bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php
History
Offensive Security e515bac4fe DB: 2017-10-27 
2 new exploits

Microsoft Windows XP/2000 - TCP Connection Reset Remote Exploit
Microsoft Windows XP/2000 - TCP Connection Reset

WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflows (PoC)
WinEggDropShell 1.7 - Unauthenticated Multiple Remote Stack Overflows (PoC)

FileCOPA FTP Server 1.01 - 'USER' Remote Unauthenticated Denial of Service
FileCOPA FTP Server 1.01 - 'USER' Unauthenticated Remote Denial of Service

Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Unauthenticated Remote Stack Based Overrun (PoC)

Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPD Unauthenticated Remote Denial of Service / Buffer Overflow (PoC)

Simple HTTPD 1.41 - '/aux' Remote Denial of Service
Simple HTTPd 1.41 - '/aux' Remote Denial of Service

MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Denial of Service

Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service
Oracle Internet Directory 10.1.4 - Unauthenticated Remote Denial of Service

Linksys WAG54G v2 Wireless ADSL Router - httpd Denial of Service
Linksys WAG54G v2 Wireless ADSL Router - HTTPd Denial of Service

Nofeel FTP Server 3.6 - 'CWD' Command Remote Memory Consumption
Nofeel FTP Server 3.6 - 'CWD' Remote Memory Consumption

Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service
Home FTP Server 1.10.1.139 - 'SITE INDEX' Remote Denial of Service

XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service
XM Easy Personal FTP Server - 'APPE' / 'DELE' Denial of Service

httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)
httpdx 1.5.2 - Unauthenticated Remote Denial of Service (PoC)

httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service Vulnerabilities (PoC)
httpdx 1.5.3b - Unauthenticated Remote Denial of Service Multiple Vulnerabilities (PoC)

eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crashs (SEH) (PoC)
eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Crashs (SEH) (PoC)

TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (1)
TYPSoft FTP Server 1.10 - 'RETR' Denial of Service (1)

(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Remote Denial of Service

Motorola SB5101 Hax0rware Rajko HTTPD - Remote Exploit (PoC)
Motorola SB5101 Hax0rware Rajko HTTPd - Remote Exploit (PoC)

Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service
Unreal Tournament 3 2.1 - 'STEAMBLOB' Remote Denial of Service

TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service (2)
TYPSoft FTP Server 1.10 - 'RETR' Denial of Service (2)

Objectivity/DB - Lack of Authentication Remote Exploit
Objectivity/DB - Lack of Authentication

IPComp - encapsulation Unauthenticated kernel memory Corruption
IPComp - encapsulation Unauthenticated Kernel Memory Corruption

Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC)
Crush FTP 5 - 'APPE' Remote JVM Blue Screen of Death (PoC)

torrent-stats - httpd.c Denial of Service
torrent-stats - 'httpd.c' Denial of Service

Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor status.cgi Denial of Service
Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor 'status.cgi' Denial of Service

WhitSoft SlimServe - HTTPD 1.1 Get Denial of Service
WhitSoft SlimServe HTTPd 1.1 - Get Denial of Service

Linksys BEFSR41 1.4x - Gozila.cgi Denial of Service
Linksys BEFSR41 1.4x - 'Gozila.cgi' Denial of Service

BRS Webweaver 1.06 httpd - 'User-Agent' Remote Denial of Service
BRS Webweaver 1.06 - HTTPd 'User-Agent' Remote Denial of Service

Surfboard httpd 1.1.9 - Remote Buffer Overflow
Surfboard HTTPd 1.1.9 - Remote Buffer Overflow

RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service
RobotFTP Server 1.0/2.0 - Unauthenticated Remote Command Denial of Service

Titan FTP Server 3.0 - 'LIST' Command Denial of Service
Titan FTP Server 3.0 - 'LIST' Denial of Service

Monkey HTTPD 1.1.1 - Crash (PoC)
Monkey HTTPd 1.1.1 - Crash (PoC)

Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow
Alt-N MDaemon 2-8 - IMAP Unauthenticated Remote Buffer Overflow

Titan FTP Server 6.05 build 550 - 'DELE' Command Remote Buffer Overflow
Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow

Surgemail and WebMail 3.0 - 'Page' Command Remote Format String
Surgemail and WebMail 3.0 - 'Page' Remote Format String

Call of Duty 4 1.5 - Malformed 'stats' Command Denial of Service
Call of Duty 4 1.5 - 'stats' Denial of Service

Softalk Mail Server 8.5.1 - 'APPEND' Command Remote Denial of Service
Softalk Mail Server 8.5.1 - 'APPEND' Remote Denial of Service

FileCOPA FTP Server 5.01 - 'NOOP' Command Denial of Service
FileCOPA FTP Server 5.01 - 'NOOP' Denial of Service

Hybserv2 - ':help' Command Denial of Service
Hybserv2 - ':help' Denial of Service

Titan FTP Server 8.40 - 'APPE' Command Remote Denial of Service
Titan FTP Server 8.40 - 'APPE' Remote Denial of Service

TYPSoft FTP Server 1.1 - 'APPE' Command Remote Buffer Overflow
TYPSoft FTP Server 1.1 - 'APPE' Remote Buffer Overflow

Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial of Service
Sony Bravia KDL-32CX525 - 'hping' Remote Denial of Service
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
freeFTPd 1.0.8 - 'mkd' Command Denial of Service
SmallFTPd 1.0.3 - 'mkd' Denial of Service
freeFTPd 1.0.8 - 'mkd' Denial of Service

Wireshark 2.2.0 to 2.2.12 - ROS Dissector Denial of Service
Wireshark 2.2.0 < 2.2.12 - ROS Dissector Denial of Service

AIX 4.3/5.1 < 5.3 - 'lsmcode' Command Execution Privilege Escalation
AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation

xp-AntiSpy 3.9.7-4 - '.xpas' file Buffer Overflow
xp-AntiSpy 3.9.7-4 - '.xpas' File Buffer Overflow

GTA SA-MP server.cfg - Buffer Overflow (Metasploit)
GTA SA-MP - 'server.cfg' Buffer Overflow (Metasploit)

SCO Unixware 7.1 - 'pkg' command Exploit
SCO Unixware 7.1 - 'pkg' Exploit

Caldera UnixWare 7.1.1 - WebTop SCOAdminReg.cgi Arbitrary Command Execution
Caldera UnixWare 7.1.1 - WebTop 'SCOAdminReg.cgi' Arbitrary Command Execution

OSSEC 2.7 < 2.8.1 - 'diff' Command Privilege Escalation
OSSEC 2.7 < 2.8.1 - 'diff' Privilege Escalation

Microsoft Windows 10 - pcap Driver Privilege Escalation
Microsoft Windows 10 - 'pcap' Driver Privilege Escalation
PHPMailer < 5.2.21 - Local File Disclosure
HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow

Apache 2.0.45 - APR Remote Exploit
Apache 2.0.45 - 'APR' Remote Exploit

RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Remote Exploit

Pavuk Digest - Authentication Buffer Overflow Remote Exploit
Pavuk Digest - Authentication Remote Buffer Overflow

3CServer 1.1 - FTP Server Remote Exploit
3CServer 1.1 (FTP Server) - Remote Exploit

LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Remote Exploit
LimeWire 4.1.2 < 4.5.6 - 'GET' Remote Exploit

MailEnable Enterprise 1.x - Imapd Remote Exploit
MailEnable Enterprise 1.x - IMAPd Remote Exploit

Sumus 0.2.2 - httpd Remote Buffer Overflow
Sumus 0.2.2 - HTTPd Remote Buffer Overflow

Symantec Scan Engine 5.0.x - Change Admin Password Remote Exploit
Symantec Scan Engine 5.0.x - Change Admin Password

Mercur Messaging 2005 (Windows 2000 SP4) - IMAP (Subscribe) Remote Exploit
Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote Exploit

CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow
CoreHTTP 0.5.3alpha - HTTPd Remote Buffer Overflow

Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow
Postcast Server Pro 3.0.61 / Quiksoft EasyMail - 'emsmtp.dll 6.0.1' Buffer Overflow

Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow
Mercury/32 4.52 IMAPD - 'SEARCH' Authenticated Overflow

SonicWALL SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit
SonicWALL SSL-VPN - 'NeLaunchCtrl' ActiveX Control Remote Exploit

simple httpd 1.38 - Multiple Vulnerabilities
Simple HTTPd 1.38 - Multiple Vulnerabilities

Cisco IOS 12.3(18) - FTP Server Remote Exploit (Attached to GDB)
Cisco IOS 12.3(18) (FTP Server)  - Remote Exploit (Attached to GDB)

freeSSHd 1.2.1 - 'rename' Command Remote Buffer Overflow (SEH)
freeSSHd 1.2.1 - 'rename' Remote Buffer Overflow (SEH)

Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow (Metasploit)
Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Buffer Overflow (Metasploit)

Home FTP Server - 'MKD' Command Directory Traversal
Home FTP Server - 'MKD' Directory Traversal

Apple iTunes 8.1.x - 'daap' Buffer Overflow Remote Exploit
Apple iTunes 8.1.x - 'daap' Remote Buffer Overflow

eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflows (1)
eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (1)

eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflows (2)
eDisplay Personal FTP Server 1.0.0 - Authenticated Multiple Stack Buffer Overflows (2)

EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - 'MKD' Authenticated Remote Buffer Overflow

Xftp client 3.0 - PWD Remote Exploit
Xftp client 3.0 - 'PWD' Remote Exploit

ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Authenticated Remote Exploit (ASLR + DEP Bypass)
EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'MKD' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - 'CWD' Authenticated Remote Buffer Overflow

EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow (Metasploit)

CesarFTP 0.99g - 'MKD' Command Buffer Overflow (Metasploit)
CesarFTP 0.99g - 'MKD' Buffer Overflow (Metasploit)

Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
Alt-N MDaemon 6.8.5 - WorldClient 'form2raw.cgi' Stack Buffer Overflow (Metasploit)

Linksys WRT54 Access Point - apply.cgi Buffer Overflow (Metasploit)
Linksys WRT54 Access Point - 'apply.cgi' Buffer Overflow (Metasploit)

Progea Movicon 11 - TCPUploadServer Remote Exploit
Progea Movicon 11 - 'TCPUploadServer' Remote Exploit

PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit)
PCMan FTP Server - 'PUT_ Buffer Overflow (Metasploit)

Freefloat FTP Server - 'LIST' Command Buffer Overflow
Freefloat FTP Server - 'LIST' Buffer Overflow

KnFTP 1.0.0 Server - 'USER' command Remote Buffer Overflow
KnFTP 1.0.0 Server - 'USER' Remote Buffer Overflow

SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit
SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Exploit

Matt Wright - FormHandler.cgi 2.0 Reply Attachment
Matt Wright - 'FormHandler.cgi' 2.0 Reply Attachment

Solution Scripts Home Free 1.0 - search.cgi Directory Traversal
Solution Scripts Home Free 1.0 - 'search.cgi' Directory Traversal

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution
CNC Technology BizDB 1.0 - 'bizdb-search.cgi' Remote Command Execution

3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution
3R Soft MailStudio 2000 2.0 - 'userreg.cgi' Arbitrary Command Execution

Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote 'Username' and Password Retrieval
Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username / Password Retrieval

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter
Greg Matthews - 'Classifieds.cgi' 1.0 MetaCharacter

Squid Web Proxy 2.2 - cachemgr.cgi Unauthorized Connection
Squid Web Proxy 2.2 - 'cachemgr.cgi' Unauthorized Connection

Leif M. Wright - ad.cgi 1.0 Unchecked Input
Leif M. Wright - 'ad.cgi' 1.0 Unchecked Input

NCSA 1.3/1.4.x/1.5 / Apache httpd 0.8.11/0.8.14 - ScriptAlias Source Retrieval
NCSA 1.3/1.4.x/1.5 / Apache HTTPd 0.8.11/0.8.14 - ScriptAlias Source Retrieval

SWSoft ASPSeek 1.0 - s.cgi Buffer Overflow
SWSoft ASPSeek 1.0 - 's.cgi' Buffer Overflow
Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp4.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - 'a1disp2.cgi' Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - 'a1disp3.cgi' Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - 'a1disp4.cgi' Traversal Arbitrary File Read

Tarantella Enterprise 3 3.x - TTAWebTop.cgi Arbitrary File Viewing
Tarantella Enterprise 3 3.x - 'TTAWebTop.cgi' Arbitrary File Viewing
NCSA httpd 1.x - Buffer Overflow (1)
NCSA httpd 1.x - Buffer Overflow (2)
NCSA HTTPd 1.x - Buffer Overflow (1)
NCSA HTTPd 1.x - Buffer Overflow (2)

BPM Studio Pro 4.2 - HTTPD Directory Traversal
BPM Studio Pro 4.2 - HTTPd Directory Traversal
Light HTTPD 0.1 - GET Buffer Overflow (1)
Light HTTPD 0.1 - GET Buffer Overflow (2)
Light HTTPd 0.1 - GET Buffer Overflow (1)
Light HTTPd 0.1 - GET Buffer Overflow (2)

Null HTTPD 0.5 - Remote Heap Corruption
Null HTTPd 0.5 - Remote Heap Corruption

Boozt Standard 0.9.8 - index.cgi Buffer Overrun
Boozt Standard 0.9.8 - 'index.cgi' Buffer Overrun

Webmin 0.9x / Usermin 0.9x/1.0 - Session ID Spoofing Unauthenticated Access
Webmin 0.9x / Usermin 0.9x/1.0 - Unauthenticated Access Session ID Spoofing

Axis Communications Video Server 2.x - Command.cgi File Creation
Axis Communications Video Server 2.x - 'Command.cgi' File Creation

Freefloat FTP Server - 'PUT' Command Buffer Overflow
Freefloat FTP Server - 'PUT' Buffer Overflow
MNOGoSearch 3.1.20 - search.cgi UL Buffer Overflow (1)
MNOGoSearch 3.1.20 - search.cgi UL Buffer Overflow (2)
MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (1)
MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (2)
MySQL - Remote Unauthenticated User Enumeration
(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit
MySQL - Unauthenticated Remote User Enumeration
(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Remote Authentication Bypass

Freefloat FTP Server - 'USER' Command Buffer Overflow
Freefloat FTP Server - 'USER' Buffer Overflow

Mephistoles HTTPD 0.6 - Cross-Site Scripting
Mephistoles HTTPd 0.6 - Cross-Site Scripting

SurgeLDAP 1.0 - User.cgi Directory Traversal
SurgeLDAP 1.0 - 'User.cgi' Directory Traversal

Nagios3 - history.cgi Remote Command Execution
Nagios3 - 'history.cgi' Remote Command Execution

Nagios3 - history.cgi Host Command Execution (Metasploit)
Nagios3 - 'history.cgi' Host Command Execution (Metasploit)

Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun
Firebird 1.0 - Unauthenticated Remote Database Name Buffer Overrun

acme thttpd 2.0.7 - Directory Traversal
Acme thttpd 2.0.7 - Directory Traversal

Freefloat FTP Server 1.0 - 'Raw' Commands Buffer Overflow
Freefloat FTP Server 1.0 - 'Raw' Buffer Overflow

NETGEAR DGN1000B - setup.cgi Remote Command Execution (Metasploit)
NETGEAR DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit)

Linksys E1500/E2500 - apply.cgi Remote Command Injection (Metasploit)
Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit)

Linksys WRT54GL - apply.cgi Command Execution (Metasploit)
Linksys WRT54GL - 'apply.cgi' Command Execution (Metasploit)

NETGEAR DGN2200B - pppoe.cgi Remote Command Execution (Metasploit)
NETGEAR DGN2200B - 'pppoe.cgi' Remote Command Execution (Metasploit)

SAP ConfigServlet - Remote Unauthenticated Payload Execution (Metasploit)
SAP ConfigServlet - Unauthenticated Remote Payload Execution (Metasploit)

GroundWork - monarch_scan.cgi OS Command Injection (Metasploit)
GroundWork - 'monarch_scan.cgi' OS Command Injection (Metasploit)

Linksys WRT160N v2 - apply.cgi Remote Command Injection (Metasploit)
Linksys WRT160N v2 - 'apply.cgi' Remote Command Injection (Metasploit)

WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe HTTPd 1.0/1.1 - Directory Traversal

Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit
Nginx 1.3.9/1.4.0 (x86) - Brute Force

PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow
PCMan FTP Server 2.07 - 'PASS' Buffer Overflow
Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption
PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow
Mikrotik RouterOS sshd (ROSSSH) - Unauthenticated Remote Heap Corruption
PCMan FTP Server 2.07 - 'STOR' Buffer Overflow

Cisco Secure ACS 2.3 - LoginProxy.cgi Cross-Site Scripting
Cisco Secure ACS 2.3 - 'LoginProxy.cgi' Cross-Site Scripting

PCMan FTP Server 2.07 - 'STOR' Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - 'STOR' Stack Overflow (Metasploit)

Supermicro Onboard IPMI - close_window.cgi Buffer Overflow (Metasploit)
Supermicro Onboard IPMI - 'close_window.cgi' Buffer Overflow (Metasploit)

Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - setup.cgi Cross-Site Scripting Vulnerabilities
Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - 'setup.cgi' Cross-Site Scripting

TinTin++ / WinTin++ 1.97.9 - '#chat' Command Multiple Vulnerabilities
TinTin++ / WinTin++ 1.97.9 - '#chat' Multiple Vulnerabilities
PCMan FTP Server 2.07 - 'ABOR' Command Buffer Overflow
PCMan FTP Server 2.07 - 'CWD' Command Buffer Overflow
PCMan FTP Server 2.07 - 'ABOR' Buffer Overflow
PCMan FTP Server 2.07 - 'CWD' Buffer Overflow

Ultra Mini HTTPD 1.21 - POST Stack Buffer Overflow
Ultra Mini HTTPD 1.21 - 'POST' Stack Buffer Overflow

Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
Ultra Mini HTTPD 1.21 - 'POST' Stack Buffer Overflow

ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal
ALFTP FTP Client 4.1/5.0 - 'LIST' Directory Traversal

Glub Tech Secure FTP 2.5.15 - 'LIST' Command Directory Traversal
Glub Tech Secure FTP 2.5.15 - 'LIST' Directory Traversal
UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal
WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal
Classic FTP 1.02 - 'LIST' Command Directory Traversal
UltraEdit 14.00b - FTP/SFTP 'LIST' Directory Traversal
WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Directory Traversal
Classic FTP 1.02 - 'LIST' Directory Traversal

AceFTP 3.80.3 - 'LIST' Command Directory Traversal
AceFTP 3.80.3 - 'LIST' Directory Traversal

RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Command Directory Traversal
RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Directory Traversal

Vtiger - Install Unauthenticated Remote Command Execution (Metasploit)
Vtiger - 'Install' Unauthenticated Remote Command Execution (Metasploit)

httpdx 1.5 - 'MKD' Command Directory Traversal
httpdx 1.5 - 'MKD' Directory Traversal

D-Link Devices - Authentication.cgi Buffer Overflow (Metasploit)
D-Link Devices - 'Authentication.cgi' Buffer Overflow (Metasploit)

rbot 0.9.14 - '!react' Command Unauthorized Access
rbot 0.9.14 - '!react' Unauthorized Access

VMTurbo Operations Manager 4.6 - vmtadmin.cgi Remote Command Execution (Metasploit)
VMTurbo Operations Manager 4.6 - 'vmtadmin.cgi' Remote Command Execution (Metasploit)

Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow
Solar FTP Server 2.1.1 - 'PASV' Remote Buffer Overflow
Freefloat FTP Server - 'ALLO' Command Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'MKD' Command Buffer Overflow
Freefloat FTP Server - 'ALLO' Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'MKD' Buffer Overflow

Endian Firewall 2.4 - openvpn_users.cgi PATH_INFO Cross-Site Scripting
Endian Firewall 2.4 - 'openvpn_users.cgi?PATH_INFO' Cross-Site Scripting

PCMan FTP Server 2.0.7 - 'PUT' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'PUT' Buffer Overflow

PCMan FTP Server 2.0.7 - 'GET' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'GET' Buffer Overflow

PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow

Zpanel - Remote Unauthenticated Remote Code Execution (Metasploit)
Zpanel - Unauthenticated Remote Code Execution (Metasploit)

PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow (Metasploit)

IPFire - proxy.cgi Remote Code Execution (Metasploit)
IPFire - 'proxy.cgi' Remote Code Execution (Metasploit)

PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'ls' Buffer Overflow (Metasploit)

EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
EasyFTP Server 1.7.0.11 - 'APPE'  Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'HOST' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'DELETE' Buffer Overflow
Freefloat FTP Server 1.0 - 'ABOR' Buffer Overflow
Freefloat FTP Server 1.0 - 'RMD' Buffer Overflow
Freefloat FTP Server 1.0 - 'HOST' Buffer Overflow
Freefloat FTP Server 1.0 - 'RENAME' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'RENAME' Buffer Overflow
PCMan FTP Server 2.0.7 - 'UMASK' Buffer Overflow
Freefloat FTP Server 1.0 - 'DIR' Buffer Overflow
PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'NLST' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'SITE CHMOD' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow
BolinTech DreamFTP Server 1.02 - 'RETR' Command Remote Buffer Overflow
PCMan FTP Server 2.0.7 - 'ACCT' Buffer Overflow
Freefloat FTP Server 1.0 - 'SITE ZONE' Buffer Overflow
PCMan FTP Server 2.0.7 - 'NLST' Buffer Overflow
PCMan FTP Server 2.0.7 - 'SITE CHMOD' Buffer Overflow
PCMan FTP Server 2.0.7 - 'PORT' Buffer Overflow
BolinTech DreamFTP Server 1.02 - 'RETR' Remote Buffer Overflow

NETGEAR DGN2200 - dnslookup.cgi Command Injection (Metasploit)
NETGEAR DGN2200 - 'dnslookup.cgi' Command Injection (Metasploit)

VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command Execution (Metasploit)
VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Unauthenticated Command Execution (Metasploit)

CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit
CCBILL CGI - 'ccbillx.c' 'whereami.cgi' Remote Exploit

phpBB 2.0.6 - search_id SQL Injection MD5 Hash Remote Exploit
phpBB 2.0.6 - 'search_id' SQL Injection MD5 Hash Remote Exploit

eXtropia Shopping Cart - web_store.cgi Remote Exploit
eXtropia Shopping Cart - 'web_store.cgi' Remote Exploit

Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit
Limbo 1.0.4.2 - '_SERVER[REMOTE_ADDR]' Overwrite Remote Exploit

TFT Gallery 0.10 - Password Disclosure Remote Exploit
TFT Gallery 0.10 - Password Disclosure

XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit
XOOPS 2.0.13.2 - 'xoopsOption[nocommon]' Remote Exploit

Drupal 4.7 - attachment mod_mime Remote Exploit
Drupal 4.7 - 'Attachment mod_mime' Remote Exploit

Cahier de texte 2.0 - Database Backup/Source Disclosure Remote Exploit
Cahier de texte 2.0 - Database Backup / Source Disclosure

CSPartner 1.0 - Delete All Users / SQL Injection Remote Exploit
CSPartner 1.0 - Delete All Users / SQL Injection

Podcast Generator 1.2 - Unauthorized Re-Installation Remote Exploit
Podcast Generator 1.2 - Unauthorized Re-Installation

SPIP < 2.0.9 - Arbitrary Copy All Passwords to .XML File Remote Exploit
SPIP < 2.0.9 - Arbitrary Copy All Passwords to '.XML' File

Nagios3 - statuswml.cgi Command Injection (Metasploit)
Nagios3 - 'statuswml.cgi' Command Injection (Metasploit)

QuickTime Streaming Server - parse_xml.cgi Remote Execution (Metasploit)
QuickTime Streaming Server - 'parse_xml.cgi' Remote Execution (Metasploit)

Nagios3 - statuswml.cgi Ping Command Execution (Metasploit)
Nagios3 - 'statuswml.cgi' 'Ping' Command Execution (Metasploit)

E-Mail Security Virtual Appliance - learn-msg.cgi Command Injection (Metasploit)
E-Mail Security Virtual Appliance - 'learn-msg.cgi' Command Injection (Metasploit)

AHG Search Engine 1.0 - search.cgi Arbitrary Command Execution
AHG Search Engine 1.0 - 'search.cgi' Arbitrary Command Execution
CGIScript.net - csPassword.cgi 1.0 Information Disclosure
CGIScript.net - csPassword.cgi 1.0 HTAccess File Modification
CGIScript.net - 'csPassword.cgi' 1.0 Information Disclosure
CGIScript.net - 'csPassword.cgi' 1.0 HTAccess File Modification

MailReader.com 2.3.x - NPH-MR.cgi File Disclosure
MailReader.com 2.3.x - 'NPH-MR.cgi' File Disclosure

BizDesign ImageFolio 2.x/3.0.1 - nph-build.cgi Cross-Site Scripting
BizDesign ImageFolio 2.x/3.0.1 - 'nph-build.cgi' Cross-Site Scripting
cPanel 5.0 - Guestbook.cgi Remote Command Execution (1)
cPanel 5.0 - Guestbook.cgi Remote Command Execution (2)
cPanel 5.0 - Guestbook.cgi Remote Command Execution (3)
cPanel 5.0 - Guestbook.cgi Remote Command Execution (4)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (1)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (2)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (3)
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (4)

HappyMall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Command Execution
HappyMall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Command Execution

HappyMall E-Commerce Software 4.3/4.4 - Member_HTML.cgi Command Execution
HappyMall E-Commerce Software 4.3/4.4 - 'Member_HTML.cgi' Command Execution

Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Cross-Site Scripting
Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Cross-Site Scripting

Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi File Disclosure
Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' File Disclosure

Zeus Web Server 4.x - Admin Interface VS_Diag.cgi Cross-Site Scripting
Zeus Web Server 4.x - Admin Interface 'VS_Diag.cgi' Cross-Site Scripting

ImageFolio 2.2x/3.0/3.1 - Admin.cgi Directory Traversal
ImageFolio 2.2x/3.0/3.1 - 'Admin.cgi' Directory Traversal

SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting
SurgeLDAP 1.0 d - 'User.cgi' Cross-Site Scripting

Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.cgi Cross-Site Scripting
Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - 'Message.cgi' Cross-Site Scripting

CommerceSQL Shopping Cart 2.2 - index.cgi Directory Traversal
CommerceSQL Shopping Cart 2.2 - 'index.cgi' Directory Traversal

DansGuardian Webmin Module 0.x - edit.cgi Directory Traversal
DansGuardian Webmin Module 0.x - 'edit.cgi' Directory Traversal

ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access
ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access

BoardPower Forum - ICQ.cgi Cross-Site Scripting
BoardPower Forum - 'ICQ.cgi' Cross-Site Scripting

Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution
Axis Network Camera 2.x And Video Server 1-3 - 'virtualinput.cgi' Arbitrary Command Execution

Gossamer Threads Links 2.x - User.cgi Cross-Site Scripting
Gossamer Threads Links 2.x - 'User.cgi' Cross-Site Scripting

MegaBook 2.0/2.1 - Admin.cgi EntryID Cross-Site Scripting
MegaBook 2.0/2.1 - 'Admin.cgi?EntryID' Cross-Site Scripting

PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting
PerlDiver 2.31 - 'Perldiver.cgi' Cross-Site Scripting

GlobalNoteScript 4.20 - Read.cgi Remote Command Execution
GlobalNoteScript 4.20 - 'Read.cgi' Remote Command Execution

Pngren 2.0.1 - Kaiseki.cgi Remote Command Execution
Pngren 2.0.1 - 'Kaiseki.cgi' Remote Command Execution

Walla TeleSite 3.0 - ts.cgi File Existence Enumeration
Walla TeleSite 3.0 - 'ts.cgi' File Existence Enumeration

Easy Search System 1.1 - search.cgi Cross-Site Scripting
Easy Search System 1.1 - 'search.cgi' Cross-Site Scripting

Kryptronic ClickCartPro 5.1/5.2 - CP-APP.cgi Cross-Site Scripting
Kryptronic ClickCartPro 5.1/5.2 - 'CP-APP.cgi' Cross-Site Scripting

Cholod MySQL Based Message Board - Mb.cgi SQL Injection
Cholod MySQL Based Message Board - 'Mb.cgi' SQL Injection

BlankOL 1.0 - Bol.cgi Multiple Cross-Site Scripting Vulnerabilities
BlankOL 1.0 - 'Bol.cgi' Multiple Cross-Site Scripting Vulnerabilities

Web-APP.net WebAPP 0.9.x - /mods/calendar/index.cgi?vsSD' Cross-Site Scripting
Web-APP.net WebAPP 0.9.x - '/mods/calendar/index.cgi?vsSD' Cross-Site Scripting

Net Clubs Pro 4.0 - imessage.cgi 'Username' Cross-Site Scripting
Net Clubs Pro 4.0 - 'imessage.cgi?Username' Cross-Site Scripting

Cosmoshop 8.10.78/8.11.106 - Lshop.cgi SQL Injection
Cosmoshop 8.10.78/8.11.106 - 'Lshop.cgi' SQL Injection

Netwin SurgeFTP 2.3a1 - SurgeFTPMGR.cgi Multiple Input Validation Vulnerabilities
Netwin SurgeFTP 2.3a1 - 'SurgeFTPMGR.cgi' Multiple Input Validation Vulnerabilities

WebEvent 4.03 - Webevent.cgi Cross-Site Scripting
WebEvent 4.03 - 'Webevent.cgi' Cross-Site Scripting

Urchin 5.7.x - session.cgi Cross-Site Scripting
Urchin 5.7.x - 'session.cgi' Cross-Site Scripting

Google Urchin 5.7.3 - Report.cgi Authentication Bypass
Google Urchin 5.7.3 - \Report.cgi' Authentication Bypass

Web Terra 1.1 - books.cgi Remote Command Execution
Web Terra 1.1 - 'books.cgi' Remote Command Execution

D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit Lancfg2get.cgi
D-Link DSL-2730B Modem - 'Lancfg2get.cgi Persistent Cross-Site Scripting

Zenoss 3.2.1 - Remote Authenticated Command Execution
Zenoss 3.2.1 - Authenticated Remote Command Execution

Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (Metasploit)
Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Unauthenticated Remote Command Execution (Metasploit)
2017-10-27 05:01:37 +00:00
..
dos DB: 2017-08-23 2017-08-23 05:01:29 +00:00
local DB: 2017-10-27 2017-10-27 05:01:37 +00:00
remote DB: 2017-10-17 2017-10-17 05:01:30 +00:00
webapps DB: 2017-10-26 2017-10-26 05:01:38 +00:00