevice.jsp' 'rtype' Parameter Cross-Site Scripting NetFlow Analyzer 5 - '/jspui/customReport.jsp' 'rtype' Parameter Cross-Site Scripting geoBlog MOD_1.0 - deletecomment.php id Variable Arbitrary Comment Deletion geoBlog MOD_1.0 - deleteblog.php id Variable Arbitrary Blog Deletion geoBlog MOD_1.0 - 'deletecomment.php' 'id' Parameter Arbitrary Comment Deletion geoBlog MOD_1.0 - 'deleteblog.php' 'id' Parameter Arbitrary Blog Deletion Next Gen Portfolio Manager - default.asp Multiple SQL Injection Next Gen Portfolio Manager - 'default.asp' Multiple SQL Injections ACG News 1.0 - 'index.php' Multiple SQL Injection Cisco CallManager 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection ACG News 1.0 - 'index.php' Multiple SQL Injections Cisco CallManager 4.2 / CUCM 4.2 - Logon Page 'lang' Parameter SQL Injection WebBatch - webbatch.exe URL Cross-Site Scripting WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure WebBatch - 'webbatch.exe' URL Cross-Site Scripting WebBatch - 'webbatch.exe' 'dumpinputdata' Parameter Remote Information Disclosure NetWin DNews - Dnewsweb.exe Multiple Cross-Site Scripting Vulnerabilities NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities Scott Manktelow Design Stride 1.0 - Courses detail.php Multiple SQL Injection Scott Manktelow Design Stride 1.0 Courses - 'detail.php' Multiple SQL Injections Article Dashboard - 'admin/login.php' Multiple SQL Injection Article Dashboard - 'admin/login.php' Multiple SQL Injections Multi-Forums - Directory.php Multiple SQL Injection Multi-Forums - 'Directory.php' Multiple SQL Injections JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injections Absolute News Manager .NET 5.1 - 'pages/default.aspx' template Variable Remote File Access Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injection Absolute News Manager .NET 5.1 - 'pages/default.aspx' 'template' Parameter Remote File Access Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple Parameter SQL Injections phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking phpRPG 0.8 - '/tmp' Directory PHPSESSID Cookie Session Hijacking Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injection Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injections eTicket 1.5.5.2 - search.php Multiple Parameter SQL Injection eTicket 1.5.5.2 - admin.php Multiple Parameter SQL Injection eTicket 1.5.5.2 - 'search.php' Multiple Parameter SQL Injection eTicket 1.5.5.2 - 'admin.php' Multiple Parameter SQL Injection Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/login.jsp Multiple Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/account/findForSelect.jsp resultsForm Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/help/index.jsp helpUrl Variable Remote Frame Injection Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/user/main.jsp activeControl Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/login.jsp' Multiple Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp' 'resultsForm' Parameter Cross-Site Scripting Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp' 'helpUrl' Parameter Remote Frame Injection Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp' 'activeControl' Parameter Cross-Site Scripting MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection MyBB 1.2.10 - 'moderation.php' Multiple SQL Injections PacerCMS 0.6 - 'id' Parameter Multiple SQL Injection PacerCMS 0.6 - 'id' Parameter Multiple SQL Injections Ipswitch WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass Ipswitch WS_FTP Server 6 - '/WSFTPSVR/FTPLogServer/LogViewer.asp' Authentication Bypass Cacti 0.8.7 - tree.php Multiple Parameter SQL Injection Cacti 0.8.7 - 'tree.php' Multiple Parameter SQL Injections Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injection Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections WebcamXP 3.72.440/4.05.280 Beta - /pocketpc camnum Variable Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc' 'camnum' Parameter Arbitrary Memory Disclosure WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic' 'id' Parameter Arbitrary Memory Disclosure Elastic Path 4.1 - 'manager/FileManager.jsp' dir Variable Traversal Arbitrary Directory Listing Elastic Path 4.1 - 'manager/FileManager.jsp' 'dir' Parameter Traversal Arbitrary Directory Listing osCommerce 2.3.3.4 - 'geo_zones.php zID Parameter' SQL Injection osCommerce 2.3.3.4 - 'geo_zones.php' 'zID' Parameter SQL Injection D-Link DSL-2750B (ADSL Router) - Cross-Site Request Forgery D-Link DSL-2750B ADSL Route) - Cross-Site Request Forgery Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities NETGEAR DGN2200 N300 Wireless Router - Multiple Vulnerabilities Concrete5 5.6.2.1 - 'index.php cID Parameter' SQL Injection Concrete5 5.6.2.1 - 'index.php' 'cID' Parameter SQL Injection TLM CMS 1.1 - 'index.php' Multiple SQL Injection TLM CMS 1.1 - 'index.php' Multiple SQL Injections RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injections IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injections WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php track Parameter' SQL Injection WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php' 'track' Parameter SQL Injection JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injection Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injection dvbbs 8.2 - 'login.asp' Multiple SQL Injection JustPORTAL 1.0 - 'site' Parameter Multiple SQL Injections Proje ASP Portal 2.0 - 'id' Parameter Multiple SQL Injections dvbbs 8.2 - 'login.asp' Multiple SQL Injections Te Ecard - 'id' Parameter Multiple SQL Injection Te Ecard - 'id' Parameter Multiple SQL Injections Benja CMS 0.1 - /admin/admin_edit_submenu.php URL Cross-Site Scripting Benja CMS 0.1 - '/admin/admin_edit_submenu.php' URL Cross-Site Scripting Benja CMS 0.1 - /admin/admin_edit_topmenu.php URL Cross-Site Scripting Benja CMS 0.1 - '/admin/admin_edit_topmenu.php' URL Cross-Site Scripting PHP Ticket System Beta 1 - 'get_all_created_by_user.php id Parameter' SQL Injection PHP Ticket System Beta 1 - 'get_all_created_by_user.php' 'id' Parameter SQL Injection webERP 4.11.3 - 'SalesInquiry.php SortBy Parameter' SQL Injection webERP 4.11.3 - 'SalesInquiry.php' 'SortBy' Parameter SQL Injection couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injection couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injections Claroline 1.8.9 - claroline/redirector.php url Variable Arbitrary Site Redirect Claroline 1.8.9 - 'claroline/redirector.php' 'url' Parameter Arbitrary Site Redirect EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection / Cross-Site Scripting EasyPublish 3.0 - 'read' Parameter Multiple SQL Injections / Cross-Site Scripting ownCloud 4.0.x/4.5.x - 'upload.php Filename Parameter' Remote Code Execution ownCloud 4.0.x/4.5.x - 'upload.php' 'Filename' Parameter Remote Code Execution Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injection Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injections ZYXEL Router P-660HN-T1A - Login Bypass ZYXEL P-660HN-T1A Router - Login Bypass PromoProducts - 'view_product.php' Multiple SQL Injection PromoProducts - 'view_product.php' Multiple SQL Injections EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injections OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections InterWorx Control Panel 5.0.13 build 574 - 'xhr.php i Parameter' SQL Injection InterWorx Control Panel 5.0.13 build 574 - 'xhr.php' 'i' Parameter SQL Injection Tandis CMS 2.5 - 'index.php' Multiple SQL Injection Tandis CMS 2.5 - 'index.php' Multiple SQL Injections TWiki 4.x - SEARCH Variable Remote Command Execution TWiki 4.x - URLPARAM Variable Cross-Site Scripting TWiki 4.x - 'SEARCH' Parameter Remote Command Execution TWiki 4.x - 'URLPARAM' Parameter Cross-Site Scripting DO-CMS 3.0 - 'p' Parameter Multiple SQL Injection DO-CMS 3.0 - 'p' Parameter Multiple SQL Injections MKPortal 1.2.1 - /modules/blog/index.php Home Template Textarea SQL Injection MKPortal 1.2.1 - /modules/rss/handler_image.php i Parameter Cross-Site Scripting MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection MKPortal 1.2.1 - '/modules/rss/handler_image.php' 'i' Parameter Cross-Site Scripting Banking@Home 2.1 - 'login.asp' Multiple SQL Injection Banking@Home 2.1 - 'login.asp' Multiple SQL Injections kitForm CRM Extension 0.43 - 'sorter.php sorter_value Parameter' SQL Injection kitForm CRM Extension 0.43 - 'sorter.ph' 'sorter_value' Parameter SQL Injection dompdf 0.6.0 - 'dompdf.php read Parameter' Arbitrary File Read dompdf 0.6.0 - 'dompdf.php' 'read' Parameter Arbitrary File Read Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injections VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injection VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injections Pars CMS - 'RP' Parameter Multiple SQL Injection Pars CMS - 'RP' Parameter Multiple SQL Injections tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injection tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injections MODx 1.0.3 - 'index.php' Multiple SQL Injection MODx 1.0.3 - 'index.php' Multiple SQL Injections HuronCMS - 'index.php' Multiple SQL Injection HuronCMS - 'index.php' Multiple SQL Injections 4x CMS - 'login.php' Multiple SQL Injection 4x CMS - 'login.php' Multiple SQL Injections Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injection Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injections ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injection ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injections GREEZLE - Global Real Estate Agent Login Multiple SQL Injection (GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections SaffaTunes CMS - 'news.php' Multiple SQL Injection SaffaTunes CMS - 'news.php' Multiple SQL Injections pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injection pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injections DiamondList - /user/main/update_settings setting[site_title] Parameter Cross-Site Scripting DiamondList - /user/main/update_category category[description] Parameter Cross-Site Scripting DiamondList - '/user/main/update_settings' 'setting[site_title]' Parameter Cross-Site Scripting DiamondList - '/user/main/update_category' 'category[description]' Parameter Cross-Site Scripting vBulletin 4.0.x < 4.1.2 - 'search.php cat Parameter' SQL Injection vBulletin 4.0.x < 4.1.2 - 'search.php' 'cat' Parameter SQL Injection Mulitple WordPress Themes - 'admin-ajax.php img Parameter' Arbitrary File Download Mulitple WordPress Themes - 'admin-ajax.php' 'img' Parameter Arbitrary File Download tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injections APBook 1.3 - Admin Login Multiple SQL Injection APBook 1.3 - Admin Login Multiple SQL Injections MODx manager - /controllers/default/resource/tvs.php class_key Parameter Traversal Local File Inclusion MODx manager - '/controllers/default/resource/tvs.php' 'class_key' Parameter Traversal Local File Inclusion Bacula-Web 5.2.10 - 'joblogs.php jobid Parameter' SQL Injection Bacula-Web 5.2.10 - 'joblogs.php' 'jobid Parameter SQL Injection PHP Scripts Now Riddles - /riddles/results.php searchQuery Parameter Cross-Site Scripting PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection PHP Scripts Now Riddles - '/riddles/results.php' 'searchQuery' Parameter Cross-Site Scripting PHP Scripts Now Riddles - '/riddles/list.php' 'catid' Parameter SQL Injection Easy Banner 2009.05.18 - member.php Multiple Parameter SQL Injection Authentication Bypass Easy Banner 2009.05.18 - 'member.php' Multiple Parameter SQL Injection / Authentication Bypass E-lokaler CMS 2 - Admin Login Multiple SQL Injection E-lokaler CMS 2 - Admin Login Multiple SQL Injections Blog:CMS 4.2.1 e - Multiple HTML Injection / Cross-Site Scripting Blog:CMS 4.2.1 e - Multiple HTML Injections / Cross-Site Scripting Piwigo 2.6.0 - 'picture.php rate Parameter' SQL Injection Piwigo 2.6.0 - 'picture.php' 'rate' Parameter SQL Injection Eleanor CMS - Cross-Site Scripting / Multiple SQL Injection Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NETGEAR WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit PHPMyRecipes 1.2.2 - 'dosearch.php words_exact Parameter' SQL Injection PHPMyRecipes 1.2.2 - 'dosearch.php' 'words_exact Parameter SQL Injection Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections BoutikOne - search.php Multiple Parameter SQL Injection BoutikOne - 'search.php' Multiple Parameter SQL Injections Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injections Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injections Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injection GuppY 4.6.14 - 'lng' Parameter Multiple SQL Injections Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass Soitec SmartEnergy 1.4 - SCADA Login SQL Injection / Authentication Bypass CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution PHPMyRecipes 1.2.2 - 'browse.php category Parameter' SQL Injection PHPMyRecipes 1.2.2 - 'browse.php' 'category' Parameter SQL Injection 4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection 4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injections Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injection Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injections Mambo Component Docman 1.3.0 - Multiple SQL Injection Mambo Component Docman 1.3.0 - Multiple SQL Injections ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injection ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injections Paliz Portal - Cross-Site Scripting / Multiple SQL Injection Paliz Portal - Cross-Site Scripting / Multiple SQL Injections Sphider 1.3.x - Admin Panel Multiple SQL Injection Sphider 1.3.x - Admin Panel Multiple SQL Injections Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injection Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injections Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injection Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections EasyGallery 5 - 'index.php' Multiple SQL Injection EasyGallery 5 - 'index.php' Multiple SQL Injections Xenon - 'id' Parameter Multiple SQL Injection Xenon - 'id' Parameter Multiple SQL Injections eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection eFront 3.6.10 - 'professor.php' Script Multiple SQL Injections eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injection eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injections Dolibarr ERP/CRM - /user/index.php Multiple Parameter SQL Injection Dolibarr ERP/CRM - /user/info.php id Parameter SQL Injection Dolibarr ERP/CRM - /admin/boxes.php rowid Parameter SQL Injection Dolibarr ERP/CRM - '/user/index.php' Multiple Parameter SQL Injections Dolibarr ERP/CRM - '/user/info.php' 'id' Parameter SQL Injection Dolibarr ERP/CRM - '/admin/boxes.php' 'rowid' Parameter SQL Injection PrestaShop 1.4.4.1 - /modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition Parameter Cross-Site Scripting PrestaShop 1.4.4.1 - /admin/ajaxfilemanager/ajax_save_text.php Multiple Parameter Cross-Site Scripting PrestaShop 1.4.4.1 - '/modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php' 'Expedition' Parameter Cross-Site Scripting PrestaShop 1.4.4.1 - '/admin/ajaxfilemanager/ajax_save_text.php' Multiple Parameter Cross-Site Scripting Manx 1.0.1 - /admin/admin_blocks.php Filename Parameter Traversal Arbitrary File Access Manx 1.0.1 - /admin/admin_pages.php Filename Parameter Traversal Arbitrary File Access Manx 1.0.1 - '/admin/admin_blocks.php' 'Filename' Parameter Traversal Arbitrary File Access Manx 1.0.1 - '/admin/admin_pages.php' 'Filename' Parameter Traversal Arbitrary File Access SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injections Balero CMS 0.7.2 - Multiple Blind SQL Injection Balero CMS 0.7.2 - Multiple Blind SQL Injections WordPress Plugin'WP Mobile Edition 2.7 - Remote File Disclosure WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injection CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injections Dotclear 2.4.1.2 - /admin/auth.php login_data Parameter Cross-Site Scripting Dotclear 2.4.1.2 - /admin/blogs.php nb Parameter Cross-Site Scripting Dotclear 2.4.1.2 - /admin/comments.php Multiple Parameter Cross-Site Scripting Dotclear 2.4.1.2 - /admin/plugin.php page Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/auth.php' 'login_data' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/blogs.php' 'nb' Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/comments.php' Multiple Parameter Cross-Site Scripting Dotclear 2.4.1.2 - '/admin/plugin.php' 'page' Parameter Cross-Site Scripting SAP Business Objects InfoView System - /help/helpredir.aspx guide Parameter Cross-Site Scripting SAP Business Objects InfoView System - /webi/webi_modify.aspx id Parameter Cross-Site Scripting SAP Business Objects InfoView System - '/help/helpredir.aspx' 'guide' Parameter Cross-Site Scripting SAP Business Objects InfoView System - '/webi/webi_modify.aspx' 'id' Parameter Cross-Site Scripting Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method Cross-Site Scripting Open Journal Systems (OJS) 2.3.6 - '/lib/pkp/classes/core/String.inc.php' 'String::stripUnsafeHtml()' Method Cross-Site Scripting PHP Designer 2007 - Personal Multiple SQL Injection PHP Designer 2007 Personal - Multiple SQL Injections WordPress Plugin All-in-One Event Calendar 1.4 agenda-widget.php Multiple Parameter Cross-Site Scripting WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Parameter Cross-Site Scripting XOOPS 2.5.4 - /modules/pm/pmlite.php to_userid Parameter Cross-Site Scripting XOOPS 2.5.4 - /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter Cross-Site Scripting XOOPS 2.5.4 - '/modules/pm/pmlite.php' 'to_userid' Parameter Cross-Site Scripting XOOPS 2.5.4 - '/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php' Multiple Parameter Cross-Site Scripting XM Forum - 'id' Parameter Multiple SQL Injection XM Forum - 'id' Parameter Multiple SQL Injections AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection AdaptCMS 2.0.2 TinyURL Plugin - 'admin.php' Multiple Parameter SQL Injections Classified Ads Script PHP - 'admin.php' Multiple SQL Injection Classified Ads Script PHP - 'admin.php' Multiple SQL Injections Limny - 'index.php' Multiple SQL Injection Limny - 'index.php' Multiple SQL Injections TCExam 11.2.x - /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection TCExam 11.2.x - /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection TCExam 11.2.x - '/admin/code/tce_edit_answer.php' Multiple Parameter SQL Injection TCExam 11.2.x - '/admin/code/tce_edit_question.php' 'subject_module_id' Parameter SQL Injection jCore - /admin/index.php path Parameter Cross-Site Scripting jCore - '/admin/index.php' 'path' Parameter Cross-Site Scripting Netsweeper 4.0.8 - SQL Injection Authentication Bypass Netsweeper 4.0.8 - SQL Injection / Authentication Bypass dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injection dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injections MantisBT 1.2.19 - Host Header Attack MantisBT 1.2.19 - Host Header Exploit WordPress Plugin RokBox Plugin - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf' 'abouttext' Parameter Cross-Site Scripting cPanel WebHost Manager (WHM) - /webmail/x3/mail/clientconf.html acct Parameter Cross-Site Scripting cPanel WebHost Manager (WHM) - '/webmail/x3/mail/clientconf.html' 'acct' Parameter Cross-Site Scripting WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php' 'reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php' 'reqID' Parameter SQL Injection WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php' 'reqID' Parameter SQL Injection PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injection PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injections ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter Cross-Site Scripting ezStats for Battlefield 3 - '/ezStats2/compare.php' Multiple Parameter Cross-Site Scripting PHP Address Book - /addressbook/register/delete_user.php id Parameter SQL Injection PHP Address Book - /addressbook/register/edit_user.php id Parameter SQL Injection PHP Address Book - /addressbook/register/edit_user_save.php Multiple Parameter SQL Injection PHP Address Book - /addressbook/register/linktick.php site Parameter SQL Injection PHP Address Book - /addressbook/register/reset_password.php Multiple Parameter SQL Injection PHP Address Book - /addressbook/register/reset_password_save.php Multiple Parameter SQL Injection PHP Address Book - /addressbook/register/router.php BasicLogin Cookie Parameter SQL Injection PHP Address Book - /addressbook/register/traffic.php var Parameter SQL Injection PHP Address Book - /addressbook/register/user_add_save.php email Parameter SQL Injection PHP Address Book - /addressbook/register/checklogin.php 'Username' Parameter SQL Injection PHP Address Book - /addressbook/register/admin_index.php q Parameter SQL Injection PHP Address Book - '/addressbook/register/delete_user.php' 'id' Parameter SQL Injection PHP Address Book - '/addressbook/register/edit_user.php' 'id' Parameter SQL Injection PHP Address Book - '/addressbook/register/edit_user_save.php' Multiple Parameter SQL Injection PHP Address Book - '/addressbook/register/linktick.php' 'site' Parameter SQL Injection PHP Address Book - '/addressbook/register/reset_password.php' Multiple Parameter SQL Injection PHP Address Book - '/addressbook/register/reset_password_save.php' Multiple Parameter SQL Injection PHP Address Book - '/addressbook/register/router.php' 'BasicLogin' Cookie Parameter SQL Injection PHP Address Book - '/addressbook/register/traffic.php' 'var' Parameter SQL Injection PHP Address Book - '/addressbook/register/user_add_save.php' 'email' Parameter SQL Injection PHP Address Book - '/addressbook/register/checklogin.php' 'Username' Parameter SQL Injection PHP Address Book - '/addressbook/register/admin_index.php' 'q' Parameter SQL Injection Hero Framework - /users/login 'Username' Parameter Cross-Site Scripting Hero Framework - /users/forgot_password error Parameter Cross-Site Scripting Hero Framework - '/users/login' 'Username' Parameter Cross-Site Scripting Hero Framework - '/users/forgot_password' 'error' Parameter Cross-Site Scripting RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injection RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injections NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Parameter Cross-Site Scripting Jahia xCM - /engines/manager.jsp site Parameter Cross-Site Scripting Jahia xCM - '/engines/manager.jsp' 'site' Parameter Cross-Site Scripting D-Link DIR-816L (Wireless Router) - Cross-Site Request Forgery D-Link DIR-816L Wireless Router - Cross-Site Request Forgery Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injections NeoBill - /modules/nullregistrar/PHPwhois/example.php query Parameter Remote Code Execution NeoBill - /install/include/solidstate.php Multiple Parameter SQL Injection NeoBill - '/modules/nullregistrar/PHPwhois/example.php' 'query' Parameter Remote Code Execution NeoBill - '/install/include/solidstate.php' Multiple Parameter SQL Injection C2C Forward Auction Creator 2.0 - /auction/asp/list.asp pa Parameter SQL Injection C2C Forward Auction Creator - /auction/casp/Admin.asp SQL Injection Admin Authentication Bypass C2C Forward Auction Creator 2.0 - '/auction/asp/list.asp' 'pa' Parameter SQL Injection C2C Forward Auction Creator - '/auction/casp/Admin.asp' SQL Injection (Admin Authentication Bypass) Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injection Authentication Bypass Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' Multiple Field SQL Injections / Authentication Bypass Command School Student Management System - /sw/admin_grades.php id Parameter SQL Injection Command School Student Management System - /sw/admin_terms.php id Parameter SQL Injection Command School Student Management System - /sw/admin_school_years.php id Parameter SQL Injection Command School Student Management System - /sw/admin_sgrades.php id Parameter SQL Injection Command School Student Management System - /sw/admin_media_codes_1.php id Parameter SQL Injection Command School Student Management System - /sw/admin_infraction_codes.php id Parameter SQL Injection Command School Student Management System - /sw/admin_generations.php id Parameter SQL Injection Command School Student Management System - /sw/admin_relations.php id Parameter SQL Injection Command School Student Management System - /sw/admin_titles.php id Parameter SQL Injection Command School Student Management System - /sw/health_allergies.php id Parameter SQL Injection Command School Student Management System - /sw/admin_school_names.php id Parameter SQL Injection Command School Student Management System - /sw/admin_subjects.php id Parameter SQL Injection Command School Student Management System - /sw/backup/backup_ray2.php Database Backup Direct Request Information Disclosure Command School Student Management System - /sw/Admin_change_Password.php Cross-Site Request Forgery (Admin Password Manipulation) Command School Student Management System - /sw/add_topic.php Cross-Site Request Forgery (Topic Creation) Command School Student Management System - '/sw/admin_grades.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_terms.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_years.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_sgrades.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_media_codes_1.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_infraction_codes.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_generations.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_relations.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_titles.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/health_allergies.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_school_names.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/admin_subjects.php' 'id' Parameter SQL Injection Command School Student Management System - '/sw/backup/backup_ray2.php' Database Backup Direct Request Information Disclosure Command School Student Management System - '/sw/Admin_change_Password.php' Cross-Site Request Forgery (Admin Password Manipulation) Command School Student Management System - '/sw/add_topic.php' Cross-Site Request Forgery (Topic Creation) Dredge School Administration System - /DSM/loader.php Id Parameter SQL Injection Dredge School Administration System - /DSM/loader.php Account Information Disclosure Dredge School Administration System - /DSM/loader.php Cross-Site Request Forgery (Admin Account Manipulation) Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure Dredge School Administration System - '/DSM/loader.php' 'Id' Parameter SQL Injection Dredge School Administration System - '/DSM/loader.php' Account Information Disclosure Dredge School Administration System - '/DSM/loader.php' Cross-Site Request Forgery (Admin Account Manipulation) Dredge School Administration System - '/DSM/Backup/processbackup.php' Database Backup Information Disclosure UAEPD Shopping Script - /products.php Multiple Parameter SQL Injection UAEPD Shopping Script - /news.php id Parameter SQL Injection UAEPD Shopping Script - '/products.php' Multiple Parameter SQL Injection UAEPD Shopping Script - '/news.php' 'id' Parameter SQL Injection BloofoxCMS - /bloofox/index.php 'Username' Parameter SQL Injection BloofoxCMS - /bloofox/admin/index.php 'Username' Parameter SQL Injection BloofoxCMS - /admin/index.php Cross-Site Request Forgery (Add Admin) BloofoxCMS - '/bloofox/index.php' 'Username' Parameter SQL Injection BloofoxCMS - '/bloofox/admin/index.php' 'Username' Parameter SQL Injection BloofoxCMS - '/admin/index.php' Cross-Site Request Forgery (Add Admin) Professional Designer E-Store - 'id' Parameter Multiple SQL Injection GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injection Professional Designer E-Store - 'id' Parameter Multiple SQL Injections GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injections Xangati - /servlet/MGConfigData Multiple Parameter Directory Traversal Xangati - /servlet/Installer file Parameter Directory Traversal Xangati - '/servlet/MGConfigData' Multiple Parameter Directory Traversal Xangati - '/servlet/Installer' 'file' Parameter Directory Traversal Caldera - /costview2/jobs.php tr Parameter SQL Injection Caldera - /costview2/printers.php tr Parameter SQL Injection Caldera - '/costview2/jobs.php' 'tr' Parameter SQL Injection Caldera - '/costview2/printers.php' 'tr' Parameter SQL Injection WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injection WordPress Plugin BSK PDF Manager - 'wp-admin/admin.php' Multiple SQL Injections ol-commerce - /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection ol-commerce - /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection ol-commerce - /OL-Commerce/create_account.php country Parameter SQL Injection ol-commerce - /OL-Commerce/admin/create_account.php entry_country_id Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_signup.php' 'a_country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/affiliate_show_banner.php' 'affiliate_banner_id' Parameter SQL Injection OL-Commerce - '/OL-Commerce/create_account.php' 'country' Parameter SQL Injection OL-Commerce - '/OL-Commerce/admin/create_account.php' 'entry_country_id' Parameter SQL Injection NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections Multiple Netgear Routers - Password Disclosure Multiple NETGEAR Routers - Password Disclosure WebKit - Stealing Variables via Page Navigation in FrameLoader::clear WebKit - Stealing Variables via Page Navigation in 'FrameLoader::clear' |
||
---|---|---|
platforms | ||
files.csv | ||
README.md | ||
searchsploit |
The Exploit Database Git Repository
This is the official repository of The Exploit Database, a project sponsored by Offensive Security.
The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.
Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms. For more information, please see the SearchSploit manual.
root@kali:~# searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
==========
Examples
==========
searchsploit afd windows local
searchsploit -t oracle windows
searchsploit -p 39446
searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
For more examples, see the manual: https://www.exploit-db.com/searchsploit/
=========
Options
=========
-c, --case [Term] Perform a case-sensitive search (Default is inSEnsITiVe).
-e, --exact [Term] Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
-h, --help Show this help screen.
-j, --json [Term] Show result in JSON format.
-m, --mirror [EDB-ID] Mirror (aka copies) an exploit to the current working directory.
-o, --overflow [Term] Exploit titles are allowed to overflow their columns.
-p, --path [EDB-ID] Show the full path to an exploit (and also copies the path to the clipboard if possible).
-t, --title [Term] Search JUST the exploit title (Default is title AND the file's path).
-u, --update Check for and install any exploitdb package updates (deb or git).
-w, --www [Term] Show URLs to Exploit-DB.com rather than the local path.
-x, --examine [EDB-ID] Examine (aka opens) the exploit using $PAGER.
--colour Disable colour highlighting in search results.
--id Display the EDB-ID value rather than local path.
--nmap [file.xml] Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
Use "-v" (verbose) to try even more combinations
--exclude="term" Remove values from results. By using "|" to separated you can chain multiple values.
e.g. --exclude="term1|term2|term3".
=======
Notes
=======
* You can use any number of search terms.
* Search terms are not case-sensitive (by default), and ordering is irrelevant.
* Use '-c' if you wish to reduce results by case-sensitive searching.
* And/Or '-e' if you wish to filter results by using an exact match.
* Use '-t' to exclude the file's path to filter the search results.
* Remove false positives (especially when searching using numbers - i.e. versions).
* When updating or displaying help, search terms will be ignored.
root@kali:~#
root@kali:~# searchsploit afd windows local
---------------------------------------------------------------------------------------- -----------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/platforms/)
---------------------------------------------------------------------------------------- -----------------------------------
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service | windows/dos/17133.c
Microsoft Windows - 'afd.sys' Local Kernel Exploit (PoC) (MS11-046) | windows/dos/18755.c
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) | windows/local/6757.txt
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) | windows/local/18176.py
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit) | windows/local/21844.rb
Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040) | win_x86/local/39446.py
Microsoft Windows 7 (x64) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040) | win_x86-64/local/39525.py
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046) | win_x86/local/40564.c
---------------------------------------------------------------------------------------- -----------------------------------
root@kali:~#
root@kali:~# searchsploit -p 39446
Exploit: Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
URL: https://www.exploit-db.com/exploits/39446/
Path: /usr/share/exploitdb/platforms/win_x86/local/39446.py
Copied EDB-ID 39446's path to the clipboard.
root@kali:~#
SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash
, sed
, grep
, awk
, etc.) for the core features to work. The self updating function will require git
, and the Nmap XML option to work, will require xmllint
(found in the libxml2-utils
package in Debian-based systems).