Exploits

日期	标题	类型	平台	作者
2015-07-01	PEAR XML_RPC < 1.3.0 - Remote Code Execution	webapps	php	GulfTech Security
2015-06-30	Novius 5.0.1 – Multiple Vulnerabilities	webapps	php	hyp3rlinx
2015-06-30	Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities	webapps	hardware	SEC Consult
2015-06-30	Adobe Flash Player – Drawing Fill Shader Memory Corruption (Metasploit)	remote	multiple	Metasploit
2015-06-30	C2Box 4.0.0(r19171) – Cross-Site Request Forgery	webapps	asp	Wissam Bashour
2015-06-30	Fiyo CMS 2.0_1.9.1 – SQL Injection	webapps	php	cfreer
2015-06-30	CollabNet Subversion Edge Management 4.0.11 – Local File Inclusion	webapps	linux	otr
2015-06-30	WedgeOS 4.0.4 – Multiple Vulnerabilities	webapps	jsp	Security-Assessment.com
2015-06-30	Watchguard XCS 10.0 – Multiple Vulnerabilities	webapps	php	Security-Assessment.com
2015-06-29	Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)	remote	cgi	Ben Lincoln
2015-06-29	Endian Firewall < 3.0.0 - OS Command Injection	remote	cgi	Ben Lincoln
2015-06-29	XOOPS < 2.0.11 - Multiple Vulnerabilities	webapps	php	GulfTech Security
2015-06-29	Huawei Home Gateway UPnP/1.0 IGD/1.00 – Password Change	webapps	hardware	Fady Mohammed Osman
2015-06-29	Huawei Home Gateway UPnP/1.0 IGD/1.00 – Password Disclosure	webapps	hardware	Fady Mohammed Osman
2015-06-29	DeDeCMS < 5.7-sp1 - Remote File Inclusion	webapps	php	zise
2015-06-27	Havij – OLE Automation Array Remote Code Execution	remote	windows	Mohammad Reza Espargham
2015-06-26	ManageEngine Asset Explorer 6.1 – Persistent Cross-Site Scripting	webapps	windows	Suraj Krishnaswami
2015-06-26	Thycotic Secret Server 8.8.000004 – Persistent Cross-Site Scripting	webapps	multiple	Marco Delai
2015-06-26	Koha 3.20.1 – Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities	webapps	php	Raschin Tavakoli, Bernhard Garn, Peter Aufner & Dimitris Simos
2015-06-26	Koha 3.20.1 – Directory Traversal	webapps	php	Raschin Tavakoli, Bernhard Garn, Peter Aufner & Dimitris Simos
2015-06-26	Koha 3.20.1 – Multiple SQL Injections	webapps	php	Raschin Tavakoli, Bernhard Garn, Peter Aufner & Dimitris Simos
2015-06-26	Apple Mac OSX 10.10.3 (Yosemite) Safari 8.0.x – Crash (PoC)	dos	osx	Mohammad Reza Espargham
2015-06-24	WordPress Plugin Huge-IT Slider 2.7.5 – Multiple Vulnerabilities	webapps	php	i0akiN SEC-LABORATORY
2015-06-24	GeniXCMS 0.0.3 – Cross-Site Scripting	webapps	php	hyp3rlinx
2015-06-24	Vesta Control Panel 0.9.8 – OS Command Injection	webapps	php	High-Tech Bridge SA
2015-06-24	Adobe Flash Player – ShaderJob Buffer Overflow (Metasploit)	remote	multiple	Metasploit
2015-06-24	Microsoft Windows – ClientCopyImage Win32k (MS15-051) (Metasploit)	local	windows	Metasploit
2015-06-24	Joomla! Component com_simpleimageupload – Arbitrary File Upload	webapps	php	CrashBandicot
2015-06-24	GeniXCMS 0.0.3 – ‘register.php’ SQL Injection	webapps	php	cfreer
2015-06-23	Photoshop CC2014 / Bridge CC 2014 – ‘.png’ Parsing Memory Corruption	dos	windows	Francis Provencher
2015-06-23	Photoshop CC2014 / Bridge CC 2014 – ‘.gif’ Parsing Memory Corruption	dos	windows	Francis Provencher
2015-06-23	Paintshop Pro X7 – ‘.gif’ Conversion Heap Memory Corruption ‘LZWMinimumCodeSize’ (Denial of Service)	dos	windows	Francis Provencher
2015-06-23	KMPlayer 3.9.1.136 – Capture Unicode Buffer Overflow (ASLR Bypass)	local	windows	Naser Farhadi
2015-06-23	Seagate Dashboard 4.0.21.0 – Crash (PoC)	dos	windows	HexTitan
2015-06-22	CUPS < 2.0.3 - Multiple Vulnerabilities	remote	multiple	Google Security Research
2015-06-19	Tango FTP 1.0 (Build 136) – Activex HeapSpray	webapps	windows	metacom
2015-06-19	Tango DropBox 3.1.5 + PRO – Activex HeapSpray	webapps	windows	metacom
2015-06-19	HansoPlayer 3.4.0 – Memory Corruption (PoC)	dos	windows	Rajganesh Pandurangan
2015-06-19	WinylPlayer 3.0.3 – Memory Corruption (PoC)	dos	windows	Rajganesh Pandurangan
2015-06-19	Lively Cart – SQL Injection	webapps	multiple	Manish Tanwar
2015-06-19	ZTE ZXV10 W300 v3.1.0c_DR0 – UI Session Delete	webapps	hardware	Vulnerability-Lab
2015-06-19	ManageEngine SupportCenter Plus 7.90 – Multiple Vulnerabilities	webapps	multiple	Vulnerability-Lab
2015-06-17	BlackCat CMS 1.1.1 – Arbitrary File Download	webapps	php	d4rkr0id
2015-06-16	E-Detective Lawful Interception System – Multiple Vulnerabilities	webapps	php	Mustafa Al-Bassam
2015-06-16	TYPO3 Extension Akronymmanager 0.5.0 – SQL Injection	webapps	php	RedTeam Pentesting
2015-06-16	FinePlayer 2.20 – ‘.mp4’ Crash (PoC)	dos	windows	SATHISH ARTHAR
2015-06-16	XtMediaPlayer 0.93 – ‘.wav’ Crash (PoC)	dos	windows	SATHISH ARTHAR
2015-06-16	Apexis IP CAM – Information Disclosure	webapps	hardware	Sunplace Solutions
2015-06-16	Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) – Cross-Site Request Forgery	webapps	php	Jerold Hoong
2015-06-16	Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Privilege Escalation (Access /etc/shadow)	local	linux	rebel