bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/xml
History
Offensive Security 32fc589910 DB: 2016-11-23 
8 new exploits

xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)

3Com OfficeConnect Routers - Denial of Service (Content-Type)
3Com OfficeConnect Routers - (Content-Type) Denial of Service

xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow
Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow

World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow
World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow

Divx Player - Denial of Service
Divx Player 6.8.2 - Denial of Service

Microsoft Word (Win/Mac) - Crash (PoC)
Microsoft Word (Windows/OSX) - Crash (PoC)
TP-LINK TDDP - Multiple Vulnerabilities
Microsoft Internet Explorer 8 MSHTML - 'Ptls5::Ls­Find­Span­Visual­Boundaries' Memory Corruption

Office 2008 sp0 - RTF pFragments MAC Exploit
Microsoft Office 2008 SP0 (Mac) - RTF pFragments Exploit

Huawei UTPS - Unquoted Service Path Privilege Escalation

xine-lib 1.1 - (media player library) Remote Format String
Xine-Lib 1.1 - (media player library) Remote Format String

Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite
Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite

3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting
3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Parameter Cross-Site Scripting

xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities
Xine-Lib 1.1.11 - Multiple Heap Based Remote Buffer Overflow Vulnerabilities

Crestron AM-100 - Multiple Vulnerabilities

Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)

Simple Machines Forum 1.0.4 - (modify) SQL Injection
Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL Injection

PHP-Fusion 6.00.109 - (msg_send) SQL Injection
PHP-Fusion 6.00.109 - 'msg_send' Parameter SQL Injection

PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection
PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection

PHP-Fusion 6.00.306 - (srch_where) SQL Injection
PHP-Fusion 6.00.306 - 'srch_where' Parameter SQL Injection

Simple Machines Forum 1.1 rc2 (Windows) - (lngfile) Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploit

Simple Machines Forum 1.1 rc2 - Lock Topics Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit

AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion
AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion

Virtual Law Office - (phpc_root_path) Remote File Inclusion
Virtual Law Office - 'phpc_root_path' Remote File Inclusion

AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion
AllMyGuests 0.3.0 - 'AMG_serverpath' Parameter Remote File Inclusion

Simple Machines Forum 1.1.3 - Blind SQL Injection
Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection
BosClassifieds 3.0 - (index.php cat) SQL Injection
BosNews 4.0 - (article) SQL Injection
BosClassifieds 3.0 - 'index.php' SQL Injection
BosNews 4.0 - 'article' Parameter SQL Injection

Classifieds Caffe - 'index.php cat_id' SQL Injection
Classifieds Caffe - 'cat_id' Parameter SQL Injection
carbon communities 2.4 - Multiple Vulnerabilities
XplodPHP AutoTutorials 2.1 - 'id' SQL Injection
Carbon Communities 2.4 - Multiple Vulnerabilities
XplodPHP AutoTutorials 2.1 - 'id' Parameter SQL Injection
Grape Statistics 0.2a - (location) Remote File Inclusion
5th Avenue Shopping Cart - 'category_id' SQL Injection
Grape Statistics 0.2a - 'location' Parameter Remote File Inclusion
5th Avenue Shopping Cart - 'category_id' Parameter SQL Injection
PhShoutBox 1.5 - (final) Insecure Cookie Handling
Simple Customer 1.2 - (contact.php id) SQL Injection
AllMyGuests 0.4.1 - (AMG_id) SQL Injection
PhShoutBox 1.5 - Insecure Cookie Handling
Simple Customer 1.2 - 'contact.php' SQL Injection
AllMyGuests 0.4.1 - 'AMG_id' Parameter SQL Injection

Simple Machines Forum 1.1.4 - SQL Injection
Simple Machines Forum (SMF) 1.1.4 - SQL Injection

virtual support office-xp 3.0.29 - Multiple Vulnerabilities
Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities

PHP-Fusion Mod Classifieds - (lid) SQL Injection
PHP-Fusion Mod Classifieds - 'lid' Parameter SQL Injection

Simple Machines Forum 1.1.5 (Windows x86) - Admin Reset Password Exploit
Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit

PHP-Fusion Mod freshlinks - (linkid) SQL Injection
PHP-Fusion Mod freshlinks - 'linkid' Parameter SQL Injection

PHP-Fusion Mod manuals - (manual) SQL Injection
PHP-Fusion Mod manuals - 'manual' Parameter SQL Injection

PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection
PHP-Fusion Mod triscoop_race_system - 'raceid' Parameter SQL Injection

BosDev BosClassifieds - 'cat_id' SQL Injection
BosClassifieds - 'cat_id' SQL Injection

Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution
Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution

PHP-Fusion 7.00.1 - (messages.php) SQL Injection
PHP-Fusion 7.00.1 - 'messages.php' SQL Injection

Check New 4.52 - (findoffice.php search) SQL Injection
Check New 4.52 - 'findoffice.php search' SQL Injection

PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection
PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection

PHP-Fusion Mod the_kroax (comment_id) - SQL Injection
PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection

Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload
Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload

Simple Machines Forums - (BBCode) Cookie Stealing
Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing

PHP-Fusion Mod Book Panel - (bookid) SQL Injection
PHP-Fusion Mod Book Panel - 'bookid' Parameter SQL Injection

PHP-Fusion Mod Book Panel - (course_id) SQL Injection
PHP-Fusion Mod Book Panel - 'course_id' Parameter SQL Injection

Opencart 1.1.8 - (route) Local File Inclusion
Opencart 1.1.8 - 'route' Local File Inclusion

exjune officer message system 1 - Multiple Vulnerabilities
Exjune Officer Message System 1 - Multiple Vulnerabilities

Simple Machines Forum - Multiple Security Vulnerabilities
Simple Machines Forum (SMF) - Multiple Security Vulnerabilities

PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection
PHP-Fusion 6.01.15.4 - 'downloads.php' SQL Injection

Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute (PoC)
Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC)

PHP-fusion dsmsf - (module downloads) SQL Injection
PHP-fusion dsmsf Mod Downloads - SQL Injection

Group Office - (comment_id) SQL Injection
Group Office - 'comment_id' SQL Injection

PHP-Fusion MG - User-Fotoalbum SQL Injection
PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection

Simple Machines forum (SMF) 2.0 - session Hijacking
Simple Machines Forum (SMF) 2.0 - Session Hijacking

AllMyGuests 0.x - info.inc.php Arbitrary Code Execution
AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution

Simple Machines Forum 1.0 - Size Tag HTML Injection
Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection

OpenCart 1.5.5.1 - (FileManager.php) Directory Traversal Arbitrary File Access
OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access

PHP-Fusion 4.0 - Viewthread.php Information Disclosure
PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure

PHP-Fusion 4/5 - Setuser.php HTML Injection
PHP-Fusion 4/5 - 'Setuser.php' HTML Injection

PHP-Fusion 4.0/5.0/6.0 - messages.php SQL Injection
PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection

PHP-Fusion 6.0.109 - messages.php SQL Injection
PHP-Fusion 6.0.109 - 'messages.php' SQL Injection

PHP-Fusion 6.0 - members.php Cross-Site Scripting
PHP-Fusion 6.0 - 'members.php' Cross-Site Scripting

PHP-Fusion 6.0.x - news.php SQL Injection
PHP-Fusion 6.0.x - 'news.php' SQL Injection

Simple Machines Forum 1.0/1.1 - 'index.php' Cross-Site Scripting
Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scripting

PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection
PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection

Simple Machines Forum 1.1.4 - Multiple Remote File Inclusion
Simple Machines Forum (SMF) 1.1.4 - Multiple Remote File Inclusion

Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass
Simple Machines Forum (SMF) 1.1.6 - HTTP POST Request Filter Security Bypass

OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection

Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection

PHP-Fusion - 'articles.php' Cross-Site Scripting
AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting

Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery
Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery

Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload
Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload

WordPress Plugin Dharma booking 2.38.3 - File Inclusion
WordPress Plugin Dharma Booking 2.38.3 - File Inclusion
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution
SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection
2016-11-23 05:01:19 +00:00
..
dos DB: 2016-04-10 2016-04-10 05:03:48 +00:00
local DB: 2016-02-11 2016-02-11 05:03:33 +00:00
webapps DB: 2016-11-23 2016-11-23 05:01:19 +00:00