24bf161ca6
5 new exploits HydraIrc 0.3.164 - (last) Remote Denial of Service Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow (PoC) HydraIrc 0.3.164 - Remote Denial of Service Download Accelerator Plus DAP 8.6 - 'AniGIF.ocx' Buffer Overflow (PoC) Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055) Nidesoft MP3 Converter 2.6.18 - SEH Local Buffer Overflow Nagios Core < 4.2.4 - Privilege Escalation Nagios Core < 4.2.2 - Curl Command Injection / Remote Code Execution Quicksilver Forums 1.2.1 - (set) Remote File Inclusion Quicksilver Forums 1.2.1 - Remote File Inclusion e-Vision CMS 2.0 - (all_users.php) SQL Injection e-Vision CMS 2.0 - 'all_users.php' SQL Injection LetterIt 2.0 - (inc/session.php) Remote File Inclusion LetterIt 2.0 - 'session.php' Remote File Inclusion e107 0.7.8 - (mailout.php) Access Escalation Exploit (Admin needed) e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed) PHPMyRealty 1.0.x - (search.php type) SQL Injection PHPMyRealty 1.0.x - 'search.php' SQL Injection pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection Pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection LetterIt 2 - 'Language' Local File Inclusion phpMyRealty - (location) SQL Injection LetterIt 2 - 'Language' Parameter Local File Inclusion phpMyRealty 2.0.0 - 'location' Parameter SQL Injection ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion E-topbiz Dating 3 PHP Script - (mail_id) SQL Injection Scripts24 iTGP 1.0.4 - 'id' SQL Injection Scripts24 iPost 1.0.1 - 'id' SQL Injection eStoreAff 0.1 - 'cid' SQL Injection GreenCart PHP Shopping Cart - 'id' SQL Injection ABG Blocking Script 1.0a - 'abg_path' Parameter Remote File Inclusion E-topbiz Dating 3 PHP Script - 'mail_id' Parameter SQL Injection Scripts24 iTGP 1.0.4 - 'id' Parameter SQL Injection Scripts24 iPost 1.0.1 - 'id' Parameter SQL Injection eStoreAff 0.1 - 'cid' Parameter SQL Injection GreenCart PHP Shopping Cart - 'id' Parameter SQL Injection e-vision CMS 2.02 - (SQL Injection / Arbitrary File Upload / Information Gathering) Multiple Vulnerabilities e-vision CMS 2.02 - SQL Injection / Arbitrary File Upload / Information Gathering E-Store Kit-1 <= 2 PayPal Edition - 'pid' SQL Injection E-Store Kit-1 <= 2 PayPal Edition - 'pid' Parameter SQL Injection iges CMS 2.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities iges CMS 2.0 - Cross-Site Scripting / SQL Injection Multiple Wsn Products - (Local File Inclusion) Code Execution Multiple Wsn Products - Local File Inclusion / Code Execution Discuz! 6.0.1 - (searchid) SQL Injection pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities Discuz! 6.0.1 - 'searchid' Parameter SQL Injection pPIM 1.0 - Arbitrary File Delete / Cross-Site Scripting Vacation Rental Script 3.0 - 'id' SQL Injection Quicksilver Forums 1.4.1 - forums[] SQL Injection txtSQL 2.2 Final - (startup.php) Remote File Inclusion Vacation Rental Script 3.0 - 'id' Parameter SQL Injection Quicksilver Forums 1.4.1 - SQL Injection txtSQL 2.2 Final - 'startup.php' Remote File Inclusion OpenImpro 1.1 - (image.php id) SQL Injection ZeeBuddy 2.1 - (bannerclick.php adid) SQL Injection pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities Ovidentia 6.6.5 - (item) SQL Injection BBlog 0.7.6 - (mod) SQL Injection OpenImpro 1.1 - 'image.php' SQL Injection ZeeBuddy 2.1 - 'adid' Parameter SQL Injection pPIM 1.0 - upload/change Password Ovidentia 6.6.5 - 'item' Parameter SQL Injection BBlog 0.7.6 - 'mod' Parameter SQL Injection pPIM 1.01 - (notes.php id) Local File Inclusion pPIM 1.01 - 'notes.php' Local File Inclusion e107 plugin fm pro 1 - (File Disclosure / Arbitrary File Upload / Directory Traversal) Multiple Vulnerabilities e107 plugin fm pro 1 - File Disclosure / Arbitrary File Upload / Directory Traversal Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload Coppermine Photo Gallery 1.4.19 - Remote File Upload pPIM 1.01 - (notes.php id) Remote Command Execution pPIM 1.01 - 'notes.php' Remote Command Execution moziloCMS 1.11 - (Local File Inclusion / Full Path Disclosure / Cross-Site Scripting) Multiple Vulnerabilities moziloCMS 1.11 - Local File Inclusion / Full Path Disclosure / Cross-Site Scripting Joomla! Component 'com_agenda' 1.0.1 - 'id' Parameter SQL Injection Joomla! Component Agenda Address Book 1.0.1 - 'id' Parameter SQL Injection Joomla! Component 'com_alphauserpoints' 1.5.5 - Local File Inclusion Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion Joomla! Component 'com_arcadegames' - Local File Inclusion Joomla! Component Arcade Games 1.0 - Local File Inclusion Joomla! Component 'com_AddressBook' - Local File Inclusion Joomla! Component 'com_advertising' - Local File Inclusion Joomla! Component Address Book 1.5.0 - Local File Inclusion Joomla! Component Advertising 0.25 - Local File Inclusion Joomla! Component 'com_blogfactory' - Local File Inclusion Joomla! Component 'com_beeheard' - Local File Inclusion Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion Joomla! Component BeeHeard 1.0 - Local File Inclusion Joomla! Component 'com_archeryscores' 1.0.6 - Local File Inclusion Joomla! Component Archery Scores 1.0.6 - Local File Inclusion Joomla! Component 'com_abc' - SQL Injection Joomla! Component ABC 1.1.7 - SQL Injection Joomla! Component 'com_bfquiztrial' - SQL Injection (1) Joomla! Component BF Quiz 1.3.0 - SQL Injection (1) Joomla! Component 'com_bfquiztrial' - SQL Injection (2) Joomla! Component BF Quiz 1.0 - SQL Injection (2) e107 0.7.21 full - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities e107 0.7.21 full - Remote File Inclusion / Cross-Site Scripting Joomla! Component 'com_awd_song' - Persistent Cross-Site Scripting Joomla! Component JE Awd Song - Persistent Cross-Site Scripting Joomla! Component 'com_addressbook' - Blind SQL Injection Joomla! Component Address Book - Blind SQL Injection Joomla! Component 'com_autartimonial' - SQL Injection Joomla! Component AutarTimonial 1.0.8 - SQL Injection Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection Joomla! Component CamelcityDB 2.2 - SQL Injection Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections Joomla! Component Amblog 1.0 - Multiple SQL Injections Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection Joomla! Component Aardvertiser 2.1 - Blind SQL Injection Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution Joomla! Component Community Builder Enhanced (CBE) 1.4.8/1.4.9/1.4.10 - Local File Inclusion / Remote Code Execution Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection Joomla! Component allCineVid 1.0.0 - Blind SQL Injection Joomla! Component 'com_alameda' 1.0 - SQL Injection Joomla! Component Alameda 1.0 - SQL Injection Free Hosting Manager 2.0 - (packages.php id Parameter) SQL Injection Free Hosting Manager 2.0 - 'id' Parameter SQL Injection Coppermine Photo Gallery 1.x - menu.inc.php CPG_URL Parameter Cross-Site Scripting Coppermine Photo Gallery 1.x - modules.php startdir Parameter Traversal Arbitrary File Access Coppermine Photo Gallery 1.x - init.inc.php Remote File Inclusion Coppermine Photo Gallery 1.x - theme.php Multiple Parameter Remote File Inclusion Coppermine Photo Gallery 1.2.2b - 'menu.inc.php' Cross-Site Scripting Coppermine Photo Gallery 1.2.0 RC4 - 'startdir' Parameter Traversal Arbitrary File Access Coppermine Photo Gallery 1.2.0 RC4 - 'init.inc.php' Remote File Inclusion Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion BBlog 0.7.4 - PostID Parameter SQL Injection BBlog 0.7.4 - 'PostID' Parameter SQL Injection Coppermine Photo Gallery 1.x - Albmgr.php SQL Injection Coppermine Photo Gallery 1.4.11 - SQL Injection LoveCMS 1.4 - install/index.php step Parameter Remote File Inclusion LoveCMS 1.4 - install/index.php step Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'index.php' load Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'index.php' id Parameter Cross-Site Scripting LoveCMS 1.4 - 'step' Parameter Remote File Inclusion LoveCMS 1.4 - 'step' Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'load' Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'id' Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.x - mode.php referer Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.x - viewlog.php log Parameter Local File Inclusion Coppermine Photo Gallery 1.4.12 - 'referer' Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.12 - 'log' Parameter Local File Inclusion Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection Joomla! / Mambo Component Showroom Joomlearn LMS - 'cat' Parameter SQL Injection Blog Manager - inc_webblogmanager.asp ItemID Parameter SQL Injection Blog Manager - inc_webblogmanager.asp categoryId Parameter Cross-Site Scripting Blog Manager - 'ItemID' Parameter SQL Injection Blog Manager - 'categoryId' Parameter Cross-Site Scripting e107 0.7.x - (CAPTCHA Security Bypass / Cross-Site Scripting) Multiple Vulnerabilities e107 0.7.x - CAPTCHA Security Bypass / Cross-Site Scripting Joomla! Component 'com_canteen' 1.0 - Local File Inclusion Joomla! Component Canteen 1.0 - Local File Inclusion Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - searchnew.php picfile_* Parameter Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - 'help.php' Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - 'searchnew.php' Cross-Site Scripting |
||
|---|---|---|
| .. | ||
| dos | ||
| local | ||
| remote | ||
| shellcode | ||
| webapps | ||