Exploits

日期	标题	类型	平台	作者
2010-11-25	VMware 2 Web Server – Directory Traversal	remote	multiple	clshack
2010-11-25	Frog CMS 0.9.5 – Multiple Vulnerabilities	webapps	php	High-Tech Bridge SA
2010-11-25	Wolf CMS 0.6.0b – Multiple Vulnerabilities	webapps	php	High-Tech Bridge SA
2010-11-24	Mambo – Cache_Lite Class MosConfig_absolute_path Remote File Inclusion (Metasploit)	webapps	php	Metasploit
2010-11-24	Symantec AppStream LaunchObj – ActiveX Control Arbitrary File Download and Execute (Metasploit)	remote	windows	Metasploit
2010-11-24	FreeNAS – ‘exec_raw.php’ Arbitrary Command Execution (Metasploit)	webapps	php	Metasploit
2010-11-24	Microsoft Windows Vista/7 – Local Privilege Escalation (UAC Bypass)	local	windows	noobpwnftw
2010-11-24	Cain & Abel 4.9.24 – RDP Buffer Overflow (Metasploit)	local	aix	Metasploit
2010-11-24	Novell NetIdentity Agent – XTIERRPCPIPE Named Pipe Buffer Overflow (Metasploit)	remote	windows	Metasploit
2010-11-24	Free Simple Software – SQL Injection	webapps	php	Mark Stanislav
2010-11-24	WSN Links – SQL Injection	webapps	php	Mark Stanislav
2010-11-24	Adobe RoboHelp Server 8 – Arbitrary File Upload / Execution (Metasploit)	remote	multiple	Metasploit
2010-11-24	Oracle 10gR2 – TNS Listener AUTH_SESSKEY Buffer Overflow (Metasploit)	remote	windows	Metasploit
2010-11-24	phpvidz 0.9.5 – Administrative Credentials Disclosure	webapps	php	Michael Brooks
2010-11-24	ColdFusion 8.0.1 – Arbitrary File Upload / Execution (Metasploit)	webapps	cfm	Metasploit
2010-11-24	Zenturi ProgramChecker – ActiveX Control Arbitrary File Download (Metasploit)	remote	windows	Metasploit
2010-11-24	Microsoft Visual Studio – Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit)	remote	windows	Metasploit
2010-11-24	Realtek Media Player Playlist – Remote Buffer Overflow (Metasploit)	remote	windows	Metasploit
2010-11-24	Oracle 8i – TNS Listener SERVICE_NAME Buffer Overflow (Metasploit)	remote	windows	Metasploit
2010-11-24	Getsimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure	webapps	php	Michael Brooks
2010-11-24	SimpLISTic SQL 2.0 – ’email.cgi’ Cross-Site Scripting	webapps	cgi	Aliaksandr Hartsuyeu
2010-11-24	Oracle 8i – TNS Listener ‘ARGUMENTS’ Remote Buffer Overflow (Metasploit)	remote	windows	Metasploit
2010-11-24	Wireshark – LWRES Dissector getaddrsbyname_request Buffer Overflow (Loop) (Metasploit)	remote	multiple	Metasploit
2010-11-24	D-Link DIR-300 – WiFi Key Security Bypass	remote	hardware	Gaurav Saha
2010-11-24	Zinf Audio Player 2.2.1 – ‘.pls’ Local Stack Buffer Overflow (Metasploit)	local	windows	Metasploit
2010-11-24	Motorola Timbuktu Pro – Directory Traversal / Arbitrary File Upload (Metasploit)	remote	windows	Metasploit
2010-11-24	Linux Kernel 2.6.x – ‘inotify_init()’ Memory Leak Local Denial of Service	dos	linux	Vegard Nossum
2010-11-24	Hewlett-Packard (HP) Power Manager Administration – Remote Buffer Overflow (Metasploit)	remote	windows	Metasploit
2010-11-24	America Online ICQ – ActiveX Control Arbitrary File Download and Execute (Metasploit)	remote	windows	Metasploit
2010-11-24	DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) – SCPC_TXTEVENT Buffer Overflow (Metasploit)	remote	windows	Metasploit
2010-11-24	BASE – ‘base_qry_common’ Remote File Inclusion (Metasploit)	webapps	php	Metasploit
2010-11-24	Symantec Altiris Deployment Solution – ActiveX Control Arbitrary File Download and Execute (Metasploit)	remote	windows	Metasploit
2010-11-23	PHPmotion 1.62 – ‘FCKeditor’ Arbitrary File Upload	webapps	php	trycyber
2010-11-23	ImageShack Toolbar 4.8.3.75 – Remote Code Execution	remote	windows	Rew
2010-11-23	Netcraft Toolbar 1.8.1 – Remote Code Execution	remote	windows	Rew
2010-11-23	ZYXEL P-660R-T1 V2 – ‘HomeCurrent_Date’ Cross-Site Scripting	webapps	multiple	Usman Saeed
2010-11-23	Xion Audio Player 1.0.127 – ‘.m3u’ Local Buffer Overflow	local	windows	0v3r
2010-11-23	Xion Audio Player 1.0.126 – ‘.m3u8’ Buffer Overflow	dos	windows	anT!-Tr0J4n
2010-11-23	PoPToP – Negative Read Overflow (Metasploit)	remote	linux	Metasploit
2010-11-22	jSchool Advanced – Blind SQL Injection	webapps	php	Don Tukulesto
2010-11-22	AuraCMS 1.62 – ‘pfd.php’ SQL Injection	webapps	php	Don Tukulesto
2010-11-22	Novell ZENworks Configuration Management 10.2.0 – Remote Execution (Metasploit)	remote	multiple	Metasploit
2010-11-22	Apache Tomcat 7.0.4 – ‘sort’ / ‘orderBy’ Cross-Site Scripting	remote	linux	Adam Muntner
2010-11-22	Apple iOS 4.0.2 – Networking Packet Filter Rules Privilege Escalation	local	ios	Apple
2010-11-22	Acidcat CMS 3.3 – ‘FCKeditor’ Arbitrary File Upload	webapps	asp	Net.Edit0r
2010-11-22	Hot Links SQL 3.2 – ‘report.cgi’ SQL Injection	webapps	cgi	Aliaksandr Hartsuyeu
2010-11-22	JCMS 2010 – File Download	webapps	jsp	Beach
2010-11-21	cPanel 11.x – Cross-Site Request Forgery (Edit E-mail)	webapps	php	Mon7rF .
2010-11-21	sahitya graphics CMS – Multiple Vulnerabilities	webapps	php	Dr.0rYX & Cr3W-DZ
2010-11-20	vBulletin 4.0.8 PL1 – Cross-Site Scripting Filter Bypass within Profile Customization	webapps	php	MaXe