CorelDRAW X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit

Summary Graphic design software for striking visual communication. Description CorelDRAW X3 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extensions are .cmx and .csl thru crlrib.dll library. / CorelDRAW X3...

Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability

Summary Zortam ID3 Tag Editor is all-in-one MP3 organizer application for editing ID3 tags Mp3 ID3 Tag Editor with support for ID3v1 and ID3v2 tags, managing M3u playlists Playlist manager, renaming files Mp3 Renamer using ID3 tags, searching for duplicate Mp3 files, searching and cataloguing Mp3...

Audio Editor Pro 2.91 Remote Memory Corruption PoC

Summary Audio Editor Pro is a visual multifunctional audio files editor for Microsoft Windows. Description MightSOFT Audio Editor Pro is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a malicious MP3 file to execute...

JDKChat v1.5 Remote Integer Overflow PoC

Summary JDKChat is a simple C++ chat server for GNU/Linux systems. Users can connect to it through a simple tcp client like telnet. Description JDKChat is prone to a remote integer-overflow vulnerability. A remote attacker may exploit this issue to execute arbitrary code within the context of the...

Amaya Web Editor 11 Remote SEH Overwrite Exploit

Summary Amaya is a Web editor, i.e. a tool used to create and update documents directly on the Web. Description Amaya Web Editor is prone to a buffer overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage these issue...

Baidu Spark Browser v26.5.9999.3511 Remote Stack Overflow Vulnerability (DoS)

Summary Spark Browser is a free Internet browser with very sharp UIs and cool utilities. It's based on the Chromium technology platform, giving it fast browsing capabilities. Description Spark Browser version 26.5.9999.3511 allows remote attackers to cause a denial of service application crash...

Windu CMS 2.2 CSRF Add Admin Exploit

Summary Windu CMS is a simple, lightweight and fun-to-use website content management software. Description Windu CMS suffers from a cross-site request forgery vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verif...

Aloaha Credential Provider Monitor 5.0.226 Local Privilege Escalation Vulnerability

Summary Aloaha Credential Provider represents one of the most dramatic changes in the Windows Vista / 7 logon screen, making it much easier to implement new user authentication scenarios that are supported by the OS. To be able to logon via Smartcard to a windows machine requires usually the...

phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability

Summary phlyMail offers you an interface in the browser to have access to your emails, contacts, appointments, tasks, files and bookmakrs from anyhwere, where you have internet access. This can be your home, workplace, train station, abroad, offroad, in the woods or your own backyard. Description...

Axis Commerce 0.8.7.2 Remote Script Insertion Vulnerabilities

Summary Powerful open source ecommerce platform. Description Axis Commerce suffers from multiple stored XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and...

NASA Tri-Agency Climate Education (TrACE) v1.0 Multiple XSS Vulnerabilities

Summary The Tri-Agency Climate Education TrACE Catalog provides search and browse access to a catalog of educational products and resources. TrACE focuses on climate education resources that have been developed by initiatives funded through NASA, NOAA, and NSF, comprising a tri-agency collaborati...

Artiphp CMS v5.5.0 Multiple XSS POST Injection Vulnerabilities

Summary Artiphp is a content management system CMS open and free to create and manage your website. Description Artiphp CMS suffers from multiple cross-site scripting vulnerabilities via several parameters thru POST method. Attackers can exploit these weaknesses to execute arbitrary HTML and scri...

Toko Lite CMS 1.5.2 (edit.php) HTTP Response Splitting Vulnerability

Summary Toko Web Content Editor cms is a compact, multi language, open source web editor and content management system CMS. It is advanced easy to use yet fully featured program that can be integrated with any existing site. It takes 2 minuets to install even for non technical users. Description...

Toko Lite CMS 1.5.2 (EditNavBar.php) Multiple Parameters XSS POST Injection

Summary Toko Web Content Editor cms is a compact, multi language, open source web editor and content management system CMS. It is advanced easy to use yet fully featured program that can be integrated with any existing site. It takes 2 minuets to install even for non technical users. Description...

iManager Plugin v1.2.8 (lang) Local File Inclusion Vulnerability

Summary With iManager you can manage your files/images on your webserver, and it provides user interface to most of the phpThumb functions. It works either stand-alone or as a plugin to WYSIWYG editors like tinyMCE, SPAW, htmlAREA, Xinha and FCKeditor. Description iManager suffers from a file...

Ushahidi 2.0.1 (range param) SQL Injection Vulnerability (post-auth)

Summary The Ushahidi Platform is a platform for information collection, visualization and interactive mapping. Description Input passed via the 'range' parameter to dashboard.php is not properly sanitised in application/controllers/admin/dashboard.php before being used in SQL queries. This can be...

Pixelpost 1.7.3 Multiple Persistent Cross-Site Scripting Vulnerabilities

Summary Pixelpost is an open-source, standards-compliant, multi-lingual, fully extensible photoblog application for the web. Anyone who has web-space that meets the requirements can download and use Pixelpost for free! Description Pixelpost is vulnerable to multiple cross-site scripting...

Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities

Summary Oracle OpenSSO is a complete solution that provides Web access management, federated single sign-on and Web services security in a single, self-contained application. Description Oracle OpenSSO suffers from multiple cross-site scripting vulnerabilities when input passed via several...

Sitemagic CMS 2010.04.17 (SMExt) Remote Cross-Site Scripting Vulnerability

Summary Sitemagic CMS is a fantastic new platform for building and maintaining great looking websites. It is very easy to set up and use, and is fully extendable and customizable. Description Sitemagic CMS suffers from a XSS vulnerability when parsing user input to the 'SMExt' parameter via GET...

Pacer Edition CMS 2.1 (l param) Local File Inclusion Vulnerability

Summary The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer Edition CMS was based from Website baker core and has been completely redesigned with a whole new look and feel along with many new advanced features to allow you to build sit...

GAzie 5.10 (Login parameter) Multiple Remote Vulnerabilities

Summary GAzie is a multi-company management program ERP that runs on Apache web server with support for PHP and Mysql database. Open Source web-based application for small and medium enterprises. Description GAzie is prone to a cross-site scripting and an SQL Injection vulnerability because it...

UK One Media CMS (id) Error Based SQL Injection Vulnerability

Summary Content Management System PHP+MySQL. Description UK One Media CMS suffers from an sql injection vulnerability when parsing query from the id param which results in compromising the entire database structure and executing system commands. O / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ /...

Ajaxel CMS 8.0 Multiple Vulnerabilities

Summary Ajaxel CMS is very simple ajaxified CMS and framework for any project needs. Description Ajaxel CMS version 8.0 and below suffers from multiple vulnerabilities inlcuding LFI, XSS, SQL injection and remote code execution via CSRF. Ajaxel CMS 8.0 Multiple Vulnerabilities Vendor: Ajaxel...

Cart Engine 3.0.0 (task.php) Local File Inclusion Vulnerability

Summary Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL. Unique features of Cart Engine include: CMS engine based on our qEngine, product options, custom fields, digital products, search engine friendly URL, user...

Kemana Directory 1.5.6 Remote Code Execution

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

Manx cms.xml 1.0.1 (ajax_get_file_listing.php) Multiple XSS Vulnerabilities

Summary Manx is a Content Management System that uses xml text files to store the page contents, instead of a mysql database. Description Input thru the GET parameters 'limit' and 'searchfolder' in 'ajaxgetfilelisting.php' are not sanitized allowing the attacker to execute HTML code into user's...

Cotonti CMS v0.9.4 Multiple Remote Vulnerabilities

Summary Cotonti is a powerful open-source web development framework and content manager with a focus on security, speed and flexibility. Description Input passed via the parameters 'redirect.php' in 'message.php' and 'w' and 'id' in 'index.php' script are not properly sanitised before being...

Flock Social Web Browser 1.2.5 (loop) Remote Denial of Service Exploit

Summary Flock is a browser. The people here at Flock are committed to building a browser unlike anything you’ve ever experienced before - because we start by focusing on user needs. We take pride in solving for common behaviors on the Web that seem clunky today, and will seem ridiculous tomorrow...

Netlux Antivirus 1.0.1.8 Session Manager Service Privilege Escalation

Summary Netlux Antivirus is an award-winning product that provides comprehensive protection against all types of viruses,trojans,malwares and spywares, secures your data, protects your privacy and ensures your PC remains virus-free. Description The Netlux Antivirus suffers from an unquoted search...

Zurmo CRM 2.8.5 Multiple Reflected Cross-Site Scripting Vulnerabilities

Summary Zurmo is an Open Source Customer Relationship Management CRM application that is mobile, social, and gamified. Description Zurmo CRM suffers from multiple reflected cross-site scripting vulnerabilities. The issues are triggered when input passed via several GET parameters to several scrip...

Kemana Directory 1.5.6 (run param) Local File Inclusion Vulnerability

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

web@all CMS 2.0 (_order) SQL Injection Vulnerability

Summary web@all is a PHP content management system CMS. If you know about it,you nearly can use it to do anything. Description The application suffers from an SQL Injection vulnerability. Input passed via the GET parameter 'order' is not properly sanitised before being returned to the user or use...

11in1 CMS v1.0.1 (do.php) CRLF Injection Vulnerability

Summary Eleven in One is an open-source content management system CMS that is powered by PHP and MySQL. It does not only help you manage your personal blog but also maintain your postings at social networks. By establishing consistency among the data transmitted from and to the blog, this CMS...

Elecard MPEG Player 5.7 Local Buffer Overflow PoC (SEH)

Summary Elecard MPEG Player is a high-quality full-featured multimedia player supporting the newest formats, designed to provide you with video and audio playback. Description The program suffers from a buffer overflow with SEH overwrite vulnerability when opening playlist file .m3u, as a result ...

Google Chrome Browser 0.2.149.27 Denial of Service Exploit

Summary Google Chrome is a web browser that runs web pages and applications with lightning speed. Description An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link,...

Squirrelcart v3.5.4 (table) Remote Cross-Site Scripting Vulnerability

Summary Squirrelcart PHP Shopping Cart software is a fully customizable, robust php shopping cart, designed with the advanced developer and web novice in mind. Description Squirrelcart suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'table' GET parameter ...

Sony PC Companion 2.1 (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overload

Summary PC Companion is a computer application that acts as a portal to Sony Xperia and operator features and applications, such as phone software updates, management of contacts and calendar, media management with Media Go, and a backup and restore feature for your phone content. Description The...

SQL Buddy 1.3.3 (GET/POST) Multiple Remote Cross-Site Scripting Vulnerabilities

Summary SQL Buddy is an open source web based MySQL administration application. Description SQL Buddy suffers from a XSS vulnerability when parsing user input to the 'DATABASE', 'HOST' and 'USER' parameters via POST method in 'login.php', and the 'db' parameter in 'dboverview.php' via GET method...

Online Grades 3.2.5 Multiple XSS Vulnerabilities

Summary Online Grades is the leading free-software project that allows K-12+ student grades attendance information to be posted onto a dynamic web site. Description Online Grades suffers from multiple cross-site scripting vulns. The issue is triggered when input passed via multiple parameters to...

Tugux CMS 1.2 (pid) Remote Arbitrary File Deletion Vulnerability

Summary Tugux CMS is a free, open-source content Management system CMS and application that powers the entire web. Description Input passed to the 'pid' parameter in administrator/deletepageparse.php is not properly sanitised before being used to delete files. This can be exploited to delete file...

ExtCalendar 2.0 Beta 2 (upgrade.php) Remote XSS Vulnerability

Summary ExtCalendar is a powerful multi-user web-based calendar application. Features include Multi-Languages, Themes, Recurrent Events, Categories, Users and Groups management, Environment and General Settings, Template Configuration, Product Updates. Description ExtCalendar is prone to a...

QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)

Summary QtWeb is compact, portable and secure web browser having some unique UI and privacy features. QtWeb is an open source project based on Nokia's Qt framework former Trolltech and Apple's WebKit rendering engine the same as being used in Apple Safari and Google Chrome. Description QtWeb...

Tugux CMS 1.2 Multiple Remote Vulnerabilities

Summary Tugux CMS is a free, open-source content Management system CMS and application that powers the entire web. Description The application suffers from multiple issues including: reflected and stored xss, sql Injection, local file inclusion, url redirection. Vulnerable parameters include:...

Xplico 0.5.7 (add.ctp) Remote XSS Vulnerability

Summary The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer...

Unsniff Network Analyzer 1.0 (usnf) Local Heap Overflow PoC

Summary Dont just look at hex dumps and protocol trees. With Unsniff Network Analyzer, you can view network traffic at various levels of detail. View high level objects like images, video, HTML pages, VOIP calls, drill down to individual TCP sessions, then onto reassembled PDUs, then finally to...

Got All Media 7.0.0.3 (t00t) Remote Denial of Service Exploit

Summary Got All Media is a Home theater PC application for Microsoft Windows platforms. Description Got All Media is exposed to a remote denial of service issue when processing URI requests. This issue occurs when the application handles an HTTP GET request over TCP port 5550. !/usr/local/bin/per...

Monstra 1.2.1 Multiple HTML Injection Vulnerabilities

Summary Monstra is fast and small content management system written in PHP! It's free, open source and easy to use from the start! Description Monstra suffers from multiple stored XSS vulnerabilities when parsing user input to the 'menuitemlink', 'menuitemname' and 'pagetitle' parameters via POST...

MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability

Summary MantisBT is a free popular web-based bugtracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a webserver. MantisBT has been installed on Windows, Linux, Mac OS, OS/2, and others. Almost any web browser should be able to...

J. River Media Jukebox 12 MP3 File Handling Remote Heap Overflow PoC

Summary Media Jukebox 12 is a media player application for playing various media files on a Windows machine. Description Media Jukebox 12 suffers from a heap overflow vulnerability when processing .mp3 files and its metadata ID3 tags. When a malicious .mp3 file is played the application pops out ...

WFTPD Pro Server 3.30.0.1 (pre auth) Multiple Remote Denial of Service Vulnerabilities

Summary Professional FTP server for Windows NT / 2000 / XP / 2003. Description WFTPD Pro Server 3.30.0.1 suffers from multiple remote vulnerabilities which resolves in denial of service. Several commands are vulnerable including: LIST, MLST, NLST, NLST -al, STAT and maybe more. This issue is...