Exploits

日期	标题	类型	平台	作者
2011-01-08	Linux Kernel < 2.6.34 (Ubuntu 10.10 x86/x64) - 'CAP_SYS_ADMIN' Local Privilege Escalation (2)	local	linux	Joe Sylve
2011-01-08	Redmine SCM Repository 0.9.x/1.0.x – Arbitrary Command Execution (Metasploit)	webapps	linux	Metasploit
2011-01-08	WordPress Plugin mingle forum 1.0.26 – Multiple Vulnerabilities	webapps	php	Charles Hooper
2011-01-08	Apple QuickTime 7.6.6 – Invalid SMIL URI Buffer Overflow (Metasploit)	remote	windows	Metasploit
2011-01-08	sahana agasti 0.6.5 – Multiple Vulnerabilities	webapps	php	dun
2011-01-08	Apple QuickTime 7.6.7 – _Marshaled_pUnk Code Execution (Metasploit)	local	windows	Metasploit
2011-01-08	Winamp 5.5.8 (in_mod plugin) – Local Stack Overflow (SEH)	local	windows	fdiskyou
2011-01-08	Fonality trixbox CE 2.6.1 – ‘langChoice’ Local File Inclusion (Metasploit)	webapps	php	Metasploit
2011-01-08	HP Data Protector Manager 6.11 – RDS Service Remote Denial of Service	dos	windows	Pepelux
2011-01-08	Joostina 1.3 – ‘index.php’ Cross-Site Scripting	webapps	php	MustLive
2011-01-08	Sun Java – Runtime New Plugin docbase Buffer Overflow (Metasploit)	remote	windows	Metasploit
2011-01-08	Elxis CMS 2009.2 – Remote File Inclusion	webapps	php	n0n0x
2011-01-08	axdcms-0.1.1 – Local File Inclusion	webapps	php	n0n0x
2011-01-08	NetSupport Manager Agent – Remote Buffer Overflow (1)	remote	multiple	ikki
2011-01-08	Microsoft IIS/PWS – CGI Filename Double Decode Command Execution (MS01-026) (Metasploit)	remote	windows	Metasploit
2011-01-08	VeryTools VideoSpirit Pro 1.68 – Local Buffer Overflow	local	windows	xsploitedsec
2011-01-08	Signed Applet Social Engineering – Code Execution (Metasploit)	remote	multiple	Metasploit
2011-01-08	Nuance PDF Reader 6.0 – Launch Stack Buffer Overflow (Metasploit)	local	windows	Metasploit
2011-01-08	Mitel Audio and Web Conferencing – Command Injection (Metasploit)	remote	linux	Metasploit
2011-01-08	Zwii 2.1.1 – Remote File Inclusion	webapps	php	Abdi Mohamed
2011-01-07	GNU libc/regcomp(3) – Multiple Vulnerabilities	dos	linux	Maksymilian Arciemowicz
2011-01-07	BS.Player 2.57 – Local Buffer Overflow (SEH Unicode)	local	windows	C4SS!0 G0M3S
2011-01-07	StageTracker 2.5 – Denial of Service	dos	windows	freak_out
2011-01-07	openSite 0.2.2 Beta – Local File Inclusion	webapps	php	n0n0x
2011-01-06	F3Site 2011 alfa 1 – Cross-Site Scripting / Cross-Site Request Forgery	webapps	php	High-Tech Bridge SA
2011-01-06	PHP MicroCMS 1.0.1 – ‘page_text’ Cross-Site Scripting	webapps	php	High-Tech Bridge SA
2011-01-06	Enzip 3.00 – Local Buffer Overflow	local	windows	C4SS!0 G0M3S
2011-01-06	Openfire 3.6.4 – Multiple Cross-Site Request Forgery Vulnerabilities	webapps	jsp	Riyaz Ahemed Walikar
2011-01-06	Lexmark X651de – Printer Ready Message Value HTML Injection	remote	hardware	dave b
2011-01-06	Ignition 1.3 – ‘comment.php’ Local File Inclusion	webapps	php	n0n0x
2011-01-06	Joomla! 1.0.x – ‘ordering’ Cross-Site Scripting	webapps	php	Aung Khant
2011-01-06	PHP MicroCMS 1.0.1 – Cross-Site Request Forgery / Cross-Site Scripting	webapps	php	High-Tech Bridge SA
2011-01-06	Phenotype CMS 3.0 – SQL Injection	webapps	php	High-Tech Bridge SA
2011-01-06	phpMySport 1.4 – SQL Injection / Authentication Bypass / Full Path Disclosure	webapps	php	High-Tech Bridge SA
2011-01-05	Quick Notes Plus 5.0 47 – Multiple DLL Loading Arbitrary Code Executions	remote	windows	d3c0der
2011-01-05	Openfire 3.6.4 – Multiple Cross-Site Scripting Vulnerabilities	webapps	jsp	Walikar Riyaz Ahemed Dawalmalik
2011-01-05	Linux Kernel < 2.6.34 (Ubuntu 10.10 x86) - 'CAP_SYS_ADMIN' Local Privilege Escalation (1)	local	linux_x86	Dan Rosenberg
2011-01-05	BlogEngine.NET 1.6 – Directory Traversal / Information Disclosure	webapps	asp	Deniz Cevik
2011-01-05	Concrete CMS 5.4.1.1 – Cross-Site Scripting / Remote Code Execution	webapps	php	mr_me
2011-01-05	PhpGedView 4.2.3 – Local File Inclusion	webapps	php	dun
2011-01-05	Nucleus 3.61 – Multiple Remote File Inclusions	webapps	php	n0n0x
2011-01-05	WikLink 0.1.3 – ‘getURL.php’ SQL Injection	webapps	php	Aliaksandr Hartsuyeu
2011-01-04	WonderCMS 0.3.3 – ‘editText.php’ Cross-Site Scripting	webapps	php	High-Tech Bridge SA
2011-01-04	Xynph FTP Server 1.0 – USER Denial of Service	dos	windows	freak_out
2011-01-04	S40 CMS 0.4.1 – Cross-Site Request Forgery (Change Admin Password)	webapps	php	pentesters.ir
2011-01-04	Music Animation Machine MIDI Player – Local Buffer Overflow (SEH)	local	windows	Acidgen
2011-01-03	Ace Video Workshop 1.2.0.0 – ‘ir50_lcs.dll’ DLL Loading Arbitrary Code Execution	remote	windows	d3c0der
2011-01-03	PHP 5.3.2 – ‘zend_strtod()’ Floating-Point Value Denial of Service	dos	php	Rick Regan
2011-01-03	OpenLDAP 2.4.x – ‘modrdn’ NULL OldDN Remote Denial of Service	dos	linux	Serge Dubrouski
2011-01-03	Wireshark – ENTTEC DMX Data RLE Buffer Overflow	dos	multiple	non-customers crew