| up.time 7.5.0 Upload And Execute File Exploit |
| up.time 7.5.0 XSS And CSRF Add Admin Exploit |
| Uptime Agent 5.0.1 - Stack Overflow Vulnerability |
| Uptime Agent 5.0.1 - Stack Overflow Vulnerability |
| USB Sharp v1.3.4 iPad iPhone - Multiple Vulnerabilities |
| Useresponse <= 1.0.2 Privilege Escalation & RCE Exploit |
| Ushahidi 2.2 Multiple Vulnerabilites |
| uSQLite 1.0.0 - Denial Of Service |
| v0pCr3w Web Shell Remote Code Execution |
| Valhala Honeypot 1.8 - Stack-Based Buffer Overflow |
| VamCart v0.9 CMS - Multiple Vulnerabilities |
| VamCart v0.9 CSRF Vulnerability |
|
| Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities |
| Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR - Credentials Disclosure |
| Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR - Local File Disclosure |
| Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS |
| Vanilla Forum Tagging PlugIn Enchanced 1.0.1 Stored XSS |
| Vanilla Forums 2.0 - 2.0.18.5 (class.utilitycontroller.php) - PHP Object Injection Vulnerability |
| Vanilla Forums 2.0 - 2.0.18.5 (class.utilitycontroller.php) - PHP Object Injection Vulnerability |
| Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability |
| Vanilla Forums 2.0.18.4 Tagging Stored XSS |
| Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities |
| Vanilla Forums About Me Plugin Persistant XSS |
| Vanilla Forums Poll Plugin 0.9 Stored XSS |
| Vanilla kPoll Plugin 1.2 Stored XSS |
| Varnish Cache CLI Interface Remote Code Execution |
| VBox Satellite Express 2.3.17.3 - Arbitrary Write |
| VBScript 5.8.7600.16385 / 5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read |
| VbsEdit 5.9.3 (.smi) - Buffer Overflow Vulnerability |
| vBshop persistent Persisstant XSS |
| vBulletin < 4.2.2 - Memcache Remote Code Execution |
| vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit |
| vBulletin 4.2.3 - SQL Injection |
| vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection |
| vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection |
| vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection |
| vBulletin 5 PreAuth Remote Code Execution |
| vBulletin 5.1.x - PreAuth 0day Remote Code Execution Exploit |
| vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF) |
| vBulletin 5.x - Remote Code Execution Exploit |
| vBulletin ChangUonDyU Advanced Statistics SQL Injection Vulnerability |
| vBulletin Tapatalk - Blind SQL Injection |
| vBulletin vBay <=1.1.9 Error-Based SQL Injection |
| V-CMS PHP File Upload and Execute |
| Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation |
| Verizon Fios Router MI424WR-GEN3I - CSRF Vulnerability |
| VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow |
| VeryPDF Image2PDF Converter SEH Buffer Overflow |
| Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability |
| Vestel TV 42pf9322 - Denial of Service |
| Vestel TV 42pf9322 - Denial of Service |
| ViArt Shop Evaluation v4.1 Multiple Remote File Inclusion Vulnerabilities |
| Viber 4.2.0 - Non-Printable Characters Handling Denial of Service Vulnerability |
| Vice City Multiplayer Server 0.3z R2 Remote Code Execution |
| VICIDIAL Call Center Suite <=2.2.1-237 Multiple Vulnerabilities |
| VICIdial Manager Send OS Command Injection |
| VICIdial Manager Send OS Command Injection |
| Victory FTP Server 5.0 Denial of Service Exploit |
| Video WiFi Transfer 1.01 - Directory Traversal Vulnerability |
| VideoCharge Studio 2.12.3.685 - Buffer Overflow (SEH) |
| VideoCharge Studio 2.12.3.685 GetHttpResponse() - MITM Remote Code Execution Exploit |
| VideoCharge Studio 2.12.3.685 GetHttpResponse() - MITM Remote Code Execution Exploit |
| VideoCharge Studio Buffer Overflow (SEH) |
| VideoIQ Camera - Local File Disclosure |
| VideoLAN VLC Media Player 2.2.1 - 'DecodeAdpcmImaQT' Buffer Overflow |
| VideoSpirit Lite 1.77 - (SEH) Buffer Overflow |
| VideoSpirit Lite 1.77 - (SEH) Buffer Overflow |
| VideoSpirit Pro 1.90 - (SEH) Buffer Overflow |
| VideoSpirit Pro 1.90 - (SEH) Buffer Overflow |
| VidiScript SQL Injection Vulnerability |
| ViewGit 0.0.6 - Multiple XSS Vulnerabilities |
| Vifi Radio v1 - CSRF Vulnerability |
| Vino VNC Server 3.7.3 - Persistent Denial of Service |
| Vino VNC Server 3.7.3 - Persistent Denial of Service |
| Viprinet Multichannel VPN Router 300 - Stored XSS Vulnerabilities |
| VirIT Explorer Lite & Pro 8.1.68 - Local Privilege Escalation |
| VirtualBox 3D Acceleration Virtual Machine Escape |
| VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation |
| VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation |
| Viscacha Forum CMS v0.8.1.1 Multiple Vulnerabilities |
| Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs |
| Visual Mining NetCharts Server Remote Code Execution |
| Visual Mining NetCharts Server Remote Code Execution |
| Visual Tools DVR <= 3.0.6.16, VX Series <= 4.2.19.2 Multiple Vulnerabilities |
| Vivotek Cameras Sensitive Information Disclosure |
| Vivotek IP Cameras - RTSP Authentication Bypass |
| Vivotek IP Cameras - RTSP Authentication Bypass |
| Vivotek IP Cameras Multiple Vulnerabilities |
| VLC 1.2.0 (libtaglib_pluggin.dll) DoS |
| VLC 2.0.1 division by zero vulnerability |
| VLC 2.1.2 (.asf) - Crash PoC |
| VLC media player <= 1.1.11 (.flv) Denial of Service |
| VLC Media Player 2.2.1 - .mp4 Heap Memory Corruption |
| VLC Media Player 2.2.1 - Buffer Overflow |
| VLC Media Player 2.2.1 - m3u8/m3u Crash PoC |
| VLC Media Player RealText Subtitle Overflow |
| VLC Media Player Subtitle StripTags() Function Memory Corruption |
| VLC Player <= 2.0.3 ReadAV Crash PoC |
| VLC Player 2.0.8 (.m3u) - Local Crash PoC |
| VLC Player 2.0.8 (.m3u) - Local Crash PoC |
| VLC Player 2.1.5 - DEP Access Violation Vulnerability |
| VLC Player 2.1.5 - Write Access Violation Vulnerability |
| VLC Web Interface 2.2.1 - Metadata Title XSS Vulnerability |
| vlinks 2.0.3 (site.php id parameter) SQL Injection |
| VMCPlayer 1.0 Denial of Service |
| VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution |
| VMware Hyperic HQ Groovy Script-Console Java Execution |
| VMWare OVF Tools Format String Vulnerability |
| VMWare Setuid vmware-mount Unsafe popen(3) |
| VMWare Setuid vmware-mount Unsafe popen(3) |
| VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload |
| VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions |
| VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow |
| VMware Workstations 10.0.0.40273 vmx86.sys Arbitrary Kernel Read |
| VNC Keyboard Remote Code Execution |
| Vodafone Mobile Wifi - Reset Admin Password |
| VOX Music Player 2.8.8 - '.pls' Denail of Service |
| VR GPub 4.0 CSRF Vulnerability |
| VSAT Sailor 900 - Remote Exploit |
| vsftpd 2.3.2 remote denial of service (CVE-2011-0762) |
| Vtiger 5.1.0 LFI |
| Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit |
| vtiger CRM 5.1.0 Local File Inclusion |
| Vtiger CRM 5.4.0 (index.php, onlyforuser param) - SQL Injection |
| Vtiger CRM 5.4.0 (index.php, onlyforuser param) - SQL Injection |
| vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload |
| vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution |
| vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution |
| VTLS Virtua InfoStation.cgi - SQL Injection |
| VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass) |
| VX Search Enterprise 9.1.12 - Buffer Overflow |
| w3tw0rk / Pitbul IRC Bot Remote Code Execution |
| Wacom Consumer Service - Unquoted Service Path Privilege Escalation |
| WAN Emulator v2.3 Command Execution |
| Watermark Master Buffer Overflow (SEH) |
| Watermark Master v2.2.23 .wstyle - Buffer Overflow (SEH) |
| WatchGuard Firewall XTM 11.7.4u1 - Remote Buffer Overflow |
| WatchGuard Firewall XTM 11.7.4u1 - Remote Buffer Overflow |
| WatchGuard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN) |
| Watchguard XCS FixCorruptMail Local Privilege Escalation |
| Waves Audio Service - Unquoted Service Path Privilege Escalation |
| WaveSurfer 1.8.8p4 <= Memory Corruption PoC |
| w-CMS 2.0.1 - Remote Code Execution Vulnerability |
| w-CMS 2.0.1 - Remote Code Execution Vulnerability |
| w-CMS 2.0.1 Multiple Vulnerabilities |
| WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion |
| wdCalendar 2 - SQL Injection |
| WDS CMS - SQL Injection |
| Weathermap 0.97c (editor.php, mapname param) - Local File Inclusion |
| Web 2.0 Social Network Freunde Community SQL Injection Vunerability |
| Web Help Desk by SolarWinds - Stored XSS |
| Web interface for DNSmasq / Mikrotik - SQL Injection |
| web@all CMS 2.0 Multiple Vulnerabilities |
|
| web2Project 3.1 - Multiple Vulnerabilities |
| Web2py 2.14.5 - Multiple Vulnerabilities |
| WebCalendar <= 1.2.4 (install/index.php) Remote Code Execution |
| WebCalendar 1.2.4 Pre-Auth Remote Code Injection |
| WebcamXP and Webcam 7 Directory Traversal Vulnerability |
| WebDisk+ 2.1 iOS - Code Execution Vulnerability |
| webERP <= 4.08.1 Local/Remote File Inclusion Vulnerability |
| webERP <=4.08.4 WorkOrderEntry.php SQL Injection Vulnerability |
| webgrind 1.0 (file param) Local File Inclusion Vulnerability |
| WeBid <= 1.0.4 Multiple Vulnerabilities |
| WeBid <= 1.0.5 Directory Traversal |
| WeBid <=1.0.5 Cross Site Scripting Vulnerabilities |
| WeBid 1.1.1 Unrestricted File Upload Exploit |
| WeBid converter.php Remote PHP Code Injection |
| Webify Blog Arbitrary File Deletion Vulnerability |
| Webify Business Directory Arbitrary File Deletion Vulnerability |
| Webify eDownloads Cart Arbitrary File Deletion Vulnerability |
| Webify Link Directory SQL Injection |
| Webify Photo Gallery Arbitrary File Deletion Vulnerability |
| Webmatic 3.1.1 Blind SQL Injection |
| WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities |
| WebPA <= 1.1.0.1 Multiple Vulnerabilities |
| WebPagetest <= 2.6 Multiple Vulnerabilities |
| WebPageTest Arbitrary PHP File Upload |
| Websense Proxy Filter Bypass |
| Websitebaker Add-on Concert Calendar 2.1.4 Multiple Vulnerabilities |
| Webspell dailyinput Movie Addon 4.2.x SQL Injection Vulnerability |
| Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability |
|
| WebTitan 4.01 (Build 68) - Multiple Vulnerabilities |
| Webuzo 2.1.3 - Multiple Vulnerabilities |
| Webuzo 2.1.3 - Multiple Vulnerabilities |
| WEG SuperDrive G2 12.0.0 - Insecure File Permissions |
| Werkzeug Debug Shell Command Execution |
| WespaJuris <= 3.0 Multiple Vulnerabilities |
| Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities |
| Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities |
| Western Digital Arkeia Remote Code Execution |
| Western Digital Arkeia Remote Code Execution |
| Western Digital My Cloud 04.01.03-421, 04.01.04-422 - Command Injection |
|
| WhatsApp < v2.11.7 - Remote Crash |
| WhatsApp <= 2.11.476 - Remote Reboot/Crash App Android |
| WhatsApp Status Changer v0.2 Exploit |
| WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution |
| White Label CMS v 1.5 CSRF w/ persistent XSS |
| Whitepaper : Exploiting Transparent User Identification |
| WHMCS 4.x (invoicefunctions.php, id param) - SQL Injection Vulnerability |
| WHMCS 5.2.7 - SQL Injection Vulnerability |
| WHMCS 5.2.7 - SQL Injection Vulnerability |
| WHMCS Addon VMPanel 2.7.4 - SQL Injection |
| wicd Local Privilege Esclation Exploit |
| Wickr Desktop 2.2.1 Windows - Denial of Service Vulnerability |
| Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder |
| Wifi Album v1.47 iOS - Command Injection Vulnerability |
| WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities |
| WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities |
| WiFi HD v7.3.0 iOS - Multiple Vulnerabilities |
| Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities |
| WiFiles HD 1.3 iOS - File Inclusion Vulnerability |
| WiFly 1.0 Pro iOS - Multiple Vulnerabilities |
| Wiki Web Help 0.3.9 Multiple Stored XSS Vulnerabilities |
| Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass |
| WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities |
| WIMAX MT711x - Multiple Vulnerabilities |
| Win10Pcap - Local Privilege Escalation Vulnerability |
| Win2003 x64 - Token Stealing shellcode - 59 bytes |
| win32/xp[TR] sp3 MessageBox - 24Bytes |
| win32k Clipboard Bitmap - Use-After-Free Vulnerability |
| win32k Desktop and Clipboard - Null Pointer Derefence |
| Win32-Worm:VBS/Jenxcus.A Malware Report |
| WIN-911 7.17.00 - Multiple Vulnerabilities |
| Winamp MAKI Buffer Overflow |
| WinaXe 7.7 'FTP client' - Remote Buffer Overflow |
| Window Kernel - Bitmap Handling Use-After-Free (MS15-061) #2 |
| Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052) |
| Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048) |
| Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit) |
| Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via... |
| Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) |
| Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) |
| Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation... |
| Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) |
| Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008) |
| Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032) |
| Windows "Meterpreter"less Post Exploitation |
| Windows 10 - pcap Driver Local Privilege Escalation |
| Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation |
| Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC) |
| Windows 7 maybe other version as well System Resources kaput system hangs w loads of errors |
| Windows 7 x86 - localhost Port Scanner Shellcode (556 bytes) |
| Windows 8.0 - 8.1 x64 - TrackPopupMenu Privilege Escalation (MS14-058) |
| Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl) |
| Windows 8.1 DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076) |
| Windows AlwaysInstallElevated MSI |
| Windows ATMFD.DLL CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access |
| Windows ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access |
| Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads |
| Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table |
| Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table |
| Windows ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table |
|
| Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation |
| Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation |
| Windows CreateObjectTask TileUserBroker Privilege Escalation |
| Windows Cursor Object Potential Memory Leak (MS15-115) |
| Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124) |
| Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege... |
| Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123) |
| Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125) |
| Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege... |
| Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation... |
| Windows Escalate Service Permissions Local Privilege Escalation |
| Windows Escalate Task Scheduler XML Privilege Escalation |
| Windows Escalate UAC Execute RunAs |
| Windows Escalate UAC Protection Bypass |
| Windows Firewall Control - Unquoted Service Path Privilege Escalation |
| Windows Kerberos - Elevation of Privilege (MS14-068) |
| Windows Kerberos - Elevation of Privilege (MS14-068) |
| Windows Kerberos Security Feature Bypass (MS16-014) |
| Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097) |
| Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) |
| Windows Kernel - Bitmap Use-After-Free |
| Windows Kernel - Brush Object Use-After-Free Vulnerability (MS15-061) |
| Windows Kernel - DeferWindowPos Use-After-Free (MS15-073) |
| Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039) |
| Windows Kernel - FlashWindowEx Memory Corruption (MS15-097) |
| Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061) |
| Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097) |
| Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read |
| Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097) |
| Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061) |
| Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061) |
| Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in... |
| Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061) |
| Windows Kernel - Use-After-Free with Cursor Object (MS15-097) |
| Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097) |
| Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073) |
| Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061) |
| Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) |
| Windows Kernel - WindowStation Use-After-Free (MS15-061) |
| Windows Kernel ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026) |
| Windows Kernel ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026) |
| Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115) |
| Windows Kernel win32k!OffsetChildren - Null Pointer Dereference |
| Windows Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer... |
| Windows Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based... |
| Windows Kernel Win32k.sys Privilege Escalation Exploit (MS14-058) |
| Windows Light HTTPD 0.1 - Buffer Overflow |
| Windows Manage Memory Payload Injection |
| Windows Media Center - Command Execution (MS15-100) |
| Windows Movie Maker Version 2.1.4026.0 (.wav) - Crash POC |
| Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117) |
| Windows NDProxy Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002) |
| Windows NtUserGetClipboardAccessToken Token Leak |
|
| Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) |
| Windows OLE Package Manager SandWorm Exploit |
| Windows Race Condition DestroySMWP Use-After-Free (MS15-115) |
| Windows RT ARM Bind Shell (Port 4444) |
| Windows Service Trusted Path Privilege Escalation |
| Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation |
| Windows TrackPopupMenu Win32k NULL Pointer Dereference |
| Windows TrackPopupMenu Win32k NULL Pointer Dereference |
| Windows TrackPopupMenuEx Win32k NULL Page |
| Windows TrackPopupMenuEx Win32k NULL Page |
| Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds... |
| Windows win32k.sys - TTF Processing win32k!sbit_Embolden /... |
| Windows win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow |
| Windows win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write |
| Windows win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access |
| Windows win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow |
| Windows x64 - Bind Shell TCP Shellcode (508 bytes) |
| Windows x64 - Download & Execute Shellcode (358 bytes) |
| Windows x64 - Password Protected Bind Shellcode (825 bytes) |
| Windows x64 - Reverse Shell TCP Shellcode (694 bytes) |
| Windows x64 - WinExec() Shellcode (93 bytes) |
| Windows x86 - Bind Shell TCP Shellcode |
| Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes) |
| Windows x86 - InitiateSystemShutdownA() Shellcode (599 bytes) |
| Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes) |
| Windows x86 - MessageBoxA Shellcode (242 bytes) |
| Windows x86 - Password Protected TCP Bind Shell (637 bytes) |
| Windows x86 - Persistent Reverse Shell TCP (494 Bytes) |
| Windows XP PRO SP3 - Full ROP calc shellcode |
| Windows XP-10 - Null-Free WinExec Shellcode (Python) |
| Wing FTP Server Authenticated Command Execution |
| Wing FTP Server Authenticated Command Execution |
| Winlog Lite SCADA HMI system SEH 0verwrite Vulnerability |
| WinMerge v2.12.4 Project File Handling Stack Overflow Vulnerability |
| WinPower 4.9.0.4 - Privilege Escalation |
| WinRadius 2.11 - Denial of Service |
| WinRadius Server 2009 Denial Of Service |
| WinRar < 5.30 beta 4 - Settings Import Command Execution |
| WinRar 5.21 - SFX OLE Command Execution |
|
| WinRAR Filename Spoofing |
| WinRM VBS Remote Code Execution |
| WinWebMail Server 3.8.1.6 Stored XSS |
| WinylPlayer 3.0.3 Memory Corruption PoC |
| Wireless Disk PRO v2.3 iOS - Multiple Vulnerabilities |
| Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities |
| Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities |
| Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities |
| WirelessFiles v1.1 iPad iPhone - Multiple Vulnerabilities |
| Wireshark - add_ff_vht_compressed_beamforming_report Static Out-of-Bounds Read |
| Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free |
| Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow |
| Wireshark - alloc_address_wmem Assertion Failure |
| Wireshark - ascend_seek Static Out-of-Bounds Read |
| Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read |
| Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow |
| Wireshark - dissect_ber_integer Static Out-of-Bounds Write |
| Wireshark - dissect_ber_set Static Out-of-Bounds Read |
| Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow |
| Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV |
| Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow |
| Wireshark - dissect_oml_attrs Static Out-of-Bounds Read |
| Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read |
| Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow |
| Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read |
| Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read |
| Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow |
| Wireshark - find_signature Stack-Based Out-of-Bounds Read |
| Wireshark - getRate Stack-Based Out-of-Bounds Read |
| Wireshark - hiqnet_display_data Static Out-of-Bounds Read |
| Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read |
| Wireshark - iseries_parse_packet Heap-Based Buffer Overflow |
| Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV |
| Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow |
| Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read |
| Wireshark - print_hex_data_buffer / print_packet Use-After-Free |
| Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow |
| Wireshark - wmem_alloc Assertion Failure |
|
| Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow |
| Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service |
| Wireshark 1.12.7 - Division by Zero Crash PoC |
| Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service |
| Wireshark 2.0.0 to 2.0.4 - MMSE, WAP, WBXML, and WSP Dissectors Denial of Service |
| Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service |
| Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - RLC Dissector Denial of Service |
| Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - WSP Dissector Denial of Service |
| Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read |
| Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service |
| Wireshark 'calldissector()' NULL Pointer Dereference Denial Of Service |
| Wireshark CAPWAP Dissector - Denial of Service (msf) |
| Wireshark DIAMETER Dissector Denial of Service |
| Wireshark dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read |
| Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read |
| Wireshark Misaligned Memory Denial of Service Vulnerability |
| Wireshark Multiple Dissector Denial of Service Vulnerabilities |
| Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege... |
| Wolf CMS Arbitrary File Upload To Command Execution |
| Wolf CMS v0.7.5 Multiple Vulnerabilities |
| Woltlab Burning Board 2.3.6 Addon (hilfsmittel.php) SQL Injection Vulnerability |
| Woltlab Burning Board FLVideo Addon (video.php, value param) - SQL Injection |
| Woltlab Burning Board FLVideo Addon (video.php, value param) - SQL Injection |
| Woltlab Burning Board Regenbogenwiese 2007 Addon SQL Injection Exploit. |
| Woltlab Burning Board Regenbogenwiese 2007 Addon SQL Injection Exploit. |
| WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities |
|
| Wordpress < 4.0.1 - Denial of Service |
| WordPress <= 3.3.1 Multiple Vulnerabilities |
| WordPress <=4.0 Denial of Service Exploit |
|
| Wordpress 3.9.1 - CSRF Vulnerability |
| WordPress 4.5.3 - Directory Traversal / Denial of Service |
| WordPress Abtest Plugin - Local File Inclusion |
| WordPress Acento Theme (view-pdf.php, file param) - Arbitrary File Download |
| WordPress Add From Server Plugin < 3.3.2 - (File Upload) CSRF |
| WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation |
| Wordpress Ajax Load More PHP Upload Vulnerability |
| Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability |
|
| Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion |
| Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection |
| WordPress ALO EasyMail Newsletter Plugin 2.6.01 - CSRF Vulnerability |
| WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) CSRF |
| Wordpress Amplus Theme - CSRF Vulnerability |
| Wordpress Amplus Theme - CSRF Vulnerability |
| WordPress Area53 theme Arbitrary File Upload Vulnerability |
| WordPress Area53 theme Arbitrary File Upload Vulnerability |
| Wordpress Asset Manager Plugin 0.2 Arbitrary File Upload |
| Wordpress Automatic Plugin v2.0.3 CSRF Exploit |
| WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload |
| WordPress Best Web Soft Captcha Plugin <= 4.1.5 - Multiple Vulnerabilities |
| WordPress Booking Calendar Contact Form Plugin <= 1.0.23 - Multiple Vulnerabilities |
| Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection |
| Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection |
| WordPress Booking Calendar Plugin 6.2 - SQL Injection |
| Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities |
| Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities |
| WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF Vulnerability |
| WordPress Bulk Delete Plugin 5.5.3 - Privilege Escalation |
| WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download |
| Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities |
| Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities |
| WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities |
| Wordpress Count per Day Plugin 3.2.3 XSS Vulnerability |
| WordPress Count per Day Plugin 3.2.5 (counter.php) - XSS Vulnerability |
| WordPress Count Per Day Plugin 3.4 - SQL Injection |
| WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting |
| Wordpress CP Multi View Event Calendar 1.01 - SQL Injection |
| WordPress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities |
| WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection |
| WordPress Curvo Themes - CSRF File Upload Vulnerability |
| WordPress Curvo Themes - CSRF File Upload Vulnerability |
| Wordpress Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload Vulnerability |
| Wordpress Developer Formatter CSRF Vulnerability |
| Wordpress Diary/Notebook Site5 Theme Email Spoofing |
| Wordpress Dimension Theme - CSRF Vulnerability |
|
| Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability |
| Wordpress drag and drop file upload 0.1 Arbitrary File Upload Vulnerability |
| Wordpress Easy Contact Forms Export Plugin 1.1.0 Information Disclosure Vulnerability |
| WordPress Easy Social Icons Plugin 1.2.2 - CSRF Vulnerability |
| WordPress eBook Download Plugin 1.1 - Directory Traversal |
| WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF Vulnerability |
| Wordpress Euclid Theme - CSRF Vulnerability |
| Wordpress Euclid Theme - CSRF Vulnerability |
| WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation |
| Wordpress Facebook Survey v1 SQL Injection Vulnerability |
| WordPress FeedWordPress Plugin 2015.0426 - SQL Injection |
| Wordpress Foxypress Plugin 0.4.1.1 0.4.2.1 Arbitrary File Upload |
| WordPress Front End Upload v0.5.4.4 Arbitrary PHP File Upload |
| Wordpress Front File Manager Plugin 0.1 Arbitrary File Upload |
| Wordpress Frontend Upload Plugin - Arbitrary File Upload |
| Wordpress Frontend Upload Plugin - Arbitrary File Upload |
| Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS |
| Wordpress Gallery Plugin 3.06 Arbitrary File Upload |
| WordPress GeoPlaces3 Theme - Arbitrary File Upload Vulnerbility |
| WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download |
| WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download |
| WordPress GigPress Plugin 2.3.8 - SQL Injection |
| Wordpress Google Document Embedder 2.5.14 - SQL Injection |
| Wordpress Google Maps via Store Locator Plugin Multiple Vulnerabilities |
| WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion |
| Wordpress HD Webplayer 1.1 SQL Injection Vulnerability |
| Wordpress History Collection <=1.1.1 Arbitrary File Download |
| Wordpress HMS Testimonials Plugin 2.0.10 - Multiple Vulnerabilities |
| WordPress HTML 5 MP3 Player with Playlist Plugin - Full Path Disclosure |
| Wordpress HTML5 AV Manager Plugin 0.2.7 Arbitrary File Upload |
| WordPress Huge-IT Slider 2.7.5 - Multiple Vulnerabilities |
| Wordpress church_admin Plugin 0.800 Stored XSS |
| WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure |
|
| Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities |
| WordPress Import CSV Plugin 1.0 - Directory Traversal |
| Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities |
| Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities |
| Wordpress InfusionSoft Plugin Upload Vulnerability |
| WordPress Job Manager Plugin 0.7.22 - Persistent XSS |
| WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS |
| Wordpress Kish Guest Posting Plugin 1.0 Arbitrary File Upload |
| Wordpress Lazy SEO plugin Shell Upload Vulnerability |
| Wordpress Lazy SEO plugin Shell Upload Vulnerability |
| WordPress LeagueManager Plugin 3.8 - SQL Injection |
| WordPress leenk.me Plugin 2.5.0 - CSRF/XSS |
| Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability |
| Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities |
| Wordpress Mac Photo Gallery 2.7 Arbitrary File Upload |
| Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution |
| Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload |
| Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload |
| Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability |
| Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability |
| WordPress MDC Private Message Plugin 1.0.0 - Persistent XSS |
| Wordpress Mini Mail Dashboard Widget 1.42 Stored XSS |
| Wordpress MM Forms Community Plugin 2.2.6 Arbitrary File Upload |
| WordPress MoodThingy Widget v0.8.7 Blind SQL Injection |
| WordPress More Fields <= 2.1 Plugin - CSRF Vulnerability |
| Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability |
| Wordpress NOSpamPTI Plugin - Blind SQL Injection |
| Wordpress NOSpamPTI Plugin - Blind SQL Injection |
| WordPress Occasions Plugin 1.0.4 - CSRF Vulnerability |
| WordPress Ocim MP3 Plugin - SQL Injection Vulnerability |
| Wordpress Orange Themes CSRF File Upload Vulnerability |
| Wordpress Orange Themes CSRF File Upload Vulnerability |
|
| Wordpress Participants Database 1.5.4.8 - SQL Injection |
| Wordpress Pica Photo Gallery 1.0 Arbitrary File Upload Vulnerability |
| Wordpress PICA Photo Gallery Plugin 1.0 Remote File Disclosure |
| WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection |
| WordPress Plugin Advanced Custom Fields Remote File Inclusion |
| Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities |
| Wordpress Plugin Answer My Question 1.3 - SQL Injection |
| Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability |
| Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability |
| WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure Vulnerability |
| WordPress plugin Foxypress uploadify.php Arbitrary Code Execution |
| WordPress Plugin Free Counter 1.1 Stored XSS |
|
| WordPress Plugin Google Document Embedder Arbitrary File Disclosure |
| WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery |
| WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery |
| Wordpress Plugin Olimometer 2.56 - SQL Injection |
| WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure |
| WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery |
| Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure |
| WordPress Plugin Simply Poll 1.4.1 - SQL Injection |
| Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection |
| Wordpress Plugin Sirv 1.3.1 - SQL Injection |
| WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload |
| Wordpress Plugin spider calendar Multiple Vulnerabilities |
| Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities |
| Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF |
| Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability |
| Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection |
| WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege... |
| Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection |
| Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion |
| Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability |
| WordPress Polls Widget Plugin 1.0.7 - SQL Injection Vulnerability |
| Wordpress Postie Plugin 1.4.3 Stored XSS |
| Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS |
| Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS |
| WordPress RB Agency Plugin 2.4.7 - Local File Disclosure |
| Wordpress Really Simple Guest Post <= 1.0.6 - File Include |
| WordPress Recent Backups Plugin 0.7 - Arbitrary File Download |
| WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload |
| WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload |
| Wordpress RLSWordPressSearch plugin SQL Injection |
| Wordpress RobotCPA Plugin V5 - Local File Inclusion |
| WordPress SAICO theme Arbitrary File Upload Vulnerability |
| WordPress SAICO theme Arbitrary File Upload Vulnerability |
| WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal |
| Wordpress SfBrowser Version 1.4.5 Arbitrary File Upload Vulnerability |
| WordPress Shopping Cart 3.0.4 - Unrestricted File Upload |
| WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability |
| WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download |
|
| Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities |
| Wordpress SimpleMail Plugin 1.0.6 Stored XSS |
| WordPress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities |
| Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion |
| WordPress SiteMile Project Theme 2.0.9.5 - Multiple Vulnerabilities |
| Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit) |
| WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability |
| WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability |
| Wordpress Social Discussions Plugin 6.1.1 Multiple Vulnerabilities |
| WordPress SolveMedia 1.1.0 CSRF Vulnerability |
| Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability |
| Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scripting |
| Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities |
| Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities |
| WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS Vulnerability |
| Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection |
|
| WordPress Switchblade Themes Arbitrary File Upload Vulnerability |
| WordPress Switchblade Themes Arbitrary File Upload Vulnerability |
|
| Wordpress Theme Elegance - Post Local File Disclosure |
|
| Wordpress Theme Infocus - Post Local File Disclosure |
| WordPress Theme Kernel - Remote File Upload Vulnerability |
| WordPress Theme Kernel - Remote File Upload Vulnerability |
|
| WordPress Theme LineNity 1.20 - Local File Inclusion |
| WordPress Think Responsive Themes Arbitrary File Upload Vulnerability |
| WordPress Think Responsive Themes Arbitrary File Upload Vulnerability |
| Wordpress ThreeWP Email Reflector Plugin 1.13 Stored XSS |
| Wordpress Top Quark Architecture Version 2.10 Arbitrary File Upload Vulnerability |
| Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection |
| WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities |
| WordPress User Meta Manager Plugin 3.4.6 - Blind SQL Injection |
| WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure |
| WordPress User Meta Manager Plugin 3.4.6 - Privilege Escalation |
| Wordpress User Meta Version 1.1.1 Arbitrary File Upload Vulnerability |
| WordPress User Photo Component Remote File Upload Vulnerability |
| Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability |
| WordPress Users Ultra Plugin 1.5.50 - Blind SQL injection |
| WordPress Users Ultra Plugin 1.5.50 - Persistent XSS |
| WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload |
| WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload |
| WordPress Video Gallery 2.7 SQL Injection |
| WordPress Video Gallery 2.7 SQL Injection |
| Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability |
| Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities |
|
| Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities |
| Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities |
| Wordpress W3 Total Cache PHP Code Execution |
| WordPress Website FAQ Plugin v1.0 SQL Injection |
| WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation |
|
| Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload |
| WordPress WP Advanced Comment Plugin 0.10 - Persistent XSS |
| WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection |
| WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS |
| Wordpress WP Marketplace Plugin 1.5.0 1.6.1 Arbitrary File Upload |
| Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit |
| WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload |
| Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability |
| Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability |
| Wordpress wp-gpx-map version 1.1.21 Arbitrary File Upload Vulnerability |
| WordPress WP-Predict Plugin v1.0 Blind SQL Injection |
| Wordpress WPProperty Plugin 1.35.0 Arbitrary File Upload |
| Wordpress WP-SendSMS Plugin 1.0 - Multiple Vulnerabilities |
| WordPress WPTF Image Gallery 1.03 - Aribtrary File Download |
| Wordpress Wp-TopBar 4.02 Multiple Vulnerabilities |
| Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities |
| Wordpress Zingiri Web Shop Plugin <= 2.4.2 Persistent XSS |
| WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion |
| World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow |
| World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow |
| WP Effective Lead Management v3.0.0 Persistent XSS |
| WP Forum Server 1.6.5 Wordpress Plugin SQL Injection Vulnerability |
| WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities |
| WP-Client 3.8.7 - Stored XSS Vulnerability |
| WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery |
| WPS Office < 2016 - .doc OneTableDocumentStream Memory Corruption |
| WPS Office < 2016 - .ppt drawingContainer Memory Corruption |
| WPS Office < 2016 - .ppt Heap Memory Corruption |
| WPS Office < 2016 - .xls Heap Memory Corruption |
| WPS Office Wpsio.dll - Stack Buffer Overflow Vulnerability |
| WRT120N 1.0.0.7 Stack Overflow |
| WRT120N 1.0.0.7 Stack Overflow |
| WS10 Data Server SCADA Exploit Overflow PoC |
| WSO2 Carbon 4.4.5 - (Denial of Service) CSRF |
| WSO2 Carbon 4.4.5 - Local File Inclusion |
| WSO2 Carbon 4.4.5 - Stored XSS |
| WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities |
| Wyse Machine Remote Power off (DOS) without any privilege |
| X2CRM 3.4.1 - Multiple Vulnerabilities |
| X2CRM 3.4.1 - Multiple Vulnerabilities |
| X2Engine 4.2 - Arbitrary File Upload |
| X2Engine 4.2 - CSRF Vulnerability |
| X360 VideoPlayer ActiveX Control Buffer Overflow |
| x64 Linux egghunter in 24 bytes |
| X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution |
| X7 Chat 2.0.5.1 CSRF Add Admin Exploit |
| x86 Windows Null-Free Download & Run via WebDAV Shellcode (96 bytes) |
| x86_64 Linux Polymorphic Execve-Stack - 47 bytes |
| x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version |
| x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version v2 |
| x86_64 Linux xor/not/div Encoded execve Shellcode |
| XAMPP 1.8.1 (lang.php, WriteIntoLocalDisk method) - Local Write Access Vulnerability |
| XAMPP 1.8.1 (lang.php, WriteIntoLocalDisk method) - Local Write Access Vulnerability |
|
| XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities |
| XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities (XSS & CSRF) |
| XAMPP Control Panel - Denial Of Service |
| XAMPP for Windows 1.8.2 - Blind SQL Injection |
| XAMPP for Windows 1.8.2 - Blind SQL Injection |
| XCart 5.2.6 - Code Execution Vulnerability |
| Xceedium Xsuite - Multiple Vulnerabilities |
| XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities |
| Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution |
| Xeams Email Server 4.4 Build 5720 Stored XSS |
| xEpan 1.0.1 - CSRF Vulnerability |
| xEpan 1.0.1 - CSRF Vulnerability |
| Xerox DocuShare - SQL Injection |
| Xerox Multifunction Printers (MFP) "Patch" DLM Vulnerability |
| Xfinity Gateway - Cross-Site Request Forgery |
| Xfinity Gateway - Remote Code Execution |
| Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery |
| XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC |
| XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting |
| Xibo 1.2.2 and 1.4.1 (index.php, p param) - Directory Traversal Vulnerability |
| Xion Audio Player <= 1.5 (build 160) - .mp3 Crash PoC |
| Xion Audio Player 1.5 build 155 Stack Based Buffer Overflow |
| Xitami Web Server 5.0a0 - Denial of Service |
| Xivo 1.2 Arbitrary File Download |
| XM Easy Personal FTP Server <= v5.30 Remote Format String Write4 Exploit |
| XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability |
| XM Easy Personal FTP Server 5.8.0 (TYPE) Denial Of Service |
| XMPlay 3.8.1.12 - .pls Local Crash PoC |
| XnView 1.92.1 Command-Line Arguments Buffer Overflow Vulnerability |
| XnView 1.99.1 JLS File Decompression Heap Overflow |
| XnView 2.03 (.PCT) - Buffer Overflow Vulnerability |
| XnView ECW Image Processing Heap Overflow |
| XnView FlashPix Image Processing Heap Overflow |
| XnView RAS Image Processing Heap Overflow |
| XODA 0.4.5 Arbitrary PHP File Upload Vulnerability |
| XODA Document Management System v0.4.5 XSS & Arbitrary File Upload |
| XOOPS 2.5.4 Multiple XSS Vulnerabilities |
| Xoops 2.5.7.2 - Arbitrary User Deletions CSRF |
| Xoops 2.5.7.2 - Directory Traversal Bypass |
| XOS Shop 1.0 rc7o (redirect.php, goto param) - SQL Injection Vulnerability |
| Xpient Cash Drawer Operation Vulnerability |
| xRadio 0.95b (.xrl) Local Buffer Overflow (SEH) |
| XRMS - Blind SQL Injection and Command Execution |
| xt:Commerce <= v3.04 SP2.1 Time Based Blind SQL Injection |
| xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability |
| XWiki 4.2-milestone-2 Multiple Stored XSS Vulnerabilities |
| xWPE 1.5.30a-2.1 - Local Buffer Overflow |
| Yasr Screen Reader 0.6.9 - Local Buffer Overflow |
| Yeager CMS 1.2.1 - Multiple Vulnerabilities |
| YeaLink IP Phone Firmware <=9.70.0.100 Unauthenticated Phone Call Vulnerability |
| Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability |
|
| Yealink VoIP Phone SIP-T38G - Default Credentials |
|
| Yealink VoIP Phone SIP-T38G - Local File Inclusion |
|
| Yealink VoIP Phone SIP-T38G - Privileges Escalation |
|
| Yealink VoIP Phone SIP-T38G - Remote Command Execution |
| YESWIKI 0.2 - Path Traversal Vulnerability |
| Yii Framework 1.1.8 Search SQL Injection Vulnerability |
| Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow |
| Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow |
| YourMembers Plugin - Blind SQL Injection |
| YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Cross Site Scripting |
| YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site... |
| Zabbix 2.0 - 3.0.3 - SQL Injection |
| Zabbix 2.0.1 and Earlier Session Extractor 0day |
| Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF) |
| Zabbix 2.0.8 SQL Injection and Remote Code Execution |
| Zabbix 2.0.8 SQL Injection and Remote Code Execution |
| Zabbix 2.2.x, 3.0.x - SQL Injection |
| Zabbix Authenticated Remote Command Execution |
| Zabbix Authenticated Remote Command Execution |
| Zabbix Server Arbitrary Command Execution |
| Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities |
| ZCMS 1.1 - Multiple Vulnerabilities |
| ZeewaysCMS - Multiple Vulnerabilities |
| Zemra Botnet CnC Web Panel Remote Code Execution |
| Zen Cart 1.5.4 - Local File Inclusion |
| Zenbership 107 - Multiple Vulnerabilities |
| Zend Framework / zend-mail < 2.4.11 - Remote Code Execution |
| Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities |
| Zenphoto 1.4.10 - Local File Inclusion |
| Zenphoto 1.4.11 - Remote File Inclusion |
| Zenphoto 1.4.3.3 Multiple Vulnerabilities |
| ZenPhoto 1.4.8 - Multiple Vulnerabilities |
| ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability |
| ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability |
| ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability |
|
| ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation |
| ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure Vulnerability |
| ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure Vulnerability |
| ZeusCart 4.0 - CSRF Vulnerability |
| ZeusCart 4.0 - SQL Injection |
| Zeuscart v.4 - Multiple Vulnerabilities |
| zFTP Client 20061220 - (Connection Name) Local Buffer Overflow |
| ZHONE < S3.0.501 - Multiple Vulnerabilities |
| Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities |
| Zikula CMS <= 1.2.4 CSRF Vulnerability |
| Zimbra 0day exploit / Privilegie escalation via LFI |
| Zimbra 8.0.9 GA - CSRF Vulnerability |
| Zimplit CMS 3.0 - Multiple Vulnerabilities |
| Zimplit CMS 3.0 - Multiple Vulnerabilities |
| ZineBasic 1.1 - Arbitrary File Disclosure |
| ZIP Password Recovery Professional 5.1 (.zip) - Crash POC |
| ZIP Password Recovery Professional 5.1 (.zip) - Crash POC |
| ZIPBOX media (album.php) SQL Injection Vulnerability |
| ZipItFast PRO v3.0 Heap Overflow Exploit |
| ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation |
| ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting |
| ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery |
| ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass |
| ZKTeco ZKBioSecurity 3.0 - Directory Traversal |
| ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution |
| ZKTeco ZKTime.Net 3.0.1.6 - Insecure File Permissions Privilege Escalation |
| ZOC Terminal Emulator 7 - (Quick Connection) Crash PoC |
| Zone Rouge CMS 2012 - SQL Injection Vulnerability |
| ZoneMinder Video Server packageControl Command Execution |
| Zoner Photo Studio v15 Build 3 (Zps.exe) Registry Value Parsing Exploit |
| Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities |
| Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities |
| Zope Management Interface 4.3.7 - CSRF Vulnerabilities |
| Zortam Mp3 Media Studio 20.15 - SEH Overflow DoS |
| Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation |
| ZPanel <= 10.0.1 CSRF, XSS, SQLi, Password Reset |
| ZPanel 10.0.0.2 htpasswd Module Username Command Execution |
| Zpanel Remote Unauthenticated RCE |
| ZSNES 1.51 - Buffer Overflow |
| ZTE AC 3633R USB Modem Multiple Vulnerabilities |
| ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities |
|
| ZTE and TP-Link RomPager - DoS Exploit |
| ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Stored XSS Vulnerability |
| ZTE PC UI USB Modem Software - Buffer Overflow |
|
| ZTE WXV10 W300 - Multiple Vulnerabilities |
| ZTE ZXDSL 831CII - Insecure Direct Object Reference |
| ZTE ZXDSL-931VII - Unauthenticated Configuration Dump |
| ZTE ZXHN H108N R1A, ZXV10 W300 Routers - Multiple Vulnerabilities |
| ZTE ZXV10 W300 Router - Hardcoded Credentials |
| ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability |
|
| Zurmo CRM - Persistent XSS Vulnerability |
| Z-Vote 1.1 Wordpress Plugin SQL Injection Vulnerability |
| ZYCOO IP Phone System - Remote Command Execution |
|
| Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerability |
| ZyXEL PMG5318-B20A - OS Command Injection Vulnerability |
|