| Parodia 6.8 employer-profile.asp SQL Injection |
| Parsp Shopping CMS [V5] Multiple Vulnerability |
| Passport PC To Host Malformed .zws file Memory Corruption Vulnerability |
| Password Manager Pro / Pro MSP - Blind SQL Injection |
| Paypal Currencucy Converter Basic For Woocommerce File Read |
| PayPal Inc BB #85 MB iOS 4.6 - Auth Bypass Vulnerability |
| PBBoard 2.1.4 Local File Inclusion |
| PBBoard CMS 3.0.1 - SQL Injection |
| PBBoard v2.1.4 CMS - Multiple Vulnerabilities |
| PBBoard v2.1.4 Multiple SQL Injection Vulnerabilities |
| PBlogEX v1.2 Multiply Vulnerabilities |
| PCAnywhere 12.5.0 build 463 Denial of Service |
| PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit |
| PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit |
| PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF) |
| PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF) |
| PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow |
| PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow |
| PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability |
| PCMan FTP Server 2.0.7 - 'NLST' Command Buffer Overflow |
| PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow |
| PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow |
| PCMan FTP Server 2.0.7 - Remote Exploit (msf) |
| PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF) |
| PCMan FTP Server 2.0.7 - 'SITE CHMOD' Command Buffer Overflow |
| PCMAN FTP Server Buffer Overflow - PUT Command |
|
| PDF Album v1.7 iOS - File Include Web Vulnerability |
| PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation |
| pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read |
| pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read |
| pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free |
| pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read |
| pdfium CPDF_Function::Call - Stack-Based Buffer Overflow |
| pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read |
| pdfium IsFlagSet (v8 memory management) - SIGSEGV |
| PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption |
| pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities |
| pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities |
| PeerFTP Server <=v4.01 Remote Crash PoC |
| PEiD 0.95 - Memory Corruption POC |
| PEStudio 3.69 - Denial of Service |
| PFSense <= 2.2.5 - Directory Traversal |
| pfSense 2.1 build 20130911-1816 - Directory Traversal |
| pfSense 2.1 build 20130911-1816 - Directory Traversal |
| pfSense Community Edition 2.2.6 - Multiple Vulnerabilities |
| pfSense Firewall <= 2.2.5 - Config File CSRF |
| pfSense Firewall <= 2.2.6 - Services CSRF |
| PFsense UTM Platform 2.0.1 XSS Vulnerability |
| pfSense2.1build20130911-1816-DirectoryTraversal |
| PG Portal Pro CSRF Vulnerability |
| phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability |
| phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabilities |
| Phoenix Contact ILC 150 ETH PLC Remote Control Script |
|
| Photo Server 2.0 iOS - Multiple Vulnerabilities |
| Photo Transfer (2) 1.0 iOS - Denial of Service Vulnerability |
| Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities |
| Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities |
| Photo WiFi Transfer 1.01 - Directory Traversal Vulnerability |
| Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH) |
| Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Exploit |
| Photodex ProShow Producer v5.0.3297 (.pxs) Memory Corruption Exploit |
| Photorange 1.0 iOS - File Inclusion Vulnerability |
| Photos in Wifi 1.0.1 iOS - Arbitrary File Upload Vulnerability |
|
| PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities |
| PHP <= 5.3.6 shmop_read() Integer Overflow DoS |
| PHP <= 5.4.3 (com_event_sink) Denial of Service |
| PHP <= 5.4.3 wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce |
| PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit |
| PHP 5.0.0 - domxml_open_file() Local Denial of Service |
| PHP 5.0.0 - fbird_[p]connect() Local Denial of Service |
| PHP 5.0.0 - simplexml_load_file() Local Denial of Service |
| PHP 5.0.0 - snmpwalk() Local Denial of Service |
| PHP 5.0.0 - snmpwalkoid() Local Denial of Service |
| PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow |
| PHP 5.0.0 - xmldocfile() Local Denial of Service |
| PHP 5.3.10 spl_autoload() Local Denial of Service |
| PHP 5.3.10 spl_autoload_call() Local Denial of Service |
| PHP 5.3.10 spl_autoload_register() Local Denial of Service |
| PHP 5.3.4 Win Com Module Com_sink Exploit |
| PHP 5.3.5 grapheme_extract() NULL Pointer Dereference PoC |
| PHP 5.4.0 Built-in Web Server DoS PoC |
| PHP 5.5.12 Locale::parseLocale Memory Corruption |
| PHP 5.5.33 - Invalid Memory Write |
| PHP 6.0 openssl_verify() Local Buffer Overflow PoC |
| PHP 7.0 - Object Cloning Local Denial of Service |
| PHP 7.0.0 - Format String Vulnerability |
| PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow |
| PHP 7.0.8 / 5.6.23 / 5.5.37 - bzread() Out-of-Bounds Write |
| PHP Address Book 6.2.12 Multiple security vulnerabilities |
| PHP apache_request_headers Function Buffer Overflow |
| PHP CGI Argument Injection |
| PHP CGI Argument Injection Exploit |
| PHP Classifieds Rental Script - Blind SQL Injection |
| PHP DateTime Use After Free Vulnerability |
| PHP Exif Extension 'exif_read_data()' Function Remote DoS |
| PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution |
| PHP Gift Registry 1.5.5 SQL Injection |
| PHP GMP unserialize() Use-After-Free |
| PHP IRC Bot pbot eval() Remote Code Execution |
| php ireport v1.0 Remote Html Code injection |
| PHP News Script 4.0.0 - SQL Injection |
| PHP Power Browse 1.2 - Directory Traversal |
| PHP Press Release - Cross-Site Request Forgery (Add Admin) |
| PHP Press Release - Stored Cross Site Scripting |
| PHP RSS Reader 2010 - SQL Injection |
| PHP RSS Reader 2010 - SQL Injection |
| PHP Server Monitor 3.1.1- CSRF Privilege Escalation |
| PHP Server Monitor 3.1.1- Multiple CSRF Vulnerabilities |
| PHP Server Monitor Stored XSS |
| PHP Session Deserializer Use-After-Free |
| PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec Exploit |
| PHP SplDoublyLinkedList unserialize() Use-After-Free |
| PHP SplObjectStorage unserialize() Use-After-Free |
| PHP Stock Management System 1.02 - Multiple Vulnerabilty |
| PHP Telephone Directory - Multiple Vulnerabilities |
| PHP Ticket System Beta 1 (index.php p parameter) SQL Injection |
| PHP Utility Belt - Remote Code Execution |
| PHP Utility Belt Remote Code Execution |
| PHP Volunteer Management 1.0.2 Multiple Vulnerabilities |
| PHP Volunteer Management System v1.0.2 Arbitrary File Upload |
| PHP Webcam Video Conference - Multiple Vulnerabilities |
| PHP Webcam Video Conference - Multiple Vulnerabilities |
| PHP Webquest 2.6 - SQL Injection |
| PHP Weby Directory Software 1.2 Multiple Vulnerabilities |
| phpAcounts v.0.5.3 SQL Injection |
| PHPBack 1.3.0 - SQL Injection |
|
| PHPBTTracker+ 2.2 - SQL Injection |
| phpBugTracker 1.0.5 Multiple Reflected XSS Vulnerabilities |
| phpBugTracker 1.6.0 - Multiple Vulnerabilities |
| PHP-CMDB 0.7.3 - Multiple Vulnerabilities |
| PHP-CMDB 0.7.3 - Multiple Vulnerabilities |
| phpCollab CMS 2.5 - (emailusers.php) SQL Injection |
| PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution |
| PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution |
| phpDolphin <= 2.0.5 - Multiple Vulnerabilities |
| phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery |
| phpFileManager 0.9.8 - CSRF Vulnerability |
| phpFileManager 0.9.8 - Remote Command Execution Vulnerability |
| phpFileManager 0.9.8 Remote Code Execution |
| PHPfileNavigator 2.3.3 - CSRF Vulnerability |
| PHPfileNavigator 2.3.3 - XSS Vulnerabilities |
| PHP-Fusion <= v7.02.07 - Blind SQL Injection |
| PHP-Fusion 7.02.07 - SQL Injection |
| php-Charts Arbitrary PHP Code Execution Vulnerability |
| PHP-Charts v1.0 PHP Code Execution Vulnerability |
| PHPIPAM 1.1.010 - Multiple Vulnerabilities |
| PHPIPAM 1.2.1 - Multiple Vulnerabilities |
| phplist - version 2.10.9 CSRF/XSS Vulnerability |
| phpList 2.10.17 Remote SQL Injection and XSS Vulnerability |
| PHPLIST 3.0.6 & 3.0.10 - SQL Injection Vulnerability |
| phpLiteAdmin 1.9.6 - Multiple Vulnerabilities |
| PHPMailer < 5.2.18 - Remote Code Execution (PHP) |
| PHPMailer < 5.2.18 - Remote Code Execution (Python) |
| PHPMailer < 5.2.20 - Remote Code Execution |
| PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11... |
| PHPMailer 5.2.17 - Remote Code Execution |
| PHPMoAdmin Unauthorized Remote Code Execution (0-Day) |
| PHPmongoDB 1.0.0 - Multiple Vulnerabilities |
| phpMyAdmin 3.5.2.2 server_sync.php Backdoor |
| phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities |
| phpMyAdmin Authenticated Remote Code Execution via preg_replace() |
| phpMyBackupPro 2.5 - Remote Command Execution / CSRF |
| phpMyBitTorrent 2.0.4 SQL Injection Vulnerability |
| phpMyBitTorrent 2.04 Multiple Vulnerabilities |
| phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities |
| phpMyRecipes 1.2.2 (dosearch.php, words_exact param) - SQL Injection |
| PHP-Nuke 8.2.4 - Multiple Vulnerabilities |
| PHP-Nuke module(SPChat) SQL Injection Vulnerability |
| PhpOnlineChat 3.0 - XSS |
| phpPaleo' Local File Inclusion (CVE-2012-1671) |
| 'phpPaleo' Local File Inclusion (CVE-2012-1671) |
| PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability |
| PhpSocial 2.0.0304_20222226 - CSRF Vulnerability |
| phpSQLiteCMS - Multiple Vulnerabilities |
| phptax 0.8 <= Remote Code Execution Vulnerability |
| PhpTax pfilez Parameter Exec Remote Code Injection |
| phpVibe - Aribtrary File Disclosure ArticleFR 3.0.6 - Multiple Vulnerabilities |
| phpVID 1.2.3 - Multiple Vulnerabilities |
| PhpWiki - Remote Command Execution |
| PhpWiki 1.5.4 - Multiple Vulnerabilities |
| PhreeBooks R30RC4 Multiple Vulnerabilities |
| phxEventManager 2.0 beta 5 search.php search_terms SQL Injection |
| pChart 2.1.3 - Multiple Vulnerabilities |
| PicoPublisher v2.0 Remote SQL Injection |
| PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash PoC |
| Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist |
| PIKATEL 96338WS, 96338L-2M-8M - Unauthenticated DNS Change |
|
| Pimcore CMS Build 3450 - Directory Traversal |
| PinApp Mail-SeCure 3.70 - Access Control Failure |
| PinApp Mail-SeCure 3.70 - Access Control Failure |
| PineApp MailSecure - Remote Command Execution |
| Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure |
| Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure |
| Pirelli Discus DRG A125g - Local Password Disclosure Vulnerability |
| Pirelli Discus DRG A125g - Local Password Disclosure Vulnerability |
| Pirelli Discus DRG A125g - Password Disclosure Vulnerability. |
| Pirelli Discus DRG A125g - Password Disclosure Vulnerability. |
| Pirelli Discus DRG A125g - Remote Change SSID Value Vulnerability |
| Pirelli Discus DRG A125g - Remote Change SSID Value Vulnerability |
| Pirelli Discus DRG A125g - Remote Change WiFi Password Vulnerability |
| Pirelli Discus DRG A125g - Remote Change WiFi Password Vulnerability |
| PivotX 2.3.11 - Directory Traversal |
| Piwigo 2.3.3 Multiple Vulnerabilities |
| Piwigo 2.4.6 (install.php) Remote Arbitrary File Read/Delete Vulnerability |
| Piwigo 2.6.1 - CSRF Vulnerability |
| Piwigo 2.6.1 - CSRF Vulnerability |
| Pixelpost 1.7.3 Multiple Persistent Cross-Site Scripting Vulnerabilities |
| Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability |
| PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities |
| PizzaInn_Project - SQL Injection |
| PizzaInn_Project - SQL Injection |
| PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities |
| PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change |
| PlaySMS <= 0.9.9.2 - CSRF |
| PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure |
|
| Plesk 10.4.4/11.0.9 - SSO XXE/XSS Injection Exploit |
| Plesk Apache Zeroday Remote Exploit |
| Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities |
| Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities |
| Pligg CMS 2.0.0rc2 - CSRF File Creation Vulnerability |
| Pligg CMS 2.0.0rc2 - CSRF File Creation Vulnerability |
| Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection |
| Pligg CMS 2.0.2 - CSRF Add Admin Exploit |
| Pligg CMS 2.0.2 - CSRF Code Execution |
| Pligg CMS 2.0.2 - Directory Traversal |
| Pligg CMS 2.0.2 - Multiple SQL Injection Vulnerabilities |
| Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential |
| Plogger 1.0 (RC1) - Multiple Vulnerabilities |
| Plogger 1.0-RC1 - Authenticated Arbitrary File Upload |
| Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page) |
| PlumeCMS <= 1.2.4 CSRF Vulnerability |
| PlumeCMS <= 1.2.4 Multiple Persistent XSS |
| PMB <= 4.1.3 - Post-Auth SQL Injection Vulnerability |
| PMB Services <= 3.4.3 SQL Injection Vunerability |
| Podcast Generator 1.3 Multiple Vulnerabilities |
| PodHawk 1.85 - Arbitary File Upload Vulnerability |
| Poison Ivy 2.3.2 C&C Server Buffer Overflow |
| Polycom HDX Telnet Authorization Bypass |
| Polycom SoundPoint IP Devices Denial Of Service |
| Polycom VVX-Series Business Media Phones - Path Traversal Vulnerability |
| PonyOS <= 3.0 - ELF Loader Privilege Escalation |
| PonyOS <= 3.0 - tty ioctl() Local Kernel Exploit |
| PonyOS <= 3.0 - VFS Permissions Exploit |
| POP Peeper 4.0.1 - SEH Over-Write |
| Portable UPnP SDK unique_service_name() Remote Code Execution |
| Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes) |
| Postfix SMTP - Shellshock Exploit |
| Postfix SMTP - Shellshock Exploit |
|
| PostgreSQL <= 8.4.1 JOIN Hashtable Size Integer Overflow Denial Of Service Vulnerability |
| PostgreSQL for Microsoft Windows Payload Execution |
| PotPlayer 1.5.39036 (.wav) - Crash PoC |
| PotPlayer 1.5.39036 (.wav) - Crash PoC |
| PotPlayer 1.6.5x - .mp3 Crash PoC |
| PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX - Multiple Vulnerabilities |
| Practico 13.9 - Multiple Vulnerabilities |
| Practico 13.9 - Multiple Vulnerabilities |
| PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability |
| Pragyan CMS v3.0 Multiple Vulnerabilities |
| Pre Printing Press product_desc.php (pid) SQL Injection Vulnerability |
| PrestaShop <= 1.5.1 Persistent XSS |
| Presto! PageManager <= 9.01 Multiple Vulnerabilities |
|
| Privacy Pro v1.2 HZ iOS - Local File Inclusion |
| Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation |
| Private Camera Pro 5.0 iOS - Multiple Vulnerabilities |
| Private Camera Pro 5.0 iOS - Multiple Vulnerabilities |
| PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure |
| ProcessMaker Open Source Authenticated PHP Code Execution |
| ProcessMaker Open Source Authenticated PHP Code Execution |
| Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities |
| ProFTPD 1.3.5 Mod_Copy Command Execution |
| ProFTPD mod_sftp Integer Overflow DoS PoC |
| Progea Movicon 11 TCPUploadServer Remote Exploit |
| Progea Movicon TCPUploadServer Remote Exploit |
| Progress OpenEdge 11.2 - Directory Traversal |
| Project Pier Arbitrary File Upload Vulnerability |
| Project'Or RIA 3.4.0 (objectDetail.php, objectId param) - SQL Injection |
| Project'Or RIA 3.4.0 (objectDetail.php, objectId param) - SQL Injection |
| ProjectSend Arbitrary File Upload |
| ProjectSend r561 - SQL Injection Vulnerability |
| ProjectSend r582 - Multiple Vulnerabilities |
| PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities |
| Prolink PRN2001 - Multiple Vulnerabilities |
| Proman Xpress v5.0.1 Multiple Vulnerabilities |
| Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities |
| ProQuiz 2.0.0b Arbitrary Upload Vulnerability |
| ProQuiz v2.0.2 CSRF Vulnerability |
| ProQuiz v2.0.2 Multiple Vulnerabilities |
| Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC) |
| Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC) |
| Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit |
| PsychoStats 3.2.2b (awards.php, id param) - Blind SQL Injection |
|
| Publish-It 3.6d - Buffer Overflow Vulnerability |
| Publish-It 3.6d - Buffer Overflow Vulnerability |
| Pure-FTPd External Authentication Bash Environment Variable Code Injection |
| Pure-FTPd v1.0.21 (centos 6.2, ubuntu 8.04) Crash PoC (Null Pointer Dereference) |
| Putty 0.64 - Denial of Service Vulnerability |
| PyroCMS 2.1.1 Multiple Vulnerabilities |
|
| Python - Interpreter Heap Memory Corruption (PoC) |
| Python 2.7 array.fromstring Method - Use After Free |
| Python 2.7 hotshot Module - pack_string Heap Buffer Overflow |
| Python 2.7 strop.replace() Method - Integer Overflow |
| Python 3.3 - 3.5 product_setstate() Function - Out-of-bounds Read |
|
| Python CGIHTTPServer Encoded Path Traversal |
| Python socket.recvfrom_into() - Remote Buffer Overflow |
| Python Untrusted Search Path/Code Execution Vulnerability |
| Qcodo Development Framework 0.3.3 Full Info Disclosure |
| qdPM v.7 Arbitrary File upload |
| qdPM v7 Arbitrary PHP File Upload Vulnerability |
| QEMU Programmable Interrupt Timer Controller Heap Overflow |
| Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability |
| QNAP NAS Devices - Heap Overflow |
| QNap QVR Client 5.1.0.11290 - Crash PoC |
| QNAP Turbo NAS TS-1279U-RP Multiple Path Injection |
| QNX 6.4.x/6.5.x ifwatchd - Local root Exploit |
| QNX 6.4.x/6.5.x ifwatchd - Local root Exploit |
|
| QNX 6.4.x/6.5.x pppoectl - Information Disclosure |
|
| QNX 6.5.0 x86 io-graphics - Local root Exploit |
|
| QNX 6.5.0 x86 phfont - Local root Exploit |
| QNX phrelay/phindows/phditto Multiple Vulnerabilities |
| QQ INTERNATIONAL v Bêta 3 DLL Hijacking Exploit (mfc80fra.dll) |
| QQPlayer 3.7.892 m2p quartz.dll Heap Pointer Overwrite PoC |
| QSEE - PRDiag* Commands Privilege Escalation Exploit |
| Qualcomm Adreno GPU MSM Driver perfcounter Query Heap Overflow |
| Qualitynet CMS Remote Change Admin Password Exploit |
| Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution |
| Quest InTrust 10.4.x ReportTree and SimpleTree Classes |
| Quest InTrust Annotation Objects Uninitialized Pointer |
| Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite poc |
| Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite poc |
| Quick 'n Easy FTP Server 3.2 Denial of Service |
| Quick Paypal Payments 3.0 - Presistant XSS (0day) |
| Quick Paypal Payments 3.0 - Presistant XSS (0day) |
| Quick Polls Local File Inclusion and Deletion Vulnerabilities |
| Quick TFTP Server 2.2 - Denial of Service |
| Quick Tftp Server Pro 2.3 - Read Mode Denial of Service |
| QuickHeal 16.00 - webssx.sys Driver DoS Vulnerability |
| QuickShare File Share 1.2.1 Directory Traversal Vulnerability |
| Quicktech SQL Injection Vulnerability |
| RadioCMS 2.2 (menager.php, playlist_id param) - SQL Injection Vulnerability |
| Rae Media Real Estate Multi Agent SQL Injection Vulnerability |
| Rae Media Real Estate Single Agent SQL Injection Vulnerability |
| Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities |
| Raidsonic NAS Devices Unauthenticated Remote Command Execution |
| Raidsonic NAS Devices Unauthenticated Remote Command Execution |
| Railo Remote File Include |
| Railo Remote File Include |
| Raja Natarajan Guestbook 1.0 Local File Inclusion Vulnerability |
| RaksoCT Multiple SQL Injection Vulnerabilities |
| Ramui Forum Script 9.0 - SQL Injection Exploit |
| Ramui Web Hosting Directory Script 4.0 - Remote File Inclusion |
| Rapid PHP Editor 14.1 - Remote Command Execution |
| Rapid7 AppSpider 6.12 - Local Privilege Escalation |
| Rar CmdExtract::UnstoreFile Integer Truncation Memory Corruption |
| Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability |
| RASPcalendar 1.01 - [ASP] Admin Login Vlunerabilities |
| RASPcalendar 1.01 - [ASP] Admin Login Vlunerabilities |
| RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability |
| RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability |
| Readmore Systems Script SQL Injection Vulnerability |
| Real-DRAW PRO 5.2.4 Import File Crash |
| RealNetworks RealPlayer CDDA URI Initialization Vulnerability |
| RealPlayer <= 14.0.1.633 Heap Overflow Vulnerability |
| RealPlayer 15.0.6.14 .3gp Crash PoC |
| RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) |
| Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege... |
| Realtyna RPL Joomla Extension 8.9.2 - Multiple SQL Injection Vulnerabilities |
| Realtyna RPL Joomla Extension 8.9.2 - Persistent XSS And CSRF Vulnerabilities |
| Rebus:list (list.php, list_id param) - SQL Injection Vulnerability |
| ReciPHP 1.1 SQL Injection Vulnerability |
| RecordPress 0.3.1 Multiple Vulnerabilities |
| Red Hat JBoss EAP - Deserialization of Untrusted Data |
| Red Hat Linux stickiness of /tmp |
| Redaxo 5.2.0 - Cross-Site Request Forgery |
| Redaxo CMS 5.0.0 - Multiple Vulnerabilities |
| Redaxscript 0.3.2 Multiple Vulnerabilities |
| RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) |
| refbase <= 0.9.6 - Multiple Vulnerabilities |
| Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution |
| Rejetto HttpFileServer Remote Command Execution |
| Relevanssi 2.7.2 Wordpress Plugin Stored XSS Vulnerability |
| Remote Utilities Host 6.3 - Denial of Service |
| ReOS 2.0.5 Multiple Vulnerabilities |
| Reserve Logic v1.2 Booking CMS Multiple Vulnerabilities |
| Resin Application Server 4.0.36 Source Code Disclosure Vulnerability |
| ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling |
| Return Oriented Programming (ROP FTW) |
| Return Oriented Programming (ROP FTW) |
| RHEL 7.0/7.1 - abrt/sosreport Local Root |
| RHEL 7.1 Kernel - iowarrior driver Crash PoC |
| RHEL 7.1 Kernel - snd-usb-audio Crash PoC |
| Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow" |
| Rips Scanner 0.5 - (code.php) Local File Inclusion |
| Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched |
|
| Rocket Servergraph Admin Center fileRequestor Remote Code Execution |
| Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash |
| Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC |
| Roundcube 1.1.3 - Path Traversal Vulnerability |
| Roundcube 1.2.2 - Remote Code Execution |
| Roundcube Webmail Version 0.8.0 Stored XSS |
| Router ONO Hitron CDE-30364 - CSRF Vulnerability |
| Router ONO Hitron CDE-30364 - CSRF Vulnerability |
| rpcbind (CALLIT Procedure) UDP Crash PoC |
| RPCScan 2.03 - Hostname/IP Field Crash PoC |
| RPCScan 2.03 - Hostname/IP Field SEH Overwrite PoC |
| RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection |
| R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities |
| RTTucson Quotations Database - Multiple Vulnerabilities |
| Ruby on Rails - Dynamic Render File Upload Remote Code Execution |
| Ruby on Rails Development Web Console (v2) Code Execution |
| Ruby on Rails JSON Processor YAML Deserialization Code Execution |
| Ruby on Rails Known Secret Session Cookie Remote Code Execution |
| Ruby on Rails XML Processor YAML Deserialization Code Execution |
| Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass |
| Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass |
| RuggedCom Devices Backdoor Access |
| Rumba FTP Client 4.x - Stack buffer overflow (SEH) |
| RunCMS 2.2.2 Multiple Vulnerabilities |
| RuubikCMS < v1.0.3 Shell Upload Vulnerability |
| RuubikCMS 1.1.1 (tinybrowser.php, folder param) - Path Traversal Vulnerability |
| RuubikCMS Version 1.0.3 Multiple Vulnerabilities |
| S9Y Serendipity 2.0.4 - Cross-Site Scripting |
| Safari 8.0 / OS X 10.10 - Crash PoC |
| Safari User-Assisted Applescript Exec Attack |
| SafeNet Sentinel Keys Server Crash PoC |
| SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal |
| Sagem Fast 3304-V1 - Denial Of Service Vulnerability |
|
| Sagem Fast 3304-V2 - Authentification Bypass |
| Sagem FAST3304-V2 - Authentication Bypass |
| Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities |
| Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities |
| Sagemcom F@ST 3864 V2 - Get Admin Password |
| Sakai 10.7 - Multiple Vulnerabilities |
| Sam Spade 1.14 - (Crawl website) Buffer OverFlow |
| Sam Spade 1.14 - (Scan Addresses) Buffer Overflow Exploit |
| Sam Spade 1.14 - Browse URL Buffer Overflow PoC |
| Sam Spade 1.14 - Decode URL Buffer Overflow Crash PoC |
| Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash PoC |
| Sam Spade 1.14 - S-Lang Command Field SEH Overflow |
| Saman Portal Local File Inclusion Vulnerability |
| Samba nttrans Reply - Integer Overflow Vulnerability |
| Samba nttrans Reply - Integer Overflow Vulnerability |
| Samsung AllShare 2.1.1.0 NULL Pointer Deference |
| Samsung D6000 TV Multiple Vulnerabilities |
| Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow |
| Samsung DVR Firmware 1.10 - Authentication Bypass |
| Samsung DVR Firmware 1.10 - Authentication Bypass |
| Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw |
| Samsung Galaxy KNOX Android Browser RCE |
| Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption |
| Samsung Galaxy S6 - libQjpeg DoIntegralUpsample Crash |
| Samsung Galaxy S6 - Samsung Gallery Bitmap Decoding Crash |
| Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash |
| Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash |
| Samsung Kies 2.3.2.12054_20 Multiple Vulnerabilities |
| Samsung libQjpeg Image Decoding Memory Corruption |
| Samsung m2m1shot Kernel Driver Buffer Overflow |
| SAMSUNG NET-i Viewer 1.37 SEH Overwrite |
| Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow |
| Samsung NET-i ware <= 1.37 Multiple Vulnerabilities |
| Samsung PS50C7700 TV - Denial of Service |
| Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness |
| Samsung SecEmailUI Script Injection |
| Samsung seiren Kernel Driver Buffer Overflow |
| Samsung Smart Home Camera SNH-P-6410 - Command Injection |
| Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure |
| SAP Adaptive Server Enterprise 16 - Denial of Service |
| SAP ConfigServlet Remote Unauthenticated Payload Execution |
| SAP HANA 1.00.095 - hdbindexserver Memory Corruption |
| SAP Netweaver < 7.01 - XML External Entity Injection |
| SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection |
| SAP NetWeaver AS JAVA 7.1 - 7.5 - Information Disclosure |
| SAP NetWeaver AS JAVA 7.1 - 7.5 - SQL Injection |
| SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow |
| SAP Netweaver Dispatcher Multiple Vulnerabilities |
| SAP Netweaver Enqueue Server - Denial of Service |
| SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service |
|
| SAP Router - Timing Attack Password Disclosure |
| SAP SAPCAR - Multiple Vulnerabilities |
| SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution |
| SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution |
| SAP Sybase Adaptive Server Enterprise XML External Entity Information Disclosure Vulnerability |
| SAP xMII 15.0 - Directory Traversal |
| SapLPD 7.40 - Denial of Service |
| SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow |
| Saurus CMS 4.7.1 - Multiple Vulnerabilities |
| Savant Web Server 3.1 Buffer Overflow Exploit (Egghunter) |
| ScriptCase 8.1.053 - Multiple Vulnerabilities |
| Scripts Genie Hot Scripts Clone (showcategory.php, cid param) - SQL Injection Vulnerability |
| Scripts Genie Pet Rate Pro - Multiple Vulnerabilities |
| SDP Downloader 2.3.0 (http_response) Remote Buffer Overflow Exploit |
| Seafile-server <= 3.1.5 - Remote DoS |
| Seafile-server <= 3.1.5 - Remote DoS |
| Seagate Business NAS Unauthenticated Remote Command Execution |
| Seagate Central 2014.0410.0026-F Remote Root Exploit |
| Secret Net 7 and Secret Net Studio 8 - Local Privilege Escalation |
| Sefrengo CMS 1.6.0 - SQL Injection |
| Sefrengo CMS 1.6.0 - SQL Injection |
| Sendy 1.1.8.4 - SQL Injection Vulnerability |
| SEO Control Panel 3.6.0 - Authenticated SQL Injection |
| Seo Panel 2.2.0 SQL Injection Vulnerabilities |
| Seowonintech Devices - Remote root Exploit |
| Seowonintech Routers <= fw: 2.3.9 Remote Root File Disclosure |
|
| SePortal SQLi Remote Code Execution |
| SerComm Device Remote Code Execution |
|
| Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities |
| Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities |
| Serva 3.0.0 HTTP Server - Denial of Service |
| Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of service |
| Serva v2.0.0 DNS Server QueryName Remote Denial of Service Vulnerability |
| Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability |
| ServersCheck Monitoring Software v9.0.12 / 9.0.14 - Stored XSS |
| SevOne NMS <= 5.3.6.0 - Remote Root Exploit |
| sflog! <= 1.00 Multiple Vulnerabilities |
| Sflog! CMS 1.0 Arbitrary File Upload Vulnerability |
| Shadow Stream Recorder 3.0.1.7 Buffer Overflow |
| ShadowBrokers Dump Came from Internal Code Repository, Insider |
| Share KM 1.0.19 - Remote Denial Of Service |
| Share KM 1.0.19 - Remote Denial Of Service |
| Share v1.0 for iPhone / iPod touch, Directory Traversal |
| Sharetronix 3.3 - Multiple Vulnerabilities |
| SHARP MX Series - Denial of Service |
| sheed AntiVirus - Unquoted Service Path Privilege Escalation |
| Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh |
| Shopizer 1.1.5 - Multiple Vulnerabilities |
| Shopizer 1.1.5 - Multiple Vulnerabilities |
| Shopware 3.5 SQL Injection |
|
| SHOUTcast DNAS 2.2.1 - Stored XSS |
| Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities |
| Schneider Electric Accutech Manager Heap Overflow PoC |
| Schneider Electric SBO / AS - Multiple Vulnerabilities |
| SideBooks v1.0 for iPhone / iPod touch, Directory Traversal |
| Sielco Sistemi Winlog 2.07.16 Multiple Vulnerabilities |
| Sielco Sistemi Winlog Buffer Overflow 2.07.14 |
| SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change |
| SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download |
| SIEMENS IP-Camera CVMS2025-IR, CCMS2025 - Credentials Disclosure |
| Siemens Simatic S7 1200 CPU Command Module (MSF) |
| Siemens Simatic S7-1200 CPU START/STOP Module |
| Siemens Simatic S7-300 PLC Remote Memory Viewer |
| Siemens Simatic S7-300/400 CPU START/STOP Module |
| SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference |
| SIEMENS Solid Edge ST4 SEListCtrlX ActiveX - SetItemReadOnly Arbitrary Memory Rewrite RCE |
| SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution |
| SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution |
| SIEMENS Solid Edge ST4 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx RCE |
| Siemens Tecnomatix FactoryLink 8.0.1.1473 Multiple Vulnerabilities |
| Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities |
| SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities |
| Simple Ads Manager 2.9.4.116 - SQL Injection |
| Simple Blog PHP 2.0 - Multiple Vulnerabilities |
| Simple Blog PHP 2.0 - SQL Injection |
| Simple e-document 1.31 - Login bypass |
| Simple e-document 1.31 - Login bypass |
| Simple E-Document Arbitrary File Upload |
| Simple E-Document Arbitrary File Upload |
| Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options) |
| Simple Forum PHP 2.4 - SQL Injection |
| Simple PHP Agenda <= 2.2.8 CSRF (Add Admin - Add Event) |
| Simple PHP Agenda 2.2.8 (edit_event.php, eventid param) - SQL Injection |
| Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) |
| Simple PHP Polling System - Multiple Vulnerabilities |
| Simple Posting System Multiple Vulnerabilities |
| Simple Web Server 2.2 rc2 Remote Buffer Overflow Exploit |
| Simple Web Server 2.2-rc2 ASLR Bypass Exploit |
| Simple Web Server Connection Header Buffer Overflow |
| SimpleRisk 20130915-01 - Multiple Vulnerabilities |
| SimpleRisk 20130915-01 - Multiple Vulnerabilities |
| SimpleTransfer 2.2.1 - Command Injection Vulnerabilities |
| SimplyShare 1.4 iOS - Multiple Vulnerabilities |
| SimplyShare 1.4 iOS - Multiple Vulnerabilities |
| SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC |
| Sisfokol 4.0 Arbitrary File Upload |
| Sitecom Home Storage Center Auth Bypass Vulnerability |
| Sitecom Home Storage Center Directory Traversal |
| Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit |
| Sitecom N300/N600 Devices - Multiple Vulnerabilities |
| Sitecom N300/N600 Devices - Multiple Vulnerabilities |
| Sitecom WLM-2501 CSRF Vulnerabilities |
| SiteXCMS 080 build 522 Multiple Vulnerabilities |
| Sixnet Sixview 2.4.1 - Web Console Directory Traversal |
| SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities |
| SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities |
| SkaDate Lite 2.0 - Remote Code Execution Exploit |
| SkaDate Lite 2.0 - Remote Code Execution Exploit |
| Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm |
| SkyBlueCanvas CMS Remote Code Execution |
| Skybox Platform <=7.0.611 - Multiple Vulnerabilities |
| Slider Revolution/Showbiz Pro Shell Upload Exploit |
| Slider Revolution/Showbiz Pro Shell Upload Exploit |
| Slimpdf Reader 1.0 Memory Corruption |
| Smadav Anti Virus 9.1 Crash PoC |
| SmallFTPd 1.0.3 - 'mkd' Command Denial of Service |
| Smart Guard Network Manager 6.3.2 - SQL Injection |
| SmartCMS (index.php, idx parameter) SQL Injection Vulnerability |
| SmarterMail 7.3 and 7.4 Multiple Vulnerabilities |
| SmarterMail Enterprise and Standard <=11.x - Stored XSS |
| SmarterMail Free 9.2 Stored XSS |
| SmarterStats 6.0 Multiple Vulnerabilities |
| Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability |
| SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit |
| SN News (visualiza.php) <= 1.2 SQL Injection |
| SnackAmp 3.1.3 Malicious aiff File Denial of service |
| SnapProof (cart.php) Cross Site Scripting |
| SnapProof (page.php) SQL Injection Vulnerability |
| sNews 1.7.1 - Arbitrary File Upload |
| sNews 1.7.1 - Cross-Site Request Forgery |
| Snort 2 DCE/RPC preprocessor Buffer Overflow |
| Snowfox CMS 1.0 - CSRF Add Admin Exploit |
| SNScan 1.05 - Scan Hostname/IP Field Buffer Overflow Crash PoC |
| soapbox <= 0.3.1 Local Root Exploit |
| SoapUI 4.6.3 - Remote Code Execution |
| Social Engine v4.2.5 Multiple Vulnerabilities |
| Social Microblogging PRO 1.5 Stored XSS Vulnerability |
| SocialEngine 4.2.2 Multiple Vulnerabilities |
| SocialEngine 4.8.9 - SQL Injection |
| SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation |
| Software DEP Classified Script 2.5 SQL Injection Vulnerability |
|
| Solar FTP 2.1 Denial of Service Exploit |
| SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation |
| SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation |
| Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution |
| Solarwinds Orion Service - SQL Injection Vulnerabilities |
| SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow |
| SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow |
| Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit |
| SolarWinds Storage Manager Authentication Bypass |
| SolarWinds Storage Manager Authentication Bypass |
| SOLIDserver <=5.0.4 - Local File Inclusion Vulnerability |
|
| SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write |
| SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service |
| SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service |
| SonicWALL CDP 5040 v6.x Multiple Vulnerabilities |
| SonicWALL EMail Security 7.3.5 Multiple Vulnerabilities |
| SonicWALL GMS 6 Arbitrary File Upload |
| Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability (0Day) |
| Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability (0Day) |
| SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x Remote Root/SYSTEM Exploit |
| SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass |
| Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities |
| Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability |
| Sony Bravia Remote Denial of Service |
| Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution |
| Sony VAIO Wireless Manager 4.0.0.0 Buffer Overflows |
| Sophos Products - Multiple Vulnerabilities |
| Sophos Web Protection Appliance - Multiple Vulnerabilities |
| Sophos Web Protection Appliance - Multiple Vulnerabilities |
| Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation |
| Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation |
|
| Sophos Web Protection Appliance sblistpack Arbitrary Command Execution |
| Sophos Web Protection Appliance sblistpack Arbitrary Command Execution |
| SourceBans 1.4.7 XSS Vulnerability |
| SpagoBI 4.0 - Arbitrary XSS File Upload |
| SpagoBI 4.0 - Arbitrary XSS File Upload |
| SpagoBI 4.0 - Persistent HTML Script Insertion |
| SpagoBI 4.0 - Persistent HTML Script Insertion |
| SpagoBI 4.0 - Persistent XSS Vulnerability |
| SpagoBI 4.0 - Persistent XSS Vulnerability |
| SpagoBI 4.0 - Privilege Escalation Vulnerability |
| SpagoBI 4.0 - Privilege Escalation Vulnerability |
| SpamTitan Application v5.08x - SQL Injection Vulnerability |
| SphereFTP Server 2.0 - Crash PoC |
| Sphider Search Engine - Multiple Vulnerabilities |
| SpiceWorks 5.3.75941 Stored XSS and Post-Auth SQL Injection |
| Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities |
| SPIP connect Parameter PHP Injection |
| SPIP connect Parameter PHP Injection |
| Spitfire CMS 1.1.4 - CSRF Vulnerability |
| Spitfire CMS 1.1.4 - CSRF Vulnerability |
| Splash Pro Hd Player (.avi) Denial of Service |
| Splunk <= 4.3.3 Arbitrary File Read |
| Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting |
| Splunk Enterprise 6.4.3 - Server-Side Request Forgery |
| SpoonFTP 1.2 RETR Denial of Service Vulnerability |
| Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation |
| SQL Injection Vulnerability in WMS-CMS |
| SQLI Online Shop LeKommerce |
| Squash YAML Code Execution |
| Squid 3.3.5 - DoS PoC |
| Squirrelcart Cart Shop v3.3.4 Multiple Web Vulnerabilities |
| SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exploit |
| Stack Smashing On A Modern Linux System |
| Stark CRM 1.0 - Multiple Vulnerabilities |
| Stark CRM 1.0 - Multiple Vulnerabilities |
| Status2k Server Monitoring Software - Multiple Vulnerabilities |
| Steam Browser Protocol Insecurity |
| STIMS Buffer - Buffer Overflow SEH - DoS |
| STIMS Cutter - Buffer Overflow DoS |
| Stoneware WebNetwork6 Multiple Vulnerabilities |
| STRATO Newsletter Manager Directory Traversal |
| Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit) |
| Stunnel CVE-2014-0016 PRNG Initialization Weakness |
| STUNSHELL Web Shell Remote Code Execution |
| STUNSHELL Web Shell Remote PHP Code Execution |
| Subrion 3.X.X - Multiple Vulnerabilities |
| Subrion CMS 2.2.1 CSRF Add Admin Exploit |
| Subrion CMS 2.2.1 Multiple Vulnerabilities |
| Subrion CMS 4.0.5 - SQL Injection |
| Subversion 1.6.6 / 1.6.12 - Code Execution |
| sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass |
| SugarCRM 6.5.23 - REST PHP Object Injection Exploit (Metasploit) |
| SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution |
| SumatraPDF v2.0.1 .chm and .mobi Memory Corruption |
| Sun Java Applet2ClassLoader Remote Code Execution Exploit |
|
| Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow Vulnerability |
| Sun Java Web Start Plugin Command Line Argument Injection (2012) |
| Sundown Exploit Kit ‘Larger Threat Than People Realize’ |
| SunellSecurity NVR / Camera - Denial Of Service |
| Supermicro Onboard IPMI close_window.cgi Buffer Overflow |
| Supermicro Onboard IPMI close_window.cgi Buffer Overflow |
| Supernews <= 2.6.1 (noticias.php cat) SQL Injection |
| Supernews <= 2.6.1 SQL Injection Exploit |
| SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow |
| SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow |
| SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow |
| Supr Shopsystem 5.1.0 - Persistent UI Vulnerability |
| SurgeMail 6.0a4 Stored XSS |
| SV: Milw0rm Clone Script v1.0 - (time based) SQLi |
| SweetRice 1.5.1 - Cross-Site Request Forgery |
| SWFUpload v2.5.0 Beta 3 File Arbitrary Upload |
| SwiftMailer < 5.4.5-DEV - Remote Code Execution |
| Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities |
| Sybase EAServer 6.3.1 - Multiple Vulnerabilities |
| Symantec Altiris DS SQL Injection |
| Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure |
| Symantec End Point Protection 11.x & Symantec Network Access Control 11.x LCE POC |
| Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow |
| Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow |
| Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities |
|
| Symantec Endpoint Protection Manager 12.1.x - SEH Overflow POC |
| Symantec Endpoint Protection Manager Authentication Bypass and Code Execution |
| Symantec Endpoint Protection Manager Remote Command Execution |
| Symantec Endpoint Protection Manager Remote Command Execution |
| Symantec Endpoint Protection Manager Remote Command Execution Exploit |
| Symantec LiveUpdate Administrator Management GUI HTML Injection |
| Symantec Messaging Gateway 10.6.1 - Directory Traversal |
| Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation |
| Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change |
| Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change (MSF) |
| Symantec Web Gateway 5 restore.php Post Authentication Command Injection |
| Symantec Web Gateway 5.0.2 (blocked.php id parameter) Blind SQL Injection |
| Symantec Web Gateway 5.0.2 Remote LFI Root Exploit |
| Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection |
| Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability |
| Symantec Web Gateway 5.0.2.8 Command Execution Vulnerability |
| Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection |
| Symantec Web Gateway 5.0.3.18 (deptUploads_data.php groupid parameter) Blind SQLi |
| Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers |
| Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit |
| Symantec Web Gateway Cross Site Scripting |
|
| Symantec Workspace Streaming Arbitrary File Upload |
| Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation |
| Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability |
| Symfony2 Local File Disclosure - Security Advisory - SOS-12-002 |
| Symphony CMS 2.3 Multiple Vulnerabilities |
| Symphony CMS 2.6.3 – Multiple SQL Injection Vulnerabilities |
| Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow |
| Sync Breeze Enterprise 9.1.16 - Buffer Overflow |
| SynConnect PMS (index.php, loginid param) - SQL Injection Vulnerability |
| Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities |
| Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities |
| SysAid Help Desk 'rdslogs' Arbitrary File Upload |
| Sysax <= 5.60 Create SSL Certificate Buffer Overflow |
| Sysax 5.53 SSH Username Buffer Overflow (msf) |
| Sysax FTP Automation Server 5.33 Local Privilege Escalation |
| Sysax Multi Server 5.50 Create Folder Remote Code Exec BoF (MSF Module) |
| Sysax Multi Server 5.64 Create Folder Buffer Overflow |
| Sysax Multi Server 6.40 SSH Component Denial of Service |
| Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit |
| Sysax Multi-Server 5.64 Create Folder Buffer Overflow |
| Syslog Server 1.2.3 - Crash PoC |
| Syslog Watcher Pro 2.8.0.812 - (Date Parameter) - Cross Site Scripting Vulnerability |
| Tableau Server - Blind SQL Injection Vulnerability |
| Tableau Server - Blind SQL Injection Vulnerability |
| TACK 1.07 - Local Stack-Based Buffer Overflow |
| TagScanner v5.1 - Stack Buffer Overflow Vulnerability |
| Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities |
| Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities |
| TallSoft SNMP TFTP Server 1.0.0 - Denial of Service |
| TaskFreak! v0.6.4 Multiple Cross-Site Scripting Vulnerabilities |
| T-Content Managment System Multiple Vulnerabilities |
| TCP Reverse Shell with Password Prompt - 151 bytes |
| tcPbX - (tcpbx_lang) Local File Inclusion |
| tcpdump 4.6.2 Geonet Decoder Denial of Service |
| TcpDump rpki_rtr_pdu_print Out-of-Bounds Denial of Service |
| TCPing 2.1.0 - Buffer Overflow |
| T-dah Webmail Client 3.2.0-2.3 Stored XSS |
| T-dah Webmail CSRF & Stored XSS |
| T-dah Webmail Multiple Stored XSS |
| TeamPass 2.1.24 - Multiple Vulnerabilities |
| TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability |
| TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability |
| TeamViewer 11.0.65452 (64 bit) - Local Credentials Disclosure |
| TECO AP-PCLINK 1.094 - .tpc File Handling Buffer Overflow Vulnerability |
| TECO JN5 L510-DriveLink 1.482 - .lf5 SEH Overwrite Buffer Overflow Exploit |
| TECO SG2 FBD Client 3.51 - .gfb SEH Overwrite Buffer Overflow Vulnerability |
| TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow Exploit |
| TECO TP3-PCLINK 2.1 - .tpc File Handling Buffer Overflow Vulnerability |
| Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities |
| Technicolor TC7200 - Credentials Disclosure |
| Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities |
| Telefonica O2 Connection Manager 3.4 - Local Privilege Escalation Vulnerability |
| Telefonica O2 Connection Manager 8.7 - Service Trusted Path Privilege Escalation |
| Telegram 3.2 - Input Length Handling Crash PoC |
| Template CMS 2.1.1 Multiple Vulnerabilities |
| Tenda A32 Router - CSRF Vulnerability |
| Tenda A5s Router 3.02.05_CN - Authentication Bypass Vulnerability |
| Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change |
| Tenda W309R Router 5.07.46 - Configuration Disclosure |
| Tenda W309R Router 5.07.46 - Configuration Disclosure |
| Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting |
| Tendoo CMS 1.3 - XSS Vulnerabilities |
|
| Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF Vulnerability |
| Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS Vulnerability |
| Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS Vulnerability |
| TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability |
| TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability |
| Terminal Server Client .rdp Denial of Service |
| TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities |
| TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities |
| TestLink 1.9.14 - CSRF Vulnerability |
| TestLink 1.9.3 CSRF Vulnerability |
| TestLink v1.9.3 Arbitrary File Upload Vulnerability |
| Tetris Heap Spraying: Spraying the Heap on a Budget |
| Texas Instrument Emulator 3.03 - Local Buffer Overflow |
| Text Exchange Pro (index.php page) Local File Inclusion |
| TFM MMPlayer (m3u/ppl File) Buffer Overflow |
| Tftpd32 DNS Server 4.00 Denial Of Service |
| Th3 MMA mma.php Backdoor Arbitrary File Upload |
| TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials |
| Thatware 0.4.6 - SQL Injection |
| The Unarchiver 3.11.1 - '.tar.Z' Crash PoC |
| TheBlog <= 2.0 Multiple Vulnerabilities |
| Thomson CableHome Gateway (DWG849) Cable Modem Gateway - Information Exposure |
|
| Thomson TWG87OUIR - POST Password CSRF |
| Thomson Wireless VoIP Cable Modem Auth Bypass |
| Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass |
| Thru Managed File Transfer Portal 9.0.2 - SQL Injection |
| Tickets CAD 2.20G Multiple Vulnerabilities |
| TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities |
|
| TigerCom My Assistant 1.1 iOS - Local File Inclusion |
| Tiki Wiki <= 8.3 unserialize() PHP Code Execution |
| Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution |
| Timeclock Software 0.995 - Multiple SQL Iinjection Vulnerabilities |
| Timesheet Next Gen 1.5.2 Multiple SQLi |
| Tincd Post-Authentication Remote TCP Stack Buffer Overflow |
| Tiny HTTP Server <=v1.1.9 Remote Crash PoC |
| Tiny Server <= 1.1.9 HTTP HEAD DoS |
| Tiny Tiny RSS - Blind SQL Injection |
| TinyWebGallery v 1.8.3 - Multiple Vulnerabilities |
| TIOD v1.3.3 for iPhone / iPod touch Directory Traversal |
| Titan FTP Server 10.32 Build 1816 - Directory Traversal Vulnerability |
| Titan FTP Server 10.32 Build 1816 - Directory Traversal Vulnerability |
| T-Mobile Internet Manager - Contact Name Crash PoC |
| Tom Sawyer Software GET Extension Factory Remote Code Execution |
| Tomabo MP4 Converter 3.10.12 - 3.11.12 (.m3u) Denial of service (Crush application) |
| Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow |
| Topics Viewer CSRF Add Admin |
| TopicsViewer 3.0 Beta 1 - Multiple Vulnerabilities |
| TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL) |
| TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE) |
| TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT) |
| TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR) |
|
|
| TorrentTrader 2.08 Multiple Vulnerabilities |
| TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF Vulnerability |
| TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF Vulnerability |
| TOSHIBA IP-Camera IK-WP41A - Auth Bypass / Configuration Download |
| Toshiba Viewer v2 p3console - Local Denial of Service |
| Toshiba Viewer v2 p3console - Local Denial of Service |
| Total Commander 8.52 - Buffer Overflow |
| Total Commander 8.52 - Buffer Overflow (Windows 10) |
| Total Commander 8.52 - SEH-Overwrite BOF |
| Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow |
| Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow |
| Totemomail 4.x and 5.x - Persistent XSS |
| TOTOLINK Routers - Backdoor and RCE Exploit PoC |
| TP Link Gateway v3.12.4 Multiple Vulnerabilities |
| TP-LINK Admin Panel Multiple CSRF Vulnerabilities |
| TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change |
| TP-Link Archer CR-700 - Cross-Site Scripting |
| TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities |
| TP-LINK Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities |
| TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities |
| TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials |
| TP-LINK TDDP - Multiple Vulnerabilities |
| TP-LINK TD-W8151N - Denial of Service |
| TP-LINK TD-W8951ND - Denial of Service |
| TP-Link TD-W8951ND - Multiple Vulnerabilities |
| TP-Link TD-W8951ND - Multiple Vulnerabilities |
| TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities |
| TP-Link TL-WR740N - Denial Of Service |
| TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS |
| TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS |
| TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution |
| TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution |
| TP-LINK WDR4300 - Stored XSS & DoS 2014-09-21 |
| TP-LINK WDR4300 HTML Injection and Denial of Service Vulnerabilities |
| TP-LINK WR842ND Remote Multiple SSID Directory Travesal Exploit |
| tplSoccerStats (player.php) SQL Injection Vulnerability |
| Transferable Remote v1.1 iPad iPhone - Multiple Vulnerabilities |
| Travel Portal Script 9.33 - SQL Injection |
| Travelon Express CMS v6.2.2 Multiple Vulnerabilities |
| Trend Micro Control Manager 5.5/6.0 AdHocQuery BlindSQL Injection (post-auth) |
| Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities |
| Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability |
| Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability |
| TrendMicro - Multiple HTTP Problems with CoreServiceShell.exe |
| TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution... |
| TrendMicro node.js HTTP Server Listening on localhost Can Execute Commands |
| TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow |
| TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow |
| TRENDnet SecurView Wireless Network Camera TV-IP422WN (UltraCamX.ocx) Stack BoF |
| TRENDnet TE100-P1U Print Server Firmware 4.11 Authentication Bypass Vulnerability |
| Tribq CMS 5.2.7 - Adding/Editing New Administrator Account CSRF |
| Trigerring Java Code from a SVG Image |
| Tri-PLC Nano-10 r81 - Denial of Service |
| TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow |
| Trojan.Encryptoraas |
| TrouSerS Denial Of Service Vulnerability |
| Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation |
| TUDU 0.82 - Local Stack-Based Buffer Overflow |
| Tuleap PHP Unserialize Code Execution |
| Tunnelblick Local Root Exploit |
| Turbo FTP Server 1.30.823 PORT Overflow |
| TVersity <= 1.9.7 Arbitrary File Download |
| TVT TD-2308SS-B DVR - Directory Traversal Vulnerability |
| TVT TD-2308SS-B DVR - Directory Traversal Vulnerability |
| Typo3 - Directory Traversal Vulnerability |
| Typo3 - Directory Traversal Vulnerability |
| TYPO3 Akronymmanager Extension 0.5.0 - SQL Injection |
| Typo3 JobControl 2.14.0 - Cross Site Scripting / SQL Injection |
| TYPO3 ke DomPDF Extension - Remote Code Execution |
| Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities |
| Uber to Quadruple Security Staff by 2016 |
| UbiDisk File Manager v2.0 iOS - Multiple Web Vulnerabilities |
| UbiDisk File Manager v2.0 iOS - Multiple Web Vulnerabilities |
| Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow |
| Ubiquiti Networks UniFi 3.2.10 - CSRF Vulnerability |
| Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability |
| Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability |
|
| Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability |
| Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution |
| Ubuntu 12.04, 14.04, 14.10, 15.04 - overlayfs Local Root (Shadow File) |
| Ubuntu 12.04, 14.04, 14.10, 15.04 - overlayfs Local Root (Shell) |
| Ubuntu 12.04.0-2LTS x64 perf_swevent_init - Kernel Local Root Exploit |
| Ubuntu 12.10 64-Bit sock_diag_handlers Local Root Exploit |
| Ubuntu 14.04 LTS, 15.10 overlayfs - Local Root Exploit |
| Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC |
| Ubuntu Apport - Local Privilege Escalation |
| UCanCode - Multiple Vulnerabilities |
| UCCASS <= v1.8.1 Blind SQL Injection Vulnerability |
| UliCMS <= v9.8.1 - SQL Injection |
| Ultra Light Forum Persistant XSS Vulnerability |
| Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow |
| Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow |
| Ultra Mini HTTPD 1.21 - Stack Buffer Overflow |
| Ultra Mini HTTPD Stack Buffer Overflow |
| Ultra Mini HTTPD Stack Buffer Overflow |
| UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow |
| Umbraco CMS Remote Command Execution |
| UMI.CMS 2.9 - CSRF Vulnerability |
| UMPlayer Portable 0.95 Crash PoC |
| Understanding C Integer Boundaries (Overflows & Underflow) |
| Understanding C Integer Boundaries (Overflows & Underflow) |
| UniPDF 1.1 - Crash PoC (SEH overwritten) |
| Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE |
| Unreal Tournament Remote Buffer Overflow Exploit (SEH) |
| up.time 7.5.0 Arbitrary File Disclose And Delete Exploit |
| up.time 7.5.0 Superadmin Privilege Escalation Exploit |
| up.time 7.5.0 Upload And Execute File Exploit |