· 6 years ago · Aug 11, 2019, 02:31 AM
1######################################################################################################################################
2=======================================================================================================================================
3Hostname www.itc.sa ISP Integrated Telecom Co. Ltd
4Continent Asia Flag
5SA
6Country Saudi Arabia Country Code SA
7Region Ar Riyāḑ Local time 11 Aug 2019 03:35 +03
8City Riyadh Postal Code Unknown
9IP Address 87.101.237.176 Latitude 24.654
10 Longitude 46.715
11=======================================================================================================================================
12###################################################################################################################################
13> www.itc.sa
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: www.itc.sa
19Address: 87.101.237.176
20>
21###################################################################################################################################
22[+] Target : www.itc.sa
23
24[+] IP Address : 87.101.237.176
25
26[+] Headers :
27
28[+] Date : Sun, 11 Aug 2019 00:40:55 GMT
29[+] Strict-Transport-Security : max-age=31536000; includeSubDomains
30[+] X-XSS-Protection : 1; mode=block
31[+] Feature-Policy : microphone 'none'; camera 'none'
32[+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
33[+] Cache-Control : max-age=420, private, must-revalidate
34[+] Pragma : no-cache
35[+] Vary : Accept-Encoding
36[+] X-Content-Type-Options : nosniff
37[+] X-Frame-Options : sameorigin
38[+] Set-Cookie : PHPSESSID=k0ee3n2f3dgpph3fvqjhu662u1; path=/;HttpOnly;Secure, returned_id=k0ee3n2f3dgpph3fvqjhu662u1; expires=Tue, 10-Sep-2019 00:40:55 GMT; Max-Age=2592000; path=/;HttpOnly;Secure, TS01dd26aa=01f8c9064aa1890f66a47187d829b1238171bd8b709d42a396be7ba07fb524f9a6e2f5b78c28280806d76bc2b644751c725807fa85406269af6f72fd2a31410717694a67e8737b750d49cb46277aefebc5769a23aa; Path=/
39[+] Referrer-Policy : no-referrer
40[+] Content-Security-Policy : default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooUfgmfMzXHn8V/LCZTcIQBU3XFqVkK8=' 'sha256-VpOKdtFDISwXiwgegA345SqvugVuKTA3o2S53KAXtt8=' 'sha256-P5p38TxEjZGA5k6M78spwOAZzHjntyP2k/DMoqXV48k=' 'sha256-r62rLxZl48Zyuj4fHKMKS+TfD4c3pU0hc3BbdLaEEOY=' 'sha256-ACEkP2XULBf9Zp9k76Loo6R7B/iEWfkw5pNFXkcbjZU=' 'sha256-uGDzonOcCvFSdGsiRLB6iG94GJhmxw2uGRGnXn90UPs=' https://count-server.sharethis.com 'sha256-b4TI5hIIWKz/xnCNlh8loO1SWLmCjkx6Kd3WLj/n32o=' 'sha256-03nbCpfhyeVMeQbOr8ykEacbAwe/aQVoQaLOb4cJX/U=' 'sha256-kSlJ76SQHyMk+q3334n5wHu33X2OJf5V2GTluOGf+h8=' 'sha256-uHxmazd16CVS3VYLXXI7tLrMPtIKAhkVDHG+sS4C2+g=' 'sha256-HLmlzNlSz3oV+FqveJiUwHHu/ShxC+uVAAeUrAQNxvw=' 'sha256-PCc7FOmIZsyqzWzKaiA3cpjkc5mwsxvM3sE3a7pGLZQ=' 'sha256-r4SSJf6iITeO2atGDRojQDXqbZwpKwyd1f17Y0Y88Ns=' 'sha256-AC2JZwSNxK/4bzBki9Yt/JIlLRWCZ9WLOWilGladwHQ=' 'sha256-bRMiWiBUXpsFoGwAFn3X9+WQvCi8J6B8TOFtnT5Q5rk=' 'sha256-6lIRk+UvZ9BDWjZkxH83EeP4o2fbJqYqrqlumoUcUqU=' 'sha256-/qdLEDoPtZ0l4PtwG/VbTEhLG5D+Gzgab4CvjPhl5Y4=' 'sha256-SIixnAOZ2DRyopWknxHXQPQuyfuAZfEp/cVfoJQEKu8=' 'sha256-fvBL/aZkHR0+h3GidTXUCfqviTWqEO2pONkcN3RfSy8=' 'sha256-cgcQ9nhMbFV1FKgsdIDOWI+MJFxAl5vppIJ8sYJE6cs=' 'sha256-TN3nkEBMFAf2X7nb+zm4c2P7HWZLrt4KOPvimJKY3zg=' 'sha256-ojR6q934236ZjwN5Kwpu+XK0JqThukmcp/2g4PDGeuI=' 'sha256-ZSWMSKn5Y//zw1vv5f8UpkRZktv4l40BSH7sZolwpzo=' 'sha256-hlTP9Ywu8V7HiqPIwYg5AeE+kSmojSDnhse7r5u+pxA=' 'sha256-eO3XWXcOCORVx5+I8ZX8sE7A9qfjmsMveHCujrsDTWs=' 'sha256-4A+BUlf84VhaqCCxfqgzAUzmgDdjTi3e4BmArbM6cso=' 'sha256-+Kml4mjPrSghfgf9Tk67m24StDFwIiNINWgU0Q6efJ8=' 'sha256-/NxgWha3UVGsyLnK3/BatzGh2/66EvCiu148GHuB0G8=' 'sha256-v8rg2ZV8VyTk4lOP9eHM43/x/XUVUlImRs0kmKVHTNo=' 'sha256-V6FUnhWYFEYbVnTafFXgVRUAO61RJHv8y3yhT1YAgLE=' 'sha256-ROoZyMc0+9lURn8uEVd0iP0462V3mjA6v/heB944REk=' 'sha256-FnhpGtRPL+Zo+1b38kfG8HrhwN72AMBefOJOShAf7n8=' 'sha256-9yIlnrvtByxQcr3OnYqsrfEjWIwel+msyLPFKQoUPqE=' 'sha256-K6F4+zFHRFEQ8gQFlnkRTgIcXBhzoLcoVOwFm0+bGRs=' 'sha256-Hrl3qLdfcs8ALE1wWVgL7D7shOGuXrw+9luIq6BLu3s=' 'sha256-L5EtqrYrNe+1osmvE2/L5G8kg5bYN93DWTdIHtIaiXg=' 'sha256-xVn1oeFW/SiAtmBXSVDnkOaT+VrzZjtKPKqc21Fqo+4=' https://kit.fontawesome.com https://www.googletagmanager.com/ https://t.sharethis.com https://dhqbrvplips7x.cloudfront.net https://www.gstatic.com https://www.google.com https://www.google-analytics.com https://platform-api.sharethis.com https://apps.mypurecloud.ie https://buttons-config.sharethis.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://kit-free.fontawesome.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; img-src 'self' data: https://l.sharethis.com https://platform-cdn.sharethis.com https://s3.amazonaws.com https://www.itc.sa https://stats.g.doubleclick.net https://www.google-analytics.com https://maps.gstatic.com https://maps.googleapis.com https://itc.sa; font-src 'self' data: https://kit-free.fontawesome.com https://use.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; frame-src 'self' https://t.sharethis.com https://www.youtube.com https://apps.mypurecloud.ie https://c.sharethis.mgr.consensu.org
41[+] Connection : close
42[+] Content-Type : text/html; charset=UTF-8
43[+] Content-Encoding : gzip
44[+] Transfer-Encoding : chunked
45
46[+] SSL Certificate Information :
47
48[+] countryName : SA
49[+] stateOrProvinceName : Ar Riyad
50[+] localityName : Riyadh
51[+] organizationName : Integrated Telecom Company
52[+] commonName : *.itc.sa
53[+] countryName : US
54[+] organizationName : DigiCert Inc
55[+] commonName : DigiCert SHA2 Secure Server CA
56[+] Version : 3
57[+] Serial Number : 0384BCF7DC3122BF99477871BCBDD283
58[+] Not Before : Jun 7 00:00:00 2018 GMT
59[+] Not After : Apr 15 12:00:00 2020 GMT
60[+] OCSP : ('http://ocsp.digicert.com',)
61[+] subject Alt Name : (('DNS', '*.itc.sa'), ('DNS', 'itc.sa'))
62[+] CA Issuers : ('http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt',)
63[+] CRL Distribution Points : ('http://crl3.digicert.com/ssca-sha2-g6.crl', 'http://crl4.digicert.com/ssca-sha2-g6.crl')
64
65[+] Whois Lookup :
66
67[+] NIR : None
68[+] ASN Registry : ripencc
69[+] ASN : 35753
70[+] ASN CIDR : 87.101.237.0/24
71[+] ASN Country Code : SA
72[+] ASN Date : 2005-10-03
73[+] ASN Description : ITC ITC AS number, SA
74[+] cidr : 87.101.237.0/24
75[+] name : INFRASTRUCTURE3
76[+] handle : IR1052-RIPE
77[+] range : 87.101.237.0 - 87.101.237.255
78[+] description : Integrated Telecom Co. Ltd
79[+] country : SA
80[+] state : None
81[+] city : None
82[+] address : Integrated Telecom Co. Ltd
83Dhabab street
8411492 Riyadh
85Saudi Arabia
86[+] postal_code : None
87[+] emails : ['abuse@itc.sa']
88[+] created : 2010-08-15T12:37:25Z
89[+] updated : 2010-08-15T12:37:25Z
90
91[+] Crawling Target...
92
93[+] Looking for robots.txt........[ Not Found ]
94[+] Looking for sitemap.xml.......[ Not Found ]
95[+] Extracting CSS Links..........[ 15 ]
96[+] Extracting Javascript Links...[ 7 ]
97[+] Extracting Internal Links.....[ 0 ]
98[+] Extracting External Links.....[ 0 ]
99[+] Extracting Images.............[ 5 ]
100
101[+] Total Links Extracted : 27
102
103[+] Dumping Links in /opt/FinalRecon/dumps/www.itc.sa.dump
104[+] Completed!
105#####################################################################################################################################
106[+] Starting At 2019-08-10 20:41:32.042303
107[+] Collecting Information On: https://www.itc.sa/en/
108[#] Status: 200
109--------------------------------------------------
110[+] Xss Protection Detected !
111- Date: Sun, 11 Aug 2019 00:41:36 GMT
112- Strict-Transport-Security: max-age=31536000; includeSubDomains
113- X-XSS-Protection: 1; mode=block
114- Feature-Policy: microphone 'none'; camera 'none'
115- Expires: Thu, 19 Nov 1981 08:52:00 GMT
116- Cache-Control: max-age=420, private, must-revalidate
117- Pragma: no-cache
118- Vary: Accept-Encoding
119- X-Content-Type-Options: nosniff
120- X-Frame-Options: sameorigin
121- Set-Cookie: PHPSESSID=1tpde3olfhsk5dt6l1ggio3eb4; path=/;HttpOnly;Secure, returned_id=1tpde3olfhsk5dt6l1ggio3eb4; expires=Tue, 10-Sep-2019 00:41:36 GMT; Max-Age=2592000; path=/;HttpOnly;Secure, TS01dd26aa=01f8c9064a1e5372ff51ec3142439b2040582127861615b51eb425bc93e9aaeb5662b7290c8dd15719242d648883e121091b847bf074a559f6cc9cf7829739d1fbb4647ef08e2a071a638c6776ea12c65f7cc70622; Path=/
122- Referrer-Policy: no-referrer
123- Content-Security-Policy: default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooUfgmfMzXHn8V/LCZTcIQBU3XFqVkK8=' 'sha256-VpOKdtFDISwXiwgegA345SqvugVuKTA3o2S53KAXtt8=' 'sha256-P5p38TxEjZGA5k6M78spwOAZzHjntyP2k/DMoqXV48k=' 'sha256-r62rLxZl48Zyuj4fHKMKS+TfD4c3pU0hc3BbdLaEEOY=' 'sha256-ACEkP2XULBf9Zp9k76Loo6R7B/iEWfkw5pNFXkcbjZU=' 'sha256-uGDzonOcCvFSdGsiRLB6iG94GJhmxw2uGRGnXn90UPs=' https://count-server.sharethis.com 'sha256-b4TI5hIIWKz/xnCNlh8loO1SWLmCjkx6Kd3WLj/n32o=' 'sha256-03nbCpfhyeVMeQbOr8ykEacbAwe/aQVoQaLOb4cJX/U=' 'sha256-kSlJ76SQHyMk+q3334n5wHu33X2OJf5V2GTluOGf+h8=' 'sha256-uHxmazd16CVS3VYLXXI7tLrMPtIKAhkVDHG+sS4C2+g=' 'sha256-HLmlzNlSz3oV+FqveJiUwHHu/ShxC+uVAAeUrAQNxvw=' 'sha256-PCc7FOmIZsyqzWzKaiA3cpjkc5mwsxvM3sE3a7pGLZQ=' 'sha256-r4SSJf6iITeO2atGDRojQDXqbZwpKwyd1f17Y0Y88Ns=' 'sha256-AC2JZwSNxK/4bzBki9Yt/JIlLRWCZ9WLOWilGladwHQ=' 'sha256-bRMiWiBUXpsFoGwAFn3X9+WQvCi8J6B8TOFtnT5Q5rk=' 'sha256-6lIRk+UvZ9BDWjZkxH83EeP4o2fbJqYqrqlumoUcUqU=' 'sha256-/qdLEDoPtZ0l4PtwG/VbTEhLG5D+Gzgab4CvjPhl5Y4=' 'sha256-SIixnAOZ2DRyopWknxHXQPQuyfuAZfEp/cVfoJQEKu8=' 'sha256-fvBL/aZkHR0+h3GidTXUCfqviTWqEO2pONkcN3RfSy8=' 'sha256-cgcQ9nhMbFV1FKgsdIDOWI+MJFxAl5vppIJ8sYJE6cs=' 'sha256-TN3nkEBMFAf2X7nb+zm4c2P7HWZLrt4KOPvimJKY3zg=' 'sha256-ojR6q934236ZjwN5Kwpu+XK0JqThukmcp/2g4PDGeuI=' 'sha256-ZSWMSKn5Y//zw1vv5f8UpkRZktv4l40BSH7sZolwpzo=' 'sha256-hlTP9Ywu8V7HiqPIwYg5AeE+kSmojSDnhse7r5u+pxA=' 'sha256-eO3XWXcOCORVx5+I8ZX8sE7A9qfjmsMveHCujrsDTWs=' 'sha256-4A+BUlf84VhaqCCxfqgzAUzmgDdjTi3e4BmArbM6cso=' 'sha256-+Kml4mjPrSghfgf9Tk67m24StDFwIiNINWgU0Q6efJ8=' 'sha256-/NxgWha3UVGsyLnK3/BatzGh2/66EvCiu148GHuB0G8=' 'sha256-v8rg2ZV8VyTk4lOP9eHM43/x/XUVUlImRs0kmKVHTNo=' 'sha256-V6FUnhWYFEYbVnTafFXgVRUAO61RJHv8y3yhT1YAgLE=' 'sha256-ROoZyMc0+9lURn8uEVd0iP0462V3mjA6v/heB944REk=' 'sha256-FnhpGtRPL+Zo+1b38kfG8HrhwN72AMBefOJOShAf7n8=' 'sha256-9yIlnrvtByxQcr3OnYqsrfEjWIwel+msyLPFKQoUPqE=' 'sha256-K6F4+zFHRFEQ8gQFlnkRTgIcXBhzoLcoVOwFm0+bGRs=' 'sha256-Hrl3qLdfcs8ALE1wWVgL7D7shOGuXrw+9luIq6BLu3s=' 'sha256-L5EtqrYrNe+1osmvE2/L5G8kg5bYN93DWTdIHtIaiXg=' 'sha256-xVn1oeFW/SiAtmBXSVDnkOaT+VrzZjtKPKqc21Fqo+4=' https://kit.fontawesome.com https://www.googletagmanager.com/ https://t.sharethis.com https://dhqbrvplips7x.cloudfront.net https://www.gstatic.com https://www.google.com https://www.google-analytics.com https://platform-api.sharethis.com https://apps.mypurecloud.ie https://buttons-config.sharethis.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://kit-free.fontawesome.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; img-src 'self' data: https://l.sharethis.com https://platform-cdn.sharethis.com https://s3.amazonaws.com https://www.itc.sa https://stats.g.doubleclick.net https://www.google-analytics.com https://maps.gstatic.com https://maps.googleapis.com https://itc.sa; font-src 'self' data: https://kit-free.fontawesome.com https://use.fontawesome.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; frame-src 'self' https://t.sharethis.com https://www.youtube.com https://apps.mypurecloud.ie https://c.sharethis.mgr.consensu.org
124- Connection: close
125- Content-Type: text/html; charset=UTF-8
126- Content-Encoding: gzip
127- Transfer-Encoding: chunked
128--------------------------------------------------
129[#] Finding Location..!
130[#] as: AS35753 Integrated Telecom Co. Ltd
131[#] city: Riyadh
132[#] country: Saudi Arabia
133[#] countryCode: SA
134[#] isp: Integrated Telecom Co. Ltd
135[#] lat: 24.682
136[#] lon: 46.7074
137[#] org: Integrated Telecom Co. Ltd
138[#] query: 87.101.237.176
139[#] region: 01
140[#] regionName: Ar Riyāḑ
141[#] status: success
142[#] timezone: Asia/Riyadh
143[#] zip:
144--------------------------------------------------
145[x] Didn't Detect WAF Presence on: https://www.itc.sa/en/
146--------------------------------------------------
147[#] Starting Reverse DNS
148[-] Failed ! Fail
149--------------------------------------------------
150[!] Scanning Open Port
151[#] 80/tcp open http
152[#] 443/tcp open https
153--------------------------------------------------
154[+] Collecting Information Disclosure!
155[#] Detecting sitemap.xml file
156[-] sitemap.xml file not Found!?
157[#] Detecting robots.txt file
158[-] robots.txt file not Found!?
159[#] Detecting GNU Mailman
160[-] GNU Mailman App Not Detected!?
161--------------------------------------------------
162[+] Crawling Url Parameter On: https://www.itc.sa/en/
163--------------------------------------------------
164[#] Searching Html Form !
165[+] Html Form Discovered
166[#] action: /php/newsletter.php
167[#] class: ['validate']
168[#] id: None
169[#] method: post
170--------------------------------------------------
171[!] Found 10 dom parameter
172[#] https://www.itc.sa/en//#
173[#] https://www.itc.sa/en///en/business/industry#oil
174[#] https://www.itc.sa/en///en/business/industry#health
175[#] https://www.itc.sa/en///en/business/industry#corporate
176[#] https://www.itc.sa/en///en/business/industry#government
177[#] https://www.itc.sa/en///en/business/industry#real_estate
178[#] https://www.itc.sa/en///en/business/industry#smes
179[#] https://www.itc.sa/en///en/business/industry#telecom
180[#] https://www.itc.sa/en///en/business/industry#education
181[#] https://www.itc.sa/en//#
182--------------------------------------------------
183[!] 6 Internal Dynamic Parameter Discovered
184[+] https://www.itc.sa/en///assets/plugins/bootstrap/css/bootstrap.min.css?v=4
185[+] https://www.itc.sa/en///assets/css/essentials.css?v=2
186[+] https://www.itc.sa/en///assets/css/layout.css?v=11
187[+] https://www.itc.sa/en///assets/css/header-1.css?v=1
188[+] https://www.itc.sa/en///assets/css/color_scheme/red.css?v=100
189[+] https://www.itc.sa/en///assets/css/custom.css?v=81
190--------------------------------------------------
191[!] 1 External Dynamic Parameter Discovered
192[#] https://fonts.googleapis.com/css?family=Krub|Play|Basic|Droid Arabic Kufi|Droid+Arabic+Kufi|Yantramanav
193--------------------------------------------------
194[!] 141 Internal links Discovered
195[+] https://itc.sa
196[+] https://itc.sa
197[+] https://itc.sa/en
198[+] https://www.itc.sa/en///assets/plugins/slider.swiper/dist/css/swiper.min.css
199[+] https://www.itc.sa/en///assets/fontawesome5/css/all.css
200[+] https://www.itc.sa/en///wp/css/appstyle.css
201[+] https://www.itc.sa/en///assets/plugins/dist/jquery-confirm.min.css
202[+] https://www.itc.sa/en///assets/plugins/select2/css/select2.css
203[+] https://www.itc.sa/en///assets/plugins/@ttskch/select2-bootstrap4-theme/dist/select2-bootstrap4.css
204[+] https://www.itc.sa/en///doc/ico/apple-icon-180x180.png
205[+] https://www.itc.sa/en///doc/ico/android-icon-192x192.png
206[+] https://www.itc.sa/en///doc/ico/favicon-32x32.png
207[+] https://www.itc.sa/en///doc/ico/favicon-16x16.png
208[+] https://www.itc.sa/en///doc/ico/manifest.json
209[+] https://www.itc.sa/en///en/about/career
210[+] https://www.itc.sa/en///en/support
211[+] https://www.itc.sa/en///en/support/business-care
212[+] https://www.itc.sa/en///en/support/customer-complaints
213[+] https://www.itc.sa/en///en/support/complaint-processing-procedures
214[+] https://www.itc.sa/en///en/support/free-consultation
215[+] https://www.itc.sa/en///en/support/educational-videos
216[+] https://www.itc.sa/en///en/support/faq
217[+] https://www.itc.sa/en///en/support/sitemap
218[+] https://www.itc.sa/en///en/about
219[+] https://www.itc.sa/en///en/about
220[+] https://www.itc.sa/en///en/about/achievements
221[+] https://www.itc.sa/en///en/about/ftth-story
222[+] https://www.itc.sa/en///en/about/network-capacity
223[+] https://www.itc.sa/en///en/about/clients
224[+] https://www.itc.sa/en///en/about/news
225[+] https://www.itc.sa/en///en/about/career
226[+] https://www.itc.sa/en///en/about/contact-us
227[+] https://www.itc.sa/en///ar/main
228[+] https://www.itc.sa/en///en/support/customer-complaints
229[+] https://www.itc.sa/en///en
230[+] https://www.itc.sa/en///en/business
231[+] https://www.itc.sa/en///en/wholesale
232[+] https://www.itc.sa/en///en/individual
233[+] https://www.itc.sa/en///en
234[+] https://www.itc.sa/en///en/individual/home/fiber
235[+] https://www.itc.sa/en///en/individual
236[+] https://www.itc.sa/en///en/individual/home/fiber
237[+] https://www.itc.sa/en///en/individual/home/fiber/subscribe-online
238[+] https://www.itc.sa/en///en/individual/home/wimax
239[+] https://www.itc.sa/en///en/individual/sat-plus
240[+] https://www.itc.sa/en///en/individual/royal-commission-yanbu
241[+] https://www.itc.sa/en///en/business
242[+] https://www.itc.sa/en///en/business/national-data-connectivity
243[+] https://www.itc.sa/en///en/business/national-data-connectivity/ethernet-layer-2-vpn
244[+] https://www.itc.sa/en///en/business/national-data-connectivity/mpls-layer-3-vpn
245[+] https://www.itc.sa/en///en/business/national-data-connectivity/storage-fiber-sync
246[+] https://www.itc.sa/en///en/business/national-data-connectivity/transmission-leased-line
247[+] https://www.itc.sa/en///en/business/international-data-connectivity
248[+] https://www.itc.sa/en///en/business/international-data-connectivity/global-ethernet-layer-2-vpn
249[+] https://www.itc.sa/en///en/business/international-data-connectivity/global-mpls-layer-3-vpn
250[+] https://www.itc.sa/en///en/business/international-data-connectivity/international-private-leased-circuit
251[+] https://www.itc.sa/en///en/business/managed-services
252[+] https://www.itc.sa/en///en/business/managed-services/colocation-hosting-service
253[+] https://www.itc.sa/en///en/business/managed-services/business-continuity
254[+] https://www.itc.sa/en///en/business/managed-services/managed-router
255[+] https://www.itc.sa/en///en/business/managed-services/anti-ddos
256[+] https://www.itc.sa/en///en/business/internet-services
257[+] https://www.itc.sa/en///en/business/internet-services/dedicated-internet-bdi
258[+] https://www.itc.sa/en///en/business/internet-services/broadband-internet-bbi
259[+] https://www.itc.sa/en///en/business/internet-services/ip-transit
260[+] https://www.itc.sa/en///en/business/internet-services/elite-internet
261[+] https://www.itc.sa/en///en/business/internet-services/firenet
262[+] https://www.itc.sa/en///en/business/internet-services/business-bundle
263[+] https://www.itc.sa/en///en/business/vsat
264[+] https://www.itc.sa/en///en/business/vsat/satcom
265[+] https://www.itc.sa/en///en/business/vsat/isat
266[+] https://www.itc.sa/en///en/business/vsat/mpls-over-vsat
267[+] https://www.itc.sa/en///en/business/vsat/sat-pool
268[+] https://www.itc.sa/en///en/business/managed-security-services
269[+] https://www.itc.sa/en///en/business/managed-security-services/security-information-and-event-management
270[+] https://www.itc.sa/en///en/business/managed-security-services/threat-intelligence
271[+] https://www.itc.sa/en///en/business/managed-security-services/vulnerability-management
272[+] https://www.itc.sa/en///en/business/managed-security-services/security-device-management
273[+] https://www.itc.sa/en///en/business/managed-security-services/web-application-firewall
274[+] https://www.itc.sa/en///en/business/managed-security-services/penetration-testing
275[+] https://www.itc.sa/en///en/business/industry
276[+] https://www.itc.sa/en///en/business/industry
277[+] https://www.itc.sa/en///en/wholesale
278[+] https://www.itc.sa/en///en/business/international-data-connectivity/global-ethernet-layer-2-vpn
279[+] https://www.itc.sa/en///en/business/international-data-connectivity/global-mpls-layer-3-vpn
280[+] https://www.itc.sa/en///en/business/international-data-connectivity/international-private-leased-circuit
281[+] https://www.itc.sa/en///en/business/internet-services/ip-transit
282[+] https://www.itc.sa/en///en/cloud
283[+] https://www.itc.sa/en///en/cloud/storage
284[+] https://www.itc.sa/en///en/cloud/storage/vps
285[+] https://www.itc.sa/en///en/cloud/storage/backup
286[+] https://www.itc.sa/en///en/cloud/storage/disaster-recovery
287[+] https://www.itc.sa/en///en/cloud/hosting
288[+] https://www.itc.sa/en///en/cloud/hosting/web-hosting
289[+] https://www.itc.sa/en///en/cloud/hosting/ms-exchange
290[+] https://www.itc.sa/en///en/cloud/hosting/office-365
291[+] https://www.itc.sa/en///en/cloud/security
292[+] https://www.itc.sa/en///en/cloud/security/virtual-firewall
293[+] https://www.itc.sa/en///en/cloud/security/web-security
294[+] https://www.itc.sa/en///en/cloud/security/secure-email-gateway
295[+] https://www.itc.sa/en///en/cloud/security/anti-ddos
296[+] https://www.itc.sa/en///en/cloud/saas
297[+] https://www.itc.sa/en///en/cloud/saas/mena
298[+] https://www.itc.sa/en///en/cloud/saas/mbas
299[+] https://www.itc.sa/en///en/business/managed-security-services
300[+] https://www.itc.sa/en///en/individual/home/fiber
301[+] https://www.itc.sa/en///en/individual/home/fiber
302[+] https://www.itc.sa/en///en/cloud
303[+] https://www.itc.sa/en///en/individual/home/fiber
304[+] https://www.itc.sa/en///en/business/internet-services/dedicated-internet-bdi
305[+] https://www.itc.sa/en///en/individual/home/fiber
306[+] https://www.itc.sa/en///en/individual/home/fiber/subscribe-online
307[+] https://www.itc.sa/en///en/about/news/191/ITC-is-once-again-leading-the-Netflix-Index-for-ISPs-in-the-Kingdom
308[+] https://www.itc.sa/en///en/about/news/191/ITC-is-once-again-leading-the-Netflix-Index-for-ISPs-in-the-Kingdom
309[+] https://www.itc.sa/en///en/about/news/191/ITC-is-once-again-leading-the-Netflix-Index-for-ISPs-in-the-Kingdom
310[+] https://www.itc.sa/en///en/business
311[+] https://www.itc.sa/en///en/wholesale
312[+] https://www.itc.sa/en///en/cloud
313[+] https://www.itc.sa/en///en/consumer
314[+] https://www.itc.sa/en///en/support/free-consultation
315[+] https://www.itc.sa/en///en/business
316[+] https://www.itc.sa/en///en/wholesale
317[+] https://www.itc.sa/en///en/cloud
318[+] https://www.itc.sa/en///en/business/industry
319[+] https://www.itc.sa/en///en/support
320[+] https://www.itc.sa/en///en/support/free-consultation
321[+] https://www.itc.sa/en///en/individual
322[+] https://www.itc.sa/en///en/individual/home/fiber
323[+] https://www.itc.sa/en///en/individual/home/fiber/subscribe-online
324[+] https://www.itc.sa/en///en/individual/royal-commission-yanbu
325[+] https://www.itc.sa/en///en/individual/home/wimax
326[+] https://www.itc.sa/en///en/individual/sat-plus
327[+] https://www.itc.sa/en///en/about
328[+] https://www.itc.sa/en///en/about/achievements
329[+] https://www.itc.sa/en///en/about/network-capacity
330[+] https://www.itc.sa/en///en/about/news
331[+] https://www.itc.sa/en///en/about/career
332[+] https://www.itc.sa/en///en/about/contact-us
333[+] https://www.itc.sa/en///doc/Terms_&_Conditions_en.pdf
334[+] https://www.itc.sa/en///en/customer-rights-and-responsibilities
335[+] https://www.itc.sa/en///en/support/sitemap
336--------------------------------------------------
337[-] No External Link Found!?
338--------------------------------------------------
339[#] Mapping Subdomain..
340[!] Found 25 Subdomain
341- itc.sa
342- vpn.itc.sa
343- mgdsrvcs.itc.sa
344- boss.itc.sa
345- www.itc.sa
346- exchange.itc.sa
347- mail.itc.sa
348- autodiscover.mail.itc.sa
349- autodiscover.itc.sa
350- fs.itc.sa
351- ftthpartner.itc.sa
352- ftthspeed-kho.itc.sa
353- ftthspeed-ruh.itc.sa
354- resellers.itc.sa
355- itc-tt-status.itc.sa
356- rsa-mfa.itc.sa
357- maila.itc.sa
358- mailb.itc.sa
359- moss.itc.sa
360- woms.itc.sa
361- dportal.itc.sa
362- antiddos.itc.sa
363- www.antiddos.itc.sa
364- myzooomfiber.itc.sa
365- www.myzooomfiber.itc.sa
366--------------------------------------------------
367[!] Done At 2019-08-10 20:42:18.386017
368###################################################################################################################################
369[i] Scanning Site: https://www.itc.sa
370
371
372
373B A S I C I N F O
374====================
375
376
377[+] Site Title:
378[+] IP address: 87.101.237.176
379[+] Web Server: Could Not Detect
380[+] CMS: Could Not Detect
381[+] Cloudflare: Not Detected
382[+] Robots File: Could NOT Find robots.txt!
383
384
385
386
387W H O I S L O O K U P
388========================
389
390 % SaudiNIC Whois server.
391% Rights restricted by copyright.
392% http://nic.sa/en/view/whois-cmd-copyright
393
394Domain Name: itc.sa
395
396 Registrant:
397 Integrated telecom Company
398 Address: شارع الضباب حي المريع
399 الرياض
400 المملكة العربية السعودية
401
402 Administrative Contact:
403 Ayman Fadhel
404 Address: *********************
405 ******
406 ************************
407
408 Technical Contact:
409 Habeebulla Thekkar
410 Address: *********
411 ******
412 ************************
413
414 Name Servers:
415 ns1.itc.net.sa
416 ns2.itc.net.sa
417
418Created on: 2011-03-22
419Last Updated on: 2018-12-26
420
421
422
423
424
425G E O I P L O O K U P
426=========================
427
428[i] IP Address: 87.101.237.176
429[i] Country: Saudi Arabia
430[i] State:
431[i] City:
432[i] Latitude: 25.0
433[i] Longitude: 45.0
434
435
436
437
438H T T P H E A D E R S
439=======================
440
441
442[i] HTTP/1.1 200 OK
443[i] Date: Sun, 11 Aug 2019 00:41:19 GMT
444[i] Strict-Transport-Security: max-age=31536000; includeSubDomains
445[i] X-XSS-Protection: 1; mode=block
446[i] Feature-Policy: microphone 'none'; camera 'none'
447[i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
448[i] Cache-Control: max-age=420, private, must-revalidate
449[i] Pragma: no-cache
450[i] Vary: Accept-Encoding
451[i] X-Content-Type-Options: nosniff
452[i] X-Frame-Options: sameorigin
453[i] Set-Cookie: PHPSESSID=selg66blso4acdv9v2r3b01jn1; path=/;HttpOnly;Secure
454[i] Set-Cookie: returned_id=selg66blso4acdv9v2r3b01jn1; expires=Tue, 10-Sep-2019 00:41:19 GMT; Max-Age=2592000; path=/;HttpOnly;Secure
455[i] Referrer-Policy: no-referrer
456[i] Connection: close
457[i] Content-Type: text/html; charset=UTF-8
458[i] Set-Cookie: TS01dd26aa=01f8c9064af6a83f747ca8b4dd57a6e6ace6f27997e4fa3672b6db67c642e7b34b94eb68b8b17436c9b886d24610c163f1bdb01042d14b7d6f01944a32e3d6256c4d2e9ce3b95d31e4dcfbb3b867ac1e9d3bd84043; Path=/
459
460
461
462
463D N S L O O K U P
464===================
465
466itc.sa. 299 IN A 87.101.237.176
467itc.sa. 899 IN NS ns1.itc.net.sa.
468itc.sa. 899 IN NS ns2.itc.net.sa.
469itc.sa. 899 IN SOA ns1.itc.net.sa. hostmaster.itc.net.sa. 180 900 600 900 900
470itc.sa. 899 IN MX 20 mailb.itc.sa.
471itc.sa. 899 IN MX 10 maila.itc.sa.
472itc.sa. 899 IN TXT "v=spf1 a mx mx:maila.itc.sa mx:mailb.itc.sa ip4:87.101.144.116 ip4:87.101.144.117 ip4:87.101.144.125 ip4:87.101.144.124 include:spf.protection.outlook.com -all"
473itc.sa. 899 IN TXT "0f02e464aff24c0aabf50bc0ededd9eb"
474itc.sa. 899 IN TXT "CmfUkY5Gp4+S6QJelwjlcdJGG5dkx4y9IcOIwd2WhQ8="
475itc.sa. 899 IN TXT "Qqvxch4TSbgbfghpZoAWaSm5J6nnAiNu/VN53awjAb37e7cudRo8zTE2t/QLw6BdhQISsYXj8f8sG32CPTgMdw=="
476itc.sa. 899 IN TXT "MS=BFD4F35DC1E97BB753721B8298B8A62CCFEB10C6"
477
478
479
480
481S U B N E T C A L C U L A T I O N
482====================================
483
484Address = 87.101.237.176
485Network = 87.101.237.176 / 32
486Netmask = 255.255.255.255
487Broadcast = not needed on Point-to-Point links
488Wildcard Mask = 0.0.0.0
489Hosts Bits = 0
490Max. Hosts = 1 (2^0 - 0)
491Host Range = { 87.101.237.176 - 87.101.237.176 }
492
493
494
495N M A P P O R T S C A N
496============================
497
498Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-11 00:41 UTC
499Nmap scan report for itc.sa (87.101.237.176)
500Host is up (0.18s latency).
501
502PORT STATE SERVICE
50321/tcp filtered ftp
50422/tcp filtered ssh
50523/tcp filtered telnet
50680/tcp open http
507110/tcp filtered pop3
508143/tcp filtered imap
509443/tcp open https
5103389/tcp filtered ms-wbt-server
511
512Nmap done: 1 IP address (1 host up) scanned in 3.76 seconds
513
514
515
516S U B - D O M A I N F I N D E R
517==================================
518
519
520[i] Total Subdomains Found : 24
521
522[+] Subdomain: rsa-mfa.itc.sa
523[-] IP: 87.101.144.115
524
525[+] Subdomain: maila.itc.sa
526[-] IP: 87.101.144.116
527
528[+] Subdomain: mailb.itc.sa
529[-] IP: 87.101.144.117
530
531[+] Subdomain: exchange.itc.sa
532[-] IP: 87.101.144.124
533
534[+] Subdomain: ftthspeed-ruh.itc.sa
535[-] IP: 87.101.201.26
536
537[+] Subdomain: dportal.itc.sa
538[-] IP: 87.101.238.56
539
540[+] Subdomain: mail.itc.sa
541[-] IP: 87.101.144.124
542
543[+] Subdomain: autodiscover.mail.itc.sa
544[-] IP: 87.101.144.124
545
546[+] Subdomain: vpn.itc.sa
547[-] IP: 87.101.144.107
548
549[+] Subdomain: ftthspeed-kho.itc.sa
550[-] IP: 5.42.226.10
551
552[+] Subdomain: myzooomfiber.itc.sa
553[-] IP: 87.101.237.231
554
555[+] Subdomain: www.myzooomfiber.itc.sa
556[-] IP: 87.101.237.231
557
558[+] Subdomain: ftthpartner.itc.sa
559[-] IP: 87.101.237.233
560
561[+] Subdomain: autodiscover.itc.sa
562[-] IP: 87.101.144.124
563
564[+] Subdomain: mgdsrvcs.itc.sa
565[-] IP: 87.101.237.190
566
567[+] Subdomain: fs.itc.sa
568[-] IP: 87.101.144.121
569
570[+] Subdomain: woms.itc.sa
571[-] IP: 87.101.237.135
572
573[+] Subdomain: antiddos.itc.sa
574[-] IP: 87.101.238.56
575
576[+] Subdomain: www.antiddos.itc.sa
577[-] IP: 87.101.238.56
578
579[+] Subdomain: resellers.itc.sa
580[-] IP: 87.101.237.145
581
582[+] Subdomain: boss.itc.sa
583[-] IP: 87.101.237.213
584
585[+] Subdomain: moss.itc.sa
586[-] IP: 87.101.237.234
587
588[+] Subdomain: itc-tt-status.itc.sa
589[-] IP: 87.101.237.145
590
591[+] Subdomain: www.itc.sa
592[-] IP: 87.101.237.165
593###################################################################################################################################
594[INFO] ------TARGET info------
595[*] TARGET: https://www.itc.sa/en/
596[*] TARGET IP: 87.101.237.176
597[INFO] NO load balancer detected for www.itc.sa...
598[*] DNS servers: ns1.itc.net.sa.
599[*] TARGET server: BigIP
600[*] CC: SA
601[*] Country: Saudi Arabia
602[*] RegionCode: 01
603[*] RegionName: Ar Riyāḑ
604[*] City: Riyadh
605[*] ASN: AS35753
606[*] BGP_PREFIX: 87.101.128.0/17
607[*] ISP: ITC Integrated Telecom Co. Ltd, SA
608[INFO] SSL/HTTPS certificate detected
609[*] Issuer: issuer=C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA
610[*] Subject: subject=C = SA, ST = Ar Riyad, L = Riyadh, O = Integrated Telecom Company, CN = *.itc.sa
611[INFO] DNS enumeration:
612[*] mail.itc.sa 87.101.144.124
613[*] vpn.itc.sa 87.101.144.107
614[INFO] Possible abuse mails are:
615[*] abuse@itc.net.sa
616[*] abuse@itc.sa
617[*] int-reg@itc.net.sa
618[*] support@itc.net.sa
619[INFO] NO PAC (Proxy Auto Configuration) file FOUND
620[INFO] Starting FUZZing in http://www.itc.sa/FUzZzZzZzZz...
621[INFO] Status code Folders
622[*] 302 http://www.itc.sa/index
623[*] 302 http://www.itc.sa/images
624[*] 302 http://www.itc.sa/download
625[*] 302 http://www.itc.sa/2006
626[*] 302 http://www.itc.sa/news
627[*] 302 http://www.itc.sa/crack
628[*] 302 http://www.itc.sa/serial
629[*] 302 http://www.itc.sa/warez
630[*] 302 http://www.itc.sa/full
631[*] 302 http://www.itc.sa/12
632[INFO] NO passwords found in source code
633[INFO] SAME content in http://www.itc.sa/ AND http://87.101.237.176/
634
635Recherche www.itc.sa
636Connexion HTTPS à www.itc.sa
637
638lynx : accès impossible au fichier de départ https://www.itc.sa/en/
639[INFO] Links found from https://www.itc.sa/en/:
640[INFO] GOOGLE has 63,900,000 results (0.23 seconds) about http://www.itc.sa/
641[INFO] Shodan detected the following opened ports on 87.101.237.176:
642[*] 0
643[*] 2
644[*] 443
645[*] 5
646[*] 8
647[*] 80
648[INFO] ------VirusTotal SECTION------
649[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
650[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
651[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
652[INFO] ------Alexa Rank SECTION------
653[INFO] Percent of Visitors Rank in Country:
654[INFO] Percent of Search Traffic:
655[INFO] Percent of Unique Visits:
656[INFO] Total Sites Linking In:
657[*] Total Sites
658[INFO] Useful links related to www.itc.sa - 87.101.237.176:
659[*] https://www.virustotal.com/pt/ip-address/87.101.237.176/information/
660[*] https://www.hybrid-analysis.com/search?host=87.101.237.176
661[*] https://www.shodan.io/host/87.101.237.176
662[*] https://www.senderbase.org/lookup/?search_string=87.101.237.176
663[*] https://www.alienvault.com/open-threat-exchange/ip/87.101.237.176
664[*] http://pastebin.com/search?q=87.101.237.176
665[*] http://urlquery.net/search.php?q=87.101.237.176
666[*] http://www.alexa.com/siteinfo/www.itc.sa
667[*] http://www.google.com/safebrowsing/diagnostic?site=www.itc.sa
668[*] https://censys.io/ipv4/87.101.237.176
669[*] https://www.abuseipdb.com/check/87.101.237.176
670[*] https://urlscan.io/search/#87.101.237.176
671[*] https://github.com/search?q=87.101.237.176&type=Code
672[INFO] Useful links related to AS35753 - 87.101.128.0/17:
673[*] http://www.google.com/safebrowsing/diagnostic?site=AS:35753
674[*] https://www.senderbase.org/lookup/?search_string=87.101.128.0/17
675[*] http://bgp.he.net/AS35753
676[*] https://stat.ripe.net/AS35753
677[INFO] Date: 10/08/19 | Time: 20:43:34
678[INFO] Total time: 1 minute(s) and 58 second(s)
679###################################################################################################################################
680Trying "itc.sa"
681Trying "itc.sa"
682;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12228
683;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 2, ADDITIONAL: 2
684
685;; QUESTION SECTION:
686;itc.sa. IN ANY
687
688;; ANSWER SECTION:
689itc.sa. 900 IN TXT "MS=BFD4F35DC1E97BB753721B8298B8A62CCFEB10C6"
690itc.sa. 900 IN TXT "CmfUkY5Gp4+S6QJelwjlcdJGG5dkx4y9IcOIwd2WhQ8="
691itc.sa. 900 IN TXT "0f02e464aff24c0aabf50bc0ededd9eb"
692itc.sa. 900 IN TXT "Qqvxch4TSbgbfghpZoAWaSm5J6nnAiNu/VN53awjAb37e7cudRo8zTE2t/QLw6BdhQISsYXj8f8sG32CPTgMdw=="
693itc.sa. 900 IN TXT "v=spf1 a mx mx:maila.itc.sa mx:mailb.itc.sa ip4:87.101.144.116 ip4:87.101.144.117 ip4:87.101.144.125 ip4:87.101.144.124 include:spf.protection.outlook.com -all"
694itc.sa. 900 IN MX 20 mailb.itc.sa.
695itc.sa. 900 IN MX 10 maila.itc.sa.
696itc.sa. 900 IN SOA ns1.itc.net.sa. hostmaster.itc.net.sa. 180 900 600 900 900
697itc.sa. 300 IN A 87.101.237.176
698itc.sa. 900 IN NS ns1.itc.net.sa.
699itc.sa. 900 IN NS ns2.itc.net.sa.
700
701;; AUTHORITY SECTION:
702itc.sa. 900 IN NS ns2.itc.net.sa.
703itc.sa. 900 IN NS ns1.itc.net.sa.
704
705;; ADDITIONAL SECTION:
706ns1.itc.net.sa. 2727 IN A 87.101.209.5
707ns2.itc.net.sa. 2727 IN A 87.101.209.6
708
709Received 667 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 63 ms
710##################################################################################################################################
711; <<>> DiG 9.11.5-P4-5.1-Debian <<>> +trace itc.sa
712;; global options: +cmd
713. 83065 IN NS e.root-servers.net.
714. 83065 IN NS d.root-servers.net.
715. 83065 IN NS b.root-servers.net.
716. 83065 IN NS h.root-servers.net.
717. 83065 IN NS k.root-servers.net.
718. 83065 IN NS f.root-servers.net.
719. 83065 IN NS a.root-servers.net.
720. 83065 IN NS g.root-servers.net.
721. 83065 IN NS c.root-servers.net.
722. 83065 IN NS l.root-servers.net.
723. 83065 IN NS m.root-servers.net.
724. 83065 IN NS i.root-servers.net.
725. 83065 IN NS j.root-servers.net.
726. 83065 IN RRSIG NS 8 0 518400 20190823170000 20190810160000 59944 . pivMuRT82S2mTtBbAdFZF8MqKYQ3YfPj+oKkhVR8jbrDIAYCans7dRQR GDBmfmzArGHHbjG4wAogJBB3BsIU/ljB/5nXWDZtB6MMvJi2dL34DzF+ M9ewlnSx9yE881sgtFfQo1Fr0ZVLecNDDHUSXSqhG3HXURwbo8Hwdcym x6WcgHUAnIU/BfrL9/Ux8AOadLQWEYAQ4HWVy4J4zfMOBlNMsBT1q+7K ZAeOJas42Kq2yn/GwyJCdzF/xV3EjO9ZEJomR0S5c/iUPElD22A10Dnk dBa+zFapWfsifF4uHj2e89bhGqQQbiEfgsaSVW0cd23wvTe3jgigeTVf UCgrHg==
727;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 351 ms
728
729sa. 172800 IN NS i.nic.net.sa.
730sa. 172800 IN NS n.nic.net.sa.
731sa. 172800 IN NS p.nic.net.sa.
732sa. 172800 IN NS s.nic.net.sa.
733sa. 172800 IN NS s2.nic.net.sa.
734sa. 172800 IN NS ns1.nic.net.sa.
735sa. 172800 IN NS ns2.nic.net.sa.
736sa. 86400 IN DS 30574 8 2 02FC3370C8453439627440B913A8C0A6A4698F9E503F6BBB553D75D7 7E34367E
737sa. 86400 IN RRSIG DS 8 1 86400 20190823170000 20190810160000 59944 . w2/N68o4qcUeGRTAaloxYYrmVsgPDka93gVAYxQKRylo5mJbzj1qdvn3 Ox1p1+9dJIh4hyhFC86RfVQf4irFLKQA7ojApwKXLMZmSyy/f4E80PNJ Q1DZkufY4g97OC9IgluRZWznMMyeG7NGRKqbHJinraA+bvMk8NX013nl Hsc8Cx9OvT3O/YL2cutDel00ayRdWXtaQ2pAOid0eG+jWzCVPMe42fad /0lMhFQa2RduENxHH4cEI2Jf+RE86IZJq8maV8ZiHNi/ELrZ03O4hCHb qzfDXrBNDgOWPO6JuLZ2kpfCY14WxSqmeVDwhzTsUK8Hx9x5faHksUZ6 E0aXqQ==
738;; Received 803 bytes from 2001:500:a8::e#53(e.root-servers.net) in 31 ms
739
740itc.sa. 3600 IN NS ns2.itc.net.sa.
741itc.sa. 3600 IN NS ns1.itc.net.sa.
742r82lota5e5li7mse7kjgij652e90c743.sa. 3600 IN NSEC3 1 1 5 63938D6D460D499A RENFO27DQ397EPJ6SLN2KFROA48JH4LU NS SOA RRSIG DNSKEY NSEC3PARAM
743r82lota5e5li7mse7kjgij652e90c743.sa. 3600 IN RRSIG NSEC3 8 2 3600 20190820155423 20190806145354 24465 sa. tctGTxY0V8YUIx/9m329g3Bh9/zeuqKswu0Hm7bTjuBNJee8g8HwxQEd hqcvMirhoWuEMIyxpiDxyV8GYCMaFpYuXaHrezInYsc9Z8OJknIAA4+v ZuPAgVPQEZECFYEiEMoSWrohz/4bKwRk/2QeE6LQu5WgVikMF8hB4IR9 1dy7iQEyXF28+c67FjycJv3kUcZPHkCqjhdt07ESH7tGyo1lfRUv7Adc yfKHA61rLeNuMFv4uYUWqiOXTTXnbvWEsaTntalJFbcJuddzAbUjbG5H gnuXIixS5XPNEqWyLIB45q7YSUtbCBMeBZRfPAOeeETytM7CTlwQfcCb VSk+zg==
7443k1tdicp7hnhq6c8tubsgfhkb8prs45f.sa. 3600 IN NSEC3 1 1 5 63938D6D460D499A 5I3293EF0D7GTFPDGO0B4J1QLGL694KG NS DS RRSIG
7453k1tdicp7hnhq6c8tubsgfhkb8prs45f.sa. 3600 IN RRSIG NSEC3 8 2 3600 20190820155439 20190806145354 24465 sa. QwckXtdBnUxJaJx9Tp7OHGX6ZXPi36ZPqfUy8STp1BeX1j8R6NBis1D/ bb14/7o/ptHWSjw+9wdBxY3JQlG9bK4Uw35T5dchJTDISoGsqoCwAmxy IPe1G8ZugHou13Aj/Q7iEOdUTcwi3GHrBj0aQ7qs+XSmB30M4bOBJH6Q uE31ka2dqX2f4S8evz5GFMCXwOuuSfHck9U4igNawbgV4rFhA4seSjPJ ej6EdJNgEYPnG627+bp0Wqs2Sdpf9HN82iXSysiVUqtXaF+XQVGfQthT JVC5nvDfJny+sOOe7Z0DSD4/QADhF0Mrzq+bJK9HMA7AxCxD5RPJrau8 DeqQIg==
746;; Received 862 bytes from 37.107.223.170#53(s.nic.net.sa) in 444 ms
747
748itc.sa. 300 IN A 87.101.237.176
749;; Received 79 bytes from 87.101.209.6#53(ns2.itc.net.sa) in 456 ms
750###################################################################################################################################
751[*] Performing General Enumeration of Domain: itc.sa
752[-] DNSSEC is not configured for itc.sa
753[*] SOA ns1.itc.net.sa 87.101.209.5
754[*] NS ns1.itc.net.sa 87.101.209.5
755[*] NS ns2.itc.net.sa 87.101.209.6
756[*] MX mailb.itc.sa 87.101.144.117
757[*] MX maila.itc.sa 87.101.144.116
758[*] A itc.sa 87.101.237.176
759[*] TXT itc.sa v=spf1 a mx mx:maila.itc.sa mx:mailb.itc.sa ip4:87.101.144.116 ip4:87.101.144.117 ip4:87.101.144.125 ip4:87.101.144.124 include:spf.protection.outlook.com -all
760[*] TXT itc.sa MS=BFD4F35DC1E97BB753721B8298B8A62CCFEB10C6
761[*] TXT itc.sa Qqvxch4TSbgbfghpZoAWaSm5J6nnAiNu/VN53awjAb37e7cudRo8zTE2t/QLw6BdhQISsYXj8f8sG32CPTgMdw==
762[*] TXT itc.sa CmfUkY5Gp4+S6QJelwjlcdJGG5dkx4y9IcOIwd2WhQ8=
763[*] TXT itc.sa 0f02e464aff24c0aabf50bc0ededd9eb
764[*] Enumerating SRV Records
765[*] SRV _sip._tcp.itc.sa ruh-exprwe-02.itc.sa 87.101.144.119 5060 20
766[*] SRV _sip._tcp.itc.sa ruh-exprwe-01.itc.sa 87.101.144.118 5060 10
767[*] SRV _sip._udp.itc.sa ruh-exprwe-01.itc.sa 87.101.144.118 5060 10
768[*] SRV _sip._udp.itc.sa ruh-exprwe-02.itc.sa 87.101.144.119 5060 20
769[*] SRV _sips._tcp.itc.sa ruh-exprwe-01.itc.sa 87.101.144.118 5061 10
770[*] SRV _sips._tcp.itc.sa ruh-exprwe-02.itc.sa 87.101.144.119 5061 10
771[*] SRV _h323cs._tcp.itc.sa ruh-exprwe-01.itc.sa 87.101.144.118 1720 10
772[*] SRV _h323cs._tcp.itc.sa ruh-exprwe-02.itc.sa 87.101.144.119 1720 20
773[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 52.112.192.139 443 1
774[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027:0:5::b 443 1
775[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027:0:4::b 443 1
776[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027:0:7::b 443 1
777[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027:0:2::b 443 1
778[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027:0:3::b 443 1
779[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027:0:8::b 443 1
780[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027::b 443 1
781[*] SRV _sip._tls.itc.sa sipdir.online.lync.com 2603:1027:0:9::b 443 1
782[*] SRV _h323ls._udp.itc.sa ruh-exprwe-02.itc.sa 87.101.144.119 1719 20
783[*] SRV _h323ls._udp.itc.sa ruh-exprwe-01.itc.sa 87.101.144.118 1719 10
784[*] SRV _sipfederationtls._tcp.itc.sa sipfed.online.lync.com 52.112.193.13 5061 1
785[*] SRV _sipfederationtls._tcp.itc.sa sipfed.online.lync.com 2603:1027::b 5061 1
786[+] 21 Records Found
787###################################################################################################################################
788[*] Processing domain itc.sa
789[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
790[+] Getting nameservers
79187.101.209.5 - ns1.itc.net.sa
79287.101.209.6 - ns2.itc.net.sa
793[-] Zone transfer failed
794
795[+] TXT records found
796"v=spf1 a mx mx:maila.itc.sa mx:mailb.itc.sa ip4:87.101.144.116 ip4:87.101.144.117 ip4:87.101.144.125 ip4:87.101.144.124 include:spf.protection.outlook.com -all"
797"MS=BFD4F35DC1E97BB753721B8298B8A62CCFEB10C6"
798"Qqvxch4TSbgbfghpZoAWaSm5J6nnAiNu/VN53awjAb37e7cudRo8zTE2t/QLw6BdhQISsYXj8f8sG32CPTgMdw=="
799"CmfUkY5Gp4+S6QJelwjlcdJGG5dkx4y9IcOIwd2WhQ8="
800"0f02e464aff24c0aabf50bc0ededd9eb"
801
802[+] MX records found, added to target list
80320 mailb.itc.sa.
80410 maila.itc.sa.
805
806[*] Scanning itc.sa for A records
80787.101.144.117 - mailb.itc.sa
80887.101.144.116 - maila.itc.sa
80987.101.237.176 - itc.sa
81087.101.144.101 - apps.itc.sa
81187.101.144.124 - autodiscover.itc.sa
812188.166.23.88 - careers.itc.sa
81387.101.144.124 - exchange.itc.sa
81487.101.144.121 - fs.itc.sa
81587.101.238.200 - lab.itc.sa
81652.112.192.14 - lyncdiscover.itc.sa
81787.101.144.124 - mail.itc.sa
81852.112.194.75 - sip.itc.sa
81987.101.144.107 - vpn.itc.sa
82087.101.237.175 - web.itc.sa
82187.101.237.176 - www.itc.sa
822###################################################################################################################################
823
824
825 AVAILABLE PLUGINS
826 -----------------
827
828 OpenSslCcsInjectionPlugin
829 EarlyDataPlugin
830 SessionRenegotiationPlugin
831 CertificateInfoPlugin
832 RobotPlugin
833 OpenSslCipherSuitesPlugin
834 HeartbleedPlugin
835 SessionResumptionPlugin
836 CompressionPlugin
837 HttpHeadersPlugin
838 FallbackScsvPlugin
839
840
841
842 CHECKING HOST(S) AVAILABILITY
843 -----------------------------
844
845 87.101.237.176:443 => 87.101.237.176
846
847
848
849
850 SCAN RESULTS FOR 87.101.237.176:443 - 87.101.237.176
851 ----------------------------------------------------
852
853 * Downgrade Attacks:
854 TLS_FALLBACK_SCSV: OK - Supported
855
856 * SSLV2 Cipher Suites:
857 Server rejected all cipher suites.
858
859 * OpenSSL CCS Injection:
860 OK - Not vulnerable to OpenSSL CCS injection
861
862 * TLSV1_3 Cipher Suites:
863 Server rejected all cipher suites.
864
865 * Certificate Information:
866 Content
867 SHA1 Fingerprint: e532dda272388fdbb7ad31ece04b662b787f0bb1
868 Common Name: *.itc.sa
869 Issuer: DigiCert SHA2 Secure Server CA
870 Serial Number: 4676899903189076023699031021412274819
871 Not Before: 2018-06-07 00:00:00
872 Not After: 2020-04-15 12:00:00
873 Signature Algorithm: sha256
874 Public Key Algorithm: RSA
875 Key Size: 2048
876 Exponent: 65537 (0x10001)
877 DNS Subject Alternative Names: ['*.itc.sa', 'itc.sa']
878
879 Trust
880 Hostname Validation: FAILED - Certificate does NOT match 87.101.237.176
881 Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
882 iOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
883 Java CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
884 macOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
885 Mozilla CA Store (2018-11-22): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
886 OPENJDK CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
887 Windows CA Store (2018-12-08): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
888 Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
889 Received Chain: *.itc.sa
890 Verified Chain: ERROR - Could not build verified chain (certificate untrusted?)
891 Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?)
892 Received Chain Order: OK - Order is valid
893 Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
894
895 Extensions
896 OCSP Must-Staple: NOT SUPPORTED - Extension not found
897 Certificate Transparency: OK - 3 SCTs included
898
899 OCSP Stapling
900 NOT SUPPORTED - Server did not send back an OCSP response
901
902 * Session Renegotiation:
903 Client-initiated Renegotiation: VULNERABLE - Server honors client-initiated renegotiations
904 Secure Renegotiation: OK - Supported
905
906 * TLS 1.2 Session Resumption Support:
907 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
908 With TLS Tickets: NOT SUPPORTED - TLS ticket not assigned.
909
910 * ROBOT Attack:
911 OK - Not vulnerable
912
913 * OpenSSL Heartbleed:
914 OK - Not vulnerable to Heartbleed
915
916 * TLSV1_1 Cipher Suites:
917 Forward Secrecy OK - Supported
918 RC4 OK - Not Supported
919
920 Preferred:
921 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
922 Accepted:
923 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
924 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
925 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
926 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
927 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
928 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
929 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
930 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
931 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
932 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
933
934 * Deflate Compression:
935 OK - Compression disabled
936
937 * TLSV1_2 Cipher Suites:
938 Forward Secrecy OK - Supported
939 RC4 OK - Not Supported
940
941 Preferred:
942 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
943 Accepted:
944 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
945 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
946 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
947 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
948 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
949 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
950 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
951 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
952 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
953 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
954 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
955 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
956 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
957 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
958 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
959 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
960 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
961 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
962 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
963 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
964 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
965 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
966
967 * SSLV3 Cipher Suites:
968 Server rejected all cipher suites.
969
970 * TLSV1 Cipher Suites:
971 Forward Secrecy OK - Supported
972 RC4 OK - Not Supported
973
974 Preferred:
975 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
976 Accepted:
977 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
978 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
979 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
980 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
981 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
982 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
983 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
984 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
985 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
986 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
987
988
989 SCAN COMPLETED IN 34.36 S
990 -------------------------
991###################################################################################################################################
992Domains still to check: 1
993 Checking if the hostname itc.sa. given is in fact a domain...
994
995Analyzing domain: itc.sa.
996 Checking NameServers using system default resolver...
997 IP: 87.101.209.5 (Saudi Arabia)
998 HostName: ns1.itc.net.sa Type: NS
999 IP: 87.101.209.6 (Saudi Arabia)
1000 HostName: ns2.itc.net.sa Type: NS
1001
1002 Checking MailServers using system default resolver...
1003 IP: 87.101.144.117 (Saudi Arabia)
1004 HostName: mailb.itc.sa Type: MX
1005 HostName: mailb.itc.net.sa Type: PTR
1006 IP: 87.101.144.116 (Saudi Arabia)
1007 HostName: maila.itc.sa Type: MX
1008 HostName: maila.itc.net.sa Type: PTR
1009
1010 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1011 No zone transfer found on nameserver 87.101.209.6
1012 No zone transfer found on nameserver 87.101.209.5
1013
1014 Checking SPF record...
1015 New IP found: 87.101.144.125
1016 New IP found: 87.101.144.124
1017
1018 Checking SPF record...
1019 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 207.46.100.0/24, but only the network IP
1020 New IP found: 207.46.100.0
1021 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 207.46.163.0/24, but only the network IP
1022 New IP found: 207.46.163.0
1023 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 65.55.169.0/24, but only the network IP
1024 New IP found: 65.55.169.0
1025 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 157.56.110.0/23, but only the network IP
1026 New IP found: 157.56.110.0
1027 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 157.55.234.0/24, but only the network IP
1028 New IP found: 157.55.234.0
1029 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 213.199.154.0/24, but only the network IP
1030 New IP found: 213.199.154.0
1031 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 213.199.180.128/26, but only the network IP
1032 New IP found: 213.199.180.128
1033 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 52.100.0.0/14, but only the network IP
1034 New IP found: 52.100.0.0
1035
1036 Checking SPF record...
1037 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 157.56.112.0/24, but only the network IP
1038 New IP found: 157.56.112.0
1039 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 207.46.51.64/26, but only the network IP
1040 New IP found: 207.46.51.64
1041 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 64.4.22.64/26, but only the network IP
1042 New IP found: 64.4.22.64
1043 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 40.92.0.0/15, but only the network IP
1044 New IP found: 40.92.0.0
1045 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 40.107.0.0/16, but only the network IP
1046 New IP found: 40.107.0.0
1047 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 134.170.140.0/24, but only the network IP
1048 New IP found: 134.170.140.0
1049
1050 Checking SPF record...
1051 There are no IPv4 addresses in the SPF. Maybe IPv6.
1052 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 23.103.128.0/19, but only the network IP
1053 New IP found: 23.103.128.0
1054 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 23.103.198.0/23, but only the network IP
1055 New IP found: 23.103.198.0
1056 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 65.55.88.0/24, but only the network IP
1057 New IP found: 65.55.88.0
1058 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 104.47.0.0/17, but only the network IP
1059 New IP found: 104.47.0.0
1060 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 23.103.200.0/21, but only the network IP
1061 New IP found: 23.103.200.0
1062 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 23.103.208.0/21, but only the network IP
1063 New IP found: 23.103.208.0
1064 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 23.103.191.0/24, but only the network IP
1065 New IP found: 23.103.191.0
1066 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 216.32.180.0/23, but only the network IP
1067 New IP found: 216.32.180.0
1068 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 94.245.120.64/26, but only the network IP
1069 New IP found: 94.245.120.64
1070 New hostname found: 2202::/48
1071 There are no IPv4 addresses in the SPF. Maybe IPv6.
1072
1073 Checking 193 most common hostnames using system default resolver...
1074 IP: 87.101.237.176 (Saudi Arabia)
1075 HostName: www.itc.sa. Type: A
1076 IP: 87.101.144.124 (Saudi Arabia)
1077 Type: SPF
1078 HostName: mail.itc.sa. Type: A
1079 HostName: autodiscover.mail.itc.net.sa Type: PTR
1080 IP: 87.101.237.175 (Saudi Arabia)
1081 HostName: web.itc.sa. Type: A
1082
1083 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1084 Checking netblock 65.55.169.0
1085 Checking netblock 52.100.0.0
1086 Checking netblock 65.55.88.0
1087 Checking netblock 87.101.144.0
1088 Checking netblock 157.55.234.0
1089 Checking netblock 94.245.120.0
1090 Checking netblock 216.32.180.0
1091 Checking netblock 23.103.128.0
1092 Checking netblock 64.4.22.0
1093 Checking netblock 157.56.110.0
1094 Checking netblock 23.103.208.0
1095 Checking netblock 207.46.100.0
1096 Checking netblock 23.103.198.0
1097 Checking netblock 207.46.163.0
1098 Checking netblock 134.170.140.0
1099 Checking netblock 23.103.200.0
1100 Checking netblock 213.199.154.0
1101 Checking netblock 87.101.237.0
1102 Checking netblock 23.103.191.0
1103 Checking netblock 40.107.0.0
1104 Checking netblock 40.92.0.0
1105 Checking netblock 157.56.112.0
1106 Checking netblock 207.46.51.0
1107 Checking netblock 104.47.0.0
1108 Checking netblock 213.199.180.0
1109 Checking netblock 87.101.209.0
1110
1111 Searching for itc.sa. emails in Google
1112 jsmith@itc.sa,
1113 smith@itc.sa,
1114 john.smith@itc.sa,
1115 j.smith@itc.sa,
1116
1117 Checking 31 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1118 Host 65.55.169.0 is up (reset ttl 64)
1119 Host 52.100.0.0 is up (reset ttl 64)
1120 Host 65.55.88.0 is up (reset ttl 64)
1121 Host 87.101.144.116 is up (reset ttl 64)
1122 Host 87.101.144.117 is up (reset ttl 64)
1123 Host 157.55.234.0 is up (reset ttl 64)
1124 Host 94.245.120.64 is up (reset ttl 64)
1125 Host 216.32.180.0 is up (reset ttl 64)
1126 Host 23.103.128.0 is up (reset ttl 64)
1127 Host 64.4.22.64 is up (reset ttl 64)
1128 Host 157.56.110.0 is up (reset ttl 64)
1129 Host 23.103.208.0 is up (reset ttl 64)
1130 Host 207.46.100.0 is up (reset ttl 64)
1131 Host 23.103.198.0 is up (reset ttl 64)
1132 Host 207.46.163.0 is up (reset ttl 64)
1133 Host 134.170.140.0 is up (reset ttl 64)
1134 Host 23.103.200.0 is up (reset ttl 64)
1135 Host 213.199.154.0 is up (reset ttl 64)
1136 Host 87.101.237.176 is up (reset ttl 64)
1137 Host 87.101.237.175 is up (reset ttl 64)
1138 Host 87.101.144.125 is up (reset ttl 64)
1139 Host 87.101.144.124 is up (reset ttl 64)
1140 Host 23.103.191.0 is up (reset ttl 64)
1141 Host 40.107.0.0 is up (reset ttl 64)
1142 Host 40.92.0.0 is up (reset ttl 64)
1143 Host 157.56.112.0 is up (reset ttl 64)
1144 Host 207.46.51.64 is up (reset ttl 64)
1145 Host 104.47.0.0 is up (reset ttl 64)
1146 Host 213.199.180.128 is up (reset ttl 64)
1147 Host 87.101.209.6 is up (reset ttl 64)
1148 Host 87.101.209.5 is up (reset ttl 64)
1149
1150 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1151 Scanning ip 65.55.169.0 ():
1152 Scanning ip 52.100.0.0 ():
1153 Scanning ip 65.55.88.0 ():
1154 Scanning ip 87.101.144.116 (maila.itc.net.sa (PTR)):
1155 Scanning ip 87.101.144.117 (mailb.itc.net.sa (PTR)):
1156 Scanning ip 157.55.234.0 ():
1157 Scanning ip 94.245.120.64 ():
1158 Scanning ip 216.32.180.0 ():
1159 Scanning ip 23.103.128.0 ():
1160 Scanning ip 64.4.22.64 ():
1161 Scanning ip 157.56.110.0 ():
1162 Scanning ip 23.103.208.0 ():
1163 Scanning ip 207.46.100.0 ():
1164 Scanning ip 23.103.198.0 ():
1165 Scanning ip 207.46.163.0 ():
1166 Scanning ip 134.170.140.0 ():
1167 Scanning ip 23.103.200.0 ():
1168 Scanning ip 213.199.154.0 ():
1169 Scanning ip 87.101.237.176 (www.itc.sa.):
1170 80/tcp open http-proxy syn-ack ttl 243 F5 BIG-IP load balancer http proxy
1171 | http-methods:
1172 |_ Supported Methods: GET HEAD POST OPTIONS
1173 |_http-open-proxy: Proxy might be redirecting requests
1174 |_http-server-header: BigIP
1175 |_http-title: Did not follow redirect to https://87.101.237.176/
1176 443/tcp open ssl/https syn-ack ttl 243
1177 | fingerprint-strings:
1178 | GetRequest:
1179 | HTTP/1.1 200 OK
1180 | Date: Sun, 11 Aug 2019 01:16:42 GMT
1181 | Strict-Transport-Security: max-age=31536000; includeSubDomains
1182 | X-XSS-Protection: 1; mode=block
1183 | Feature-Policy: microphone 'none'; camera 'none'
1184 | Expires: Thu, 19 Nov 1981 08:52:00 GMT
1185 | Cache-Control: max-age=420, private, must-revalidate
1186 | Pragma: no-cache
1187 | Vary: Accept-Encoding
1188 | X-Content-Type-Options: nosniff
1189 | X-Frame-Options: sameorigin
1190 | Set-Cookie: PHPSESSID=rf2n313dklepsanht1elcg2pp4; path=/;HttpOnly;Secure
1191 | Set-Cookie: returned_id=rf2n313dklepsanht1elcg2pp4; expires=Tue, 10-Sep-2019 01:16:42 GMT; Max-Age=2592000; path=/;HttpOnly;Secure
1192 | Referrer-Policy: no-referrer
1193 | Content-Security-Policy: default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooU
1194 | HTTPOptions:
1195 | HTTP/1.1 200 OK
1196 | Date: Sun, 11 Aug 2019 01:16:43 GMT
1197 | Strict-Transport-Security: max-age=31536000; includeSubDomains
1198 | X-XSS-Protection: 1; mode=block
1199 | Feature-Policy: microphone 'none'; camera 'none'
1200 | Expires: Thu, 19 Nov 1981 08:52:00 GMT
1201 | Cache-Control: max-age=420, private, must-revalidate
1202 | Pragma: no-cache
1203 | Vary: Accept-Encoding
1204 | X-Content-Type-Options: nosniff
1205 | X-Frame-Options: sameorigin
1206 | Set-Cookie: PHPSESSID=t6flgoc06mjj76b561c8no5rr1; path=/;HttpOnly;Secure
1207 | Set-Cookie: returned_id=t6flgoc06mjj76b561c8no5rr1; expires=Tue, 10-Sep-2019 01:16:43 GMT; Max-Age=2592000; path=/;HttpOnly;Secure
1208 | Referrer-Policy: no-referrer
1209 |_ Content-Security-Policy: default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooU
1210 | http-methods:
1211 |_ Supported Methods: GET HEAD POST OPTIONS
1212 |_http-title: Site doesn't have a title (text/html; charset=UTF-8).
1213 | ssl-cert: Subject: commonName=*.itc.sa/organizationName=Integrated Telecom Company/stateOrProvinceName=Ar Riyad/countryName=SA
1214 | Subject Alternative Name: DNS:*.itc.sa, DNS:itc.sa
1215 | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1216 | Public Key type: rsa
1217 | Public Key bits: 2048
1218 | Signature Algorithm: sha256WithRSAEncryption
1219 | Not valid before: 2018-06-07T00:00:00
1220 | Not valid after: 2020-04-15T12:00:00
1221 | MD5: 4681 804d c576 3467 1292 96a9 01d9 1a7f
1222 |_SHA-1: e532 dda2 7238 8fdb b7ad 31ec e04b 662b 787f 0bb1
1223 |_ssl-date: TLS randomness does not represent time
1224 OS Info: Service Info: Device: load balancer
1225 Scanning ip 87.101.237.175 (web.itc.sa.):
1226 Scanning ip 87.101.144.125 ():
1227 Scanning ip 87.101.144.124 (autodiscover.mail.itc.net.sa (PTR)):
1228 443/tcp open ssl/http syn-ack ttl 116 Microsoft IIS httpd 10.0
1229 |_http-favicon: Unknown favicon MD5: 2CB11F8A463B96AF92E1D27D0CF22870
1230 | http-methods:
1231 |_ Supported Methods: GET HEAD POST OPTIONS
1232 |_http-server-header: Microsoft-IIS/10.0
1233 | http-title: Outlook
1234 |_Requested resource was https://87.101.144.124/owa/auth/logon.aspx?url=https%3a%2f%2f87.101.144.124%2fowa%2f&reason=0
1235 | ssl-cert: Subject: commonName=mail.itc.sa/organizationName=Integrated Telecom Company Ltd/stateOrProvinceName=Riyadh/countryName=SA
1236 | Subject Alternative Name: DNS:mail.itc.sa, DNS:mail.itc.net.sa, DNS:autodiscover.itc.net.sa, DNS:autodiscover.itc.sa, DNS:webmail.itc.sa
1237 | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1238 | Public Key type: rsa
1239 | Public Key bits: 2048
1240 | Signature Algorithm: sha256WithRSAEncryption
1241 | Not valid before: 2019-05-14T00:00:00
1242 | Not valid after: 2019-09-25T12:00:00
1243 | MD5: deda c4aa 109c 044e bde2 07ec d0ec 867e
1244 |_SHA-1: 8453 647d b1bf 62c7 fea4 d1a3 428e a098 5b9c 6467
1245 |_ssl-date: 2019-08-11T01:20:27+00:00; +3s from scanner time.
1246 | tls-alpn:
1247 | h2
1248 |_ http/1.1
1249 OS Info: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1250 |_clock-skew: mean: 2s, deviation: 0s, median: 2s
1251 Scanning ip 23.103.191.0 ():
1252 Scanning ip 40.107.0.0 ():
1253 Scanning ip 40.92.0.0 ():
1254 Scanning ip 157.56.112.0 ():
1255 Scanning ip 207.46.51.64 ():
1256 Scanning ip 104.47.0.0 ():
1257 Scanning ip 213.199.180.128 ():
1258 Scanning ip 87.101.209.6 (ns2.itc.net.sa):
1259 Scanning ip 87.101.209.5 (ns1.itc.net.sa):
1260 WebCrawling domain's web servers... up to 50 max links.
1261
1262 + URL to crawl: http://www.itc.sa.
1263 + Date: 2019-08-10
1264
1265 + Crawling URL: http://www.itc.sa.:
1266 + Links:
1267 + Crawling http://www.itc.sa. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
1268 + Searching for directories...
1269 + Searching open folders...
1270
1271
1272 + URL to crawl: http://www.itc.sa.:443
1273 + Date: 2019-08-10
1274
1275 + Crawling URL: http://www.itc.sa.:443:
1276 + Links:
1277 + Crawling http://www.itc.sa.:443
1278 + Searching for directories...
1279 + Searching open folders...
1280
1281
1282 + URL to crawl: https://mail.itc.sa.
1283 + Date: 2019-08-10
1284
1285 + Crawling URL: https://mail.itc.sa.:
1286 + Links:
1287 + Crawling https://mail.itc.sa.
1288 + Searching for directories...
1289 + Searching open folders...
1290
1291--Finished--
1292Summary information for domain itc.sa.
1293-----------------------------------------
1294 Domain Specific Information:
1295 Email: jsmith@itc.sa,
1296 Email: smith@itc.sa,
1297 Email: john.smith@itc.sa,
1298 Email: j.smith@itc.sa,
1299
1300 Domain Ips Information:
1301 IP: 65.55.169.0
1302 Type: SPF
1303 Is Active: True (reset ttl 64)
1304 IP: 52.100.0.0
1305 Type: SPF
1306 Is Active: True (reset ttl 64)
1307 IP: 65.55.88.0
1308 Type: SPF
1309 Is Active: True (reset ttl 64)
1310 IP: 87.101.144.116
1311 HostName: maila.itc.sa Type: MX
1312 HostName: maila.itc.net.sa Type: PTR
1313 Type: SPF
1314 Country: Saudi Arabia
1315 Is Active: True (reset ttl 64)
1316 IP: 87.101.144.117
1317 HostName: mailb.itc.sa Type: MX
1318 HostName: mailb.itc.net.sa Type: PTR
1319 Type: SPF
1320 Country: Saudi Arabia
1321 Is Active: True (reset ttl 64)
1322 IP: 157.55.234.0
1323 Type: SPF
1324 Is Active: True (reset ttl 64)
1325 IP: 94.245.120.64
1326 Type: SPF
1327 Is Active: True (reset ttl 64)
1328 IP: 216.32.180.0
1329 Type: SPF
1330 Is Active: True (reset ttl 64)
1331 IP: 23.103.128.0
1332 Type: SPF
1333 Is Active: True (reset ttl 64)
1334 IP: 64.4.22.64
1335 Type: SPF
1336 Is Active: True (reset ttl 64)
1337 IP: 157.56.110.0
1338 Type: SPF
1339 Is Active: True (reset ttl 64)
1340 IP: 23.103.208.0
1341 Type: SPF
1342 Is Active: True (reset ttl 64)
1343 IP: 207.46.100.0
1344 Type: SPF
1345 Is Active: True (reset ttl 64)
1346 IP: 23.103.198.0
1347 Type: SPF
1348 Is Active: True (reset ttl 64)
1349 IP: 207.46.163.0
1350 Type: SPF
1351 Is Active: True (reset ttl 64)
1352 IP: 134.170.140.0
1353 Type: SPF
1354 Is Active: True (reset ttl 64)
1355 IP: 23.103.200.0
1356 Type: SPF
1357 Is Active: True (reset ttl 64)
1358 IP: 213.199.154.0
1359 Type: SPF
1360 Is Active: True (reset ttl 64)
1361 IP: 87.101.237.176
1362 HostName: www.itc.sa. Type: A
1363 Country: Saudi Arabia
1364 Is Active: True (reset ttl 64)
1365 Port: 80/tcp open http-proxy syn-ack ttl 243 F5 BIG-IP load balancer http proxy
1366 Script Info: | http-methods:
1367 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1368 Script Info: |_http-open-proxy: Proxy might be redirecting requests
1369 Script Info: |_http-server-header: BigIP
1370 Script Info: |_http-title: Did not follow redirect to https://87.101.237.176/
1371 Port: 443/tcp open ssl/https syn-ack ttl 243
1372 Script Info: | fingerprint-strings:
1373 Script Info: | GetRequest:
1374 Script Info: | HTTP/1.1 200 OK
1375 Script Info: | Date: Sun, 11 Aug 2019 01:16:42 GMT
1376 Script Info: | Strict-Transport-Security: max-age=31536000; includeSubDomains
1377 Script Info: | X-XSS-Protection: 1; mode=block
1378 Script Info: | Feature-Policy: microphone 'none'; camera 'none'
1379 Script Info: | Expires: Thu, 19 Nov 1981 08:52:00 GMT
1380 Script Info: | Cache-Control: max-age=420, private, must-revalidate
1381 Script Info: | Pragma: no-cache
1382 Script Info: | Vary: Accept-Encoding
1383 Script Info: | X-Content-Type-Options: nosniff
1384 Script Info: | X-Frame-Options: sameorigin
1385 Script Info: | Set-Cookie: PHPSESSID=rf2n313dklepsanht1elcg2pp4; path=/;HttpOnly;Secure
1386 Script Info: | Set-Cookie: returned_id=rf2n313dklepsanht1elcg2pp4; expires=Tue, 10-Sep-2019 01:16:42 GMT; Max-Age=2592000; path=/;HttpOnly;Secure
1387 Script Info: | Referrer-Policy: no-referrer
1388 Script Info: | Content-Security-Policy: default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooU
1389 Script Info: | HTTPOptions:
1390 Script Info: | HTTP/1.1 200 OK
1391 Script Info: | Date: Sun, 11 Aug 2019 01:16:43 GMT
1392 Script Info: | Strict-Transport-Security: max-age=31536000; includeSubDomains
1393 Script Info: | X-XSS-Protection: 1; mode=block
1394 Script Info: | Feature-Policy: microphone 'none'; camera 'none'
1395 Script Info: | Expires: Thu, 19 Nov 1981 08:52:00 GMT
1396 Script Info: | Cache-Control: max-age=420, private, must-revalidate
1397 Script Info: | Pragma: no-cache
1398 Script Info: | Vary: Accept-Encoding
1399 Script Info: | X-Content-Type-Options: nosniff
1400 Script Info: | X-Frame-Options: sameorigin
1401 Script Info: | Set-Cookie: PHPSESSID=t6flgoc06mjj76b561c8no5rr1; path=/;HttpOnly;Secure
1402 Script Info: | Set-Cookie: returned_id=t6flgoc06mjj76b561c8no5rr1; expires=Tue, 10-Sep-2019 01:16:43 GMT; Max-Age=2592000; path=/;HttpOnly;Secure
1403 Script Info: | Referrer-Policy: no-referrer
1404 Script Info: |_ Content-Security-Policy: default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooU
1405 Script Info: | http-methods:
1406 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1407 Script Info: |_http-title: Site doesn't have a title (text/html; charset=UTF-8).
1408 Script Info: | ssl-cert: Subject: commonName=*.itc.sa/organizationName=Integrated Telecom Company/stateOrProvinceName=Ar Riyad/countryName=SA
1409 Script Info: | Subject Alternative Name: DNS:*.itc.sa, DNS:itc.sa
1410 Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1411 Script Info: | Public Key type: rsa
1412 Script Info: | Public Key bits: 2048
1413 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1414 Script Info: | Not valid before: 2018-06-07T00:00:00
1415 Script Info: | Not valid after: 2020-04-15T12:00:00
1416 Script Info: | MD5: 4681 804d c576 3467 1292 96a9 01d9 1a7f
1417 Script Info: |_SHA-1: e532 dda2 7238 8fdb b7ad 31ec e04b 662b 787f 0bb1
1418 Script Info: |_ssl-date: TLS randomness does not represent time
1419 Os Info: Device: load balancer
1420 IP: 87.101.237.175
1421 HostName: web.itc.sa. Type: A
1422 Country: Saudi Arabia
1423 Is Active: True (reset ttl 64)
1424 IP: 87.101.144.125
1425 Type: SPF
1426 Is Active: True (reset ttl 64)
1427 IP: 87.101.144.124
1428 Type: SPF
1429 HostName: mail.itc.sa. Type: A
1430 HostName: autodiscover.mail.itc.net.sa Type: PTR
1431 Country: Saudi Arabia
1432 Is Active: True (reset ttl 64)
1433 Port: 443/tcp open ssl/http syn-ack ttl 116 Microsoft IIS httpd 10.0
1434 Script Info: |_http-favicon: Unknown favicon MD5: 2CB11F8A463B96AF92E1D27D0CF22870
1435 Script Info: | http-methods:
1436 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1437 Script Info: |_http-server-header: Microsoft-IIS/10.0
1438 Script Info: | http-title: Outlook
1439 Script Info: |_Requested resource was https://87.101.144.124/owa/auth/logon.aspx?url=https%3a%2f%2f87.101.144.124%2fowa%2f&reason=0
1440 Script Info: | ssl-cert: Subject: commonName=mail.itc.sa/organizationName=Integrated Telecom Company Ltd/stateOrProvinceName=Riyadh/countryName=SA
1441 Script Info: | Subject Alternative Name: DNS:mail.itc.sa, DNS:mail.itc.net.sa, DNS:autodiscover.itc.net.sa, DNS:autodiscover.itc.sa, DNS:webmail.itc.sa
1442 Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1443 Script Info: | Public Key type: rsa
1444 Script Info: | Public Key bits: 2048
1445 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1446 Script Info: | Not valid before: 2019-05-14T00:00:00
1447 Script Info: | Not valid after: 2019-09-25T12:00:00
1448 Script Info: | MD5: deda c4aa 109c 044e bde2 07ec d0ec 867e
1449 Script Info: |_SHA-1: 8453 647d b1bf 62c7 fea4 d1a3 428e a098 5b9c 6467
1450 Script Info: |_ssl-date: 2019-08-11T01:20:27+00:00; +3s from scanner time.
1451 Script Info: | tls-alpn:
1452 Script Info: | h2
1453 Script Info: |_ http/1.1
1454 Os Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1455 Script Info: |_clock-skew: mean: 2s, deviation: 0s, median: 2s
1456 IP: 23.103.191.0
1457 Type: SPF
1458 Is Active: True (reset ttl 64)
1459 IP: 40.107.0.0
1460 Type: SPF
1461 Is Active: True (reset ttl 64)
1462 IP: 40.92.0.0
1463 Type: SPF
1464 Is Active: True (reset ttl 64)
1465 IP: 157.56.112.0
1466 Type: SPF
1467 Is Active: True (reset ttl 64)
1468 IP: 207.46.51.64
1469 Type: SPF
1470 Is Active: True (reset ttl 64)
1471 IP: 104.47.0.0
1472 Type: SPF
1473 Is Active: True (reset ttl 64)
1474 IP: 213.199.180.128
1475 Type: SPF
1476 Is Active: True (reset ttl 64)
1477 IP: 87.101.209.6
1478 HostName: ns2.itc.net.sa Type: NS
1479 Country: Saudi Arabia
1480 Is Active: True (reset ttl 64)
1481 IP: 87.101.209.5
1482 HostName: ns1.itc.net.sa Type: NS
1483 Country: Saudi Arabia
1484 Is Active: True (reset ttl 64)
1485###################################################################################################################################
1486Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:26 EDT
1487Nmap scan report for 87.101.237.176
1488Host is up (0.53s latency).
1489Not shown: 471 filtered ports, 3 closed ports
1490Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1491PORT STATE SERVICE
149280/tcp open http
1493443/tcp open https
1494###################################################################################################################################
1495Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:30 EDT
1496Nmap scan report for 87.101.237.176
1497Host is up (0.21s latency).
1498Not shown: 2 filtered ports
1499PORT STATE SERVICE
150053/udp open|filtered domain
150167/udp open|filtered dhcps
150268/udp open|filtered dhcpc
150369/udp open|filtered tftp
150488/udp open|filtered kerberos-sec
1505123/udp open|filtered ntp
1506139/udp open|filtered netbios-ssn
1507161/udp open|filtered snmp
1508162/udp open|filtered snmptrap
1509389/udp open|filtered ldap
1510520/udp open|filtered route
15112049/udp open|filtered nfs
1512###################################################################################################################################
1513Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:30 EDT
1514Nmap scan report for 87.101.237.176
1515Host is up.
1516
1517PORT STATE SERVICE VERSION
151867/udp open|filtered dhcps
1519|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1520Too many fingerprints match this host to give specific OS details
1521
1522TRACEROUTE (using proto 1/icmp)
1523HOP RTT ADDRESS
15241 213.71 ms 10.247.200.1
15252 214.28 ms 185.242.4.145
15263 213.74 ms xe-1-0-2-0.bb1.tyo1.jp.m247.com (82.102.29.232)
15274 218.09 ms ix-xe-4-1-3-0.tcore2.tv2-tokyo.as6453.net (180.87.181.169)
15285 219.70 ms if-et-24-2.hcore2.kv8-chiba.as6453.net (180.87.181.73)
15296 221.12 ms if-et-1-2.hcore1.kv8-chiba.as6453.net (120.29.211.2)
15307 461.68 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
15318 462.23 ms if-ae-18-3.tcore1.sqn-san-jose.as6453.net (63.243.205.130)
15329 466.41 ms if-ae-0-2.tcore1.nto-new-york.as6453.net (63.243.128.30)
153310 469.43 ms if-ae-7-2.tcore1.n0v-new-york.as6453.net (63.243.128.26)
153411 463.53 ms if-ae-2-2.tcore2.n0v-new-york.as6453.net (216.6.90.22)
153512 467.16 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
153613 481.56 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
153714 ... 20
153821 514.81 ms 80.231.200.146
153922 ... 23
154024 510.17 ms 80.231.200.146
154125 ... 26
154227 515.28 ms 80.231.200.146
154328 ... 30
1544###################################################################################################################################
1545Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:32 EDT
1546Nmap scan report for 87.101.237.176
1547Host is up.
1548
1549PORT STATE SERVICE VERSION
155068/udp open|filtered dhcpc
1551Too many fingerprints match this host to give specific OS details
1552
1553TRACEROUTE (using proto 1/icmp)
1554HOP RTT ADDRESS
15551 219.84 ms 10.247.200.1
15562 219.94 ms 185.242.4.145
15573 219.91 ms xe-1-0-2-0.bb1.tyo1.jp.m247.com (82.102.29.232)
15584 219.94 ms ix-xe-4-1-3-0.tcore2.tv2-tokyo.as6453.net (180.87.181.169)
15595 225.89 ms if-et-24-2.hcore2.kv8-chiba.as6453.net (180.87.181.73)
15606 225.67 ms if-et-1-2.hcore1.kv8-chiba.as6453.net (120.29.211.2)
15617 468.29 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
15628 461.96 ms if-ae-18-3.tcore1.sqn-san-jose.as6453.net (63.243.205.130)
15639 466.82 ms if-ae-0-2.tcore1.nto-new-york.as6453.net (63.243.128.30)
156410 468.22 ms if-ae-7-2.tcore1.n0v-new-york.as6453.net (63.243.128.26)
156511 469.81 ms if-ae-2-2.tcore2.n0v-new-york.as6453.net (216.6.90.22)
156612 466.79 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
156713 478.50 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
156814 ...
156915 516.08 ms 80.231.200.146
157016 ... 23
157124 518.44 ms 80.231.200.146
157225 ... 26
157327 515.83 ms 80.231.200.146
157428 ... 30
1575###################################################################################################################################
1576Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:34 EDT
1577Nmap scan report for 87.101.237.176
1578Host is up.
1579
1580PORT STATE SERVICE VERSION
158169/udp open|filtered tftp
1582Too many fingerprints match this host to give specific OS details
1583
1584TRACEROUTE (using proto 1/icmp)
1585HOP RTT ADDRESS
15861 213.73 ms 10.247.200.1
15872 213.99 ms 185.242.4.145
15883 214.33 ms xe-1-0-2-0.bb1.tyo1.jp.m247.com (82.102.29.232)
15894 213.94 ms ix-xe-4-1-3-0.tcore2.tv2-tokyo.as6453.net (180.87.181.169)
15905 349.72 ms if-et-24-2.hcore2.kv8-chiba.as6453.net (180.87.181.73)
15916 219.78 ms if-et-1-2.hcore1.kv8-chiba.as6453.net (120.29.211.2)
15927 461.61 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
15938 462.23 ms if-ae-18-3.tcore1.sqn-san-jose.as6453.net (63.243.205.130)
15949 465.99 ms if-ae-0-2.tcore1.nto-new-york.as6453.net (63.243.128.30)
159510 467.86 ms if-ae-7-2.tcore1.n0v-new-york.as6453.net (63.243.128.26)
159611 469.10 ms if-ae-2-2.tcore2.n0v-new-york.as6453.net (216.6.90.22)
159712 466.66 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
159813 479.23 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
159914 ... 17
160018 516.56 ms 80.231.200.146
160119 ... 23
160224 517.07 ms 80.231.200.146
160325 522.57 ms 80.231.200.146
160426 516.18 ms 80.231.200.146
160527 ... 30
1606###################################################################################################################################
1607Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:36 EDT
1608Nmap scan report for 87.101.237.176
1609Host is up.
1610
1611PORT STATE SERVICE VERSION
161280/tcp filtered http
1613Too many fingerprints match this host to give specific OS details
1614
1615TRACEROUTE (using proto 1/icmp)
1616HOP RTT ADDRESS
16171 214.66 ms 10.247.200.1
16182 215.06 ms 185.242.4.145
16193 215.04 ms xe-1-0-2-0.bb1.tyo1.jp.m247.com (82.102.29.232)
16204 215.08 ms ix-xe-4-1-3-0.tcore2.tv2-tokyo.as6453.net (180.87.181.169)
16215 369.37 ms if-et-24-2.hcore2.kv8-chiba.as6453.net (180.87.181.73)
16226 219.66 ms if-et-1-2.hcore1.kv8-chiba.as6453.net (120.29.211.2)
16237 462.39 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
16248 462.43 ms if-ae-18-3.tcore1.sqn-san-jose.as6453.net (63.243.205.130)
16259 466.23 ms if-ae-0-2.tcore1.nto-new-york.as6453.net (63.243.128.30)
162610 469.68 ms if-ae-7-2.tcore1.n0v-new-york.as6453.net (63.243.128.26)
162711 469.11 ms if-ae-2-2.tcore2.n0v-new-york.as6453.net (216.6.90.22)
162812 465.86 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
162913 478.81 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
163014 ... 23
163124 519.43 ms 80.231.200.146
163225 ... 30
1633###################################################################################################################################
1634http://87.101.237.176 [302 Found] Country[SAUDI ARABIA][SA], HTTPServer[BigIP], IP[87.101.237.176], RedirectLocation[https://87.101.237.176/]
1635https://87.101.237.176/ [200 OK] Cookies[PHPSESSID,TS01dd26aa,returned_id], Country[SAUDI ARABIA][SA], HTML5, HttpOnly[PHPSESSID,returned_id], IP[87.101.237.176], JQuery[3.2.1], Meta-Author[Outech Media [www.outech.sa]], Open-Graph-Protocol[website], Script[text/javascript], Strict-Transport-Security[max-age=31536000; includeSubDomains], UncommonHeaders[feature-policy,x-content-type-options,referrer-policy,content-security-policy], X-Frame-Options[sameorigin], X-XSS-Protection[1; mode=block]
1636####################################################################################################################################
1637HTTP/1.0 302 Found
1638Location: https://87.101.237.176/
1639Server: BigIP
1640Connection: Keep-Alive
1641Content-Length: 0
1642
1643HTTP/1.0 302 Found
1644Location: https://87.101.237.176/
1645Server: BigIP
1646Connection: Keep-Alive
1647Content-Length: 0
1648###################################################################################################################################
1649Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:37 EDT
1650Nmap scan report for 87.101.237.176
1651Host is up.
1652
1653PORT STATE SERVICE VERSION
1654123/udp open|filtered ntp
1655Too many fingerprints match this host to give specific OS details
1656
1657TRACEROUTE (using proto 1/icmp)
1658HOP RTT ADDRESS
16591 213.80 ms 10.247.200.1
16602 229.41 ms 185.242.4.145
16613 213.84 ms xe-1-0-2-0.bb1.tyo1.jp.m247.com (82.102.29.232)
16624 213.84 ms ix-xe-4-1-3-0.tcore2.tv2-tokyo.as6453.net (180.87.181.169)
16635 219.63 ms if-et-24-2.hcore2.kv8-chiba.as6453.net (180.87.181.73)
16646 221.63 ms if-et-1-2.hcore1.kv8-chiba.as6453.net (120.29.211.2)
16657 461.24 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
16668 462.41 ms if-ae-18-3.tcore1.sqn-san-jose.as6453.net (63.243.205.130)
16679 466.40 ms if-ae-0-2.tcore1.nto-new-york.as6453.net (63.243.128.30)
166810 467.43 ms if-ae-7-2.tcore1.n0v-new-york.as6453.net (63.243.128.26)
166911 472.97 ms if-ae-2-2.tcore2.n0v-new-york.as6453.net (216.6.90.22)
167012 470.78 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
167113 486.53 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
167214 519.09 ms 80.231.200.146
167315 ... 22
167423 515.46 ms 80.231.200.146
167524 ...
167625 517.59 ms 80.231.200.146
167726 520.94 ms 80.231.200.146
167827 ... 30
1679###################################################################################################################################
1680Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:39 EDT
1681Nmap scan report for 87.101.237.176
1682Host is up.
1683
1684PORT STATE SERVICE VERSION
1685443/tcp filtered https
1686Too many fingerprints match this host to give specific OS details
1687
1688TRACEROUTE (using proto 1/icmp)
1689HOP RTT ADDRESS
16901 214.53 ms 10.247.200.1
16912 215.00 ms 185.242.4.145
16923 214.76 ms xe-1-0-2-0.bb1.tyo1.jp.m247.com (82.102.29.232)
16934 215.00 ms ix-xe-4-1-3-0.tcore2.tv2-tokyo.as6453.net (180.87.181.169)
16945 221.24 ms if-et-24-2.hcore2.kv8-chiba.as6453.net (180.87.181.73)
16956 227.83 ms if-et-1-2.hcore1.kv8-chiba.as6453.net (120.29.211.2)
16967 462.54 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
16978 463.15 ms if-ae-18-3.tcore1.sqn-san-jose.as6453.net (63.243.205.130)
16989 467.17 ms if-ae-0-2.tcore1.nto-new-york.as6453.net (63.243.128.30)
169910 469.00 ms if-ae-7-2.tcore1.n0v-new-york.as6453.net (63.243.128.26)
170011 469.14 ms if-ae-2-2.tcore2.n0v-new-york.as6453.net (216.6.90.22)
170112 466.46 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
170213 479.06 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
170314 ... 26
170427 521.06 ms 80.231.200.146
170528 ... 30
1706##################################################################################################################################
1707https://87.101.237.176 [200 OK] Cookies[PHPSESSID,TS01dd26aa,returned_id], Country[SAUDI ARABIA][SA], HTML5, HttpOnly[PHPSESSID,returned_id], IP[87.101.237.176], JQuery[3.2.1], Meta-Author[Outech Media [www.outech.sa]], Open-Graph-Protocol[website], Script[text/javascript], Strict-Transport-Security[max-age=31536000; includeSubDomains], UncommonHeaders[feature-policy,x-content-type-options,referrer-policy,content-security-policy], X-Frame-Options[sameorigin], X-XSS-Protection[1; mode=block]
1708###################################################################################################################################
1709Version: 1.11.13-static
1710OpenSSL 1.0.2-chacha (1.0.2g-dev)
1711
1712Connected to 87.101.237.176
1713
1714Testing SSL server 87.101.237.176 on port 443 using SNI name 87.101.237.176
1715
1716 TLS Fallback SCSV:
1717Server supports TLS Fallback SCSV
1718
1719 TLS renegotiation:
1720Secure session renegotiation supported
1721
1722 TLS Compression:
1723Compression disabled
1724
1725 Heartbleed:
1726TLS 1.2 not vulnerable to heartbleed
1727TLS 1.1 not vulnerable to heartbleed
1728TLS 1.0 not vulnerable to heartbleed
1729
1730 Supported Server Cipher(s):
1731Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1732Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1733Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1734Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1735Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1736Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1737Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1738Accepted TLSv1.2 128 bits AES128-SHA
1739Accepted TLSv1.2 128 bits AES128-SHA256
1740Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1741Accepted TLSv1.2 256 bits AES256-SHA
1742Accepted TLSv1.2 256 bits AES256-SHA256
1743Accepted TLSv1.2 128 bits CAMELLIA128-SHA
1744Accepted TLSv1.2 256 bits CAMELLIA256-SHA
1745Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 1024 bits
1746Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
1747Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 1024 bits
1748Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 1024 bits
1749Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
1750Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 1024 bits
1751Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 1024 bits
1752Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 1024 bits
1753Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1754Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1755Accepted TLSv1.1 128 bits AES128-SHA
1756Accepted TLSv1.1 256 bits AES256-SHA
1757Accepted TLSv1.1 128 bits CAMELLIA128-SHA
1758Accepted TLSv1.1 256 bits CAMELLIA256-SHA
1759Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
1760Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
1761Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 1024 bits
1762Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 1024 bits
1763Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1764Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1765Accepted TLSv1.0 128 bits AES128-SHA
1766Accepted TLSv1.0 256 bits AES256-SHA
1767Accepted TLSv1.0 128 bits CAMELLIA128-SHA
1768Accepted TLSv1.0 256 bits CAMELLIA256-SHA
1769Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
1770Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
1771Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 1024 bits
1772Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 1024 bits
1773
1774 SSL Certificate:
1775Signature Algorithm: sha256WithRSAEncryption
1776RSA Key Strength: 2048
1777
1778Subject: *.itc.sa
1779Altnames: DNS:*.itc.sa, DNS:itc.sa
1780Issuer: DigiCert SHA2 Secure Server CA
1781
1782Not valid before: Jun 7 00:00:00 2018 GMT
1783Not valid after: Apr 15 12:00:00 2020 GMT
1784###################################################################################################################################
1785Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:47 EDT
1786NSE: Loaded 45 scripts for scanning.
1787NSE: Script Pre-scanning.
1788NSE: Starting runlevel 1 (of 2) scan.
1789Initiating NSE at 21:47
1790Completed NSE at 21:47, 0.00s elapsed
1791NSE: Starting runlevel 2 (of 2) scan.
1792Initiating NSE at 21:47
1793Completed NSE at 21:47, 0.00s elapsed
1794Initiating Ping Scan at 21:47
1795Scanning 87.101.237.176 [4 ports]
1796Completed Ping Scan at 21:47, 0.57s elapsed (1 total hosts)
1797Initiating Parallel DNS resolution of 1 host. at 21:47
1798Completed Parallel DNS resolution of 1 host. at 21:47, 0.03s elapsed
1799Initiating Connect Scan at 21:47
1800Scanning 87.101.237.176 [65535 ports]
1801Discovered open port 443/tcp on 87.101.237.176
1802Discovered open port 80/tcp on 87.101.237.176
1803Connect Scan Timing: About 2.30% done; ETC: 22:10 (0:21:57 remaining)
1804Connect Scan Timing: About 7.59% done; ETC: 22:00 (0:12:22 remaining)
1805Connect Scan Timing: About 11.71% done; ETC: 22:00 (0:11:26 remaining)
1806Connect Scan Timing: About 18.43% done; ETC: 22:00 (0:10:42 remaining)
1807Connect Scan Timing: About 24.29% done; ETC: 21:59 (0:09:05 remaining)
1808Connect Scan Timing: About 31.34% done; ETC: 21:58 (0:07:29 remaining)
1809Connect Scan Timing: About 38.54% done; ETC: 21:57 (0:06:15 remaining)
1810Connect Scan Timing: About 45.56% done; ETC: 21:57 (0:05:17 remaining)
1811Connect Scan Timing: About 52.22% done; ETC: 21:56 (0:04:30 remaining)
1812Connect Scan Timing: About 59.39% done; ETC: 21:56 (0:03:42 remaining)
1813Connect Scan Timing: About 66.25% done; ETC: 21:56 (0:03:01 remaining)
1814Connect Scan Timing: About 71.79% done; ETC: 21:56 (0:02:31 remaining)
1815Connect Scan Timing: About 78.23% done; ETC: 21:56 (0:01:56 remaining)
1816Connect Scan Timing: About 84.02% done; ETC: 21:56 (0:01:25 remaining)
1817Connect Scan Timing: About 89.18% done; ETC: 21:56 (0:00:58 remaining)
1818Connect Scan Timing: About 94.16% done; ETC: 21:56 (0:00:31 remaining)
1819Completed Connect Scan at 21:56, 533.38s elapsed (65535 total ports)
1820Initiating Service scan at 21:56
1821Scanning 2 services on 87.101.237.176
1822Completed Service scan at 21:59, 180.19s elapsed (2 services on 1 host)
1823Initiating OS detection (try #1) against 87.101.237.176
1824Retrying OS detection (try #2) against 87.101.237.176
1825Initiating Traceroute at 21:59
1826Completed Traceroute at 21:59, 6.49s elapsed
1827Initiating Parallel DNS resolution of 13 hosts. at 21:59
1828Completed Parallel DNS resolution of 13 hosts. at 21:59, 0.59s elapsed
1829NSE: Script scanning 87.101.237.176.
1830NSE: Starting runlevel 1 (of 2) scan.
1831Initiating NSE at 21:59
1832Completed NSE at 21:59, 12.92s elapsed
1833NSE: Starting runlevel 2 (of 2) scan.
1834Initiating NSE at 21:59
1835Completed NSE at 21:59, 0.00s elapsed
1836Nmap scan report for 87.101.237.176
1837Host is up, received syn-ack ttl 241 (0.45s latency).
1838Scanned at 2019-08-10 21:47:32 EDT for 745s
1839Not shown: 65530 filtered ports
1840Reason: 65530 no-responses
1841PORT STATE SERVICE REASON VERSION
184225/tcp closed smtp conn-refused
184380/tcp open http-proxy syn-ack F5 BIG-IP load balancer http proxy
1844|_http-server-header: BigIP
1845| vulscan: VulDB - https://vuldb.com:
1846| [127040] Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting
1847| [110793] Kemp Load Balancer up to 7.2.40.0 Web Application Firewall HTTP POST Request Bypass privilege escalation
1848| [108732] F5 BIG-IP up to 11.5.4/11.6.1/12.1.1 HTTP Proxy/SOCKS privilege escalation
1849| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
1850| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
1851| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
1852| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
1853| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
1854| [135220] IBM Cloud Private Kubernetes API Server 2.1.0/3.1.0/3.1.1/3.1.2 HTTP Proxy unknown vulnerability
1855| [134572] Avaya One-X Portal for IP Office up to 9.1.2.0 AFA Portal DownloadToLocalDriveServlet HTTP Request information disclosure
1856| [134499] Google Android up to 9.0 Proxy Auto-Config ic.cc UpdateLoadElement memory corruption
1857| [134427] Sierra Wireless AirLink ES450 4.9.3 ACEManager template_load.cgi HTTP Request information disclosure
1858| [134424] Sierra Wireless AirLink ES450 4.9.3 Webserver upload.cgi HTTP Request Code Execution
1859| [134361] Cisco Web Security Appliance Web Proxy Function HTTPS Request Restart denial of service
1860| [133328] WebKitGTK/WPE WebKit up to 2.24.0 HTTP Proxy Setting Deanonymization information disclosure
1861| [130384] Zen Load Balancer 3.10.1 index.cgi privilege escalation
1862| [128801] Cisco IOS/IOS XE TCP Socket HTTP Requests Reload denial of service
1863| [128607] Proxygen HTTP2 Parser Header/Trailer denial of service
1864| [128606] Proxygen HTTP2 Priority Setting denial of service
1865| [127297] OCS Inventory NG File Upload HTTP Requests Code Execution
1866| [124890] Cisco Prime Infrastructure HTTP Web Server File Upload privilege escalation
1867| [123948] Lone Wolf Technologies loadingDOCS 2018-08-13 Permission HTTPS Request privilege escalation
1868| [123178] Insteon Hub 1013 HTTP Server /mpfsupload POST Request privilege escalation
1869| [122199] F5 BIG-IP up to 11.6.3.2/12.1.3.6/13.0.1 HTTP Health Monitor unknown vulnerability
1870| [122198] F5 BIG-IP ASM up to 11.5.6/11.6.3.1/12.1.3.5/13.1.0.1 bd HTTP Requests CPU Exhaustion denial of service
1871| [121993] F5 BIG-IP up to 11.6.3/12.1.3/13.1.0 TMM HTTP Response Restart denial of service
1872| [119218] https-proxy-agent up to 2.1.0 on Node.js JSON Parameter Memory Leak denial of service
1873| [119215] https-proxy-agent on Node.js Memory Leak denial of service
1874| [119044] http-proxy.js on Node.js Environment Variable privilege escalation
1875| [118904] Http-proxy up to 0.6.x on Node.js Error Crash denial of service
1876| [118896] http-signature up to 0.9.11 on Node.js Download weak encryption
1877| [118522] httpsync on Node.js Download weak encryption
1878| [118220] HAProxy up to 1.8.9 Authorization Header proto_http.c check_request_for_cacheability information disclosure
1879| [116923] Belkin N750 1.10.22 HTTP Request proxy.cgi memory corruption
1880| [116922] Belkin N750 1.10.22 HTTP Request proxy.cgi privilege escalation
1881| [116168] F5 BIG-IP up to 11.5.5/11.6.2/12.1.2 SPDY/HTTP2 Request denial of service
1882| [116167] F5 BIG-IP up to 11.5.5/11.6.2/12.1.2 SOCKS Proxy Request denial of service
1883| [116054] Symantec Advanced Secure Gateway/CacheFlow/ProxySG Management Console HTTP/HTTPS Request Crash denial of service
1884| [116052] Symantec Advanced Secure Gateway/ProxySG Management Console File Upload privilege escalation
1885| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
1886| [113652] Atlassian Floodlight Controller up to 1.1 LoadBalancer Module NULL Pointer Dereference denial of service
1887| [113121] Vobot Clock up to 0.99.29 Breakout Download HTTP Response weak encryption
1888| [113073] Squid Proxy up to 4.0.22 HTTP Header HTTP Response NULL Pointer Dereference denial of service
1889| [113070] Squid Proxy up to 3.5.27/4.0.22 ESI Response HTTP Response denial of service
1890| [112294] AsusWRT up to 3.0.0.4 router/httpd/web.c do_vpnupload_post privilege escalation
1891| [111181] NetTransport Download Manager up to 2.96L NetTransport.exe HTTP Response memory corruption
1892| [111053] GetGo Download Manager up to 5.3.0.2712 HTTP Server memory corruption
1893| [110982] F5 BIG-IP 12.1.0/12.1.1/12.1.2/13.0.0 HTTP HTTP Requests denial of service
1894| [109852] Huawei VCM5010 HTTP Request File Upload weak authentication
1895| [108734] F5 BIG-IP up to 11.5.4/11.6.1/12.1.1 Traffic Management Microkernel HTTP Request Restart denial of service
1896| [106846] Apache Tomcat up to 7.0.79 on Windows HTTP PUT Method Parameter File Upload privilege escalation
1897| [103748] Barracuda Load Balancer 5.4.0.004/6.0.1.006 privilege escalation
1898| [102782] Vivotek IB8369/FD8164/FD816BA Web Service downloadMedias.cgi HTTP Request directory traversal
1899| [101768] Spring Security up to 3.2.4 CAS Proxy Ticket Authentication HTTP Request Bypass privilege escalation
1900| [99492] Facebook Proxygen HTTPMessage.request State Hijacking privilege escalation
1901| [97892] Apache Tomcat up to 9.0.0.M15 Reverse-Proxy Http11InputBuffer.java information disclosure
1902| [97489] Umbraco up to 7.3.x FeedProxy.aspx.cs Page_Load Server-Side Request Forgery
1903| [96077] PEAR HTTP_Upload v1.0.0b3 Upload.php privilege escalation
1904| [95118] http-client up to 0.10 Environment Variable Proxy privilege escalation
1905| [94746] filedownload Plugin 1.4 on WordPress Proxy privilege escalation
1906| [92268] F5 BIG-IP up to 11.5.1 HF10 Proxy/SOCKS privilege escalation
1907| [87133] Squid Proxy 3.5.17/4.0.9 HTTP Request privilege escalation
1908| [82731] Cisco AireOS up to 7.4.120.0/7.5.x/7.6.100.0 on WLC HTTP Request Reload denial of service
1909| [82215] F5 BIG-IP Blacklist Filter uploadImage.php privilege escalation
1910| [81565] Squid Proxy up to 3.5.15/4.0.7 HTTP Response denial of service
1911| [81149] Cisco Web Security Appliance Web Proxy HTTPS Request denial of service
1912| [81111] Squid Proxy up to 4.0.6 HTTP Status Code http.cc denial of service
1913| [81110] Squid Proxy up to 3.5.14/4.0.6 Response http.cc denial of service
1914| [81108] Squid Proxy up to 3.5.14/4.0.6 HTTP Header denial of service
1915| [81132] Squid Proxy 3.5.13/4.0 HTTP Status Code http.cc denial of service
1916| [80611] Cisco Web Security Appliance 8.5.3-055/9.1.0-000/9.5.0-235 Proxy Engine HTTP Method privilege escalation
1917| [75609] Wavelink ConnectPro TermProxy Service WLTermProxyService.exe HTTP Header memory corruption
1918| [75174] cURL/libcURL up to 7.42.0 HTTP Header Proxy information disclosure
1919| [75163] Cisco StarOS 12.0/12.2(300)/14.0/14.0(600) on ASR 5000 HTTP Reload denial of service
1920| [69198] Squid Proxy 3.1.9 HTTP Header Injection cross site scripting
1921| [69028] Cisco Unified IP Phone 9900 9.3(4.24) HTTP Request File Upload privilege escalation
1922| [69014] libcURL 7.30.0/7.31.0 HTTP Proxy cross site request forgery
1923| [68980] Barracuda Load Balancer 5.0.0.015 Default Credentials weak authentication
1924| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
1925| [68198] F5 BIG-IP 10.2.1 HTTP POST Request properties.jsp directory traversal
1926| [71693] HAProxy 1.5.0/1.5.1/1.5.2/1.5.3 proto_http.c http_request_forward_body memory corruption
1927| [67289] Barracuda Load Balancer 4.2.1 cross site scripting
1928| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
1929| [12338] Barracuda Networks Load Balancer 4.2.2.007 340-series index.php privilege escalation
1930| [11320] Instagram/Flattr 4.0.2/4.1.2/4.2.7 on iOS/Android HTTP POST Request Photo Upload weak encryption
1931| [9594] Oracle HTTP Server 2.2.9 Proxy Plug-In mod_proxy_http.c information disclosure
1932| [9547] Squid Proxy up to 3.3.7 HTTP Request denial of service
1933| [9526] Squid Proxy up to 3.3.6 dns_internal.cc idnsALookup() HTTP Request denial of service
1934| [9076] Wireshark up to 1.8.7 HTTP Dissector packet-http.c http_payload_subdissector Crafted Packet denial of service
1935| [8099] Google Chrome up to 25.0.1364.172 ppb_url_loader_proxy.cc OnMsgReadResponseBodyAck() information disclosure
1936| [7890] Squid Proxy up to 3.2.7 http.cc httpMakeVaryMark denial of service
1937| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
1938| [62895] libproxy 0.2.3/0.3.0/0.3.1 lib/pac.c px_pac_reload memory corruption
1939| [62290] Cisco Application Control Engine Module 3.0 Load Balancer denial of service
1940| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
1941| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
1942| [60862] CVS 1.11/1.12 HTTP Proxy Server proxy_connect memory corruption
1943| [5312] Mozilla Firefox up to 11.0 RSS/Atom XML HTTPS Content Loading URL spoofing
1944| [5176] Squid Proxy 3.1.19 HTTP Header Host Field Parser CONNECT Request privilege escalation
1945| [4846] Citrix XenServer up to 6.0.2 Workload Balancer denial of service
1946| [4591] Mozilla Firefox up to 3.6.26/6.0 IPv6 Proxy XMLHttpRequest Object information disclosure
1947| [59556] Apache HTTP Server up to 2.0.53 mod_proxy information disclosure
1948| [57268] Banu Tinyproxy up to 1.8.2 HTTP Proxy Server acl.c unknown vulnerability
1949| [56893] PHP HTTP Proxy Crash denial of service
1950| [51717] Apache HTTP Server up to 1.3.3 mod_proxy ap_proxy_send_fb memory corruption
1951| [49857] Apache HTTP Server mod_proxy_ftp cross site scripting
1952| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
1953| [49208] Joompolitan Com Livechat 1.0 HTTP Proxy xmlhttp.php unknown vulnerability
1954| [49178] Squid Proxy up to 3.1.0.11 HttpMsg.cc denial of service
1955| [49177] Squid Proxy up to 3.1.0.11 HttpMsg.cc denial of service
1956| [47568] Versalsoft Http File Upload Activex Control 6.0.0.35 ActiveX Control UUploaderSvrD.dll unknown vulnerability
1957| [46372] Squid Proxy up to 3.1.0.4 HttpMsg.c denial of service
1958| [43705] HAVP HTTP Antivirus Proxy 0.88 sockethandler.cpp denial of service
1959| [43556] Apache HTTP Server up to 2.1.8 mod_proxy_ftp proxy_ftp.c cross site scripting
1960| [40503] Apache HTTP Server mod_proxy_ftp cross site scripting
1961| [39685] F5 Firepass 4100 up to 5.4.6 download_plugin.php3 cross site scripting
1962| [39574] EDraw Flowchart ActiveX 2.3 ActiveX Control edimage.ocx HttpDownloadFile() directory traversal
1963| [37328] Astaro Security Gateway HTTP Proxy denial of service
1964| [36679] VersalSoft HTTP File Upload ActiveX control ActiveX Control ufileuploaderd.dll addfile memory corruption
1965| [32498] Squiz MySource Matrix 3.8 HTTP Proxy Server cross site scripting
1966| [32497] Squiz Mysource Classic up to 3.8 HTTP Proxy Server cross site scripting
1967| [31834] musicbrainz Libmusicbrainz Svn up to 2.1.2 lib/http.cpp mbhttp::download memory corruption
1968| [2279] Mozilla Firefox up to 1.5.0.3 HTTP Reply Proxy unknown vulnerability
1969|
1970| MITRE CVE - https://cve.mitre.org:
1971| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
1972| [CVE-2012-4505] Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.
1973| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
1974| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
1975| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
1976| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
1977| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
1978| [CVE-2007-5273] Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.
1979| [CVE-2006-4450] usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.
1980| [CVE-2013-4081] The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
1981| [CVE-2013-2961] The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to perform unspecified redirection of HTTP requests, and bypass the proxy-server configuration, via crafted HTTP traffic.
1982| [CVE-2013-2950] CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1.5 CF26, 7.0.0.x before 7.0.0.2 CF21, and 8.0.0.x through 8.0.0.1 CF5, when home substitution (aka uri.home.substitution) is enabled, allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
1983| [CVE-2013-2873] Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP status code during the loading of resources.
1984| [CVE-2013-2503] Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.
1985| [CVE-2013-2304] The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile Black Edition application 2.8.0 and earlier for Android allow remote attackers to load arbitrary Extension APIs, and trigger downloads or obtain sensitive HTTP response-body information, via a crafted web page.
1986| [CVE-2013-2203] WordPress before 3.5.2, when the uploads directory forbids write access, allows remote attackers to obtain sensitive information via an invalid upload request, which reveals the absolute path in an XMLHttpRequest error message.
1987| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
1988| [CVE-2013-1912] Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted pipelined HTTP requests that prevent request realignment from occurring.
1989| [CVE-2013-1630] pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation.
1990| [CVE-2013-1451] Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent with the Address bar, which makes it easier for remote attackers to spoof web sites via a crafted HTML document that triggers many HTTPS requests to an arbitrary host, followed by an HTTPS request to a trusted host and then an HTTP request to an untrusted host, a related issue to CVE-2013-1450.
1991| [CVE-2013-1450] Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows remote attackers to obtain sensitive information intended for a specific host via a crafted HTML document that triggers many HTTPS requests and then triggers an HTTP request to that host, as demonstrated by reading a Cookie header, aka MSRC 12096gd.
1992| [CVE-2013-1155] The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624.
1993| [CVE-2013-1150] The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
1994| [CVE-2013-0947] EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2) configuration file.
1995| [CVE-2013-0776] Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.
1996| [CVE-2013-0519] IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 provides web-server version data in (1) an unspecified page title and (2) an unspecified HTTP header field, which allows remote attackers to obtain potentially sensitive information by reading a version string.
1997| [CVE-2013-0150] Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.
1998| [CVE-2012-6026] The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460.
1999| [CVE-2012-5332] at32 Reverse Proxy 1.060.310 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long string in an HTTP header field, as demonstrated using the If-Unmodified-Since field.
2000| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
2001| [CVE-2012-4271] Multiple cross-site scripting (XSS) vulnerabilities in bad-behavior-wordpress-admin.php in the Bad Behavior plugin before 2.0.47 and 2.2.x before 2.2.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) httpbl_key, (3) httpbl_maxage, (4) httpbl_threat, (5) reverse_proxy_addresses, or (6) reverse_proxy_header parameter.
2002| [CVE-2012-3919] The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denial of service (incorrect memory access and module reboot) via application traffic, aka Bug ID CSCtw70879.
2003| [CVE-2012-3526] The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
2004| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
2005| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
2006| [CVE-2012-2632] SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which allows remote attackers to bypass intended URL restrictions via a TCP session.
2007| [CVE-2012-2573] Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, (4) an ONLOAD attribute of a BODY element, (5) a crafted SRC attribute of an IFRAME element, (6) a crafted CONTENT attribute of an HTTP-EQUIV="refresh" META element, or (7) a data: URL in the CONTENT attribute of an HTTP-EQUIV="refresh" META element.
2008| [CVE-2012-1011] actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote attackers to bypass intended access restrictions to upload and execute arbitrary PHP code by setting the HTTP_REFERER to a certain value, then uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.
2009| [CVE-2012-0804] Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
2010| [CVE-2012-0387] Memory leak in the HTTP Inspection Engine feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit HTTP traffic, aka Bug ID CSCtq36153.
2011| [CVE-2012-0370] Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435.
2012| [CVE-2011-5126] Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read access to a downloaded core file.
2013| [CVE-2011-4765] The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by Wizard/Edit/Modules/ImageGallery/MultiImagesUpload and certain other files.
2014| [CVE-2011-4449] actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
2015| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
2016| [CVE-2011-3670] Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages.
2017| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
2018| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
2019| [CVE-2011-3281] Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain HTTP Layer 7 Application Control and Inspection configurations, allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTP packet, aka Bug ID CSCto68554.
2020| [CVE-2011-1499] acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.
2021| [CVE-2011-1498] Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.
2022| [CVE-2011-1469] Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper.
2023| [CVE-2011-1316] The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending many UDP messages.
2024| [CVE-2011-0398] The Piwik_Common::getIP function in Piwik before 1.1 does not properly determine the client IP address, which allows remote attackers to bypass intended geolocation and logging functionality via (1) use of a private (aka RFC 1918) address behind a proxy server or (2) spoofing of the X-Forwarded-For HTTP header.
2025| [CVE-2011-0395] Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.
2026| [CVE-2011-0272] Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.
2027| [CVE-2010-5189] Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session.
2028| [CVE-2010-4488] Google Chrome before 8.0.552.215 does not properly handle HTTP proxy authentication, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
2029| [CVE-2010-3964] Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."
2030| [CVE-2010-3281] Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.
2031| [CVE-2010-2823] Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493.
2032| [CVE-2010-2815] Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.
2033| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
2034| [CVE-2010-2787] api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache that has been used by a victim.
2035| [CVE-2010-2584] The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property.
2036| [CVE-2010-2493] The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) the jbpm-console application, (7) the contract application, and (8) the uddi-console application in JBoss Enterprise SOA Platform before 5.0.2 contains GET and POST http-method elements, which allows remote attackers to bypass intended access restrictions via a crafted HTTP request.
2037| [CVE-2010-2465] The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download node logs, photographs of persons, and backup files via unspecified HTTP requests.
2038| [CVE-2010-2327] mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server (WAS) on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which might allow remote attackers to cause a denial of service (daemon fail) via an upload.
2039| [CVE-2010-2267] Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web Server (aka Rock Web Server) 1.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the getenv sample program, (2) the desc parameter to loadstatic.cgi, (3) the name parameter to httpdcfg.cgi, or (4) the dns parameter to servercfg.cgi.
2040| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
2041| [CVE-2010-1908] The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance does not properly restrict access to the HTTPDownloadFile, HTTPGetFile, Install, and RunCmd methods, which allows remote attackers to execute arbitrary programs via a URL in the url argument to (1) HTTPDownloadFile or (2) HTTPGetFile.
2042| [CVE-2010-1767] Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation.
2043| [CVE-2010-1760] loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150.
2044| [CVE-2010-1622] SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
2045| [CVE-2010-1197] Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.
2046| [CVE-2010-0652] Microsoft Internet Explorer permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote HTTP servers to obtain sensitive information via a crafted document.
2047| [CVE-2010-0643] Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via standard HTTP logging, as demonstrated by a proxy server that was configured for the purpose of anonymity.
2048| [CVE-2010-0597] Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain privileges or cause a denial of service (device reload), via a (1) XML RPC or (2) XML RPC over HTTPS request, aka Bug ID CSCtb83618.
2049| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
2050| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
2051| [CVE-2010-0155] CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.
2052| [CVE-2010-0010] Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
2053| [CVE-2009-4509] The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and execute arbitrary code by loading a custom software update, via a crafted "Cookie: tandberg_login=" HTTP header.
2054| [CVE-2009-4140] Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 through 0.4.3, Woopra Analytics Plugin before 1.4.3.2, and possibly other products, when register_globals is enabled, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension through the name parameter with the code in the HTTP_RAW_POST_DATA parameter, then accessing it via a direct request to the file in tmp-upload-images/.
2055| [CVE-2009-3890] Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename, and then accessing this attachment via a direct request to a wp-content/uploads/ pathname, as demonstrated by a .php.jpg filename.
2056| [CVE-2009-3693] Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
2057| [CVE-2009-3095] The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
2058| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
2059| [CVE-2009-2582] Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and CVE-2007-1892.
2060| [CVE-2009-2072] Apple Safari does not require a cached certificate before displaying a lock icon for an https web site, which allows man-in-the-middle attackers to spoof an arbitrary https site by sending the browser a crafted (1) 4xx or (2) 5xx CONNECT response page for an https request sent through a proxy server.
2061| [CVE-2009-2071] Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.
2062| [CVE-2009-2070] Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.
2063| [CVE-2009-2069] Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.
2064| [CVE-2009-2068] Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
2065| [CVE-2009-2067] Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
2066| [CVE-2009-2066] Apple Safari detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
2067| [CVE-2009-2065] Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
2068| [CVE-2009-2064] Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
2069| [CVE-2009-2060] src/net/http/http_transaction_winhttp.cc in Google Chrome before 1.0.154.53 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
2070| [CVE-2009-2059] Opera, possibly before 9.25, uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
2071| [CVE-2009-2058] Apple Safari before 3.2.2 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
2072| [CVE-2009-2057] Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
2073| [CVE-2009-1890] The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
2074| [CVE-2009-1836] Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
2075| [CVE-2009-1567] Multiple stack-based buffer overflows in the Lateral Arts Photobox uploader ActiveX control 1.x before 1.3, and 2.2.0.6, allow remote attackers to execute arbitrary code via a long URL string for the (1) LogURL, (2) ConnectURL, (3) SkinURL, (4) AlbumCreateURL, (5) ErrorURL, or (6) httpsinglehost property value.
2076| [CVE-2009-1476] Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.
2077| [CVE-2009-1211] Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
2078| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
2079| [CVE-2009-1166] The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708.
2080| [CVE-2009-1164] The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a malformed response to a (1) HTTP or (2) HTTPS authentication request, aka Bug ID CSCsx03715.
2081| [CVE-2009-1156] Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
2082| [CVE-2009-0804] Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
2083| [CVE-2009-0626] The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
2084| [CVE-2009-0187] Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message.
2085| [CVE-2009-0183] Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request.
2086| [CVE-2009-0033] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
2087| [CVE-2008-7250] Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists because of an incomplete fix for CVE-2008-1168.
2088| [CVE-2008-7193] PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks by reading the PHPKITSID parameter from the HTTP Referer and using it in a request to (1) modify the user profile via upload_files/include.php or (2) create a new administrator via upload_files/pk/include.php.
2089| [CVE-2008-7139] Multiple cross-site request forgery (CSRF) vulnerabilities in WS-Proxy in Eye-Fi 1.1.2 allow remote attackers to hijack the authentication of users for requests that modify configuration via a SOAPAction parameter of (1) urn:SetOptions for autostart, (2) urn:SetDesktopSync for file upload, or (3) urn:SetFolderConfig for file download location or modification of authentication credentials
2090| [CVE-2008-6882] Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
2091| [CVE-2008-6638] Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method.
2092| [CVE-2008-5905] The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.
2093| [CVE-2008-5825] The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone.
2094| [CVE-2008-5404] Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: the provenance of this information is unknown
2095| [CVE-2008-4541] Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.
2096| [CVE-2008-4493] Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.
2097| [CVE-2008-4198] Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page.
2098| [CVE-2008-3878] Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.
2099| [CVE-2008-3812] Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
2100| [CVE-2008-3688] sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial of service (hang) by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable.
2101| [CVE-2008-2800] Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest.
2102| [CVE-2008-2735] The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of service (device reload) via a URI in a crafted SSL or HTTP packet, aka Bug ID CSCsq19369.
2103| [CVE-2008-2558] CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over HTTPS, which might allow remote attackers to sniff the cookies if they are sent over HTTP.
2104| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
2105| [CVE-2008-1924] Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
2106| [CVE-2008-1885] Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download allows remote attackers to download arbitrary code onto a client system via a .. (dot dot) in the SkinPath parameter and a .zip URL in the HttpSkin parameter. NOTE: this can be leveraged for code execution by writing to a Startup folder.
2107| [CVE-2008-1840] SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.
2108| [CVE-2008-1531] The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
2109| [CVE-2008-1245] cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.
2110| [CVE-2008-1106] The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and force the client to download and execute arbitrary files.
2111| [CVE-2008-0971] Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or HTML via (1) the Policy Name field in Search Based Retention Policy in Message Archiver
2112| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
2113| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
2114| [CVE-2008-0050] CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
2115| [CVE-2007-6405] Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) hex-encoded character greater than 0x7f. NOTE: the %20 vector is already covered by CVE-2007-3407.
2116| [CVE-2007-6385] The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
2117| [CVE-2007-5979] Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.
2118| [CVE-2007-5826] Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420.
2119| [CVE-2007-5796] Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modifying the URL that is used for loading Certificate Revocation Lists.
2120| [CVE-2007-5570] Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, allows remote attackers to cause a denial of service (device reload) via a crafted HTTPS request, aka CSCsi77844.
2121| [CVE-2007-5156] Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
2122| [CVE-2007-5034] ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy is defined for https.
2123| [CVE-2007-4821] Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability than CVE-2007-3169.
2124| [CVE-2007-4727] Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow."
2125| [CVE-2007-4540] Multiple SQL injection vulnerabilities in download.php in Olate Download (od) 3.4.2 allow remote attackers to execute arbitrary SQL commands via the (1) HTTP_REFERER or (2) HTTP_USER_AGENT HTTP header.
2126| [CVE-2007-4420] Absolute path traversal vulnerability in a certain ActiveX control in officeviewer.ocx 5.1.199.1 in EDraw Office Viewer Component 5.1 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the HttpDownloadFile method, a different vulnerability than CVE-2007-3168 and CVE-2007-3169.
2127| [CVE-2007-3389] Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.
2128| [CVE-2007-3169] Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long first argument to the HttpDownloadFile method.
2129| [CVE-2007-2695] The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express and WebLogic Server 6.1 through SP7, 7.0 through SP7, 8.1 through SP5, 9.0, and 9.1, when SecureProxy is enabled, may process "external requests on behalf of a system identity," which allows remote attackers to access administrative data or functionality.
2130| [CVE-2007-2588] Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa.ocx) 3.2 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) HttpDownloadFile, (2) Open, (3) OpenWebFile, (4) DoOleCommand, (5) FTPDownloadFile, (6) FTPUploadFile, (7) HttpUploadFile, (8) Save, or (9) SaveWebFile function.
2131| [CVE-2007-2563] Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploaderD.dll) allows remote attackers to execute arbitrary code via a long argument.
2132| [CVE-2007-2496] The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) GotoPage, (6) Save, (7) SaveWebFile, (8) HttpDownloadFile, (9) Open, (10) OpenWebFile, (11) SaveAs, or (12) ShowWordStandardDialog property value.
2133| [CVE-2007-2495] Multiple stack-based buffer overflows in the ExcelOCX ActiveX control in ExcelViewer.ocx 3.1.0.6 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) Save, (6) SaveWebFile, (7) HttpDownloadFile, (8) Open, or (9) OpenWebFile property value. NOTE: some of these details are obtained from third party information.
2134| [CVE-2007-2494] Multiple stack-based buffer overflows in the PowerPointOCX ActiveX control in PowerPointViewer.ocx 3.1.0.3 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) Save, (6) SaveWebFile, (7) HttpDownloadFile, (8) Open, or (9) OpenWebFile property value. NOTE: some of these details are obtained from third party information.
2135| [CVE-2007-2197] Race condition in the NeatUpload ASP.NET component 1.2.11 through 1.2.16, 1.1.18 through 1.1.23, and trunk.379 through trunk.445 allows remote attackers to obtain other clients' HTTP responses via multiple simultaneous requests, which triggers multiple calls to HttpWorkerRequest.FlushResponse for the same HttpWorkerRequest object and causes a buffer to be reused for a different request.
2136| [CVE-2007-2031] Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
2137| [CVE-2007-1552] Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type with a filename containing an executable extension such as .php.
2138| [CVE-2007-1459] Multiple PHP remote file inclusion vulnerabilities in WebCreator 0.2.6-rc3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the moddir parameter to (1) content/load.inc.php, (2) config/load.inc.php, (3) http/load.inc.php, and unspecified other files.
2139| [CVE-2007-1225] The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote attackers to conduct unauthorized activities and avoid detection.
2140| [CVE-2007-1224] Grok Developments NetProxy 4.03 allows remote attackers to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80).
2141| [CVE-2007-0972] Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote attackers to upload arbitrary files by modifying the HTTP request to send an image content type, and to omit is_guest and is_user parameters. NOTE: this issue might be related to CVE-2006-4875.
2142| [CVE-2007-0796] Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption.
2143| [CVE-2007-0450] Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
2144| [CVE-2007-0419] The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage).
2145| [CVE-2006-6511] dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive in the installed .htaccess file, which allows remote attackers to execute arbitrary PHP code by uploading files whose names contain (1) feature, (2) editor, (3) newswire, (4) otherpress, (5) admin, (6) pbook, (7) media, or (8) mod, which are processed as PHP file types (application/x-httpd-php).
2146| [CVE-2006-6361] Heap-based buffer overflow in the uploadprogress_php_rfc1867_file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted HTTP POST fileupload requests.
2147| [CVE-2006-6276] HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.
2148| [CVE-2006-5596] Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.
2149| [CVE-2006-5037] ** DISPUTED ** MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability."
2150| [CVE-2006-5036] ** DISPUTED ** MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability."
2151| [CVE-2006-4558] DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
2152| [CVE-2006-4409] The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
2153| [CVE-2006-4197] Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp
2154| [CVE-2006-4111] Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.
2155| [CVE-2006-3935] system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access to administrator functions, which allows remote authenticated users to (1) send broadcast messages to all users (/workplace/broadcast), (2) list all users (/accounts/users), (3) add webusers (/accounts/webusers/new), (4) upload database import and export files (/database/importhttp), (5) upload arbitrary program modules (/modules/modules_import), and (6) read the log file (/workplace/logfileview) by setting the appropriate value for the path parameter in a direct request to admin-main.jsp.
2156| [CVE-2006-3830] The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to the bmc/Inc/Lang directory. NOTE: because the uploaded files cannot be accessed through HTTP, this issue is a vulnerability only if there is a likely usage pattern in which the files would be opened or executed by local users, e.g., malware files with names that entice local users to open the files.
2157| [CVE-2006-3731] Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension.
2158| [CVE-2006-3549] services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server.
2159| [CVE-2006-3070] write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.
2160| [CVE-2006-2926] Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.
2161| [CVE-2006-2786] HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client.
2162| [CVE-2006-2341] The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
2163| [CVE-2006-2330] PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.
2164| [CVE-2006-1785] Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear whether the vendor advisory addresses this issue. In addition, since the issue requires administrative privileges to exploit, it is not clear whether this crosses security boundaries.
2165| [CVE-2006-1645] Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and earlier allows remote attackers to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by admin/modules/general/statistic.php in the administration panel.
2166| [CVE-2006-1631] Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests.
2167| [CVE-2006-1218] Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1".
2168| [CVE-2006-0483] Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet.
2169| [CVE-2005-4874] The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web server that hosts this object.
2170| [CVE-2005-4827] Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks.
2171| [CVE-2005-4814] Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
2172| [CVE-2005-3187] The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.
2173| [CVE-2005-2916] Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.
2174| [CVE-2005-2830] Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."
2175| [CVE-2005-2730] The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.
2176| [CVE-2005-2729] The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.
2177| [CVE-2005-2088] The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
2178| [CVE-2005-1857] Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply.
2179| [CVE-2005-1576] The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.
2180| [CVE-2005-1575] The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.
2181| [CVE-2005-1340] The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.
2182| [CVE-2005-0943] Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
2183| [CVE-2005-0668] Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being properly detected in certain files such as (1) .CAB or (2) .ZIP files.
2184| [CVE-2005-0657] Directory traversal vulnerability in Computalynx CProxy 3.3.x and 3.4.x through 3.4.4 allows remote attackers to read arbitrary files or cause a denial of service (application crash) via a .. (dot dot) in an HTTP request.
2185| [CVE-2005-0593] Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site.
2186| [CVE-2004-2582] Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information.
2187| [CVE-2004-2416] Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
2188| [CVE-2004-2107] Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.
2189| [CVE-2004-2061] RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.
2190| [CVE-2004-1953] phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message.
2191| [CVE-2004-1893] Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb.asp script to the web site but does not require authentication, which allows remote attackers to obtain sensitive information and possibly execute arbitrary SQL commands via a direct request to mmhttpdb.asp.
2192| [CVE-2004-1887] Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).
2193| [CVE-2004-1811] The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.
2194| [CVE-2004-1540] ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.
2195| [CVE-2004-1484] Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message.
2196| [CVE-2004-0989] Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
2197| [CVE-2004-0740] The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly triggering a buffer overflow.
2198| [CVE-2004-0700] Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
2199| [CVE-2004-0684] WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without any parameters.
2200| [CVE-2004-0613] osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
2201| [CVE-2004-0596] The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference.
2202| [CVE-2004-0551] Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."
2203| [CVE-2004-0549] The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object.
2204| [CVE-2004-0492] Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
2205| [CVE-2004-0313] Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2) method name.
2206| [CVE-2004-0049] Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port.
2207| [CVE-2004-0006] Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.
2208| [CVE-2003-1286] HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests.
2209| [CVE-2003-1159] Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080.
2210| [CVE-2003-1028] The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.
2211| [CVE-2003-1001] Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.
2212| [CVE-2003-0963] Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
2213| [CVE-2003-0807] Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.
2214| [CVE-2003-0803] Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.
2215| [CVE-2003-0106] The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
2216| [CVE-2002-2414] Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash).
2217| [CVE-2002-2405] Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.
2218| [CVE-2002-2286] The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference.
2219| [CVE-2002-2081] cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp.
2220| [CVE-2002-1999] HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests.
2221| [CVE-2002-1710] The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
2222| [CVE-2002-1629] Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP.
2223| [CVE-2002-1169] IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to cause a denial of service (crash) via an HTTP request to helpout.exe with a missing HTTP version number, which causes ibmproxy.exe to crash.
2224| [CVE-2002-1168] Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response.
2225| [CVE-2002-1167] Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request.
2226| [CVE-2002-1087] The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request.
2227| [CVE-2002-1061] Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP GET request with a long major version number, (2) an HTTP GET request to the HTTP proxy on port 3128 with a long major version number, (3) a long OK reply from a POP3 server, and (4) a long SMTP server response.
2228| [CVE-2002-1001] Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname.
2229| [CVE-2002-0847] tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
2230| [CVE-2002-0815] The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
2231| [CVE-2002-0778] The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.
2232| [CVE-2002-0663] Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request.
2233| [CVE-2002-0440] Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
2234| [CVE-2002-0133] Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy.
2235| [CVE-2002-0081] Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
2236| [CVE-2002-0058] Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK.
2237| [CVE-2001-1130] Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.
2238| [CVE-2001-1030] Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
2239| [CVE-2001-0535] Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.
2240| [CVE-2001-0483] Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set.
2241| [CVE-2001-0374] The HTTP server in Compaq web-enabled management software for (1) Foundation Agents, (2) Survey, (3) Power Manager, (4) Availability Agents, (5) Intelligent Cluster Administrator, and (6) Insight Manager can be used as a generic proxy server, which allows remote attackers to bypass access restrictions via the management port, 2301.
2242| [CVE-2001-0308] UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
2243| [CVE-2001-0129] Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.
2244| [CVE-2000-0984] The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
2245| [CVE-2000-0812] The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.
2246| [CVE-2000-0593] WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of service by sending an HTTP GET request without listing an HTTP version number.
2247| [CVE-2000-0395] Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request.
2248| [CVE-2000-0376] Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request.
2249| [CVE-1999-1535] Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request.
2250| [CVE-1999-0923] Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
2251|
2252| SecurityFocus - https://www.securityfocus.com/bid/:
2253| [94953] Squid HTTP proxy Multiple Information Disclosure Vulnerabilities
2254| [92569] F5 BIG-IP CVE-2015-8022 Arbitrary File Upload Vulnerability
2255| [92147] Barracuda Web App Firewall and Load Balancer Arbitrary Command Injection Vulnerability
2256| [90202] Http Anti Virus Proxy %28Havp%29 CVE-2005-0668 Remote Security Vulnerability
2257| [82340] Multiple F5 BIG-IP Products CVE-2015-8021 Arbitrary File Upload Vulnerability
2258| [77810] I-Httpd CVE-2014-7260 File-Upload Vulnerability
2259| [74648] Proxychains-ng 'LD_PRELOAD' Arbitrary Code Execution Vulnerability
2260| [71657] Apache HTTP Server 'mod_proxy_fcgi' Module Denial of Service Vulnerability
2261| [66268] Loadbalancer Enterprise VA Security Bypass Vulnerability
2262| [65508] Barracuda Load Balancer '/cgi-mod/index.cgi' Arbitrary Command Execution Vulnerability
2263| [65037] Cantata Internal HTTP Server Path Traversal Arbitrary File Download Vulnerability
2264| [56979] Loadbalancer Enterprise R16 Multiple HTML Injection Vulnerabilities
2265| [56753] Apache Apache HTTP Server 'mod_proxy_ajp Module Denial Of Service Vulnerability
2266| [55638] ZEN Load Balancer Multiple Security Vulnerabilities
2267| [53046] Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
2268| [53024] RETIRED: Squid Proxy 'Host' HTTP Header Security Bypass Vulnerability
2269| [52553] at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerabilities
2270| [52443] Citrix XenServer Workload Balancer Component Unspecified Denial of Service Vulnerability
2271| [51869] Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
2272| [50802] Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
2273| [49957] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
2274| [43338] Alcatel-Lucent OmniVista 4760 HTTP Proxy Remote Buffer Overflow Vulnerability
2275| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
2276| [40827] Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
2277| [40685] ImageStore HTTP Header Remote Arbitrary File Upload Vulnerability
2278| [37966] Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability
2279| [36550] HP LoadRunner XUpload.ocx ActiveX Control 'MakeHttpRequest()' Arbitrary File Download Vulnerability
2280| [36491] Cisco IOS Authentication Proxy for HTTP(S) Authentication Bypass Vulnerability
2281| [35380] Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
2282| [35076] IPFilter 'ippool' 'lib/load_http.c' Local Buffer Overflow Vulnerability
2283| [33865] MLdonkey HTTP Request Arbitrary File Download Vulnerability
2284| [33858] Multiple HTTP Proxy HTTP Host Header Incorrect Relay Behavior Vulnerability
2285| [33779] Barracuda Load Balancer 'realm' Parameter Cross Site Scripting Vulnerability
2286| [33687] Trend Micro Interscan Web Security HTTP Proxy Authentication Information Disclosure Vulnerability
2287| [33604] Squid Web Proxy Cache HTTP Version Number Parsing Denial of Service Vulnerability
2288| [31431] ZoneAlarm HTTP Proxy Remote Denial of Service Vulnerability
2289| [31416] CCProxy Server HTTP 'CONNECT' Request Buffer Overflow Vulnerability
2290| [30861] Ultra Office Control 'HttpUpload()' Method Buffer Overflow Vulnerability
2291| [29653] Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
2292| [28301] HTTP File Upload ActiveX Control Arbitrary File and Directory Deletion Vulnerability
2293| [27236] Apache 'mod_proxy_balancer' Multiple Vulnerabilities
2294| [26732] HFS HTTP File Server Arbitrary File Upload Vulnerability
2295| [26661] F5 Networks FirePass 4100 SSL VPN Download_Plugin.PHP3 Cross-Site Scripting Vulnerability
2296| [26412] F5 FirePass 4100 SSL VPN Download_Plugin.PHP3 Cross-Site Scripting Vulnerability
2297| [25593] EDraw Office Viewer Component HttpDownloadFileToTempDir ActiveX Buffer Overflow Vulnerability
2298| [25489] Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
2299| [23853] VersalSoft HTTP File Upload ActiveX Control Remote Buffer Overflow Vulnerability
2300| [23578] NeatUpload HTTPWorkerRequest.FlushResponse Information Disclosure Vulnerability
2301| [23545] 3proxy HTTP Proxy Request Buffer Overflow Vulnerability
2302| [22203] Squid Proxy ACL Queue Overload Remote Denial of Service Vulnerability
2303| [17965] PHPBB Unauthorized HTTP Proxy Vulnerability
2304| [17936] Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
2305| [15825] Microsoft Internet Explorer HTTPS Proxy Information Disclosure Vulnerability
2306| [13435] Squid Proxy HTTP Response Splitting Remote Cache Poisoning Vulnerability
2307| [12464] F5 BIG-IP HTTP Pipelining OneConnect Information Leakage Vulnerability
2308| [12433] Squid Proxy Malformed HTTP Header Parsing Cache Poisoning Vulnerability
2309| [12412] Squid Proxy Oversize HTTP Headers Unspecified Remote Vulnerability
2310| [10735] AnomicHTTPProxy Administrative Interface Denial Of Service Vulnerability
2311| [10733] AnomicHTTPProxy Administrative Interface Authentication Bypass Vulnerability
2312| [10732] AnomicHTTPProxy Directory Traversal Vulnerability
2313| [10730] Linux Kernel Equalizer Load Balancer Device Driver Local Denial Of Service Vulnerability
2314| [8584] CacheFlow CacheOS HTTP HOST Proxy Vulnerability
2315| [7331] WebGUI HTTPProxy Denial Of Service Vulnerability
2316| [7054] DeleGate HTTP Proxy Robot.TXT User-Agent: Buffer Overflow Vulnerability
2317| [6765] Macromedia ColdFusion HTTP Client Sample Application Proxy Access Vulnerability
2318| [6339] apt-www-proxy NULL HTTP Request Denial Of Service Vulnerability
2319| [6218] Opera HTTPS Proxy Denial of Service Vulnerability
2320| [6212] Cisco PIX TACACS+/RADIUS HTTP Proxy Buffer Overrun Vulnerability
2321| [5959] Multiple Symantec HTTP Proxy Information Disclosure Vulnerability
2322| [5958] Multiple Symantec HTTP Proxy Denial of Service Vulnerability
2323| [5744] Check Point Firewall-1 HTTP Proxy Server Unauthorized Protocol Access Vulnerability
2324| [5447] W3C CERN httpd Proxy Cross-Site Scripting Vulnerability
2325| [5320] T. Hauck Jana Server HTTP Proxy Server Request Logging Buffer Overflow Vulnerability
2326| [4731] tinyproxy HTTP Proxy Memory Corruption Vulnerability
2327| [4488] EMUMail HTTP Host Arbitrary Config File Loading Vulnerability
2328| [3904] Avirt Gateway Suite HTTP Proxy Remote Buffer Overflow Vulnerability
2329| [3858] SapporoWorks Black JumboDog HTTP Proxy Buffer Overflow Vulnerability
2330| [2517] Raptor Firewall HTTP Request Proxying Vulnerability
2331| [104563] Multiple Microsoft Products DLL Loading Multiple Remote Code Execution Vulnerabilities
2332| [104470] F5 BIG-IP ASM CVE-2018-5526 Remote Denial of Service Vulnerability
2333| [104384] Multiple F5 BIG-IP Products CVE-2018-5522 Remote Denial of Service Vulnerability
2334| [104373] Microsoft Windows 'HTTP.sys' CVE-2018-8231 Remote Code Execution Vulnerability
2335| [104362] Multiple F5 BIG-IP Products CVE-2018-5517 Remote Denial of Service Vulnerability
2336| [104361] Microsoft Windows 'HTTP.sys' CVE-2018-8226 Denial of Service Vulnerability
2337| [104347] HAProxy CVE-2018-11469 Information Disclosure Vulnerability
2338| [104282] Symantec Advanced Secure Gateway and ProxySG CVE-2018-5241 Authentication Bypass Vulnerability
2339| [104272] Joomla! Core CVE-2018-11322 Arbitrary File Upload Vulnerability
2340| [104108] SAP Internet Graphics Server CVE-2018-2420 Unspecified Arbitrary File Upload Vulnerability
2341| [104099] F5 BIG-IP CVE-2018-5515 Remote Denial of Service Vulnerability
2342| [104097] F5 BIG-IP CVE-2018-5514 Remote Denial of Service Vulnerability
2343| [104095] F5 BIG-IP CVE-2018-5512 Remote Denial of Service Vulnerability
2344| [103952] nghttp2 CVE-2018-1000168 Remote Denial of Service Vulnerability
2345| [103826] Oracle HTTP Server CVE-2018-2760 Remote Security Vulnerability
2346| [103742] CA Workload Automation AE and Workload Control Center Multiple Security Vulnerabilities
2347| [103716] Adobe InDesign CC CVE-2018-4927 DLL Loading Local Privilege Escalation Vulnerability
2348| [103685] Symantec ProxySG and ASG Multiple Security Vulnerabilities
2349| [103684] Ruby CVE-2017-17742 HTTP Response Splitting Vulnerability
2350| [103650] Microsoft Windows 'HTTP.sys' CVE-2018-0956 Denial of Service Vulnerability
2351| [103528] Apache HTTP Server CVE-2018-1302 Denial of Service Vulnerability
2352| [103525] Apache HTTP Server CVE-2017-15715 Remote Security Bypass Vulnerability
2353| [103524] Apache HTTP Server CVE-2018-1312 Remote Security Bypass Vulnerability
2354| [103522] Apache HTTP Server CVE-2018-1303 Denial of Service Vulnerability
2355| [103520] Apache HTTP Server CVE-2018-1283 Remote Security Vulnerability
2356| [103515] Apache HTTP Server CVE-2018-1301 Denial of Service Vulnerability
2357| [103512] Apache HTTP Server CVE-2017-15710 Denial of Service Vulnerability
2358| [103505] F5 BIG-IP ASM and Analytics CVE-2018-5505 Remote Denial of Service Vulnerability
2359| [103504] Multiple F5 BIG-IP Products CVE-2018-5509 Remote Denial of Service Vulnerability
2360| [103441] F5 BIG-IQ Centralized Management CVE-2017-6152 Local Privilege Escalation Vulnerability
2361| [103434] APACHE Allura CVE-2018-1319 HTTP Response Splitting Vulnerability
2362| [103404] IBM Notes CVE-2018-1435 DLL Loading Remote Code Execution Vulnerability
2363| [103401] IBM Notes CVE-2018-1437 DLL Loading Local Privilege Escalation Vulnerability
2364| [103393] Adobe Connect CVE-2018-4921 Arbitrary File Upload Vulnerability
2365| [103338] Multiple Schneider Electric Products CVE-2018-7239 DLL Loading Local Code Execution Vulnerability
2366| [103236] Microsoft Windows Installer CVE-2018-0868 DLL Loading Local Privilege Escalation Vulnerability
2367| [103235] Multiple F5 BIG-IP Products CVE-2017-6150 Remote Denial of Service Vulnerability
2368| [103233] F5 BIG-IP ASM CVE-2017-6154 Remote Denial of Service Vulnerability
2369| [103217] Multiple F5 BIG-IP Products CVE-2018-5500 Memory Corruption Vulnerability
2370| [103211] Multiple F5 BIG-IP Products CVE-2018-5501 Remote Denial of Service Vulnerability
2371| [103173] Telerik UI for ASP.NET AJAX CVE-2017-11357 Arbitrary File Upload Vulnerability
2372| [103171] Telerik UI for ASP.NET AJAX CVE-2017-11317 Arbitrary File Upload Vulnerability
2373| [103148] Drupal CKEditor Upload Image Module Access Bypass Vulnerability
2374| [103096] Multiple Trend Micro Products CVE-2018-6218 DLL Loading Remote Code Execution Vulnerability
2375| [103084] F5 BIG-IP AFM Certificate Validation Security Bypass Vulnerability
2376| [103052] Schneider Electric StruxureOn Gateway CVE-2017-9970 Arbitrary File Upload Vulnerability
2377| [103039] Multiple Dell EMC Products Arbitrary File Upload and Security Bypass Vulnerabilities
2378| [102983] CareFusion Upgrade Utility CVE-2018-5457 DLL Loading Local Privilege Escalation Vulnerability
2379| [102835] NetIQ Access Manager CVE-2018-1342 Arbitrary File Upload Vulnerability
2380| [102733] Cisco Small Business Managed Switches Multiple HTTP Response Splitting Vulnerabilities
2381| [102565] Oracle HTTP Server CVE-2018-2561 Remote Security Vulnerability
2382| [102467] Multiple F5 BIG-IP Products CVE-2017-6133 Remote Denial of Service Vulnerability
2383| [102466] Multiple F5 BIG-IP Products CVE-2017-6134 Remote Denial of Service Vulnerability
2384| [102456] NetGain Systems Enterprise Manager CVE-2017-16594 Arbitrary File Upload Vulnerability
2385| [102455] Symantec ProxySG and ASG CVE-2016-9099 Open Redirection Vulnerability
2386| [102454] Symantec ProxySG and ASG CVE-2016-9100 Information Disclosure Vulnerability
2387| [102451] Symantec ProxySG CVE-2016-10256 Cross Site Scripting Vulnerability
2388| [102447] Symantec ProxySG and ASG CVE-2016-10257 Cross Site Scripting Vulnerability
2389| [102363] VMware vSphere Data Protection CVE-2017-15549 Arbitrary File Upload Vulnerability
2390| [102337] NetGain Systems Enterprise Manager CVE-2017-16609 Arbitrary File Download Vulnerability
2391| [102333] Multiple F5 BIG-IP Products CVE-2017-6132 Remote Denial of Service Vulnerability
2392| [102332] F5 BIG-IP AFM CVE-2017-0304 SQL Injection Vulnerability
2393| [102324] IBM Security Guardium CVE-2017-1262 HTTP Response Splitting Vulnerability
2394| [102264] Multiple F5 BIG-IP Products CVE-2017-6166 Remote Denial of Service Vulnerability
2395| [102228] GNU C Library 'elf/dl-load.c ' CVE-2017-16997 Local Privilege Escalation Vulnerability
2396| [102145] SAP Plant Connectivity CVE-2017-16690 DLL Loading Remote Code Execution Vulnerability
2397| [102044] Amazon Audible CVE-2017-17069 DLL Loading Local Privilege Escalation Vulnerability
2398| [101974] IBM Workload Scheduler CVE-2017-1716 Local Information Disclosure Vulnerability
2399| [101930] Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2400| [101928] Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2401| [101901] Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2402| [101896] Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability
2403| [101890] VMware Workstation DLL Loading CVE-2017-4939 Local Code Execution Vulnerability
2404| [101858] Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2405| [101801] SAP NwSapSetup DLL Loading Local Code Execution Vulnerability
2406| [101789] ManageEngine ServiceDesk CVE-2017-11512 Arbitrary File Download Vulnerability
2407| [101788] ManageEngine ServiceDesk CVE-2017-11511 Arbitrary File Download Vulnerability
2408| [101780] Multiple AutomationDirect Products CVE-2017-1402 DLL Loading Local Code Execution Vulnerability
2409| [101636] Multiple F5 BIG-IP Products CVE-2017-6161 Security Bypass Vulnerability
2410| [101635] Multiple F5 BIG-IP Products CVE-2017-6162 Denial of Service Vulnerability
2411| [101634] Multiple F5 BIG-IP Products CVE-2017-6157 Remote Command Execution Vulnerability
2412| [101633] Multiple F5 BIG-IP Products CVE-2017-6159 Denial of Service Vulnerability
2413| [101632] Multiple F5 BIG-IP Products CVE-2017-6160 Denial of Service Vulnerability
2414| [101624] Joomla! NS Download Shop Component CVE-2017-15965 SQL Injection Vulnerability
2415| [101612] Multiple F5 BIG-IP Products CVE-2017-0303 Denial of Service Vulnerability
2416| [101606] Multiple F5 BIG-IP Products CVE-2017-6163 Denial of Service Vulnerability
2417| [101548] Multiple F5 BIG-IP Products CVE-2017-6144 Security Bypass Vulnerability
2418| [101543] Multiple F5 BIG-IP Products CVE-2017-6165 Local Information Disclosure Vulnerability
2419| [101542] Multiple F5 BIG-IP Products CVE-2017-6145 Security Bypass Vulnerability
2420| [101530] ProxySG and ASG CVE-2016-9097 Remote Authorization Bypass Vulnerability
2421| [101516] Apache HTTP Server CVE-2017-12171 Security Bypass Vulnerability
2422| [101505] SpiderControl MicroBrowser CVE-2017-14010 DLL Loading Remote Code Execution Vulnerability
2423| [101282] HP Intelligent Management Center Service Operation Management Arbitrary File Download Vulnerability
2424| [101234] IBM WebSphere Application Server CVE-2017-1503 HTTP Response Splitting Vulnerability
2425| [101112] Microsoft Windows DLL Loading CVE-2017-11769 Multiple Local Privilege Escalation Vulnerabilities
2426| [100981] Multiple F5 BIG-IP Products CVE-2017-6147 Denial of Service Vulnerability
2427| [100970] Trend Micro Mobile Security for Enterprise Multiple Arbitrary File Upload Vulnerabilities
2428| [100939] Symantec Norton Remove and Reinstall DLL Loading CVE-2017-13676 Local Code Execution Vulnerability
2429| [100923] Cisco FindIT Network Discovery Utility DLL Loading Arbitrary Code Execution Vulnerability
2430| [100872] Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2431| [100837] ManageEngine Firewall Analyzer CVE-2017-14123 Arbitrary File Upload Vulnerability
2432| [100680] Google Android Bootloaders Multiple Security Vulnerabilities
2433| [100605] 360 Total Security CVE-2017-12653 Insecure Library Loading Remote Privilege Escalation Vulnerability
2434| [100572] IBM Sametime Proxy Server Multiple Security Vulnerabilities
2435| [100554] Symantec ProxyClient CVE-2017-13674 Local Privilege Escalation Vulnerability
2436| [100498] connman 'src/dnsproxy.c' Stack Based Buffer Overflow Vulnerability
2437| [100465] RedHat RESTEasy CVE-2017-7561 HTTP Header Injection Vulnerability
2438| [100452] Automated Logic Corporation Products Directory Traversal and Arbitrary File Upload Vulnerabilities
2439| [100414] Foxit PDF Compressor CVE-2017-12892 DLL Loading Remote Code Execution Vulnerability
2440| [100338] HP LoadRunner and Performance Center CVE-2017-8953 Cross Site Scripting Vulnerability
2441| [100264] Solar Controls WATTConfig M Software CVE-2017-9648 DLL Loading Local Code Execution Vulnerability
2442| [100263] SIMPlight SCADA Software CVE-2017-9661 DLL Loading Local Code Execution Vulnerability
2443| [100261] Solar Controls Heating Control Downloader DLL Loading Local Code Execution Vulnerability
2444| [100208] Moxa SoftNVR-IA Live Viewer CVE-2017-5170 DLL Loading Local Code Execution Vulnerability
2445| [100200] Symantec VIP Access Desktop DLL Loading CVE-2017-6329 Local Code Execution Vulnerability
2446| [100147] Libexpat Expat CVE-2017-11742 DLL Loading Remote Code Execution Vulnerability
2447| [100130] Trend Micro OfficeScan 'Proxy.php' Command Injection Vulnerability
2448| [100127] Trend Micro OfficeScan Proxy CVE-2017-11393 Command Injection Vulnerability
2449| [100114] Schneider Electric Pro-face GP-Pro CVE-2017-9961 DLL Loading Arbitrary Code Execution Vulnerability
2450| [100006] VMware vCenter Server CVE-2017-4921 DLL Loading Local Privilege Escalation Vulnerability
2451| [99920] Cisco ASR 5000 Series GGSN Gateway CVE-2017-6612 HTTP Redirection Security Bypass Vulnerability
2452| [99911] Palo Alto DNS Proxy CVE-2017-8390 Arbitrary Code Execution Vulnerability
2453| [99569] Apache HTTP Server CVE-2017-9788 Memory Corruption Vulnerability
2454| [99568] Apache HTTP Server CVE-2017-9789 Denial of Service Vulnerability
2455| [99549] IBM Daeja ViewONE CVE-2017-1308 Arbitrary File Download Vulnerability
2456| [99429] Microsoft Windows Https.sys Component CVE-2017-8582 Information Disclosure Vulnerability
2457| [99348] Microsoft Office Patch Installer Multiple DLL Loading Remote Code Execution Vulnerabilities
2458| [99334] e-Tax software CVE-2017-2226 DLL Loading Remote Code Execution Vulnerability
2459| [99290] Multiple Sharp Devices DLL Loading Remote Code Execution Vulnerability
2460| [99243] EMC Avamar Authentication Bypass And Arbitrary File Upload Vulnerabilities
2461| [99223] Cisco Prime Collaboration Provisioning CVE-2017-6704 Arbitrary File Download Vulnerability
2462| [99170] Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
2463| [99137] Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2464| [99135] Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
2465| [99134] Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
2466| [99132] Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability
2467| [98823] Screensaver Installers CVE-2017-2176 DLL Loading Remote Code Execution Vulnerability
2468| [98817] SaAT Netizen CVE-2017-2206 DLL Loading Remote Code Execution Vulnerability
2469| [98811] Microsoft Office CVE-2017-8506 DLL Loading Remote Code Execution Vulnerability
2470| [98810] Microsoft Office CVE-2017-0260 DLL Loading Remote Code Execution Vulnerability
2471| [98809] SaAT Personal Installer CVE-2017-2207 DLL Loading Remote Code Execution Vulnerability
2472| [98807] Tera Term Installer CVE-2017-2193 DLL Loading Remote Code Execution Vulnerability
2473| [98777] Magento CMS Video Upload Functionality Remote Code Execution Vulnerability
2474| [98725] Electronic Tendering and Bid Opening System DLL Loading Remote Code Execution Vulnerability
2475| [98659] F5 BIG-IP Azure Products CVE-2017-6131 Security Bypass Vulnerability
2476| [98637] Multiple IBM Products CVE-2017-1291 HTTP Response Splitting Vulnerability
2477| [98566] Multiple VMware Workstation Products DLL Loading Local Privilege Escalation Vulnerability
2478| [98481] Multiple F5 BIG-IP Products CVE-2017-6128 Denial of Service Vulnerability
2479| [98478] Multiple F5 BIG-IP Products CVE-2016-9250 Security Bypass Vulnerability
2480| [98446] Schneider Electric SoMachine HVAC DLL Loading Remote Code Execution Vulnerability
2481| [98420] PrimeDrive Desktop Application Installer DLL Loading Remote Code Execution Vulnerability
2482| [98400] Trend Micro Threat Discovery Appliance 'upload.cgi' Directory Traversal Vulnerability
2483| [98199] Google Android Htc Bootloader CVE-2017-0623 Privilege Escalation Vulnerability
2484| [98149] Google Android Motorola Bootloader CVE-2016-10277 Privilege Escalation Vulnerability
2485| [98148] Google Android Qualcomm Bootloader CVE-2016-10276 Privilege Escalation Vulnerability
2486| [98146] Google Android Qualcomm Bootloader CVE-2016-10275 Privilege Escalation Vulnerability
2487| [98094] Zabbix Proxy Server CVE-2017-2825 Man in the Middle Security Bypass Vulnerability
2488| [98074] Multiple IBM Products CVE-2016-9693 Unspecified Arbitrary File Download Vulnerability
2489| [98040] Vivaldi Installer CVE-2017-2156 DLL Loading Remote Code Execution Vulnerability
2490| [98031] BLF-Tech LLC VisualView HMI CVE-2017-6051 DLL Loading Local Code Execution Vulnerability
2491| [98029] Joomla! Core CVE-2017-7989 Arbitrary File Upload Vulnerability
2492| [97719] Cybozu Office CVE-2016-4874 Arbitrary File Download Vulnerability
2493| [97712] vtiger CRM CVE-2015-6000 Arbitrary File Upload Vulnerability
2494| [97697] Multiple Toshiba memory card installers DLL Loading Remote Code Execution Vulnerability
2495| [97662] Google Android CVE-2016-1155 HTTP Header Injection Vulnerability
2496| [97642] Magento CMS 'RetrieveImage.php' Arbitrary File Upload Vulnerability
2497| [97620] D-Link DWR-116 CVE-2017-6190 Arbitrary File Download Vulnerabilitiy
2498| [97591] Trend Micro Deep Discovery Email Inspector 'policy_setting' Arbitrary File Upload Vulnerability
2499| [97571] Fiyo CMS '/dapur/apps/app_theme/libs/save_file.php' Arbitrary File Upload Vulnerability
2500| [97483] Veritas System Recovery CVE-2017-7444 DLL Loading Local Code Execution Vulnerability
2501| [97479] Certec EDV GmbH atvise scada Cross Site Scripting and HTTP Header Injection Vulnerabilities
2502| [97411] Microsoft Office CVE-2017-0197 DLL Loading Remote Code Execution Vulnerability
2503| [97389] Schneider Electric Interactive Graphical SCADA DLL Loading Remote Code Execution Vulnerability
2504| [97388] Marel Food Processing Systems Security Bypass and Arbitrary File Upload Vulnerabilities
2505| [97198] Multiple F5 BIG-IP CVE-2016-7474 Local Information Disclosure Vulnerability
2506| [97174] CODESYS Web Server Stack Based Buffer Overflow and File Upload Vulnerabilities
2507| [97168] F5 BIG-IP APM CVE-2016-7472 Denial of Service Vulnerability
2508| [97146] Nghttp2 CVE-2017-2428 Multiple Remote Security Vulnerabilities
2509| [97125] WordPress recent-backups Plugin 'download-file.php' Arbitrary File Download Vulnerability
2510| [97119] Multiple F5 BIG-IP Products CVE-2016-7468 Denial of Service Vulnerability
2511| [97113] PhishWall Client CVE-2017-2130 DLL Loading Remote Code Execution Vulnerability
2512| [97108] candidate-application-form Wordpress Plugin CVE-2015-1000005 Arbitrary File Download Vulnerability
2513| [97107] WordPress Filedownload Plugin CVE-2015-1000004 Cross-Site Scripting Vulnerability
2514| [97106] WordPress Filedownload Plugin CVE-2015-1000003 SQL Injection Vulnerability
2515| [97100] Wordpress Filedownload Plugin CVE-2015-1000002 Security Bypass Vulnerability
2516| [97083] Nuxeo Platform CVE-2017-5869 Arbitrary File Upload Vulnerability
2517| [97031] Multiple Trend Micro Products CVE-2017-5565 DLL Loading Local Code Injection Vulnerability
2518| [97024] Multiple Bitdefender Products CVE-2017-6186 DLL Loading Local Code Injection Vulnerability
2519| [97022] Multiple AVG Products CVE-2017-5566 DLL Loading Local Code Injection Vulnerability
2520| [97021] Multiple Avira Products CVE-2017-6417 DLL Loading Local Code Injection Vulnerability
2521| [97017] Multiple Avast Products CVE-2017-5567 DLL Loading Local Code Injection Vulnerability
2522| [97000] Rockwell Automation Connected Components Workbench DLL Loading Local Code Execution Vulnerability
2523| [96990] AppSamvid DLL Loading Local Code Execution Vulnerability
2524| [96969] Skype CVE-2017-6517 DLL Loading Local Code Execution Vulnerability
2525| [96957] Rapid7 AppSpider CVE-2017-5233 DLL Loading Remote Code Execution Vulnerability
2526| [96956] Nexpose Information Disclosure and DLL Loading Remote Code Execution Vulnerabilities
2527| [96945] b2evolution CVE-2017-6902 Arbitrary File Upload Vulnerability
2528| [96908] WordPress Wp2android Plugin CVE-2017-1002003 Arbitrary File Upload Vulnerability
2529| [96906] WordPress Webapp-Builder Plugin CVE-2017-1002002 Arbitrary File Upload Vulnerability
2530| [96905] WordPress Mobile App Builder By Wappress Plugin Arbitrary File Upload Vulnerability
2531| [96899] WordPress Mobile Friendly App Builder By Easytouch Plugin Arbitrary File Upload Vulnerability
2532| [96857] Trend Micro Endpoint Sensor CVE-2017-6798 DLL Loading Remote Code Execution Vulnerability
2533| [96826] IBM Rational Rhapsody Design Manager CVE-2016-8973 Arbitrary File Upload Vulnerability
2534| [96812] Google Pixel Qualcomm Bootloader CVE-2017-0455 Information Disclosure Vulnerability
2535| [96774] HP LoadRunner and Performance Center CVE-2017-5789 Remote Heap Buffer Overflow Vulnerability
2536| [96773] HP Intelligent Management Center CVE-2017-5795 Arbitrary File Download Vulnerability
2537| [96772] Multiple VMware Workstation Products CVE-2017-4898 DLL Loading Remote Code Execution Vulnerability
2538| [96718] PHP FormMail Generator Cross Site Scripting and Arbitrary File Upload Vulnerabilities
2539| [96619] PrimeDrive Desktop Application Installer DLL Loading Remote Code Execution Vulnerability
2540| [96554] WordPress fast-image-adder Plugin CVE-2015-1000001 Arbitrary File Upload Vulnerability
2541| [96548] Rapid7 Metasploit Pro CVE-2017-5235 DLL Loading Remote Code Execution Vulnerability
2542| [96547] WordPress Mobile App Plugin CVE-2017-6104 Arbitrary File Upload Vulnerability
2543| [96545] Rapid7 Insight Collector CVE-2017-5234 DLL Loading Remote Code Execution Vulnerability
2544| [96476] Amazon Kindle Setup CVE-2017-6189 DLL Loading Local Code Execution Vulnerability
2545| [96471] Multiple F5 BIG-IP Products CVE-2016-9245 Denial of Service Vulnerability
2546| [96464] Multiple F5 BIG-IP Products CVE-2016-9256 Privilege Escalation Vulnerability
2547| [96431] 7-ZIP32.DLL CVE-2017-2107 DLL Loading Remote Code Execution Vulnerability
2548| [96424] Huawei Honor 7 and Mate S CVE-2017-2699 Arbitrary File Upload Vulnerability
2549| [96418] Nessus Arbitrary File Upload Vulnerability
2550| [96411] Drupal DownloadFile Module Unspecified Security Vulnerability
2551| [96379] Dotclear 'inc/core/class.dc.core.php' Arbitrary File Upload Vulnerability
2552| [96328] Multiple F5 BIG-IP Products CVE-2016-6249 Information Disclosure Vulnerability
2553| [96293] Apache Tomcat 'http11/AbstractInputBuffer.java' Denial of Service Vulnerability
2554| [96248] Cisco Prime Collaboration Assurance CVE-2017-3843 Arbitrary File Download Vulnerability
2555| [96210] Advantech WebAccess CVE-2017-5175 DLL Loading Local Code Execution Vulnerability
2556| [96143] Multiple F5 BIG-IP Products CVE-2016-9244 Information Disclosure Vulnerability
2557| [96119] Sielco Sistemi Winlog Pro/ Winlog Lite CVE-2017-5161 DLL Loading Local Code Execution Vulnerability
2558| [96036] Hawtio CVE-2017-2617 Arbitrary File Upload Vulnerability
2559| [96024] Microsoft Windows CVE-2017-0039 DLL Loading Local Privilege Escalation Vulnerability
2560| [95997] OpenBSD httpd CVE-2017-5850 Denial of Service Vulnerability
2561| [95995] Akamai NetSession CVE-2016-10157 DLL Loading Remote Code Execution Vulnerability
2562| [95980] IBM Tivoli Key Lifecycle Manager CVE-2016-6104 Arbitrary File Upload Vulnerability
2563| [95968] SageCRM SQL Injection and Arbitrary File Upload Vulnerabilities
2564| [95898] SHDesigns Resident Download Manager CVE-2016-6567 Remote Code Execution Vulnerability
2565| [95863] pecl_http CVE-2016-5873 Buffer Overflow Vulnerability
2566| [95825] Multiple F5 BIG-IP Products CVE-2016-9249 Denial of Service Vulnerability
2567| [95680] GigaCC OFFICE OS Command Execution and Arbitrary File Upload Vulnerabilities
2568| [95460] GeniXCMS CVE-2017-5520 Arbitrary File Upload Vulnerability
2569| [95451] IBM Kenexa LMS on Cloud CVE-2016-8931 Arbitrary File Upload Vulnerability
2570| [95444] Symantec Norton Download Manager CVE-2016-6592 DLL Loading Remote Code Execution Vulnerability
2571| [95443] IBM Kenexa LMS on Cloud CVE-2016-8932 Arbitrary File Upload Vulnerability
2572| [95405] Multiple F5 BIG-IP Products CVE-2016-9247 Denial of Service Vulnerability
2573| [95359] libgit2 'src/transports/http.c' Security Bypass Vulnerability
2574| [95320] Multiple F5 BIG-IP Products CVE-2016-7469 HTML Injection Vulnerability
2575| [95241] Google Android Products Qualcomm Bootloader Multiple Integer Overflow Vulnerabilities
2576| [95237] Google Android bootloader Multiple Local Information Disclosure Vulnerabilities
2577| [95228] Multiple F5 BIG-IP Products CVE-2016-5024 Denial of Service Vulnerability
2578| [95199] IBM Security Privileged Identity Manager CVE-2016-5990 Arbitrary File Upload Vulnerability
2579| [95186] ImageMagick CVE-2016-10048 Module Loading Security Bypass Vulnerability
2580| [95078] Apache HTTP Server CVE-2016-0736 Remote Security Vulnerability
2581| [95077] Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
2582| [95076] Apache HTTP Server CVE-2016-2161 Denial of Service Vulnerability
2583| [94886] McAfee VirusScan Enterprise for Windows DLL Loading Remote Code Execution Vulnerability
2584| [94768] Microsoft Windows Installer CVE-2016-7292 DLL Loading Local Privilege Escalation Vulnerability
2585| [94731] Symantec VIP Access Desktop DLL Loading CVE-2016-6593 Local Code Execution Vulnerability
2586| [94695] RETIRED: Symantec Norton Download Manager DLL Loading Remote Code Execution Vulnerability
2587| [94665] Microsoft Office CVE-2016-7275 DLL Loading Remote Code Execution Vulnerability
2588| [94663] Joomla! Core CVE-2016-9836 Arbitrary File Upload Vulnerability
2589| [94650] Apache HTTP Server CVE-2016-8740 Denial of Service Vulnerability
2590| [94616] Multiple Japan Pension Service Products CVE-2016-7818 DLL Loading Local Code Execution Vulnerability
2591| [94582] IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2592| [94497] Wordpress csv2wpec-coupon Plugin CVE-2015-1000013 Arbitrary File Upload Vulnerability
2593| [94417] HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2594| [94416] HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2595| [94414] HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2596| [94411] HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2597| [94383] Apereo Webproxy Portlet Information Disclosure Vulnerability
2598| [94353] Multiple F5 BIG-IP Products CVE-2016-7476 Denial of Service Vulnerability
2599| [94306] IBM Kenexa LMS on Cloud CVE-2016-6124 Arbitrary File Upload Vulnerability
2600| [94295] Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2601| [94288] TYPO3 Secure Download Form Extension Unspecified Cross Site Scripting Vulnerability
2602| [94279] Multiple Symantec Products CVE-2016-6590 DLL Loading Local Privilege Escalation Vulnerability
2603| [94267] Drupal D8 Editor File upload Module Cross Site Scripting Vulnerability
2604| [94260] F5 BIG-IP ASM CVE-2016-7472 Denial of Service Vulnerability
2605| [94246] Dotclear CVE-2016-9268 Arbitrary File Upload Vulnerability
2606| [94240] F5 BIG-IP LTM Products CVE-2016-5745 Security Bypass Vulnerability
2607| [94203] Google Nexus Qualcomm Bootloader CVE-2016-6729 Privilege Escalation Vulnerability
2608| [94193] IBM BigFix Platform CVE-2016-0214 Unspecified Arbitrary File Upload Vulnerability
2609| [94191] Moodle CVE-2016-9187 Arbitrary File Upload Vulnerability
2610| [94190] Moodle CVE-2016-9186 Arbitrary File Upload Vulnerability
2611| [94185] Google Android Proxy Auto Config CVE-2016-6723 Denial of Service Vulnerability
2612| [94176] SAP Message Server HTTP Daemon Denial of Service Vulnerability
2613| [94170] Google Android Download Manager CVE-2016-6710 Information Disclosure Vulnerability
2614| [94121] Exponent CMS CVE-2016-7095 Arbitrary File Upload Vulnerability
2615| [94087] JPKI Client Software CVE-2016-4902 DLL Loading Remote Code Execution Vulnerability
2616| [93967] Wordpress contus-video-comments Plugin 'save.php' Arbitrary File Upload Vulnerability
2617| [93830] Schneider Electric Unity PRO Insecure File Downloading Remote Code Execution Vulnerability
2618| [93774] Apache OpenOffice CVE-2016-6804 DLL Loading Remote Code Execution Vulnerability
2619| [93606] National Tax Agency e-Tax CVE-2016-4901 DLL Loading Remote Code Execution Vulnerability
2620| [93575] Magento CMS Flash File Uploader Cross Site Scripting Vulnerability
2621| [93572] Evernote for Windows DLL Loading Remote Code Execution Vulnerability
2622| [93456] Lighttpd CVE-2016-1000212 Security Bypass Vulnerability
2623| [93440] Dotclear CVE-2016-7902 Arbitrary File Upload Vulnerability
2624| [93347] IBM Sterling Secure Proxy Configuration Manager CVE-2016-6023 Directory Traversal Vulnerability
2625| [93345] IBM Sterling Secure Proxy Configuration Manager CVE-2016-6025 Local Security Bypass Vulnerability
2626| [93342] IBM Sterling Secure Proxy CVE-2016-6026 Man in the Middle Information Disclosure Vulnerability
2627| [93340] IBM Sterling Secure Proxy CVE-2016-6027 Man in the Middle Information Disclosure Vulnerability
2628| [93325] Multiple F5 BIG-IP Products CVE-2016-5700 Remote Command Execution Vulnerability
2629| [93279] Microsoft Windows 'Capcom.sys' DLL Loading Local Code Execution Vulnerability
2630| [93269] Snort CVE-2016-1417 DLL Loading Remote Code Execution Vulnerability
2631| [93267] Joomla! DVFolderContent Module 'download.php' Local File Include Vulnerability
2632| [93119] Exponent CMS Arbitrary Code Execution and File Upload Vulnerabilities
2633| [93088] Cisco IOS and IOS XE Software CVE-2016-6412 HTTP Header Injection Vulnerability
2634| [93082] Multiple IBM Products CVE-2016-5945 Arbitrary File Upload Vulnerability
2635| [93073] Exponent CMS Cross Site Scripting and Arbitrary File Upload Vulnerabilities
2636| [93072] Exponent CMS Local File Include and Arbitrary File Upload Vulnerabilities
2637| [93069] HP LoadRunner and Performance Center CVE-2016-4384 Unspecified Denial of Service Vulnerability
2638| [93015] Huawei HiSuite Local Information Disclosure and DLL Loading Local Code Execution Vulnerability
2639| [92980] ABB DataManagerPro CVE-2016-4526 DLL Loading Local Code Execution Vulnerability
2640| [92976] Fortinet FortiClient DLL Loading Remote Code Execution Vulnerability
2641| [92940] Multiple VMware Workstation Products CVE-2016-7085 DLL Loading Remote Code Execution Vulnerability
2642| [92900] Multiple F5 BIG-IP Products CVE-2016-5022 Denial of Service Vulnerability
2643| [92899] Blue Coat K9 Web Protection DLL Loading Remote Code Execution Vulnerability
2644| [92894] RedHat JBoss Enterprise Application Platform CVE-2016-4993 HTTP Header Injection Vulnerability
2645| [92800] Multiple F5 BIG-IP Products CVE-2016-6876 Denial of Service Vulnerability
2646| [92794] Infoblox Network Automation CVE-2016-6484 HTTP Response Splitting Vulnerability
2647| [92773] HTTP/2 CVE-2016-7153 Information Disclosure Vulnerability
2648| [92769] HTTPS CVE-2016-7152 Information Disclosure Vulnerability
2649| [92671] Multiple F5 BIG-IP Products CVE-2016-1497 Information Disclosure Vulnerability
2650| [92670] Multiple F5 BIG-IP Products CVE-2016-5023 Denial of Service Vulnerability
2651| [92656] Traps Endpoint Server Management Core Arbitrary File Download Vulnerability
2652| [92647] Dotclear Arbitrary File Upload Vulnerability
2653| [92614] IBM Tivoli Storage Manager CVE-2016-5934 DLL Loading Local Code Execution Vulnerability
2654| [92574] RETIRED: ownCloud DLL Loading Local Code Execution Vulnerability
2655| [92570] Multiple F5 BIG-IP Products CVE-2016-5736 Security Bypass Vulnerability
2656| [92502] Huawei FusionAccess HTTP Header Injection Vulnerability
2657| [92498] The Installer of PhishWall Client Internet Explorer DLL Loading Code Execution Vulnerability
2658| [92492] phpMyAdmin CVE-2016-6628 Arbitrary File Download Vulnerability
2659| [92477] Enpass DLL Loading Local Code Execution Vulnerability
2660| [92393] NMAP DLL Loading Local Code Execution Vulnerability
2661| [92392] Cisco Jabber for Windows Predictable Memory Address Load Vulnerability
2662| [92370] ownCloud 'Download Log' Functionality Cross-Site Scripting Vulnerability
2663| [92365] Foxit Reader and PhantomPDF DLL Loading Remote Code Execution Vulnerability
2664| [92351] Sophos Mobile Control EAS Proxy CVE-2016-6597 Information Disclosure Vulnerability
2665| [92334] IBM Rational Publishing Engine CVE-2016-2914 Arbitrary File Upload Vulnerability
2666| [92331] Apache HTTP Server CVE-2016-1546 Remote Denial of Service Vulnerability
2667| [92324] VMware vCenter Server and ESXi CVE-2016-5331 HTTP Header Injection Vulnerability
2668| [92323] VMware Tools CVE-2016-5330 DLL Loading Remote Code Execution Vulnerability
2669| [92320] Apache APR-util and httpd CVE-2016-6312 Denial of Service Vulnerability
2670| [92268] BullGuard Antivirus DLL Loading Local Code Execution Vulnerability
2671| [92251] Google Nexus LG Electronics Bootloader CVE-2016-3851 Privilege Escalation Vulnerability
2672| [92236] Google Nexus Qualcomm Bootloader CVE-2016-3850 Privilege Escalation Vulnerability
2673| [92137] Dropbox DLL Loading Local Code Execution Vulnerability
2674| [92026] Oracle HTTP Server CVE-2016-3482 Remote Security Vulnerability
2675| [91816] Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
2676| [91798] 7-Zip DLL Loading Local Code Execution Vulnerability
2677| [91797] Bitdefender Antivirus DLL Loading Local Code Execution Vulnerability
2678| [91752] Python DLL Loading Local Code Execution Vulnerability
2679| [91750] Notepad++ DLL Loading Local Code Execution Vulnerability
2680| [91749] Drupal Webform Multiple File Upload Module Remote Code Execution Vulnerability
2681| [91746] JetBrains PyCharm Professional DLL Loading Local Code Execution Vulnerability
2682| [91745] 360 Total Security 2016 DLL Loading Local Code Execution Vulnerability
2683| [91632] Google Nexus Qualcomm Bootloader Multiple Denial of Service Vulnerabilities
2684| [91566] Apache HTTP Server CVE-2016-4979 Authentication Bypass Vulnerability
2685| [91561] PuTTY DLL Loading Local Code Execution Vulnerability
2686| [91532] Multiple F5 BIG-IP Products CVE-2016-5020 Privilege Escalation Vulnerability
2687| [91487] PHP 'php_http_url.c' Multiple Buffer Overflow Vulnerabilities
2688| [91484] IBM WebSphere Application Server CVE-2016-0359 HTTP Response Splitting Vulnerability
2689| [91465] Multiple Panda Security Multiple Products DLL Loading Local Code Execution Vulnerability
2690| [91453] Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2691| [91425] GIMP 'app/xcf/xcf-load.c' Multiple Remote Code Execution Vulnerabilities
2692| [91418] Huawei HiSuite DLL Loading Local Code Execution Vulnerability
2693| [91333] Multiple F5 BIG-IP Products CVE-2016-3687 Open Redirect Vulnerability
2694| [91226] Python 'urrlib2/urllib/httplib/http.client' HTTP Header Injection Vulnerability
2695| [91213] NCH Software WavePad DLL Loading Local Code Execution Vulnerability
2696| [91164] HAProxy CVE-2016-3711 Local Information Disclosure Vulnerability
2697| [91162] Multiple F5 Networks Products CVE-2016-5021 Information Disclosure Vulnerability
2698| [91138] HAProxy CVE-2016-5360 Remote Denial of Service Vulnerability
2699| [91096] Microsoft Office CVE-2016-3235 DLL Loading Local Privilege Escalation Vulnerability
2700| [91036] WordPress WP Mobile Detector Plugin 'resize.php' Arbitrary File Upload Vulnerability
2701| [90997] cURL CVE-2016-4802 DLL Loading Local Code Execution Vulnerability
2702| [90972] Typo3 'http:BL Blocking' Extension SQL Injection and Cross-Site Scripting Vulnerability
2703| [90963] Relay Ajax Directory Manager Arbitrary File Upload Vulnerability
2704| [90951] IBM WebSphere eXtreme Scale CVE-2016-0400 HTTP Response Splitting Vulnerability
2705| [90907] CMS Made Simple CVE-2016-2784 HTTP Header Injection Vulnerability
2706| [90865] Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2707| [90862] IBM Connections CVE-2016-0322 Arbitrary File Upload Vulnerability
2708| [90827] Apache ActiveMQ CVE-2016-3088 Multiple Arbitrary File Upload Vulnerabilities
2709| [90670] Python kdcproxy CVE-2015-5159 Remote Denial of Service Vulnerability
2710| [90656] Multiple F5 BIG-IP Products CVE-2015-8099 Denial of Service Vulnerability
2711| [90581] Websphere Edge server Caching proxy CVE-2004-0684 Denial-Of-Service Vulnerability
2712| [90554] Imap Proxy CVE-2004-1035 Denial-Of-Service Vulnerability
2713| [90478] Browser CVE-2004-1449 File-Upload Vulnerability
2714| [90436] Geohttpserver CVE-2004-2100 Security Bypass Vulnerability
2715| [90412] Geohttpserver CVE-2004-2101 Denial-Of-Service Vulnerability
2716| [90397] Foreman Smart Proxy CVE-2016-3728 Remote Code Execution Vulnerability
2717| [90361] Myproxy CVE-2004-2481 Local Security Vulnerability
2718| [90355] Activepost Standard CVE-2004-2616 File-Upload Vulnerability
2719| [90329] AspDotNetStorefront CVE-2004-2700 File-Upload Vulnerability
2720| [90328] newsPHP CVE-2004-2690 File-Upload Vulnerability
2721| [90265] Sami Http Server CVE-2005-0450 Directory Traversal Vulnerability
2722| [90260] lighttpd CVE-2005-0453 Remote Security Vulnerability
2723| [90256] ArGoSoft Mail Server CVE-2005-0367 File-Upload Vulnerability
2724| [90249] Sami Http Server CVE-2005-0451 Denial-Of-Service Vulnerability
2725| [90203] RaidenHTTPD CVE-2005-0622 Remote Security Vulnerability
2726| [90188] Cproxy CVE-2005-0657 Denial-Of-Service Vulnerability
2727| [90169] RSA Authentication Manager CVE-2016-0902 HTTP Response Splitting Vulnerability
2728| [90156] Ublog Reload CVE-2005-0938 Remote Security Vulnerability
2729| [90060] Uapplication Uphotogallery CVE-2005-1428 File-Upload Vulnerability
2730| [90020] Microsoft Windows CVE-2016-0152 DLL Loading Remote Code Execution Vulnerability
2731| [89897] I-Man CVE-2005-1868 File-Upload Vulnerability
2732| [89869] YaPig CVE-2005-1881 File-Upload Vulnerability
2733| [89830] File Upload Manager CVE-2005-1957 File-Upload Vulnerability
2734| [89822] File Upload Manager CVE-2005-1956 File-Upload Vulnerability
2735| [89365] PHPKIT CVE-2005-2699 File-Upload Vulnerability
2736| [89341] Cisco WebEx Productivity Tools CVE-2016-4349 DLL Loading Local Code Execution Vulnerabilities
2737| [89293] vBulletin CVE-2005-3021 File-Upload Vulnerability
2738| [89188] Mini Httpd CVE-2001-0893 Remote Security Vulnerability
2739| [89177] JiRo Upload System CVE-2005-1904 SQL-Injection Vulnerability
2740| [89153] Reload CVE-2005-2009 SQL-Injection Vulnerability
2741| [89087] Thttpd CVE-2001-0892 Remote Security Vulnerability
2742| [89082] OmniHTTPD CVE-2001-0778 Remote Security Vulnerability
2743| [89035] Internet Download Manager CVE-2005-2210 Remote Security Vulnerability
2744| [89003] Http Server CVE-2001-0285 Denial-Of-Service Vulnerability
2745| [88888] Parosproxy CVE-2005-4668 Local Security Vulnerability
2746| [88861] Compaqhttpserver CVE-2005-2982 Cross-Site Scripting Vulnerability
2747| [88776] Java HTTP Server CVE-2001-0307 Remote Security Vulnerability
2748| [88680] Segue Cms CVE-2005-4814 File-Upload Vulnerability
2749| [88677] Java System Web Proxy Server CVE-2005-4806 Denial-Of-Service Vulnerability
2750| [88523] Small HTTP server CVE-2000-0898 Denial-Of-Service Vulnerability
2751| [88460] Csm Proxy CVE-1999-1149 Denial-Of-Service Vulnerability
2752| [88413] Http Server CVE-1999-0929 Denial-Of-Service Vulnerability
2753| [88395] I-Gear MS Proxy CVE-2000-1007 Remote Security Vulnerability
2754| [88316] Fur Http Server CVE-2000-0838 Denial-Of-Service Vulnerability
2755| [88147] ProxySG CVE-2006-0578 Security Bypass Vulnerability
2756| [88139] PHPKIT CVE-2006-0785 File-Upload Vulnerability
2757| [88084] Internet Explorer CVE-1999-0870 File-Upload Vulnerability
2758| [88072] Php Upload Center CVE-2006-1207 Remote Security Vulnerability
2759| [88069] Php Upload Center CVE-2006-1208 File-Upload Vulnerability
2760| [87939] Thttpd Http Server CVE-1999-1456 Remote Security Vulnerability
2761| [87912] Thttpd Http Server CVE-1999-1457 Remote Security Vulnerability
2762| [87761] Squid Web Proxy CVE-1999-1273 Remote Security Vulnerability
2763| [87694] Compaqhttpserver CVE-2006-1774 Security Bypass Vulnerability
2764| [87691] Php Live Helper CVE-2006-1478 File-Upload Vulnerability
2765| [87621] Coppermine Photo Gallery CVE-2006-2514 File-Upload Vulnerability
2766| [87601] Iheat CVE-2006-2511 File-Upload Vulnerability
2767| [87587] Segue Cms CVE-2006-5498 File-Upload Vulnerability
2768| [87576] DownloadEngine CVE-2006-5459 Remote Security Vulnerability
2769| [87501] Wm Downloader CVE-2009-1327 Remote Security Vulnerability
2770| [87494] Rm Downloader CVE-2009-1326 Remote Security Vulnerability
2771| [87486] Mini-Stream Rm Downloader CVE-2009-1646 Remote Security Vulnerability
2772| [87478] getPlus Download Manager CVE-2008-5364 Remote Security Vulnerability
2773| [87470] PHP 'libxml_disable_entity_loader()' CVE-2015-8866 XML External Entity Injection Vulnerability
2774| [87395] Speedywiki CVE-2006-5845 File-Upload Vulnerability
2775| [87392] Punbb CVE-2006-5735 File-Upload Vulnerability
2776| [87378] Seleniumserver Ftp Server CVE-2006-5981 File-Upload Vulnerability
2777| [87301] TFT Gallery CVE-2006-6347 File-Upload Vulnerability
2778| [87114] Logahead Unu CVE-2006-6887 File-Upload Vulnerability
2779| [87046] 3proxy CVE-2006-6981 Denial-Of-Service Vulnerability
2780| [87039] 3proxy CVE-2006-6982 Remote Security Vulnerability
2781| [87007] Httprotect CVE-2001-1172 Local Security Vulnerability
2782| [86993] Dnhttpd CVE-2001-1266 Directory Traversal Vulnerability
2783| [86850] Rigter Portal System CVE-2006-7082 File-Upload Vulnerability
2784| [86845] Imce Module CVE-2006-7109 File-Upload Vulnerability
2785| [86786] VerliAdmin CVE-2007-0098 File-Upload Vulnerability
2786| [86774] Uber Uploader CVE-2007-0123 File-Upload Vulnerability
2787| [86732] Sami HTTP Server CVE-2007-0548 Denial-Of-Service Vulnerability
2788| [86726] Uploader CVE-2007-0532 Information Disclosure Vulnerability
2789| [86651] F3Site CVE-2007-0764 File-Upload Vulnerability
2790| [86585] Wiclear CVE-2007-1097 File-Upload Vulnerability
2791| [86583] Sitex CVE-2007-1235 File-Upload Vulnerability
2792| [86570] webSPELL CVE-2007-1155 File-Upload Vulnerability
2793| [86560] Fantastico De Luxe CVE-2007-1455 File-Upload Vulnerability
2794| [86372] Really Simple Php And Ajax CVE-2007-1851 File-Upload Vulnerability
2795| [86370] Pcp-Guestbook CVE-2007-1933 File-Upload Vulnerability
2796| [86345] pL-PHP CVE-2007-2008 File-Upload Vulnerability
2797| [86313] Ixon Cms CVE-2007-2104 File-Upload Vulnerability
2798| [86302] Monkey Cms CVE-2007-2105 File-Upload Vulnerability
2799| [86299] Phphd Download System CVE-2007-2096 Remote Security Vulnerability
2800| [86290] Kai Content Management System CVE-2007-2106 File-Upload Vulnerability
2801| [86286] Download-Engine CVE-2007-2255 Remote Security Vulnerability
2802| [86279] Multiple F5 BIG-IP Products CVE-2016-3686 Authorization Bypass Vulnerability
2803| [86225] Download-Engine CVE-2007-2289 Remote Security Vulnerability
2804| [86221] Minimal HTTP Server CVE-2007-2315 Denial-Of-Service Vulnerability
2805| [86217] News Manager Deluxe CVE-2007-2303 File-Upload Vulnerability
2806| [86207] Wp-Table CVE-2007-2483 File-Upload Vulnerability
2807| [86173] b2evolution CVE-2007-2681 File-Upload Vulnerability
2808| [86169] Weblogic Server CVE-2007-2699 File-Upload Vulnerability
2809| [86142] EMC Unisphere for VMAX Virtual Appliance CVE-2016-0889 Arbitrary File Upload Vulnerability
2810| [86119] Scallywag CVE-2007-2960 File-Upload Vulnerability
2811| [86023] Multiple F5 BIG-IP Products CVE-2016-2084 Denial of Service Vulnerability
2812| [85987] Multiple F5 BIG-IP Products CVE-2015-8240 Denial of Service Vulnerability
2813| [85972] Imlib2 'loaders/loader_gif.c' Out of Bounds Read Denial of Service Vulnerability
2814| [85937] Microsoft Windows Library Loading CVE-2016-0148 Remote Code Execution Vulnerability
2815| [85936] Microsoft Internet Explorer Library Loading CVE-2016-0160 Remote Code Execution Vulnerability
2816| [85908] Microsoft Windows 'HTTP.sys' CVE-2016-0150 Denial of Service Vulnerability
2817| [85877] Golang Go CVE-2016-3958 DLL Loading Arbitrary Code Execution Vulnerability
2818| [85826] Google Android Download Manager CVE-2016-0848 Remote Privilege Escalation Vulnerability
2819| [85718] Punbb CVE-2006-5735 File-Upload Vulnerability
2820| [85707] Blue Coat ProxySG and Advanced Secure Gateway CVE-2015-8597 Open Redirection Vulnerability
2821| [85656] Pluxml CVE-2007-3432 File-Upload Vulnerability
2822| [85648] GL-SH Deaf Forum CVE-2007-3535 File-Upload Vulnerability
2823| [85645] WordPress CVE-2007-3544 File-Upload Vulnerability
2824| [85612] Ezfactory Download Cgi CVE-2007-3692 Directory Traversal Vulnerability
2825| [85592] Gpg Plugin CVE-2007-3779 File-Upload Vulnerability
2826| [85589] PSnews CVE-2007-3772 File-Upload Vulnerability
2827| [85480] Neuron Blog CVE-2007-4371 File-Upload Vulnerability
2828| [85469] Bilder Uploader CVE-2007-4326 Remote Security Vulnerability
2829| [85405] Pakupaku Cms CVE-2007-4641 File-Upload Vulnerability
2830| [85388] RedHat Ceph CVE-2015-5245 HTTP Response Splitting Vulnerability
2831| [85385] Bluecoat ProxySG CVE-2015-4334 Authentication Bypass Vulnerability
2832| [85370] Izicontents CVE-2007-5055 File-Upload Vulnerability
2833| [85364] Wordsmith CVE-2007-5103 File-Upload Vulnerability
2834| [85332] TorrentTrader CVE-2007-5311 File-Upload Vulnerability
2835| [85316] Dircproxy CVE-2007-5226 Denial-Of-Service Vulnerability
2836| [85297] Force Download CVE-2007-5732 Directory Traversal Vulnerability
2837| [85243] FTP Admin CVE-2007-6233 File-Upload Vulnerability
2838| [85225] Uber Uploader CVE-2007-6676 Remote Security Vulnerability
2839| [85187] Zero CMS CVE-2008-0233 File-Upload Vulnerability
2840| [85174] Photopost Vbgallery CVE-2008-0251 File-Upload Vulnerability
2841| [85161] All Club CMS CVE-2008-0602 File-Upload Vulnerability
2842| [85156] Project Issue Tracking Module CVE-2008-0577 File-Upload Vulnerability
2843| [85146] Azucar CMS CVE-2008-0654 File-Upload Vulnerability
2844| [85115] Lan Manager CVE-2008-0803 File-Upload Vulnerability
2845| [85020] Tr Script News CVE-2008-1958 File-Upload Vulnerability
2846| [85010] Phoenix View Cms CVE-2008-2534 File-Upload Vulnerability
2847| [85001] Chicomas CVE-2008-2016 File-Upload Vulnerability
2848| [84995] Chicomas CVE-2008-2017 File-Upload Vulnerability
2849| [84988] FlashBlog CVE-2008-2574 File-Upload Vulnerability
2850| [84987] Cre Loaded CVE-2008-2558 Remote Security Vulnerability
2851| [84984] AbsoluteTelnet DLL Loading Arbitrary Code Execution Vulnerability
2852| [84960] Phpcards CVE-2006-5604 File-Upload Vulnerability
2853| [84955] Segue Cms CVE-2006-5498 File-Upload Vulnerability
2854| [84950] DownloadEngine CVE-2006-5459 Remote Security Vulnerability
2855| [84934] OtomiGenX CVE-2008-2782 File-Upload Vulnerability
2856| [84921] HomePH Design CVE-2008-2982 File-Upload Vulnerability
2857| [84916] Hedgehog-CMS CVE-2008-2898 File-Upload Vulnerability
2858| [84900] Minishowcase Image Gallery CVE-2008-3390 File-Upload Vulnerability
2859| [84889] Links CVE-2008-3555 File-Upload Vulnerability
2860| [84874] Documentum Applicationxtender Workflow Manager CVE-2008-3685 File-Upload Vulnerability
2861| [84870] Gallery CVE-2008-3600 File-Upload Vulnerability
2862| [84859] Symphony CVE-2008-3592 File-Upload Vulnerability
2863| [84828] Zanfi CMS Lite CVE-2008-4158 File-Upload Vulnerability
2864| [84773] PhpWebGallery CVE-2008-4702 File-Upload Vulnerability
2865| [84765] Sports Clubs Web Portal CVE-2008-4592 File-Upload Vulnerability
2866| [84761] X7 Chat CVE-2008-4718 File-Upload Vulnerability
2867| [84730] Webcards CVE-2008-4878 File-Upload Vulnerability
2868| [84701] ABB Panel Builder CVE-2016-2281 DLL Loading Local Code Execution Vulnerability
2869| [84665] Professional Download Assistant CVE-2008-5572 Information Disclosure Vulnerability
2870| [84575] Blue Smiley Organizer CVE-2006-5238 File-Upload Vulnerability
2871| [84524] Asp Download CVE-2008-6739 Remote Security Vulnerability
2872| [84519] Flexphpdirectory CVE-2008-6750 File-Upload Vulnerability
2873| [84496] Mini File Host CVE-2008-6785 File-Upload Vulnerability
2874| [84482] LoveCMS CVE-2008-7062 File-Upload Vulnerability
2875| [84357] HP ArcSight ESM and ArcSight ESM Express CVE-2016-1991 Arbitrary File Download Vulnerability
2876| [84307] PHP 'soap/php_http.c' Type Confusion Remote Denial Of Service Vulnerability
2877| [84286] SAP Download Manager Weak Encryption Local Security Weakness
2878| [84243] Simple Http Scanner CVE-2006-5026 Remote Security Vulnerability
2879| [84237] Simple Http Scanner CVE-2006-5025 Remote Security Vulnerability
2880| [84213] Flexera Software InstallShield CVE-2016-2542 DLL Loading Local Privilege Escalation Vulnerability
2881| [84192] Osu Httpd CVE-2006-4907 Information Disclosure Vulnerability
2882| [84189] Osu Httpd CVE-2006-4908 Information Disclosure Vulnerability
2883| [84159] Punbb CVE-2006-4759 File-Upload Vulnerability
2884| [83930] Microsoft Windows Library Loading CVE-2016-0100 Remote Code Execution Vulnerability
2885| [83923] Downloadcontrol CVE-2006-2553 Cross-Site Scripting Vulnerability
2886| [83872] Huawei UTPS CVE-2016-2780 DLL Loading Local Code Execution Vulnerability
2887| [83859] Dokuwiki CVE-2006-4675 File-Upload Vulnerability
2888| [83747] Webex Downloader Activex Control CVE-2006-3424 Remote Security Vulnerability
2889| [83728] PHCDownload CVE-2006-3525 SQL-Injection Vulnerability
2890| [83719] Jenkins CVE-2016-0789 HTTP Response Splitting Vulnerability
2891| [83713] vtiger CRM CVE-2006-4617 File-Upload Vulnerability
2892| [83703] Microsoft PowerPoint Viewer DLL Loading Arbitrary Code Execution Vulnerability
2893| [83596] GIMP DLL Loading Arbitrary Code Execution Vulnerability
2894| [83589] Wireshark CVE-2016-2521 DLL Loading Remote Code Execution Vulnerability
2895| [83522] Dproxy CVE-2007-1866 Remote Security Vulnerability
2896| [83502] Http Service CVE-2007-5560 Remote Security Vulnerability
2897| [83469] Download Accelerator Plus CVE-2008-3433 Remote Security Vulnerability
2898| [83408] Drupal Core Arbitrary File Upload and Information Disclosure Vulnerabilities
2899| [83391] Nghttp2 CVE-2016-1544 Local Denial of Service Vulnerability
2900| [83296] Square OkHttp CVE-2016-2402 Security Bypass Vulnerability
2901| [83282] Node.js CVE-2016-2086 HTTP Request Smuggling Vulnerability
2902| [83245] HD Video Player PRO Local File Include and Arbitrary File Upload Vulnerabilities
2903| [83220] SAP Java Proxy Runtime Unspecified Cross Site Scripting Vulnerability
2904| [83141] Node.js CVE-2016-2216 HTTP Response Splitting Vulnerability
2905| [83133] ME Download System CVE-2006-4054 Remote Security Vulnerability
2906| [82988] Wm Downloader CVE-2009-1327 Remote Security Vulnerability
2907| [82980] Rm Downloader CVE-2009-1326 Remote Security Vulnerability
2908| [82893] OmniHTTPD CVE-2002-1455 Cross-Site Scripting Vulnerability
2909| [82813] Windows NT CVE-1999-0489 File-Upload Vulnerability
2910| [82630] Netgear Management System NMS300 Directory Traversal and Arbitrary File Upload Vulnerabilities
2911| [82563] Cherokee Httpd CVE-2004-1946 Local Security Vulnerability
2912| [82517] CCProxy CVE-2004-2685 Remote Security Vulnerability
2913| [82511] Microsoft Windows CVE-2016-0044 DLL Loading Denial of Service Vulnerability
2914| [82510] Microsoft Windows CVE-2016-0042 DLL Loading Local Privilege Escalation Vulnerability
2915| [82505] Microsoft Windows CVE-2016-0041 DLL Loading Multiple Local Privilege Escalation Vulnerabilities
2916| [82481] Mini-Stream Rm Downloader CVE-2009-1646 Remote Security Vulnerability
2917| [82436] Download module for PostNuke CVE-2005-0616 Cross-Site Scripting Vulnerability
2918| [82419] RaidenHTTPD CVE-2005-0623 Remote Security Vulnerability
2919| [82356] Java System Web Proxy Server CVE-2005-1232 Remote Security Vulnerability
2920| [82145] Burak Yilmaz Download Portal CVE-2006-6672 SQL-Injection Vulnerability
2921| [81928] Aktueldownload Haber Script CVE-2007-1015 SQL-Injection Vulnerability
2922| [81925] Aktueldownload Haber Script CVE-2007-1016 SQL-Injection Vulnerability
2923| [81845] Rha7 Downloads CVE-2007-2107 SQL-Injection Vulnerability
2924| [81692] Foxit Reader and Foxit PhantomPDF DLL Loading Arbitrary Code Execution Vulnerability
2925| [81690] LEADTOOLS ActiveX Control Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
2926| [81689] HP LaserJet Fax Preview DLL Loading Arbitrary Code Execution Vulnerability
2927| [81687] HP LaserJet Printer DLL Loading Arbitrary Code Execution Vulnerability
2928| [81546] Multiple F5 BIG-IP Products CVE-2015-5516 Denial of Service Vulnerability
2929| [81524] Anon Proxy Server CVE-2007-6460 Cross-Site Scripting Vulnerability
2930| [81470] PHCDownload CVE-2007-6670 SQL-Injection Vulnerability
2931| [81457] Http File Server CVE-2008-0409 Cross-Site Scripting Vulnerability
2932| [81125] Oracle GoldenGate CVE-2016-0451 Arbitrary File Upload Vulnerability
2933| [81122] Oracle GoldenGate CVE-2016-0452 Arbitrary File Upload Vulnerability
2934| [80740] H2O CVE-2016-1133 HTTP Header Injection Vulnerability
2935| [80737] PHCDownload CVE-2008-6597 Cross-Site Scripting Vulnerability
2936| [80526] HPE ArcSight Logger Client Certificate Upload Multiple Security Bypass Vulnerabilities
2937| [80486] Download Manager CVE-2006-2964 Multiple File Include Vulnerabilities
2938| [80438] Nghttp2 CVE-2015-8659 Unspecified Security Vulnerability
2939| [80433] Multiple F5 BIG-IP Products CVE-2015-7759 Denial of Service Vulnerability
2940| [80430] Multiple F5 BIG-IP Products CVE-2015-7393 Local Privilege Escalation Vulnerability
2941| [80385] Multiple F5 BIG-IP Products CVE-2015-8611 Insecure Default Password Vulnerability
2942| [80271] Myth Download CVE-2009-4701 SQL-Injection Vulnerability
2943| [80203] Uploader CVE-2003-1552 File-Upload Vulnerability
2944| [80166] TrueCrypt and VeraCrypt DLL Loading Arbitrary Code Execution Vulnerability
2945| [80061] I-Httpd CVE-2014-7263 Cross-Site Scripting Vulnerability
2946| [80059] I-Httpd CVE-2014-7262 Cross-Site Scripting Vulnerability
2947| [80040] I-Httpd CVE-2014-7261 Cross-Site Scripting Vulnerability
2948| [80022] F5 BIG-IP APM File Handling Out of Bounds Memory Corruption Vulnerability
2949| [79985] Maian Uploader CVE-2014-10004 SQL-Injection Vulnerability
2950| [79968] Maian Uploader CVE-2014-10003 Cross-Site Scripting Vulnerability
2951| [79966] Maian Uploader CVE-2014-10006 Cross-Site Scripting Vulnerability
2952| [79909] Microsoft Windows MAPI DLL Loading CVE-2016-0020 Local Privilege Escalation Vulnerability
2953| [79906] Microsoft Windows CVE-2016-0018 DLL Loading Remote Code Execution Vulnerability
2954| [79902] Microsoft Windows CVE-2016-0016 DLL Loading Remote Code Execution Vulnerability
2955| [79901] Linux Kernel KVM 'kvm_pit_load_count()' Function Divide By Zero Denial of Service Vulnerability
2956| [79896] Microsoft Windows DLL Loading CVE-2016-0014 Local Privilege Escalation Vulnerability
2957| [79837] RETIRED: F5 BIG-IP LTM Denial of Service Vulnerability
2958| [79712] Mediawiki CVE-2015-8625 Arbitrary File Upload Vulnerability
2959| [79702] CG-WLBARAGM Wireless LAN Router CVE-2015-7793 Open Proxy Vulnerability
2960| [79669] Multiple Kaspersky products DLL Loading Arbitrary Code Execution Vulnerability
2961| [79666] WinRAR CVE-2015-5663 Executable Loading Arbitrary Code Execution Vulnerability
2962| [79657] F-Secure Online Scanner CVE-2015-8264 DLL Loading Arbitrary Code Execution Vulnerability
2963| [79652] Oracle OLE DB Provider Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
2964| [79630] Maian Uploader CVE-2014-10005 Information Disclosure Vulnerability
2965| [79629] Product Data Management CVE-2014-100015 File-Upload Vulnerability
2966| [79603] WebFrame CVE-2009-0514 File-Upload Vulnerability
2967| [79591] Downloadcenter CVE-2009-0732 Information Disclosure Vulnerability
2968| [79586] Kipper CVE-2009-0765 File-Upload Vulnerability
2969| [79580] Phpskelsite CVE-2009-0596 File-Upload Vulnerability
2970| [79570] Ziproxy CVE-2009-0804 Security Bypass Vulnerability
2971| [79538] Rapidleech CVE-2009-1090 File-Upload Vulnerability
2972| [79530] Pastelcms CVE-2009-1405 File-Upload Vulnerability
2973| [79518] Fungamez CVE-2009-1488 File-Upload Vulnerability
2974| [79502] Answer And Question Script CVE-2009-1663 File-Upload Vulnerability
2975| [79460] DeDeCMS CVE-2009-2270 File-Upload Vulnerability
2976| [79432] Dit.Cms CVE-2009-2784 File-Upload Vulnerability
2977| [79423] Cms Chainuk CVE-2009-2333 File-Upload Vulnerability
2978| [79386] Vedit CVE-2009-3064 File-Upload Vulnerability
2979| [79369] Gazelle CMS CVE-2009-3182 File-Upload Vulnerability
2980| [79326] Cmsphp CVE-2009-3507 File-Upload Vulnerability
2981| [79315] D.Net Cms CVE-2009-3515 File-Upload Vulnerability
2982| [79311] Httpdx CVE-2009-3711 Denial-Of-Service Vulnerability
2983| [79300] WordPress CVE-2009-3890 File-Upload Vulnerability
2984| [79293] XUpload CVE-2009-3693 Directory Traversal Vulnerability
2985| [79269] Sweetrice CVE-2009-4231 File-Upload Vulnerability
2986| [79264] Operations Manager CVE-2009-4189 File-Upload Vulnerability
2987| [79262] Betsy Cms CVE-2009-4056 File-Upload Vulnerability
2988| [79259] CuteNews CVE-2009-4116 File-Upload Vulnerability
2989| [79252] Piwik CVE-2009-4137 File-Upload Vulnerability
2990| [79229] Open Source Security Information Management CVE-2009-4373 File-Upload Vulnerability
2991| [79180] Serendipity CVE-2009-4412 File-Upload Vulnerability
2992| [79155] Httpdx CVE-2009-4770 Remote Security Vulnerability
2993| [79144] Bandsite Cms CVE-2009-4793 File-Upload Vulnerability
2994| [79136] Skadate Online Dating Software CVE-2009-4739 File-Upload Vulnerability
2995| [79094] Cre Loaded CVE-2009-5076 Security Bypass Vulnerability
2996| [79073] Cre Loaded CVE-2009-5077 Security Bypass Vulnerability
2997| [79053] Sb Folderdownload CVE-2010-0325 Information Disclosure Vulnerability
2998| [79045] Dhttpd CVE-2009-5110 Denial-Of-Service Vulnerability
2999| [79023] Com Gcalendar CVE-2010-0972 File-Upload Vulnerability
3000| [79014] Scriptegrator Plugin CVE-2010-0760 File-Upload Vulnerability
3001| [79006] vBSEO CVE-2010-1077 File-Upload Vulnerability
3002| [78967] OpenCominterne CVE-2010-1936 File-Upload Vulnerability
3003| [78956] Openfoncier CVE-2010-1948 File-Upload Vulnerability
3004| [78955] openCatalogue CVE-2010-1999 File-Upload Vulnerability
3005| [78954] Openpresse CVE-2010-1935 File-Upload Vulnerability
3006| [78946] Opencourrier CVE-2010-1926 File-Upload Vulnerability
3007| [78942] Openplanning CVE-2010-1928 File-Upload Vulnerability
3008| [78934] Proman CVE-2010-2138 File-Upload Vulnerability
3009| [78929] Orbit Downloader CVE-2010-2104 Directory Traversal Vulnerability
3010| [78918] CMSQLite CVE-2010-2096 File-Upload Vulnerability
3011| [78909] OPC Systems.NET CVE-2015-7917 DLL Loading Local Privilege Escalation Vulnerability
3012| [78881] Ziproxy CVE-2010-2350 Denial-Of-Service Vulnerability
3013| [78879] CMS Made Simple CVE-2010-2797 File-Upload Vulnerability
3014| [78817] Cisco Emergency Responder Web Framework CVE-2015-6407 Arbitrary File Upload Vulnerability
3015| [78807] LOYTEC Router CVE-2015-7906 Arbitrary File Download Vulnerability
3016| [78792] Websiteadmin CVE-2010-3688 File-Upload Vulnerability
3017| [78763] vtiger CRM CVE-2010-3910 File-Upload Vulnerability
3018| [78739] Multiple Cisco IP Phones CVE-2015-6403 Local Arbitrary File Upload Vulnerability
3019| [78634] Proxysg Sg9000-5 CVE-2010-5189 Remote Security Vulnerability
3020| [78628] Proxysg Sg9000-5 CVE-2010-5190 Security Bypass Vulnerability
3021| [78615] Microsoft Windows Library Loading CVE-2015-6133 Remote Code Execution Vulnerability
3022| [78614] Microsoft Windows Library Loading CVE-2015-6132 Remote Code Execution Vulnerability
3023| [78612] Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
3024| [78593] Fraise CVE-2011-0518 File-Upload Vulnerability
3025| [78457] Multiple IBM Products CVE-2015-2017 HTTP Response Splitting Vulnerability
3026| [78340] Open Business Management CVE-2011-5141 File-Upload Vulnerability
3027| [78332] Com Jce CVE-2011-5134 File-Upload Vulnerability
3028| [78321] Openemr CVE-2011-5161 File-Upload Vulnerability
3029| [78220] WordPress Double-Opt-in-for-Download Plugin Multiple SQL Injection Vulnerabilities
3030| [78170] Rbx Gallery CVE-2012-3575 File-Upload Vulnerability
3031| [78157] Wpstorecart CVE-2012-3576 File-Upload Vulnerability
3032| [78152] Font Uploader CVE-2012-3814 File-Upload Vulnerability
3033| [78102] Elastic Load Balancing Api Tools CVE-2012-5781 Remote Security Vulnerability
3034| [78094] Phppaleo CVE-2012-5386 File-Upload Vulnerability
3035| [77980] Powermail CVE-2014-3947 File-Upload Vulnerability
3036| [77946] HP LoadRunner Virtual Table Server CVE-2015-6857 Local Code Execution Vulnerability
3037| [77890] An-Http CVE-2003-1270 Denial-Of-Service Vulnerability
3038| [77841] Proxysg CVE-2011-5124 Remote Security Vulnerability
3039| [77759] Cformsii CVE-2014-9473 File-Upload Vulnerability
3040| [77741] Infinitewp Admin Panel CVE-2014-9521 File-Upload Vulnerability
3041| [77732] ProjectSend CVE-2014-9567 File-Upload Vulnerability
3042| [77673] TomatoCart 'json.php' Multiple Arbitrary File Upload Vulnerabilities
3043| [77666] Multiple F5 BIG-IP Products CVE-2015-3628 Privilege Escalation Vulnerability
3044| [77658] AggreGate Platform Multiple Arbitrary File Upload Vulnerabilities
3045| [77372] Mediawiki 'api/ApiUpload.php' Security Bypass Vulnerability
3046| [77110] Apache HttpComponents HttpClient CVE-2015-5262 Denial of Service Vulnerability
3047| [77087] MAGMI Plugin For Magento 'download_file.php' Directory Traversal Vulnerability
3048| [77076] Multiple F5 Products CVE-2015-4040 Directory Traversal Vulnerability
3049| [77013] SolarWinds Storage Manager 'ProcessFileUpload.jsp' Arbitrary File Upload Vulnerability
3050| [76929] Python DLL Loading 'readline.pyd' Remote Code Execution Vulnerability
3051| [76899] TYPO3 'http:BL Blocking' Extension SQL Injection Vulnerability
3052| [76838] Kaseya Virtual System Administrator CVE-2015-6589 Arbitrary File Upload Vulnerability
3053| [76835] Kaseya Virtual System Administrator Arbitrary File Upload and Privilege Escalation Vulnerability
3054| [76832] Apache cordova-plugin-file-transfer CVE-2015-5204 HTTP Header Injection Vulnerability
3055| [76727] FreeType 't1load.c' Denial of Service Vulnerability
3056| [76726] Symantec Web Gateway CVE-2015-5692 Arbitrary File Upload Vulnerability
3057| [76716] IBM WebSphere eXtreme Scale CVE-2015-2028 HTTP Response Splitting Vulnerability
3058| [76658] IBM HTTP Server CVE-2015-4947 Stack Buffer Overflow Vulnerability
3059| [76545] HP LoadRunner CVE-2015-5426 Local Code Execution Vulnerability
3060| [76459] JasPer 'jasper_image_stop_load()' Function Double Free Denial of Service Vulnerability
3061| [76445] ManageEngine ServiceDesk Arbitrary File Upload Vulnerability
3062| [76418] SAP NetWeaver 'AFPServlet' Arbitrary File Download Vulnerability
3063| [76368] vBulletin Multiple Arbitrary File Upload Vulnerabilities
3064| [76339] Apple Safari WebKit Page Loading Information Disclosure Vulnerability
3065| [76281] Golang Go CVE-2015-5739 HTTP Header Injection Vulnerability
3066| [76271] Thomson Reuters FATCA CVE-2015-5951 Arbitrary File Upload Vulnerability
3067| [76228] Microsoft Remote Desktop Protocol DLL Loading CVE-2015-2473 Remote Code Execution Vulnerability
3068| [76226] SuiteCRM 'Upload Company Logo' Functionality Incomplete Fix Arbitrary File Upload Vulnerability
3069| [76091] RabbitMQ CVE-2014-9650 HTTP Response Splitting Vulnerability
3070| [76061] Gazou BBS plus CVE-2015-2974 Arbitrary File Upload Vulnerability
3071| [76032] Golang Go CVE-2015-5741 HTTP Header Injection Vulnerability
3072| [76028] WordPress MailCWP Plugin 'mailcwp-upload.php' Arbitrary File Upload Vulnerability
3073| [76014] Multiple D-Link Products HTTP Buffer Overflow Vulnerability
3074| [76009] WordPress wp-powerplaygallery Plugin 'upload.php' Multiple SQL Injection Vulnerabilities
3075| [75991] WordPress image-export Plugin 'download.php' Arbitrary File Download Vulnerability
3076| [75965] Apache HTTP Server CVE-2015-3185 Security Bypass Vulnerability
3077| [75964] Apache HTTP Server CVE-2015-0253 Remote Denial of Service Vulnerability
3078| [75963] Apache HTTP Server CVE-2015-3183 Security Vulnerability
3079| [75962] Microsoft Malicious Software Removal Tool DLL Loading Local Privilege Escalation Vulnerability
3080| [75943] Multiple F5 BIG-IP Products CVE-2015-4637 Authentication Bypass Vulnerability
3081| [75922] SAP SERVICE DATA DOWNLOAD Remote Command Execution Vulnerability
3082| [75755] Oracle Endeca Information Discovery Studio CVE-2015-2602 Arbitrary File Upload Vulnerability
3083| [75750] Oracle Endeca Information Discovery Studio CVE-2015-4745 Arbitrary File Download Vulnerability
3084| [75698] WordPress IBS Mappro Plugin 'download.php' Arbitrary File Download Vulnerability
3085| [75600] WordPress Swim Team Plugin 'download.php' Arbitrary File Download Vulnerability
3086| [75599] WordPress ACF Frontend Display Plugin 'index.php' Arbitrary File Upload Vulnerability
3087| [75584] WordPress S3Bubble Plugin 'downloader.php' Arbitrary File Download Vulnerability
3088| [75577] PivotX Cross Site Scripting, Session Fixation and Arbitrary File Upload Vulnerabilities
3089| [75567] WordPress MDC YouTube Downloader Plugin 'download.php' Arbitrary File Download Vulnerability
3090| [75563] WordPress WP e-Commerce Shop Styling Plugin 'download.php' Arbitrary File Download Vulnerability
3091| [75554] HAProxy CVE-2015-3281 Information Disclosure Vulnerability
3092| [75519] Multiple EMC Documentum Products Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3093| [75396] WordPress Download Zip Attachments Plugin 'download.php' Arbitrary File Download Vulnerability
3094| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
3095| [75366] IBM Leads CVE-2015-0126 Multiple Arbitrary File Upload Vulnerabilities
3096| [75344] IBM WebSphere Commerce CVE-2015-0196 HTTP Response Splitting Vulnerability
3097| [75341] WordPress Fusion Theme 'functions.php' Arbitrary File Upload Vulnerability
3098| [75326] Cisco Web Security Appliance CVE-2015-4198 HTTP Header Injection Vulnerability
3099| [75311] MantisBT SQL Injection and Arbitrary File Download Vulnerabilities
3100| [75297] Schneider Electric Wonderware System Platform DLL Loading Arbitrary Code Execution Vulnerability
3101| [75276] Drupal HTTP Strict Transport Security Module Security Bypass Vulnerability
3102| [75248] TYPO3 Frontend User Upload Extension CVE-2015-4607 Arbitrary File Upload Vulnerability
3103| [75238] TYPO3 Job Fair Extension CVE-2015-4606 Arbitrary File Upload Vulnerability
3104| [75226] WordPress History Collection Plugin 'download.php' Arbitrary File Download Vulnerability
3105| [75211] WordPress Zip Attachments Plugin 'download.php' Arbitrary File Download Vulnerability
3106| [75210] BlackCat CMS 'logs.php' Arbitrary File Download Vulnerability
3107| [75207] WordPress NativeChurch Theme 'download.php' Arbitrary File Download Vulnerability
3108| [75203] Symantec Endpoint Protection Manager and Client DLL Loading Local Privilege Escalation Vulnerability
3109| [75182] Microsoft Internet Explorer ShowSaveFileDialog DLL Loading Arbitrary Code Execution Vulnerability
3110| [75164] IBM HTTP Server CVE-2015-1829 Denial of Service Vulnerability
3111| [75146] WordPress 'functions.php' Arbitrary File Upload Vulnerability
3112| [75110] WordPress Aviary Image Editor Add-on For Gravity Forms Plugin Arbitrary File Upload Vulnerability
3113| [75047] WordPress Wow Moodboard Lite Plugin 'wowproxy.php' Open Redirection Vulnerability
3114| [75026] Cisco TelePresence Integrator C Series CVE-2015-0770 HTTP Response Splitting Vulnerability
3115| [75004] Microsoft Windows LoadLibrary CVE-2015-1758 Remote Privilege Escalation Vulnerability
3116| [74967] Cisco Unified MeetingPlace CVE-2015-0764 Arbitrary File Download Vulnerability
3117| [74958] IBM Marketing Operations CVE-2014-8887 Arbitrary File Upload Vulnerability
3118| [74931] Multiple IBM Flex System Products CVE-2014-9564 HTTP Response Splitting Vulnerability
3119| [74920] Cisco Headend System Release CVE-2015-0745 Arbitrary File Download Vulnerabilitiy
3120| [74919] Cisco Videoscape Conductor and Headend System Release HTTP Header Injection Vulnerability
3121| [74917] Cisco Headend Digital Broadband Delivery System CVE-2015-0733 HTTP Response Splitting Vulnerability
3122| [74875] Sierra Wireless AirCard 'export.cfg' HTTP Header Injection Vulnerability
3123| [74858] Wavelink ConnectPro 'WLTermProxyService.exe' Heap Buffer Overflow Vulnerability
3124| [74828] WordPress Estrutura-Basica Theme 'download.php' Arbitrary File Download Vulnerability
3125| [74813] Lighttpd 'http_auth.c' Security Bypass Vulnerability
3126| [74788] Visual Mining NetCharts Server CVE-2015-4032 Arbitrary File Upload Vulnerability
3127| [74772] Schneider Electric OPC Factory Server DLL Loading Arbitrary Code Execution Vulnerability
3128| [74758] WordPress Simple Backup Plugin 'tools.php' Arbitrary File Download Vulnerability
3129| [74744] SuiteCRM 'Upload Company Logo' Functionality Arbitrary File Upload Vulnerability
3130| [74738] Xamarin for Android DLL Loading Arbitrary Code Execution Vulnerability
3131| [74737] HP LoadRunner CVE-2015-2110 Remote Buffer Overflow Vulnerability
3132| [74731] WISE-FTP DLL Loading Multiple Local Code Execution Vulnerabilities
3133| [74709] Cisco Sourcefire 3D System Lights-Out Management CVE-2015-0739 Arbitrary File Upload Vulnerability
3134| [74650] Multiple F5 BIG-IP Products SSL Certificate Validation Multiple Security Bypass Vulnerabilities
3135| [74625] SAP Sybase Unwired Platform Online Data Proxy Local Information Disclosure Vulnerability
3136| [74583] HP Network Virtualization for LoadRunner and Performance Center Information Disclosure Vulnerability
3137| [74562] F5 Networks BIG-IQ User Enumeration Vulnerability
3138| [74479] F5 BIG-IP Application Security Manager Security Bypass Vulnerability
3139| [74442] IBM InfoSphere Optim Workload Replay CVE-2015-1895 Security Bypass Vulnerability
3140| [74441] IBM InfoSphere Optim Workload Replay CVE-2015-1894 Cross Site Request Forgery Vulnerability
3141| [74343] Drupal Webform Multiple File Upload Module Multiple Cross Site Request Forgery Vulnerabilities
3142| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
3143| [74308] Avsarsoft Matbaa Script Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3144| [74286] Cisco FireSIGHT System Software CVE-2015-0706 HTTP Open Redirection Vulnerability
3145| [74271] Drupal Public Download Count Module CVE-2015-3389 Cross Site Scripting Vulnerability
3146| [74209] Wolf CMS 'FileManagerController.php' Arbitrary File Upload Vulnerability
3147| [74207] LiteSpeed Web Server 'httpreq.cpp' Use After Free Denial of Service Vulnerability
3148| [74201] BlueDragon CFChart Servlet CVE-2014-5370 Arbitrary File Download Vulnerability
3149| [74158] Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability
3150| [74013] Microsoft Windows HTTP Protocol Stack CVE-2015-1635 Remote Code Execution Vulnerability
3151| [73949] Novell ZENworks Configuration Management CVE-2015-0779 Remote File Upload Vulnerability
3152| [73944] WordPress Work The Flow Plugin 'index.php' Arbitrary File Upload Vulnerability
3153| [73909] ManageEngine Desktop Central MSP 'InventorySWMeteringServlet' Arbitrary File Upload Vulnerability
3154| [73907] ManageEngine OpManager CVE-2014-6036 Arbitrary File Upload Vulnerability
3155| [73694] WordPress VideoWhisper Video Conference Integration Arbitrary File Upload Vulnerability
3156| [73690] WordPress VideoWhisper Video Presentation 'vw_upload.php' Arbitrary File Upload Vulnerability
3157| [73538] Barracuda Link Balancer Series Firmware CVE-2011-5114 Cross-Site Scripting Vulnerability
3158| [73450] mini_httpd CVE-2015-1548 Information Disclosure Vulnerability
3159| [73445] WordPress Aspose DOC Exporter Plugin Arbitrary File Download Vulnerability
3160| [73439] Websense TRITON V-Series CVE-2015-2772 Unspecified Arbitrary File Upload Vulnerability
3161| [73404] GoAhead WebServer 'src/http.c' Directory Traversal Vulnerability
3162| [73384] WordPress Aspose Cloud eBook Generator Arbitrary File Download Vulnerability
3163| [73382] Berta CMS 'upload.php' Arbitrary File Upload Vulnerability
3164| [73350] Huawei eSpace Desktop CVE-2014-9416 DLL Loading Multiple Local Code Execution Vulnerabilities
3165| [73328] WordPress WP Marketplace Plugin 'wpmarketplace\libs\cart.php' Arbitrary File Download Vulnerability
3166| [73309] Citrix Command Center CVE-2015-2682 Arbitrary File Download Vulnerabilitiy
3167| [73298] Codoforum 'index.php' Arbitrary File Download Vulnerabilitiy
3168| [73247] Multiple Rockwell Automation Products DLL Loading Multiple Local Code Execution Vulnerabilities
3169| [73118] WordPress Pixabay Images Plugin CVE-2015-1375 Arbitrary File Upload Vulnerability
3170| [73083] Adobe Flash Player CVE-2015-0340 File Upload Restriction Security Bypass Vulnerability
3171| [73041] Apache HTTP Server 'mod_lua' Module Denial of Service Vulnerability
3172| [73040] Apache HTTP Server 'mod_lua.c' Local Access Bypass Vulnerability
3173| [73030] Telerik Analytics Monitor Library DLL Loading Multiple Local Code Execution Vulnerabilities
3174| [73027] Cimon CmnView CVE-2014-9207 DLL Loading Arbitrary Code Execution Vulnerability
3175| [72999] NetCat CMS Multiple HTTP Response Splitting Vulnerabilities
3176| [72992] WeBid 'ajax.php' Arbitrary File Upload Vulnerability
3177| [72956] GNOME librest 'rest_proxy_call_get_url()' Memory Corruption Vulnerability
3178| [72894] Microsoft Windows DLL Loading CVE-2015-0096 Remote Code Execution Vulnerability
3179| [72767] libcsoap 'nanohttp-server.c' Buffer Overflow and Denial of Service Vulnerabilities
3180| [72749] Mozilla Firefox 'nsXMLHttpRequest::GetResponse' Heap Double Free Memory Corruption Vulnerability
3181| [72747] Mozilla Firefox Firefox ESR and Thunderbird DLL Loading Arbitrary Code Execution Vulnerability
3182| [72703] Squid CVE-2015-0881 HTTP Header Injection Vulnerability
3183| [72686] GLPI Arbitrary File Upload and Privilege Escalation Vulnerability
3184| [72674] Drupal Avatar Uploader Module Arbitrary File Upload Vulnerability
3185| [72633] HumHub '.htaccess' Arbitrary File Upload Vulnerability
3186| [72621] Maarch LetterBox CVE-2015-1587 Arbitrary File Upload Vulnerability
3187| [72620] WordPress Photo Gallery Plugin CVE-2014-9312 Arbitrary File Upload Vulnerability
3188| [72546] WordPress Holding Pattern Theme CVE-2015-1172 Arbitrary File Upload Vulnerability
3189| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
3190| [72471] ArticleFR 'videouploader.php' Arbitrary File Upload Vulnerability
3191| [72384] SYNCK GRAPHICA Download Log CGI CVE-2015-0867 Directory Traversal Vulnerability
3192| [72256] Multiple EMC Products CVE-2015-0515 Arbitrary File Upload Vulnerability
3193| [72250] Siemens Scalance X Switches 'HTTP' Request Denial of Service Vulnerability
3194| [72193] Oracle HTTP Server CVE-2015-0386 Remote Security Vulnerability
3195| [72143] Oracle HTTP Server CVE-2014-6571 Remote Security Vulnerability
3196| [72079] Django 'django.util.http.is_safe_url()' Cross Site Scripting Vulnerability
3197| [72053] Apache HTTP Server 'mod_remoteip.c' IP Address Spoofing Vulnerability
3198| [72046] Mozilla Firefox/Thunderbird/SeaMonkey Proxy Authentication Session Fixation Vulnerability
3199| [72017] Fork CMS 'loadForm()' Function Cross Site Scripting Vulnerability
3200| [72014] F5 Networks BIG-IP Application Security Manager (ASM) HTML Injection Vulnerability
3201| [72010] Corel FastFlick CVE-2014-8398 Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
3202| [72009] VideoStudio Pro X7 'u32ZLib.dll' DLL Loading Arbitrary Code Execution Vulnerability
3203| [72007] Corel PDF Fusion 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability
3204| [72006] Corel Painter 'wacommt.dll' DLL Loading Arbitrary Code Execution Vulnerability
3205| [72005] Multiple Corel Products 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
3206| [72004] CorelCAD 'TD_Mgd_3.08_9.dll' DLL Loading Arbitrary Code Execution Vulnerability
3207| [71983] WordPress Shopping Cart Plugin 'banneruploaderscript.php' Arbitrary File Upload Vulnerability
3208| [71894] Strongswan IKEv2 Payloads CVE-2014-9221 Remote Denial Of Service Vulnerability
3209| [71879] Apache Traffic Server 'HttpTransact.cc' Denial of Service Vulnerability
3210| [71872] AdaptCMS Arbitrary File Upload Vulnerability
3211| [71871] AdaptCMS 'Referer' Header Field HTTP Open Redirection Vulnerability
3212| [71842] Osclass 'contact.php' Arbitrary File Upload Vulnerability
3213| [71818] WordPress cformsII Plugin 'lib_nonajax.php' Arbitrary File Upload Vulnerability
3214| [71808] WordPress Frontend Uploader Plugin 'errors' Parameter Cross Site Scripting Vulnerability
3215| [71781] libvirt 'storageVolUpload()' Function Local Denial of Service Vulnerability
3216| [71744] Allegro RomPager HTTP Cookie Handling CVE-2014-9222 Security Bypass Vulnerability
3217| [71702] WordPress DB Backup Plugin 'download.php' Directory Traversal Vulnerability
3218| [71686] WordPress WP Symposium Plugin Multiple Arbitrary File Upload Vulnerabilities
3219| [71672] Intrexx CVE-2014-2025 Unspecified Arbitrary File Upload Vulnerability
3220| [71656] Apache HTTP Server 'mod_cache' Module Denial of Service Vulnerability
3221| [71551] WordPress Ajax Store Locator Plugin 'sl_file_download.php' Arbitrary File Download Vulnerability
3222| [71549] Multiple F5 Products CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability
3223| [71535] Zenoss Core 'HTTPOnly' Cookie Flag Information Disclosure Vulnerability
3224| [71521] MantisBT 'file_download.php' HTML Injection Vulnerability
3225| [71490] WordPress Download Manager Plugin Remote Code Execution and Remote File Include Vulnerabilities
3226| [71418] WordPress CM Download Manager Plugin Cross Site Request Forgery Vulnerability
3227| [71404] Multiple ManageEngine Products Multiple Arbitrary File Download Vulnerabilities
3228| [71380] MantisBT 'file_download.php' HTML Injection Vulnerability
3229| [71353] Apache HTTP Server 'LuaAuthzProvider' Authorization Bypass Vulnerability
3230| [71290] Digi Online Examination System CVE-2014-8997 Unspecified Arbitrary File Upload Vulnerability
3231| [71274] Serenity Client Management Portal Arbitrary File Upload and Multiple HTML Injection Vulnerabilities
3232| [71272] WordPress wpDataTables Plugin Multiple Arbitrary File Upload Vulnerabilities
3233| [71266] Mouse Media Script Upload Image Multiple HTML Injection Vulnerabilities
3234| [71229] Joomla HD FLV 'com_hdflvplayer/hdflvplayer/download.php' Arbitrary File Download Vulnerabilitiy
3235| [71204] WordPress CM Download Manager Plugin CVE-2014-8877 Remote PHP Code Execution Vulnerability
3236| [71127] Moodle CVE-2014-7835 Unspecified Arbitrary File Upload Vulnerability
3237| [71108] OpenKM 'frontend/Download' Cross Site Scripting Vulnerability
3238| [71099] Multiple Magento Products CVE-2014-8770 Arbitrary File Upload Vulnerability
3239| [71063] F5 Networks BIG-IP CVE-2014-8727 Directory Traversal Vulnerability
3240| [71001] Multiple ManageEngine Products CVE-2014-7866 Arbitrary File Upload Vulnerabilities
3241| [70929] HelpDEZk 'uploadify.php' Arbitrary File Upload Vulnerability
3242| [70920] Cisco Small Business RV Series Routers CVE-2014-2179 Arbitrary File Upload Vulnerability
3243| [70895] Visual Mining NetCharts Server CVE-2014-8516 Arbitrary File Upload Vulnerability
3244| [70838] F5 Networks BIG-IP CVE-2014-6033 XML External Entity Injection Vulnerability
3245| [70834] F5 Networks BIG-IP CVE-2014-6032 XML External Entity Injection Vulnerability
3246| [70764] WordPress Download Manager Plugin 'file_download.php' Arbitrary File Download Vulnerabilitiy
3247| [70734] Multiple Maarch Products 'file_to_index.php' Arbitrary File Upload Vulnerability
3248| [70727] IBM Tivoli Integrated Portal CVE-2014-6151 HTTP Response Splitting Vulnerability
3249| [70723] Creative Contact Form 'wp-content/plugins/sexy-contact-form' Arbitrary File Upload Vulnerability
3250| [70716] DotNetNuke DNNspot Store 'UploadifyHandler.ashx' Arbitrary File Upload Vulnerability
3251| [70671] Huawei Mobile Partner 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
3252| [70614] Fox DataDiode Proxy Server CVE-2014-2358 Cross Site Request Forgery Vulnerability
3253| [70576] YourMembers 'ym-download_functions.include.php' SQL Injection Vulnerability
3254| [70375] TWiki '.htaccess' File Arbitrary File Upload Vulnerability
3255| [70320] Foreman Smart Proxy CVE-2014-3691 SSL Certificate Validation Security Bypass Vulnerability
3256| [70231] Zyxel SBG-3300 Series Routers 'framLoad()' Function Denial of Service Vulnerability
3257| [70216] HTTP File Server CVE-2014-7226 Remote Command Execution Vulnerability
3258| [70181] Cisco WebEx Meetings Server CVE-2014-3395 Arbitrary File Download Vulnerabilitiy
3259| [70169] ManageEngine OpManager CVE-2014-6035 Arbitrary File Upload Vulnerability
3260| [70167] Multiple ManageEngine Products CVE-2014-6034 Arbitrary File Upload Vulnerability
3261| [70162] Posnic Multiple Information Disclosure and Arbitrary File Upload Vulnerabilities
3262| [70145] WordPress WP file upload and manager by N-Media Plugin Arbitrary File Upload Vulnerability
3263| [70109] HTTP File Server Multiple Cross Site Scripting Vulnerabilities
3264| [70082] Joomla! Face Gallery SQL Injection and Arbitrary File Download Vulnerabilities
3265| [70081] X2CRM 'FileUploadsFilter.php' CVE-2014-5298 Arbitrary File Upload Vulnerability
3266| [70078] Joomla Mac Gallery 'albumid' Parameter Arbitrary File Download Vulnerabilitiy
3267| [69996] AVD Download Video CVE-2014-5666 SSL Certificate Validation Security Bypass Vulnerability
3268| [69806] Huawei Honor Cube WS860S Arbitrary File Upload Vulnerability
3269| [69782] HTTP File Server 'ParserLib.pas' Remote Command Execution Vulnerability
3270| [69759] WordPress Trinity Theme 'download.php' Arbitrary File Download Vulnerabilitiy
3271| [69734] IBM WebSphere Portal CVE-2014-4792 Arbitrary File Upload Vulnerability
3272| [69728] Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
3273| [69719] Posnic SQL Injection and Arbitrary File Upload Vulnerabilities
3274| [69690] HAProxy Multiple Buffer Overflow Vulnerabilities
3275| [69680] Multiple F5 Networks Products CVE-2014-4024 Information Disclosure Vulnerability
3276| [69676] Loaded Commerce 7 Address Book Multiple SQL Injection Vulnerabilities
3277| [69673] WordPress Antioch Theme 'download.php' Arbitrary File Download Vulnerabilitiy
3278| [69672] WordPress Epic Theme 'download.php' Arbitrary File Download Vulnerabilitiy
3279| [69671] WordPress Authentic Theme 'download.php' Arbitrary File Download Vulnerabilitiy
3280| [69670] WordPress Urban City Theme 'download.php' Arbitrary File Download Vulnerabilitiy
3281| [69604] Microsoft Internet Explorer 'CHTMLEditorProxy' Objects Remote Memory Corruption Vulnerability
3282| [69577] Drupal Avatar Uploader Module Information Disclosure Vulnerability
3283| [69570] TYPO3 SB Folderdownload Unspecified Cross Site Scripting Vulnerability
3284| [69547] IBM Business Process Manager and WebSphere CVE-2014-3075 Arbitrary File Upload Vulnerability
3285| [69497] Multiple WordPress Themes Multiple Arbitrary File Download Vulnerabilities
3286| [69494] Multiple ManageEngine Products CVE-2014-5005 Arbitrary File Upload Vulnerability
3287| [69493] Multiple ManageEngine Products CVE-2014-5006 Arbitrary File Upload Vulnerability
3288| [69491] ManageEngine DesktopCentral Incomplete Fix Arbitrary File Upload Vulnerability
3289| [69485] WordPress Slideshow Gallery Plugin 'admin.php' Arbitrary File Upload Vulnerability
3290| [69461] Multiple F5 Networks Products CVE-2014-2927 Remote Code Execution Vulnerability
3291| [69455] Cisco Intelligent Automation for Cloud CVE-2014-3349 Arbitrary File Upload Vulnerability
3292| [69449] Multiple F5 BIG-IP Products 'echo.jsp' Multiple Cross Site Scripting Vulnerabilities
3293| [69440] WordPress Download Shortcode Plugin 'force-download.php' Local File Include Vulnerability
3294| [69424] Novell Groupwise 'FileUploadServlet' Arbitrary File Access Vulnerability
3295| [69394] Aruba Networks Web Management Portal CVE-2014-2592 Arbitrary File Upload Vulnerability
3296| [69389] SAS Visual Analytics CVE-2014-5454 Arbitrary File Upload Vulnerability
3297| [69387] WordPress KenBurner Slider Plugin 'admin-ajax.php' Arbitrary File Download Vulnerabilitiy
3298| [69385] ntopng HTTP Host Request Header Lines Multiple HTML Injection Vulnerabilities
3299| [69347] WordPress File Upload Plugin 'admin-ajax.php' Cross Site Scripting Vulnerability
3300| [69317] AsyncHttpClient SSL Host Name Verification Security Weakness
3301| [69316] AsyncHttpClient SSL/TLS Certificate Validation Security Bypass Weakness
3302| [69279] Monkey HTTP Daemon CVE-2014-5336 Remote Denial of Service Vulnerability
3303| [69278] WordPress WP Content Source Control Plugin 'download.php' Directory Traversal Vulnerability
3304| [69258] Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
3305| [69257] Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
3306| [69248] Apache HTTP Server CVE-2013-4352 Remote Denial of Service Vulnerability
3307| [69230] WordPress File Upload Plugin CVE-2014-5199 Cross Site Request Forgery Vulnerability
3308| [69204] WordPress CK-And-SyntaxHighLighter Plugin Arbitrary File Upload Vulnerability
3309| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
3310| [69014] WordPress Gmedia Gallery Plugin Arbitrary File Upload Vulnerability
3311| [68993] iFolder+ Local File Include and Arbitrary File Upload Vulnerabilities
3312| [68962] Attachmate Verastream Process Designer CVE-2014-0607 Arbitrary File Upload Vulnerability
3313| [68960] Trusted Boot 'loader.c' Security Bypass Vulnerability
3314| [68942] WordPress Slider Revolution Responsive Plugin 'img' Parameter Arbitrary File Download Vulnerabilitiy
3315| [68936] dtSearch Desktop 'imhost32.dll' DLL Loading Arbitrary Code Execution Vulnerability
3316| [68892] Omeka '/admin/items/add' Arbitrary File Upload Vulnerability
3317| [68867] Ukora CMS 'uploadFile.php' Arbitrary File Upload Vulnerability
3318| [68863] Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability
3319| [68825] WordPress WP Backup Plus Plugin Arbitrary File Download Vulnerabilitiy
3320| [68786] Multiple IBM Products CVE-2014-0948 Unspecified Arbitrary File Upload Vulnerability
3321| [68752] bozohttpd 'snprintf()' Function Authentication Bypass Vulnerability
3322| [68747] Apache HTTP Server CVE-2014-3523 Remote Denial of Service Vulnerability
3323| [68746] Acme micro_httpd CVE-2014-4927 Buffer Overflow Denial of Service Vulnerability
3324| [68745] Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
3325| [68742] Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
3326| [68740] Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
3327| [68694] Cisco Unified Communications Domain Manager Admin HTTP Open Redirection Vulnerability
3328| [68678] Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
3329| [68661] WordPress Tidio Gallery Plugin Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3330| [68658] WEBMIS CMS Arbitrary File Upload Vulnerability
3331| [68656] WordPress CopySafe PDF Protection Plugin Arbitrary File Upload Vulnerability
3332| [68654] WordPress WPTouch Plugin Arbitrary File Upload Vulnerability
3333| [68652] Oracle HTTP Server CVE-2014-4222 Remote Security Vulnerability
3334| [68650] Oracle HTTP Server CVE-2014-4251 Remote Security Vulnerability
3335| [68522] WordPress Download Manager Plugin Arbitrary File Upload Vulnerability
3336| [68503] Cisco WebEx Meetings Client File Transfer Functionality Arbitrary File Download Vulnerabilitiy
3337| [68479] Cisco Unified Communications Manager CVE-2014-3316 Arbitrary File Upload Vulnerability
3338| [68468] Frog CMS file_manager Plugin Arbitrary File Upload Vulnerability
3339| [68437] AtomCMS SQL Injection and Arbitrary File Upload Vulnerabilities
3340| [68414] WordPress NextGEN Gallery 'photocrati_ajax' Arbitrary File Upload Vulnerability
3341| [68406] WordPress Hot Files: File Sharing and Download Manager Plugin Cross Site Scripting Vulnerability
3342| [68404] WordPress WP Media Player Plugin 'uploader.php' Cross Site Scripting Vulnerability
3343| [68310] WordPress MailPoet Newsletters Plugin Remote File Upload Vulnerability
3344| [68295] ownCloud CVE-2012-5057 HTTP Header Injection Vulnerability
3345| [68291] IBM Sametime Meeting Server Arbitrary File Upload Vulnerability
3346| [68256] Foreman Smart-Proxy CVE-2012-5477 Insecure File Permissions Vulnerability
3347| [68147] Python CGIHTTPServer Module Path Separators Handling Information Disclosure Vulnerability
3348| [68117] Foreman Smart-Proxy Remote Command Injection Vulnerability
3349| [68078] F5 Networks ARX Data Manager CVE-2014-2949 SQL Injection Vulnerabilitiy
3350| [68022] Yealink VoIP Phones '/servlet' HTTP Response Splitting Vulnerability
3351| [68008] IBM C\xFAram Social Program Management CVE-2014-3012 HTTP Response Splitting Vulnerability
3352| [67960] DotNetNuke ResponsiveSidebar 'ResponsiveSidebarDownload.aspx' Arbitrary File Download Vulnerabilitiy
3353| [67959] DotNetNuke EventsCalendar 'downloaddoc.aspx' Arbitrary File Download Vulnerabilitiy
3354| [67958] DotNetNuke EasyDnnGallery 'ImageDownload.aspx' Arbitrary File Download Vulnerabilitiy
3355| [67957] DotNetNuke dnnUI_NewsArticlesSlider 'ImageHandler.ashx' Arbitrary File Download Vulnerabilitiy
3356| [67956] DotNetNuke CodeEditor 'NNCodeEditorDownload.aspx' Arbitrary File Download Vulnerabilitiy
3357| [67950] DotNetNuke ASPSlideshow 'ASPSlideShowDownload.aspx' Arbitrary File Download Vulnerabilitiy
3358| [67783] F*EX '/rup' HTTP Response Splitting Vulnerability
3359| [67781] Xilisoft Video Converter Ultimate 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability
3360| [67771] Multiple F5 BIG-IP and Enterprise Manager 'list.jsp' Multiple Cross Site Scripting Vulnerabilities
3361| [67710] Perl libwww-perl (LWP) Module HTTP Header Arbitrary File Overwrite Vulnerability
3362| [67708] Foreman Smart Proxy CVE-2013-0210 Arbitrary Command Execution Vulnerability
3363| [67665] Cisco Unified Communications Domain Manager Self-Care HTTP Open Redirection Vulnerability
3364| [67646] Multiple IBM Products CVE-2013-5465 Arbitrary File Upload Vulnerability
3365| [67637] Multiple IBM Products CVE-2012-3333 HTTP Response Splitting Vulnerability
3366| [67634] Red Hat sos GRUB Bootloader Password Information Disclosure Vulnerability
3367| [67626] TYPO3 HTTP Host Header Spoofing Vulnerability
3368| [67620] Atlassian Confluence ClassLoader Manipulation Security Bypass Vulnerability
3369| [67619] TYPO3 Powermail Extension Arbitrary File Upload Vulnerability
3370| [67615] Pimcore 'Zend_Http_Response_Stream' PHP Object Injection Vulnerability
3371| [67612] Pyplate HTTPOnly Cookie Flag Information Disclosure Weakness
3372| [67608] Pyplate 'download.py' Arbitrary File Disclosure Vulnerability
3373| [67598] IBM Sametime Proxy Server and Web Client CVE-2014-3015 Cross Site Request Forgery Vulnerability
3374| [67559] Dotclear 'filemanager::isFileExclude()' Method Arbitrary File Upload Vulnerability
3375| [67558] Cisco TelePresence System HTTPS Communication Information Disclosure Vulnerability
3376| [67484] Joomla! Yeendeen YEEditor File Upload Security Bypass Vulnerability
3377| [67469] WordPress cnhk-slideshow Plugin Arbitrary File Upload Vulnerability
3378| [67455] Multiple Solar-Log Products Arbitrary File Upload and Information Disclosure Vulnerabilities
3379| [67388] Xen Loading Guest Kernel Multiple Denial of Service Vulnerabilities
3380| [67278] Multiple F5 BIG-IP Products CVE-2014-2928 Remote Command Injection Vulnerability
3381| [67270] WordPress Photo Gallery Plugin 'UploadHandler.php' Cross Site Request Forgery Vulnerability
3382| [67227] Multiple F5 BIG-IQ Products Configuration Utility Access Control Security Bypass Vulnerability
3383| [67192] Erlang/OTP 'httpc' Denial of Service Vulnerability
3384| [67191] F5 Networks BIG-IQ Remote Privilege Escalation Vulnerability
3385| [67121] Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
3386| [67102] Cisco Unified Contact Center Express CVE-2014-2180 Arbitrary File Upload Vulnerability
3387| [67083] WordPress Work The Flow Plugin 'admin-ajax.php' Arbitrary File Upload Vulnerability
3388| [67080] WordPress Echelon Theme 'media-upload.php' Arbitrary File Upload Vulnerability
3389| [67064] Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
3390| [67061] Siemens SIMATIC S7-1200 CVE-2014-2909 HTTP Response Splitting Vulnerability
3391| [67044] Livetecs Timelive CVE-2014-2042 Arbitrary File Upload Vulnerability
3392| [66988] KnowledgeTree 'mdownload.php' SQL Injection Vulnerability
3393| [66976] QEMU 'virtio_load()' Function Memory Corruption Vulnerability
3394| [66964] JBoss Overload Runtime Governance CVE-2013-6469 Remote Code Execution Vulnerability
3395| [66961] HP LoadRunner Virtual User Generator CVE-2013-6213 Remote Code Execution Vulnerability
3396| [66921] WordPress Linenity Theme 'download.php' Local File Include Vulnerability
3397| [66797] PivotX 'fileupload.php' CVE-2014-0342 Arbitrary File Upload Vulnerability
3398| [66772] vSphere Client CVE-2014-1209 Arbitrary File Download Vulnerability
3399| [66752] CGIScript.net csUpload Authentication Bypass Vulnerability
3400| [66637] FortiBalancer SSH Access CVE-2014-2723 Security Bypass Vulnerability
3401| [66636] FortiBalancer SSH Access CVE-2014-2722 Security Bypass Vulnerability
3402| [66626] FortiBalancer SSH Access CVE-2014-2721 Security Bypass Vulnerability
3403| [66621] IBM InfoSphere Optim Workload Replay CVE-2014-0827 Cross Site Scripting Vulnerability
3404| [66599] lighttpd CVE-2014-2469 Remote Denial of Service Vulnerability
3405| [66566] Cisco Security Manager HTTP Header CVE-2014-2138 Open Redirection Vulnerability
3406| [66565] Cisco Web Security Appliance HTTP Header Injection Vulnerability
3407| [66531] ionCube Loader Wizard 'loader-wizard.php' Multiple Security Vulnerabilities
3408| [66506] X2CRM 'ProfileController.php' CVE-2014-2664 Arbitrary File Upload Vulnerability
3409| [66490] WordPress Felici Theme 'uploadify.php' Arbitrary File Upload Vulnerability
3410| [66443] KCFinder 'browse.php' Arbitrary File Upload Vulnerability
3411| [66430] iThoughtsHD CVE-2014-1827 Unspecified Arbitrary File Upload Vulnerability
3412| [66409] SeedDMS Multiple Unspecified Arbitrary File Upload Vulnerabilities
3413| [66398] qEngine Multiple Arbitrary File Upload Vulnerabilities
3414| [66394] Check_MK CVE-2014-2331 Multiple Arbitrary File Upload Vulnerabilities
3415| [66371] OXID eShop 'index.php' Multiple HTTP Response Splitting Vulnerabilities
3416| [66359] IBM InfoSphere BigInsights CVE-2013-3998 HTTP Response Splitting Vulnerability
3417| [66307] VLC Media Player 'src/network/httpd.c' Cross Site Scripting Vulnerability
3418| [66303] Apache HTTP Server Multiple Denial of Service Vulnerabilities
3419| [66288] WordPress Subscribe To Comments Reloaded Plugin Cross-Site Request Forgery Vulnerability
3420| [66255] SeedDMS '/op/op.AddFile2.php' Arbitrary File Upload Vulnerability
3421| [66217] FrontAccounting 'attachments.php' Arbitrary File Upload Vulnerability
3422| [66211] Free Download Manager 'Downloads_Deleted.cpp' Stack Based Buffer Overflow Vulnerability
3423| [66185] Siemens SIMATIC S7-1500 CVE-2014-2247 HTTP Response Splitting Vulnerability
3424| [66158] cups-filters 'OPVPWrapper::loadDriver()' Function Local Arbitrary Command Execution Vulnerability
3425| [66157] lighttpd CVE-2014-2324 Multiple Directory Traversal Vulnerabilities
3426| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
3427| [66109] MyBB Plugin Uploader Arbitrary File Upload Vulnerability
3428| [66093] Multiple Asterisk Products 'main/http.c' Remote Stack Overflow Vulnerability
3429| [66073] ClipShare Pro 'ubr_link_upload.php' Local File Include Vulnerability
3430| [66054] Blue Coat ProxySG CVE-2014-2033 Security Bypass Vulnerability
3431| [66044] WordPress Premium Gallery Manager Plugin Arbitrary File Upload Vulnerability
3432| [66041] RETIRED: Apache Struts CVE-2014-0094 Classloader Manipulation Security Bypass Vulnerability
3433| [65999] Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
3434| [65972] HP SiteScope 'loadFileContents' SOAP Request Remote Code Execution Vulnerability
3435| [65958] WordPress The Cotton Theme Arbitrary File Upload Vulnerability
3436| [65913] GetGo Download Manager CVE-2014-2206 Stack Buffer Overflow Vulnerability
3437| [65866] WordPress VideoWhisper Live Streaming Integration Arbitrary File Upload Vulnerability
3438| [65846] Plogger 'plog-admin/plog-upload.php' Arbitrary File Upload Vulnerability
3439| [65800] WordPress Feedweb Plugin '_wp_http_referer' Parameter Cross Site Scripting Vulnerability
3440| [65749] Autodesk AutoCAD CVE-2014-0819 Insecure Library Loading Arbitrary Code Execution Vulnerability
3441| [65739] Telligent Evolution 'loading.aspx' Cross Site Scripting Vulnerability
3442| [65708] Cisco Adaptive Security Appliance Phone Proxy CTL Security Bypass Vulnerability
3443| [65707] Cisco Adaptive Security Appliance Phone Proxy sec_db Security Bypass Vulnerability
3444| [65685] VideoCharge Studio 'CHTTPResponse::GetHttpResponse()' Function Stack Buffer Overflow Vulnerability
3445| [65681] Ultra Mini HTTPD 'POST' Request Stack-Based Buffer Overflow Vulnerability
3446| [65662] Cisco Firewall Services Module Cut-Through Proxy Remote Denial of Service Vulnerability
3447| [65646] MODx Evogallery Module 'uploadify.php' Arbitrary File Upload Vulnerability
3448| [65629] Openswan IKEv2 Payloads Incomplete Fix Remote Denial Of Service Vulnerability
3449| [65594] Red Hat Satellite and Spacewalk 'return_url' Paramter HTTP Header Injection Vulnerability
3450| [65561] MyBB Extended Useradmininfo Plugin 'User-Agent' HTTP Header HTML Injection Vulnerability
3451| [65489] IBM WebSphere Portal CVE-2013-6722 Arbitrary File Upload Vulnerability
3452| [65488] SpagoBI CVE-2013-6234 Arbitrary File Upload Vulnerability
3453| [65460] WordPress Kiddo Theme Arbitrary File Upload Vulnerability
3454| [65452] Bandizip 'dwmapi.dll' Insecure Library Loading Arbitrary Code Execution Vulnerability
3455| [65438] Joomla! Projoom NovaSFH Plugin 'upload.php' Arbitrary File Upload Vulnerability
3456| [65435] OneHTTPD HTTP Request Denial of Service Vulnerability
3457| [65422] Multiple F5 Networks Products CVE-2013-6024 Local Information Disclosure Vulnerability
3458| [65411] WordPress Dandelion Theme Arbitrary File Upload Vulnerability
3459| [65400] Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
3460| [65251] SmarterMail '\App_Data\Temp' Directory Arbitrary Shell Upload Vulnerability
3461| [65248] Sitecore CMS Multiple Arbitrary Shell Upload Vulnerabilities
3462| [65227] Cisco Identity Services Engine HTTP Control Interface for NAC Web Cross Site Scripting Vulnerability
3463| [65218] WordPress 'media-upload.php' Information Disclosure Vulnerability
3464| [65201] socat PROXY-CONNECT Address Stack Buffer Overflow Vulnerability
3465| [65188] Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
3466| [65175] Simple E-Document 'upload.php' Arbitrary File Upload Vulnerability
3467| [65155] Openswan IKEv2 payloads Remote Denial Of Service Vulnerability
3468| [65141] WordPress SS Downloads Plugin Multiple Cross Site Scripting Vulnerabilities
3469| [65137] Maian Uploader Multiple Security Vulnerabilities
3470| [65124] Multiple Generel Electric Products 'gefebt.exe' Shell Upload Vulnerability
3471| [65117] Multiple Generel Electric Products Shell Upload Vulnerability
3472| [65060] WordPress Global Flash Gallery Plugin 'swfupload.php' Arbitrary File Upload Vulnerability
3473| [65059] Imageview 'upload.php' Arbitrary File Upload Vulnerability
3474| [65047] WordPress Wordfence Security Plugin 'User-Agent' HTTP Header HTML Injection Vulnerability
3475| [65005] IDA Pro Mach-O Loader Unspecified Security Vulnerability
3476| [64987] Libreswan 'IKEv2' Payloads Remote Denial of Service Vulnerability
3477| [64939] Cisco Identity Services Engine Support Bundle Download Unauthorized Access Vulnerability
3478| [64827] Oracle iPlanet Web Proxy Server CVE-2013-5808 Remote Security Vulnerability
3479| [64788] Joomla! Almond Classifieds Component Arbitrary File Upload Vulnerability
3480| [64785] Conceptronic C54APM 2.0 'submit-url' Parameter HTTP Response Splitting Vulnerability
3481| [64732] CCProxy 'CCProxy.ini' Configuration File Integer Overflow Vulnerability
3482| [64705] Joomla! Aclsfgpl Component 'index.php' Arbitrary File Upload Vulnerability
3483| [64633] Huawei eSight Arbitrary File Upload Vulnerability
3484| [64615] Python 'Lib/CGIHTTPServer.py' Script Directory Traversal Vulnerability
3485| [64587] Advanced Dewplayer Plugin for WordPress 'download-file.php' Script Directory Traversal Vulnerability
3486| [64556] PhotoStore 'uploadify.php' Arbitrary File Upload Vulnerability
3487| [64554] LimeSurvey '/admin/templates.php' Script Arbitrary File Upload Vulnerability
3488| [64545] eFront Arbitrary File Upload and Information Disclosure Vulnerabilities
3489| [64380] Iscripts Multicart 'HTTP_RAW_POST_DATA' Parameter Remote PHP Code Injection Vulnerability
3490| [64346] Veno File Manager 'q' Parameter Arbitrary File Download Vulnerability
3491| [64327] Telmanik CMS 'photo_upload.php' Arbitrary File Upload Vulnerability
3492| [64307] osCMax Arbitrary File Upload and Full Path Information Disclosure Vulnerabilities
3493| [64302] IBM Sterling Connect:Enterprise HTTP Option CVE-2013-6327 Cross Site Scripting Vulnerability
3494| [64264] Monitorix HTTP Server CVE-2013-7072 Multiple Unspecified Security Vulnerabilities
3495| [64251] FlashCanvas 'proxy.php' Cross Site Scripting Vulnerability
3496| [64237] NVIDIA mental ray DLL Loading Arbitrary Code Execution Vulnerability
3497| [64178] Monitorix HTTP Server 'handle_request()' Remote Command Execution Vulnerability
3498| [64173] WordPress PhotoSmash Galleries Plugin 'bwbps-uploader.php' Arbitrary File Upload Vulnerability
3499| [64171] Snes9x 'codec_mpeg.dll' DLL Loading Arbitrary Code Execution Vulnerability
3500| [64165] Hex Workshop 'mfc100trk.dll' DLL Loading Arbitrary Code Execution Vulnerability
3501| [64164] WordPress Page Flip Image Gallery Plugin 'upload.php' Arbitrary File Upload Vulnerability
3502| [64163] Cisco Cloud Portal CVE-2013-6708 Arbitrary File Download Vulnerability
3503| [64159] WordPress Download Manager Plugin 'file[title]' Parameter Cross Site Scripting Vulnerability
3504| [64138] Libmicrohttpd Multiple Remote Security Vulnerabilities
3505| [64068] TP-Link TL-WR740N/TL-WR740ND Wireless N Routers HTTP Processing Denial of Service Vulnerability
3506| [64055] Novell Remote Manager HTTPSTK Service Denial of Service Vulnerability
3507| [64054] FlashComs Chat 'file.php' Arbitrary File Upload Vulnerability
3508| [64044] WordPress OptimizePress Theme 'media-upload.php' Arbitrary File Upload Vulnerability
3509| [64041] phpThumb 'phpThumb.php' Arbitrary File Upload Vulnerability
3510| [64031] up.time Monitoring '/wizards/post2file.php' Arbitrary File Upload Vulnerability
3511| [64025] Static HTTP Server GET Request Processing Remote Denial of Service Vulnerability
3512| [64023] Potplayer DLL Loading Arbitrary Code Execution Vulnerability
3513| [64019] Multiple WordPress Orange Themes 'upload-handler.php' Arbitrary File Upload Vulnerability
3514| [63974] Wondershare Player 'ws_converterex.dll' DLL Loading Arbitrary Code Execution Vulnerability
3515| [63973] BZR Player 'codec_mpeg.dll' DLL Loading Arbitrary Code Execution Vulnerability
3516| [63971] Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability
3517| [63968] phpMyFAQ Image Manager Arbitrary File Upload Vulnerability
3518| [63935] Apache Solr 'SolrResourceLoader' Directory Traversal Vulnerability
3519| [63929] Multiple Fujitsu Interstage Products HTTP Server Unspecified Buffer Overflow Vulnerability
3520| [63923] Multiple WordPress Themes 'themify-ajax.php' Arbitrary File Upload Vulnerability
3521| [63917] FTP Drive + HTTP Server for iOS Directory Traversal Vulnerability
3522| [63913] Monitorix HTTP Server 'handle_request()' Session Fixation and Cross Site Scripting Vulnerabilities
3523| [63881] WordPress Contact Form 7 Plugin Arbitrary File Upload Vulnerability
3524| [63862] ERDAS ER Viewer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
3525| [63836] WordPress Suco Themes 'themify-ajax.php' Arbitrary File Upload Vulnerability
3526| [63784] ManageEngine DesktopCentral 'AgentLogUploadServlet' Directory Traversal Vulnerability
3527| [63782] Kaseya 'SystemTab/UploadImage.asp' Arbitrary File Upload Vulnerability
3528| [63780] IBM WebSphere Application Server HTTP Response Data Cross Site Scripting Vulnerability
3529| [63779] SAP NetWeaver 'SHSTI_UPLOAD_XML()' Function XML External Entity Injection Vulnerability
3530| [63768] Multiple WordPress Themes 'upload-handler.php' Arbitrary File Upload Vulnerability
3531| [63762] WordPress Make A Statement Theme Arbitrary File Upload Vulnerability
3532| [63735] Cisco Services Portal CVE-2013-3406 Arbitrary File Download Vulnerability
3533| [63721] Allegro RomPager HTTP Referer Header URI Redirection and Cross Site Scripting Vulnerabilities
3534| [63716] Multiple WordPress Themes 'upload-handler.php' Arbitrary File Upload Vulnerability
3535| [63688] lighttpd CVE-2013-4559 Local Privilege Escalation Vulnerability
3536| [63686] lighttpd CVE-2013-4560 Use-After-Free Remote Denial of Service Vulnerability
3537| [63662] AjaXplorer 'save_zoho.php' Arbitrary File Upload Vulnerability
3538| [63660] YUI 'uploader.swf' Cross Site Scripting Vulnerability
3539| [63658] WordPress Highlight Theme Arbitrary File Upload Vulnerability
3540| [63624] Cisco Adaptive Security Appliance Phone Proxy Database Security Bypass Vulnerability
3541| [63623] WordPress Kernel Theme 'upload-handler.php' Arbitrary File Upload Vulnerability
3542| [63573] Drupal Secure Pages Module HTTP Redirection Information Disclosure Vulnerability
3543| [63542] TinyMCE SQL Injection and Arbitrary File Upload Vulnerabilities
3544| [63534] lighttpd SSL Weak Cipher CVE-2013-4508 Security Bypass Weakness
3545| [63523] WordPress This Way Theme 'upload_settings_image.php' Arbitrary File Upload Vulnerability
3546| [63522] WordPress Think Responsive Themes 'upload_settings_image.php' Arbitrary File Upload Vulnerability
3547| [63513] GitLab 'SSH key upload' Feature CVE-2013-4490 Remote Code Execution Vulnerability
3548| [63477] HP LoadRunner Virtual User Generator CVE-2013-4839 Remote Code Execution Vulnerability
3549| [63476] HP LoadRunner Virtual User Generator CVE-2013-4838 Remote Code Execution Vulnerability
3550| [63475] HP LoadRunner Virtual User Generator CVE-2013-4837 Remote Code Execution Vulnerability
3551| [63472] WordPress Checkout Plugin Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3552| [63454] vTiger CRM 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability
3553| [63412] WordPress Money Theme Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3554| [63391] Juniper Networks Junos CVE-2013-6014 Proxy ARP Denial of Service Vulnerability
3555| [63362] WordPress GeoPlaces Theme Arbitrary Shell Upload Vulnerability
3556| [63355] Attachmate Verastream Host Integrator CVE-2013-3626 Arbitrary File Upload Vulnerability
3557| [63306] WordPress AREA53 Theme 'php.php' Arbitrary File Upload Vulnerability
3558| [63287] Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload Vulnerability
3559| [63275] SMF CVE-2013-4465 Unspecified Arbitrary File Upload Vulnerability
3560| [63257] WordPress Daily Deal Theme Arbitrary Shell Upload Vulnerability
3561| [63247] WebCollab 'item' Parameter HTTP Response Splitting Vulnerability
3562| [63245] F5 BIG-IP Traffic Management Microkernel Denial of Service Vulnerability
3563| [63219] PHP Point Of Sale 'ofc_upload_image.php' Remote Code Execution Vulnerability
3564| [63174] Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
3565| [63165] UbiDisk Local File Include and Arbitrary File Upload Vulnerabilities
3566| [63159] OpenStack Glance 'download_image' Policy Information Disclosure Vulnerability
3567| [63033] Cisco Identity Services Engine CVE-2013-5541 Arbitrary File Upload Vulnerability
3568| [63031] Cisco Identity Services Engine CVE-2013-5539 Arbitrary File Upload Vulnerability
3569| [62974] Open-Xchange AppSuite CVE-2013-6009 HTTP Response Splitting Vulnerability
3570| [62876] WordPress Woopra Analytics Plugin 'ofc_upload_image.php' Arbitrary PHP Code Execution Vulnerability
3571| [62875] CPAN HTTP::Body::MultiPart Module CVE-2013-4407 Remote Command Injection Vulnerability
3572| [62852] FlashChat 'upload.php' Arbitrary File Upload Vulnerability
3573| [62836] Corel PaintShop Pro X5 and X6 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
3574| [62825] WordPress SEO Watcher Plugin 'ofc_upload_image.php' Arbitrary PHP Code Execution Vulnerability
3575| [62776] ClipBucket 'ofc_upload_image.php' Arbitrary PHP Code Execution Vulnerability
3576| [62723] Abuse HTTP Server Remote Denial of Service Vulnerability
3577| [62720] Open-Xchange AppSuite HTTP Response Splitting and Multiple Cross Site Scripting Vulnerabilities
3578| [62691] ESRI ArcGIS for Server CVE-2013-5221 Arbitrary File Upload Vulnerability
3579| [62666] Multiple Emerson Process Management RTUs CVE-2013-0689 Arbitrary File Upload Vulnerability
3580| [62647] Blue Coat ProxySG and Security Gateway OS Denial Of Service Vulnerability
3581| [62620] AspxCommerce 'LogoHandler.ashx' Module Arbitrary File Upload Vulnerability
3582| [62596] F5 BIG-IP APM Access Policy Logout Page Cross Site Scripting Vulnerability
3583| [62594] F5 BIG-IP APM Access Policy Logon Page Clickjacking Vulnerability
3584| [62589] WordPress Lazy SEO Plugin 'lazyseo.php' Arbitrary File Upload Vulnerability
3585| [62514] Ajax File and Image Manager 'ajax_file_upload.php' Arbitrary File Upload Vulnerability
3586| [62496] WordPress Complete Gallery Manager Plugin 'upload-images.php' Arbitrary File Upload Vulnerability
3587| [62476] Mozilla Firefox For Android Insecure Shared Library Loading Arbitrary Code Execution Vulnerability
3588| [62439] Image Uploader 'index.php' Arbitrary File Upload Vulnerability
3589| [62437] WordPress Simple Dropbox Upload 'multi.php' Arbitrary File Upload Vulnerability
3590| [62413] Uploadify 'uploadify.php' Multiple Input Validation Vulnerabilities
3591| [62396] IBM Analytical Decision Management CVE-2013-4049 Arbitrary File Upload Vulnerability
3592| [62385] NetEase Personal Address Book for iOS Arbitrary File Upload Vulnerability
3593| [62383] NetEase lua Programming Language for iOS Arbitrary File Upload Vulnerability
3594| [62365] OpenEMR Multiple SQL Injection and Arbitrary File Upload Vulnerabilities
3595| [62357] NetEase Perl Programming Language for iOS Arbitrary File Upload Vulnerability
3596| [62355] NetEase Ruby Programming Language for iOS Arbitrary File Upload Vulnerability
3597| [62279] Prestashop HTTP Header Injection Vulnerability
3598| [62259] AjaXplorer CVE-2013-5689 Arbitrary File Upload Vulnerability
3599| [62156] Red Hat JBoss Enterprise Application Platform CVE-2013-2185 Arbitrary File Upload Vulnerability
3600| [62076] YingZhi Python Programming Language for iOS Arbitrary File Upload Vulnerability
3601| [62072] Linux Kernel '/net/core/scm.c' nsproxy Local Privilege Escalation Vulnerability
3602| [61994] Belkin F5D7234-4 G Wireless Router Authentication Bypass and Remote Code Execution Vulnerabilities
3603| [61910] Graphite 'pickle.loads()' Multiple Remote Code Execution Vulnerabilities
3604| [61836] Download Monitor 'sort' Parameter Cross Site Scripting Vulnerability
3605| [61820] Joomla! jDownloads Component Cross Site Scripting Vulnerability
3606| [61808] Photo Transfer Local File Include, Arbitrary File Upload and HTML Injection Vulnerabilities
3607| [61797] TYPO3 Backend File Upload / File Abstraction Layer Extension Arbitrary File Upload Vulnerability
3608| [61768] ThinkVantage Access Connections Insecure Library Loading Arbitrary Code Execution Vulnerabilities
3609| [61753] OneHTTPD Denial of Service Vulnerability
3610| [61751] Review Board CVE-2013-4796 Arbitrary File Upload Vulnerability
3611| [61745] HTC Sync Manager Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
3612| [61735] Advanced Guestbook 'addentry.php' Arbitrary Shell Upload Vulnerability
3613| [61727] Soda PDF CVE-2013-3485 Multiple Insecure Library Loading Arbitrary Code Execution Vulnerabilities
3614| [61715] Symfony CVE-2013-4752 HTTP Header Spoofing Security Bypass Vulnerability
3615| [61622] TimeLine SocialEngine Plugin Arbitrary File Upload Vulnerability
3616| [61617] OmegaBB 'attach_file.php' Arbitrary File Upload Vulnerability
3617| [61613] FluidGalleries 'photo-upload.php' Arbitrary File Upload Vulnerability
3618| [61585] FunGamez 'game.php' Arbitrary File Upload Vulnerability
3619| [61582] Joomla! 'media.php' Arbitrary File Upload Vulnerability
3620| [61569] MachForm CVE-2013-4949 Arbitrary File Upload Vulnerability
3621| [61554] WordPress Comment Extra Fields Plugin 'swfupload.swf' Cross Site Scripting Vulnerability
3622| [61531] TP-Link TL-SC3171 IP Camera Arbitrary File Upload Vulnerability
3623| [61526] YUI 'flashuploader.swf' Cross-Site Scripting Vulnerability
3624| [61524] YUI 'uploader.swf' File Cross Site Scripting Vulnerability
3625| [61448] FileChucker Multiple Arbitrary File Upload Vulnerabilities
3626| [61446] HP LoadRunner CVE-2013-4800 Remote Code Execution Vulnerability
3627| [61445] HP LoadRunner CVE-2013-4801 Remote Code Execution Vulnerability
3628| [61444] HP LoadRunner CVE-2013-4797 Remote Code Execution Vulnerability
3629| [61443] HP LoadRunner CVE-2013-4798 Remote Code Execution Vulnerability
3630| [61442] HP LoadRunner CVE-2013-4799 Remote Code Execution Vulnerability
3631| [61441] HP LoadRunner CVE-2013-2370 Remote Code Execution Vulnerability
3632| [61437] HP LoadRunner CVE-2013-2369 Remote Code Execution Vulnerability
3633| [61436] HP LoadRunner CVE-2013-2368 Unspecified Denial of Service Vulnerability
3634| [61416] Cisco Unified Operations Manager CVE-2013-3439 Unspecified HTTP Header Injection Vulnerability
3635| [61407] Download Monitor 'admin.php' Multiple Cross Site Scripting Vulnerabilities
3636| [61405] Photo Server Arbitrary File Upload and Command Injection Vulnerabilities
3637| [61379] Apache HTTP Server CVE-2013-2249 Unspecified Remote Security Vulnerability
3638| [61368] TinyMCE Image Manager Plugin Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3639| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
3640| [61326] Flux Player Local File Include and Arbitrary File Upload Vulnerabilities
3641| [61324] WiFly Pro Arbitrary File Upload Vulnerability
3642| [61202] Multiple F5 Networks Java Applet 'filename' Parameter Directory Traversal Vulnerability
3643| [61200] Voice Logger Authentication Bypass and Multiple Arbitrary File Download Vulnerabilities
3644| [61170] Atlassian Confluence Multiple Arbitrary File Upload Vulnerabilities
3645| [61130] Ultra Mini HTTPD 'GET' Request Stack-Based Buffer Overflow Vulnerability
3646| [61129] Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
3647| [61080] Drupal Stage File Proxy Module Denial Of Service Vulnerability
3648| [61065] Imperva SecureSphere Operations Manager CVE-2013-4094 Multiple Arbitrary File Upload Vulnerabilities
3649| [61034] dl Download Ticket Service Session Fixation and Cross Site Request Forgery Vulnerabilities
3650| [60987] Multiple IBM products CVE-2013-2982 Arbitrary File Upload Vulnerability
3651| [60918] JRuby Insecure Library Loading Arbitrary Code Execution Vulnerability
3652| [60910] MachForm SQL Injection and Arbitrary File Upload Vulnerabilities
3653| [60875] Apache Geronimo RMI Classloader Security Bypass Vulnerability
3654| [60859] Atomy Maxsite 'index.php' Arbitrary File Upload Vulnerability
3655| [60856] YOPMAIL HTTP Response Splitting and Multiple Cross Site Scripting Vulnerabilities
3656| [60847] Mobile USB Drive HD Multiple Local File Include and Arbitrary File Upload Vulnerabilities
3657| [60839] eFile Arbitrary File Upload and Multiple HTML Injection Vulnerabilities
3658| [60775] WordPress CVE-2013-2203 File Upload Path Disclosure Vulnerability
3659| [60759] WordPress 'SWFUpload' Library CVE-2013-2205 Multiple Cross Site Scripting Vulnerabilities
3660| [60738] Monkey HTTP Daemon Local Buffer Overflow Vulnerability
3661| [60725] PodHawk Arbitrary File Upload Vulnerability
3662| [60690] Joomla! RokDownloads Component Arbitrary File Upload Vulnerability
3663| [60662] imacs 'mng.php' Arbitrary File Upload Vulnerability
3664| [60660] et-chat Privilege Escalation and Arbitrary Shell Upload Vulnerabilities
3665| [60597] HAProxy CVE-2013-2175 Remote Denial of Service Vulnerability
3666| [60589] Monkey HTTP Daemon CVE-2013-2183 Local Security Bypass Vulnerability
3667| [60588] HAProxy CVE-2013-2175 Multiple Denial of Service Vulnerabilities
3668| [60585] bloofoxCMS 'index.php' Arbitrary File Upload Vulnerability
3669| [60574] Fly-High CMS 'upload.php' Arbitrary File Upload Vulnerability
3670| [60573] Havalite CMS 'upload.php' Arbitrary File Upload Vulnerability
3671| [60569] Monkey HTTP Daemon Mandril Security Plugin CVE-2013-2182 Security Bypass Vulnerability
3672| [60564] Monkey HTTP Daemon 'dirlisting' Plugin Cross Site Scripting Vulnerability
3673| [60560] LibrettoCMS 'PGRFileManager.php' Arbitrary File Upload Vulnerability
3674| [60533] WordPress NextGEN Gallery 'upload.php' Arbitrary File Upload Vulnerability
3675| [60433] WordPress NextGEN Gallery Plugin 'swfupload.swf' Multiple Cross Site Scripting Vulnerabilities
3676| [60425] Monkey HTTP Daemon Multiple Denial of Service Vulnerabilities
3677| [60415] Monkey HTTP Daemon CVE-2013-2159 Authentication Bypass Vulnerability
3678| [60333] Monkey HTTP Daemon 'memcpy()' Function Buffer Overflow Vulnerability
3679| [60332] gpEasy CMS Arbitrary File Upload Vulnerability
3680| [60275] TYPO3 SB Folderdownload Extension Unspecified File Disclosure Vulnerability
3681| [60210] Monkey HTTP Daemon NULL Byte Denial of Service Vulnerability
3682| [60201] IBM WebSphere Portal CVE-2013-2950 HTTP Response Splitting Vulnerability
3683| [60181] WordPress Export To Text Plugin 'download' Parameter Remote File Include Vulnerability
3684| [60105] Request Tracker CVE-2013-3372 HTTP Header Injection Vulnerability
3685| [60077] MediaWiki Arbitrary File Upload Vulnerability
3686| [60017] Juniper Networks Junos Proxy ARP Denial of Service Vulnerability
3687| [60010] RETIRED: Acme thttpd HTTP Server Directory Traversal Vulnerability
3688| [59990] MiniWeb HTTP POST Denial of Service Vulnerability
3689| [59989] Moxiecode File Manager Multiple Remote File Upload Vulnerabilities
3690| [59988] TinyMCE MCImageManager Plugin Arbitrary File Upload Vulnerability
3691| [59968] ownCloud CVE-2013-2089 Arbitrary File Upload Vulnerability
3692| [59941] Apple iTunes CVE-2013-1014 HTTPS Certificate Validation Security Bypass Vulnerability
3693| [59934] Jojo CMS 'X-Forwarded-For' HTTP header SQL-Injection Vulnerability
3694| [59886] WordPress wp-FileManager Plugin 'path' Parameter Arbitrary File Download Vulnerability
3695| [59831] Gallery Server Pro Arbitrary File Upload Vulnerability
3696| [59826] Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
3697| [59784] Microsoft Windows 'HTTP.sys' Remote Denial of Service Vulnerability
3698| [59718] Drupal Htmlarea Module Multiple Arbitrary File Upload Vulnerabilities
3699| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
3700| [59694] IBM Sterling Secure Proxy CVE-2013-0520 Information Disclosure Vulnerability
3701| [59692] IBM Sterling Secure Proxy CVE-2013-0518 Information Disclosure Vulnerability
3702| [59691] IBM Sterling Secure Proxy CVE-2013-0519 Information Disclosure Vulnerability
3703| [59671] GetSimple CMS Arbitrary File Upload Vulnerability
3704| [59669] EMC RSA Archer GRC CVE-2013-0932 Arbitrary File Upload Vulnerability
3705| [59515] WebKit 'FrameLoader::checkCompleted()' Function Use After Free Remote Code Execution Vulnerability
3706| [59509] vCenter Server Appliance CVE-2013-3080 Arbitrary File Upload Vulnerability
3707| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
3708| [59495] Light HTTPD Stack-Based Buffer Overflow Vulnerability
3709| [59477] Belkin F5D8236-4 Router CVE-2013-3084 Unspecified Cross Site Scripting Vulnerability
3710| [59476] Belkin F5D8236-4 Router CVE-2013-3083 Cross Site Request Forgery Vulnerability
3711| [59372] Joomla Civicrm Component Arbitrary Shell Upload Vulnerability
3712| [59360] Global Mapper Multiple Insecure Library Loading Arbitrary Code Execution Vulnerabilities
3713| [59280] Open-Xchange Server and OX App Suite CVE-2013-2582 HTTP Header Injection Vulnerability
3714| [59132] Oracle WebCenter Sites CVE-2013-1509 HTTP Header Injection Vulnerability
3715| [59059] CMSLogik Arbitrary File Upload and Multiple HTML Injection Vulnerabilities
3716| [58968] HP Intelligent Management Center 'SyslogDownloadServlet' Information Disclosure Vulnerability
3717| [58967] HP Intelligent Management Center 'tamServletDownload' Servlet Information Disclosure Vulnerability
3718| [58966] HP Intelligent Management Center 'DownloadServlet' Information Disclosure Vulnerability
3719| [58965] HP Intelligent Management Center 'flexFileUpload' Servlet Remote Code Execution Vulnerability
3720| [58964] HP Intelligent Management Center 'acmServletDownload' Information Disclosure Vulnerability
3721| [58946] MiniWeb Directory Traversal and Arbitrary File Upload Vulnerabilities
3722| [58937] WordPress WP-DownloadManager Plugin Cross Site Request Forgery Vulnerability
3723| [58929] Belkin Wemo Switch Arbitrary Firmware Upload Vulnerability
3724| [58928] Nitro PDF 'bcgcbproresen.dll' DLL Loading Arbitrary Code Execution Vulnerability
3725| [58820] HAProxy 'tcp-request content' CVE-2013-1912 Buffer Overflow Vulnerability
3726| [58677] HP Intelligent Management Center 'DownloadReportSourceServlet' Information Disclosure Vulnerability
3727| [58676] HP Intelligent Management Center 'IctDownloadServlet' Information Disclosure Vulnerability
3728| [58675] HP Intelligent Management Center 'FaultDownloadServlet' Information Disclosure Vulnerability
3729| [58673] HP Intelligent Management Center 'mibFileUpload' Servlet Remote Code Execution Vulnerability
3730| [58664] Novell ZENWorks AdminStudio ISProxy 'ISProxy.dll' Activex Remote Code Execution Vulnerability
3731| [58528] lighttpd CVE-2013-1427 Insecure Temporary File Creation Vulnerability
3732| [58519] Skype Click to Call Update Service DLL Loading Arbitrary Code Execution Vulnerability
3733| [58486] SAP NetWeaver DI Arbitrary File Upload Vulnerability
3734| [58473] Open-Xchange Server CVE-2013-1647 Multiple HTTP Header Injection Vulnerabilities
3735| [58432] PHPBoost Arbitrary File Upload and Information Disclosure Vulnerabilities
3736| [58431] KindEditor Multiple Remote File Upload Vulnerabilities
3737| [58425] Privoxy Proxy Authentication Information Disclosure Vulnerabilities
3738| [58422] Flexera InstallShield and AdminStudio 'ISProxy.dll' Activex Remote Code Execution Vulnerability
3739| [58417] SWFUpload Multiple Content Spoofing and Cross Site Scripting Vulnerabilities
3740| [58364] Wireshark RELOAD Dissector CVE-2013-2487 Denial of Service Vulnerability
3741| [58363] Wireshark RELOAD Dissector CVE-2013-2486 Denial of Service Vulnerability
3742| [58326] Apache Commons FileUpload CVE-2013-0248 Insecure Temporary File Creation Vulnerability
3743| [58325] Debian Apache HTTP Server CVE-2013-1048 Symlink Attack Local Privilege Escalation Vulnerability
3744| [58322] Squid 'httpMakeVaryMark()' Function Memory Corruption Vulnerability
3745| [58321] AirDrive HD Local File Include and Arbitrary File Upload Vulnerabilities
3746| [58319] Squid 'httpMakeVaryMark()' Function Remote Denial of Service Vulnerability
3747| [58285] WordPress Uploader Plugin 'blog' Parameter Cross Site Scripting Vulnerability
3748| [58276] USB Disk & File Transfer 'File Upload' Multiple Local File Include Vulnerabilities
3749| [58260] Ruby HTTParty CVE-2013-1801 Parameter Parsing Vulnerability
3750| [58199] IP.Board IP.Downloads Multiple Access Security Bypass Vulnerabilities
3751| [58165] Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
3752| [58159] Kordil EDMS Arbitrary File Upload Vulnerability
3753| [58158] PolarBear CMS 'upload.php' Arbitrary File Upload Vulnerability
3754| [58131] Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
3755| [58130] IPMap Local File Include and Arbitrary File Upload Vulnerabilities
3756| [58127] sthttpd 'thttpd.log' Insecure File Permissions Vulnerability
3757| [58119] RETIRED: IBM HTTP Server Multiple Modules Cross Site Scripting Vulnerabilities
3758| [58073] Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
3759| [58062] Drupal Varnish HTTP Accelerator Integration Module Cross Site Scripting Vulnerability
3760| [58010] Air Transfer 'File Upload' Multiple Local File Include Vulnerabilities
3761| [57983] chillyCMS Security Bypass and Arbitrary File Upload Vulnerabilities
3762| [57974] mora Downloader CVE-2012-5188 Arbitrary Code Execution Vulnerability
3763| [57951] Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
3764| [57824] Microsoft Internet Explorer COmWindowProxy Use-After-Free Remote Code Execution Vulnerability
3765| [57820] WirelessFiles Local File Include and Arbitrary File Upload Vulnerabilities
3766| [57790] Google Chrome 24.0.1312.57 HTTP Authentication Security Bypass Weakness
3767| [57680] Free Monthly Websites Multiple Security Bypass and Arbitrary File Upload Vulnerabilities
3768| [57664] WordPress WP-Table Reloaded Plugin 'id' Parameter Cross Site Scripting Vulnerability
3769| [57650] Wordpress Gallery Plugin 'load' Parameter Remote File Include Vulnerability
3770| [57555] WordPress Plupload Plugin 'id' Parameter Cross Site Scripting Vulnerability
3771| [57532] Atomy Maxsite CVE-2012-6498 Arbitrary File Upload Vulnerability
3772| [57504] Lenovo Bluetooth with Enhanced Data Rate Software DLL Loading Arbitrary Code Execution Vulnerability
3773| [57500] F5 BIG-IP CVE-2012-3000 SQL Injection Vulnerability
3774| [57496] F5 Networks BIG-IP CVE-2012-2997 XML External Entity Injection Vulnerability
3775| [57464] Joomla! Collector Component Arbitrary File Upload Vulnerability
3776| [57361] Oracle Enterprise Manager Grid Control CVE-2013-0354 HTTP Response Splitting Vulnerability
3777| [57319] Serva HTTP Server Denial of Service Vulnerability
3778| [57242] Prizm Content Connect Arbitrary File Upload Vulnerability
3779| [57229] Free Blog Arbitrary File Upload and Arbitrary File Deletion Vulnerabilities
3780| [57152] WordPress Multiple WPScientist Themes Arbitrary File Upload Vulnerability
3781| [57112] WordPress Uploader Plugin Arbitrary File Upload Vulnerability
3782| [57101] WordPress Shopping Cart Plugin Multiple SQL Injection and Arbitrary File Upload Vulnerabilities
3783| [57100] WordPress ReFlex Gallery Plugin 'php.php' Arbitrary File Upload Vulnerability
3784| [57098] WordPress Xerte Online Plugin 'save.php' Arbitrary File Upload Vulnerability
3785| [57093] e107 'e107_admin/download.php' Cross Site Request Forgery Vulnerability
3786| [57074] WordPress SB Uploader Plugin Arbitrary File Upload Vulnerability
3787| [57073] RETIRED: WordPress TwentyTen Theme 'loo.php' Arbitrary File Upload Vulnerability
3788| [57063] Content Component 'cont' Parameter Arbitrary File Upload Vulnerability
3789| [57055] MotoCMS File Disclosure and Arbitrary File Upload Vulnerabilities
3790| [57044] Feindura CMS Arbitrary File Upload Vulnerability
3791| [57028] Sony PC Companion 'DownloadURLToFile()' Function Stack Based Buffer Overflow Vulnerability
3792| [57022] vCenter Server Appliance Arbitrary File Download Vulnerability
3793| [56988] WordPress Multiple CMSMasters Themes 'upload.php' Arbitrary File Upload Vulnerability
3794| [56866] Freefloat FTP Server 'WMI' Service Arbitrary File Upload Vulnerability
3795| [56840] Microsoft Windows IP-HTTPS Server Revoked SSL Certificate Validation Security Bypass Vulnerability
3796| [56809] IBM Tivoli Monitoring HTTP Monitoring Console Cross Site Scripting Vulnerability
3797| [56808] Panda Internet Security Insecure Library Loading Multiple Local Privilege Escalation Vulnerabilities
3798| [56807] Qt 'XmlHttpRequest' Object Insecure Redirection Information Disclosure Vulnerability
3799| [56789] Symantec Messaging Gateway Arbitrary File Download Vulnerabilities
3800| [56749] JsUpload '/tmp/uploader' Directory Traversal Vulnerability
3801| [56744] BigDump Cross Site Scripting, SQL Injection, and Arbitrary File Upload Vulnerabilities
3802| [56735] FCKEditor 'FileUpload()' Function Arbitrary File Upload Vulnerability
3803| [56712] libproxy 'print_proxies()' Function Format String Vulnerability
3804| [56711] Perl Dancer.pm CVE-2012-5572 HTTP Header Injection Vulnerability
3805| [56668] Websense Proxy Filter Security Bypass Vulnerability
3806| [56663] WordPress Zarzadzonie Kontem Plugin 'ajaxfilemanager.php' Script Arbitrary File Upload Vulnerability
3807| [56659] WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload Vulnerability
3808| [56658] ownCloud Multiple Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3809| [56619] lighttpd 'http_request_split_value()' Function Remote Denial of Service Vulnerability
3810| [56593] IBM WebSphere Portal Theme Component 'LayerLoader.jsp' Directory Traversal Vulnerability
3811| [56588] WeBid 'loader.php' Directory Traversal Vulnerability
3812| [56562] Perl CGI.pm 'Set-Cookie' and 'P3P' Headers HTTP Header Injection Vulnerability
3813| [56500] SWFUpload 'swfupload_f9.swf' Script Cross Site Scripting Vulnerability
3814| [56496] Pebble HTTP Response Splitting Vulnerability
3815| [56490] IDIC Blogs 'picture_upload.php' Arbitrary File Upload Vulnerability
3816| [56470] VMware Player and Workstation Insecure Library Loading Arbitrary Code Execution Vulnerability
3817| [56462] Microsoft .NET Framework CVE-2012-2519 DLL Loading Arbitrary Code Execution Vulnerability
3818| [56432] XiVO 'id' Parameter Arbitrary File Download Vulnerability
3819| [56354] UMPlayer 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
3820| [56308] Arora 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
3821| [56245] IBM Tivoli Monitoring Web Server HTTP TRACE/TRACK Methods Information Disclosure Vulnerability
3822| [56175] F5 FirePass Remote SQL Injection Vulnerability
3823| [56146] Django 'HttpRequest.get_host()' Information Disclosure Vulnerability
3824| [56109] BSW Gallery 'uploadpic.php' Arbitrary File Upload Vulnerability
3825| [56105] radsecproxy Client Certificate Verification Security Bypass Vulnerability
3826| [56097] WordPress Download Shortcode Plugin 'file' Parameter Arbitrary File Disclosure Vulnerability
3827| [56087] Sisfokol Multiple Arbitrary File Upload Vulnerabilities
3828| [55919] WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Include Vulnerabilities
3829| [55910] libproxy CVE-2012-4505 Heap-Based Buffer Overflow Vulnerability
3830| [55909] libproxy CVE-2012-4504 Stack-Based Buffer Overflow Vulnerability
3831| [55905] Monkey HTTP Daemon '/var/run/monkey.pid' Symlink Attack Local Privilege Escalation Vulnerability
3832| [55902] WordPress Guest Posting Plugin CVE-2012-5318 'uploadify.php' Arbitrary File Upload Vulnerability
3833| [55758] ProjectPier 'upload.php' Arbitrary File Upload Vulnerability
3834| [55692] WordPress Archin Theme Cross Site Scripting and Arbitrary File Upload Vulnerabilities
3835| [55686] Foxit Reader 'fxdecod1.dll' DLL Loading Arbitrary Code Execution Vulnerability
3836| [55685] YingZhiPython Directory Traversal and Arbitrary File Upload Vulnerabilities
3837| [55648] Novell GroupWise HTTP Interfaces Directory Traversal Vulnerability
3838| [55639] Monkey HTTP Daemon Local Privilege Escalation Vulnerability
3839| [55635] Monkey HTTP Daemon Local Information Disclosure Vulnerability
3840| [55621] Technicolor THOMSON TWG850-4 HTTP Authentication Bypass Vulnerability
3841| [55527] PHP 'main/SAPI.c' CVE-2012-4388 HTTP Header Injection Vulnerability
3842| [55510] Webify eDownloads Cart Arbitrary File Deletion Vulnerability
3843| [55487] WordPress Download Monitor Plugin 'dlsearch' Parameter Cross Site Scripting Vulnerability
3844| [55486] F5 Networks BIG-IP Application Security Manager (ASM) Cross-Site Scripting Vulnerability
3845| [55464] Multiple RealFlex Products Insecure Library Loading Arbitrary Code Execution Vulnerability
3846| [55443] ownCloud 'migrate.php' File Upload Vulnerability
3847| [55436] Tiki Wiki CMS Groupware 'SWFUpload' Unspecified Vulnerability
3848| [55426] web@all Local File Include and Multiple Arbitrary File Upload Vulnerabilities
3849| [55421] ThinPrint 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution Vulnerability
3850| [55420] OpenStack Swift 'loads()' Arbitrary Code Execution Vulnerability
3851| [55417] Kayako Fusion 'download.php' Cross Site Scripting Vulnerability
3852| [55402] Ektron CMS 'Upload.aspx' Arbitrary File Upload Vulnerability
3853| [55384] InterPhoto CMS Arbitrary File Upload Vulnerability
3854| [55380] CyberLink PowerProducer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
3855| [55378] CyberLink StreamAuthor Insecure Library Loading Multiple Arbitrary Code Execution Vulnerabilities
3856| [55376] CyberLink LabelPrint Multiple Insecure Library Loading Arbitrary Code Execution Vulnerabilities
3857| [55368] Internet Download Manager '.ef2' File Buffer Overflow Vulnerability
3858| [55297] PHP 'header()' HTTP Header Injection Vulnerability
3859| [55273] HP SiteScope UploadFilesHandler Directory Traversal Vulnerability
3860| [55243] WordPress Simple:Press Forum Plugin Arbitrary File Upload Vulnerability
3861| [55225] Joomla! FreiChat Component Insecure File Upload Vulnerability
3862| [55223] ownCloud 'fileuploaded.php' Arbitrary File Upload Vulnerability
3863| [55210] elcomCMS 'UploadStyleSheet.aspx' Arbitrary File Upload Vulnerability
3864| [55209] EMC ApplicationXtender Multiple Products Arbitrary File Upload Vulnerability
3865| [55204] BusinessWiki Arbitrary File Upload and Multiple HTML Injection Vulnerabilities
3866| [55179] Adobe Pixel Bender Toolkit2 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities
3867| [55177] Foxit Reader 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
3868| [55175] WordPress Monsters Editor for WP Super Edit Plugin Arbitrary File Upload Vulnerability
3869| [55174] WordPress Rich Widget Plugin Arbitrary File Upload Vulnerability
3870| [55173] WordPress 'sem-wysiwyg' Plugin Arbitrary File Upload Vulnerability
3871| [55166] Joomla! CiviCRM Component Multiple Arbitrary File Upload Vulnerabilities
3872| [55131] Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
3873| [55127] XODA Arbitrary File Upload and HTML Injection Vulnerabilities
3874| [55117] SaltOS 'download.php' Cross Site Scripting Vulnerability
3875| [55099] Tinyproxy Header Multiple Denial of Service Vulnerabilities
3876| [55095] IBM Lotus Domino HTTP Response Splitting and Cross Site Scripting Vulnerabilities
3877| [55040] MobileCartly Multiple Remote File Upload Vulnerabilities
3878| [54994] Group-Office HTTPOnly Cookies Flag Information Disclosure Vulnerabilities
3879| [54933] dirLIST Multiple Local File Include and Arbitrary File Upload Vulnerabilities
3880| [54818] AOL downloadUpdater2 Plugin 'SRC' Parameter Remote Buffer Overflow Vulnerability
3881| [54774] Joomla Joomgalaxy Component SQL Injection and Arbitrary File Upload Vulnerabilities
3882| [54727] Scrutinizer HTTP Authentication Bypass Vulnerability
3883| [54726] Scrutinizer Arbitrary File Upload Vulnerability
3884| [54721] Symantec Web Gateway 'deptUploads_data.php' SQL Injection Vulnerability
3885| [54712] httpdx Heap Buffer Overflow Vulnerability
3886| [54704] Ruby on Rails 'authenticate_or_request_with_http_digest' Method Denial Of Service Vulnerability
3887| [54700] WebKit WebSockets CVE-2012-3696 HTTP Header Injection Vulnerability
3888| [54655] WordPress Front End Upload Plugin Arbitrary File Upload Vulnerability
3889| [54651] Multiple Siemens SIMATIC Products DLL Loading Arbitrary Code Execution Vulnerability
3890| [54646] Invensys Multiple Products DLL Loading Arbitrary Code Execution Vulnerability
3891| [54635] WordPress chenpress Plugin Arbitrary File Upload Vulnerability
3892| [54629] httpdx Wildcards Remote Denial of Service Vulnerability
3893| [54597] WordPress Cimy User Extra Fields Plugin Arbitrary File Upload Vulnerability
3894| [54594] Symantec System Recovery CVE-2012-0305 DLL Loading Arbitrary Code Execution Vulnerability
3895| [54478] DomsHttpd Remote Denial of Service Vulnerability
3896| [54477] Google Chrome 'metro_driver.dll' DLL Loading Arbitrary Code Execution Vulnerability
3897| [54470] EmbryoCore CMS 'loadcss.php' Multiple Directory Traversal Vulnerabilities
3898| [54467] Rama Zeiten CMS 'download.php' Remote File Disclosure Vulnerability
3899| [54464] EGallery 'egallery/uploadify.php' Arbitrary File Upload Vulnerability
3900| [54447] Joomla! KSAdvertiser Component Arbitrary File Upload Vulnerability
3901| [54446] Joomla! OS Property Component Arbitrary File Upload Vulnerability
3902| [54441] WordPress Resume Submissions & Job Postings Unrestricted File Upload Vulnerability
3903| [54440] WordPress Generic Plugin Arbitrary File Upload Vulnerability
3904| [54421] Chyrp SQL Injection and Arbitrary File Upload Vulnerabilities
3905| [54372] Open Upload Cross-Site Scripting and Arbitrary Code Execution Vulnerabilities
3906| [54351] Umbraco CMS 'codeEditorSave.asmx' Arbitrary File Upload Vulnerability
3907| [54344] Mono 'HttpForbiddenHandler.cs' Cross-Site Scripting Vulnerability
3908| [54338] WordPress Contus Vblog Plugin 'save.php' Arbitrary File Upload Vulnerability
3909| [54337] WordPress Front-end Editor Plugin 'upload.php' Arbitrary File Upload Vulnerability
3910| [54336] Eclydre Web Manager 'upload.php' Arbitrary File Upload Vulnerability
3911| [54335] sflog! 'uploadContent.inc.php' Arbitrary File Upload Vulnerability
3912| [54303] Microsoft Visual Basic for Applications DLL Loading Arbitrary Code Execution Vulnerability
3913| [54264] Photodex ProShow Producer 'load' File Remote Stack Buffer Overflow Vulnerability
3914| [54255] GetSimple CMS Items Manager Plugin 'php.php' Arbitrary File Upload Vulnerability
3915| [54254] Magix CMS 'upload.php' Arbitrary File Upload Vulnerability
3916| [54252] Magix CMS 'upload.php' Arbitrary File Upload Vulnerability
3917| [54245] SWFUpload 'movieName' Parameter Cross Site Scripting Vulnerability
3918| [54238] JAKCMS PRO 'uploader.php' Arbitrary File Upload Vulnerability
3919| [54228] PHP-Fusion Advanced MP3 Player Infusion 'upload.php' Arbitrary File Upload Vulnerability
3920| [54225] Avaya IP Office Customer Call Reporter 'ImageUpload.ashx' Remote Code Execution Vulnerability
3921| [54205] Drupal IMCE Mkdir 'imce' Arbitrary File Upload Vulnerability
3922| [54204] Schoolhos CMS Arbitrary File Upload and HTML Injection Vulnerabilities
3923| [54193] Western Digital Live TV Local File Include and Arbitrary File Upload Vulnerabilities
3924| [54179] Drupal Drag & Drop Gallery 'upload.php' Arbitrary File Upload Vulnerability
3925| [54174] e107 Articulate 'manage_articulate.php' Arbitrary File Upload Vulnerability
3926| [54173] WordPress Flip Book 'php.php' Arbitrary File Upload Vulnerability
3927| [54172] SilverStripe Pixlr Image Editor 'upload.php' Arbitrary File Upload Vulnerability
3928| [54171] WordPress Fancy Gallery 'image-upload.php' Arbitrary File Upload Vulnerability
3929| [54170] Amazon S3 Uploadify Script 'uploadify.php' Arbitrary File Upload Vulnerability
3930| [54165] IBM Lotus Expeditor DLL Loading Arbitrary Code Execution Vulnerability
3931| [54127] AdNovum nevisProxy Cross Site Scripting Vulnerability
3932| [54107] Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerabilities
3933| [54098] e107 FileDownload Plugin Arbitrary File Upload and Remote File Disclosure Vulnerabilities
3934| [54092] e107 Filemanager Plugin 'ajaxfilemanager.php' Arbitrary File Upload Vulnerability
3935| [54091] e107 Hupsi_fancybox Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
3936| [54090] e107 Hupsis Media Gallery Plugin 'ajaxfilemanager.php' Arbitrary File Upload Vulnerability
3937| [54088] e107 Hupsi Share Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
3938| [54087] e107 Radio Plan Plugin 'upload.php' Arbitrary File Upload Vulnerability
3939| [54085] e107 Tap Plugin 'ajaxfilemanager.php' Arbitrary File Upload Vulnerability
3940| [54083] Python SimpleHTTPServer 'list_directory()' Function Cross Site Scripting Vulnerability
3941| [54078] WordPress Auctions Plugin 'upload.php' Arbitrary File Upload Vulnerability
3942| [54059] WordPress Lim4wp 'upload.php' Arbitrary File Upload Vulnerability
3943| [54057] WordPress LB Mixed Slideshow Plugin 'upload.php' Arbitrary File Upload Vulnerability
3944| [54055] Samsung AllShare 'Content-Length' HTTP Header Remote Denial Of Service Vulnerability
3945| [54052] WordPress Multiple Themes 'upload.php' Arbitrary File Upload Vulnerability
3946| [54041] Joomla! Maian Media Component 'uploadhandler.php' Arbitrary File Upload Vulnerability
3947| [54038] Joomla! Dione FileUploader Component 'upload.php' Arbitrary File Upload Vulnerability
3948| [54037] Joomla! hwdVideoShare Component 'flash_upload.php' Arbitrary File Upload Vulnerability
3949| [54022] qdPM Arbitrary File Upload Vulnerability
3950| [54020] WordPress Zingiri Web Shop Plugin 'uploadfilexd.php' Arbitrary File Upload Vulnerability
3951| [53995] WordPress Invit0r Plugin 'ofc_upload_image.php' Arbitrary File Upload Vulnerability
3952| [53994] WordPress Evarisk Plugin 'uploadPhotoApres.php' Arbitrary File Upload Vulnerability
3953| [53990] Zimplit CMS Local File Include and Arbitrary File Upload Vulnerabilities
3954| [53978] WordPress Annonces Plugin 'theme.php' Arbitrary File Upload Vulnerability
3955| [53977] Joomla! Easy Flash Uploader Component 'helper.php' Arbitrary File Upload Vulnerability
3956| [53975] Joomla! jFancy Component 'script.php' Arbitrary File Upload Vulnerability
3957| [53973] Joomla! IDoEditor Component 'image.php' Arbitrary File Upload Vulnerability
3958| [53972] Joomla! DentroVideo Component 'upload.php' Arbitrary File Upload Vulnerability
3959| [53969] Joomla! Art Uploader Component 'upload.php' Arbitrary File Upload Vulnerability
3960| [53968] Joomla! Simple SWFUpload Component 'uploadhandler.php' Arbitrary File Upload Vulnerability
3961| [53967] WordPress HD FLV Player Plugin 'uploadVideo.php' Arbitrary File Upload Vulnerability
3962| [53945] XOOPS Cube PROJECT FileManager 'xupload.php' Arbitrary File Upload Vulnerability
3963| [53944] Joomla! Joomsport Component SQL Injection and Arbitrary File Upload Vulnerabilities
3964| [53941] Adobe ColdFusion Component Browser CVE-2012-2041 HTTP Response Splitting Vulnerability
3965| [53931] WordPress Contus Video Gallery Plugin 'upload1.php' Arbitrary File Upload Vulnerability
3966| [53929] Clansuite 'uploadify.php' Arbitrary File Upload Vulnerability
3967| [53928] ET - Chat Multiple Arbitrary File Upload Vulnerabilities
3968| [53925] Check Point Endpoint Connect DLL Loading Arbitrary Code Execution Vulnerability
3969| [53923] Agora-Project 'dossierup' Parameter Remote Arbitrary File Upload Vulnerability
3970| [53920] PHPAccounts SQL Injection and Arbitrary File Upload Vulnerabilities
3971| [53919] WordPress Custom Content Type Manager Plugin 'upload_form.php' Arbitrary File Upload Vulnerability
3972| [53918] WordPress PICA Photo Gallery 'picaPhotosResize.php' Arbitrary File Upload Vulnerability
3973| [53915] WordPress Drag & Drop File Uploader Plugin 'dnd-upload.php' Arbitrary File Upload Vulnerability
3974| [53914] Wordpress SFBrowser Plugin 'sfbrowser.php' Arbitrary File Upload Vulnerability
3975| [53913] WordPress Top Quark Architecture Plugin 'script.php' Arbitrary File Upload Vulnerability
3976| [53912] WordPress Mac Photo Gallery Plugin 'upload-file.php' Arbitrary File Upload Vulnerability
3977| [53910] WordPress User Meta Plugin 'uploader.php' Arbitrary File Upload Vulnerability
3978| [53909] WordPress WP GPX Maps Plugin Arbitrary File Upload Vulnerability
3979| [53898] WordPress Hungred Post Thumbnail Plugin 'hpt_file_upload.php' Arbitrary File Upload Vulnerability
3980| [53897] F5 Multiple Products SSH Configuration Remote Unauthorized Access Vulnerability
3981| [53896] WordPress wpStoreCart Plugin 'upload.php' Arbitrary File Upload Vulnerability
3982| [53895] WordPress PDW File Browser Plugin 'upload.php' Arbitrary File Upload Vulnerability
3983| [53894] WordPress Picturesurf Gallery Plugin 'upload.php' Arbitrary File Upload Vulnerability
3984| [53891] WordPress Front File Manager Plugin 'Upload.php' Arbitrary File Upload Vulnerability
3985| [53879] IBM Lotus iNotes Upload Module ActiveX Control Buffer Overflow Vulnerability
3986| [53874] WordPress Front End Upload Plugin 'Upload.php' Arbitrary File Upload Vulnerability
3987| [53872] WordPress Omni Secure Files Plugin 'Upload.php' Arbitrary File Upload Vulnerability
3988| [53855] WordPress FCChat Widget Plugin 'Upload.php' Arbitrary File Upload Vulnerability
3989| [53853] WordPress Font Uploader Plugin 'font-upload.php' Arbitrary File Upload Vulnerability
3990| [53852] WordPress MM Forms Community Plugin 'doajaxfileupload.php' Arbitrary File Upload Vulnerability
3991| [53851] WordPress VideoWhisper Video Presentation Plugin 'vw_upload.php' Arbitrary File Upload Vulnerability
3992| [53849] WordPress Gallery Plugin Arbitrary File Upload Vulnerability
3993| [53831] Microsoft Lync CVE-2012-1849 DLL Loading Arbitrary Code Execution Vulnerability
3994| [53830] RETIRED: Microsoft Visual Basic for Applications DLL Loading Arbitrary Code Execution Vulnerability
3995| [53813] Collabtive 'manageuser.php' Arbitrary File Upload Vulnerability
3996| [53809] WordPress Asset Manager Plugin 'upload.php' Arbitrary File Upload Vulnerability
3997| [53806] WordPress Comment Extra Fields Plugin 'cef-upload.php' Arbitrary File Upload Vulnerability
3998| [53805] WordPress Foxypress Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
3999| [53804] WordPress HTML5 AV Manager Plugin 'custom.php' Arbitrary File Upload Vulnerability
4000| [53790] Nmedia WordPress Member Conversation Plugin 'doupload.php' Arbitrary File Upload Vulnerability
4001| [53789] WordPress WP Marketplace Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
4002| [53787] WordPress WP-Property Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
4003| [53786] Nmedia Users File Uploader Plugin Arbitrary File Upload Vulnerability
4004| [53782] PyroCMS HTTP Response Splitting and HTML Injection Vulnerabilities
4005| [53777] f2blog 'uploadimg.php' Remote File Upload Vulnerability
4006| [53761] TinyCMS Local File Include and Arbitrary File Upload Vulnerabilities
4007| [53740] WHMCS Cross Site Scripting and Multiple HTTP Parameter Pollution Vulnerabilities
4008| [53724] VAMCart 'tinybrowser.php' Remote Arbitrary File Upload Vulnerability
4009| [53701] PHP Volunteer Management Arbitrary File Upload and HTML Injection Vulnerabilities
4010| [53696] DynPage 'ckfinder' Multiple Arbitrary File Upload Vulnerabilities
4011| [53695] DornCMS 'add_page.php' Remote Arbitrary File Upload Vulnerability
4012| [53681] Measuresoft ScadaPro DLL Loading Arbitrary Code Execution Vulnerability
4013| [53675] phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
4014| [53647] HAProxy Trash Buffer Overflow Vulnerability
4015| [53645] Macronia AhMeBa Professional Arbitrary File Upload Vulnerability
4016| [53641] AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities
4017| [53616] Acuity CMS Directory Traversal and Arbitrary File Upload Vulnerabilities
4018| [53612] Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
4019| [53609] Cryptographp 'cryptographp.inc.php' HTTP Response Splitting Vulnerability
4020| [53568] 3DVIA Composer 'dwmapi.dll' and 'ibfs32.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
4021| [53560] 3D XML Player Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4022| [53517] Download Manager 'cid' Parameter Cross Site Scripting Vulnerability
4023| [53514] Download Monitor 'uploader.php' Multiple Cross Site Scripting Vulnerabilities
4024| [53486] Anaconda Bootloader Configuration Module Insecure File Permission Vulnerability
4025| [53448] Chevereto Image Upload Script Cross Site Scripting and Information Disclosure Vulnerability
4026| [53443] Symantec Web Gateway Management Scripts Arbitrary File Upload Vulnerability
4027| [53442] Symantec Web Gateway Arbitrary File Download And Delete Vulnerability
4028| [53439] Cisco Prime LAN Management Solution HTTP Response Splitting Vulnerability
4029| [53416] Node.js HTTP Parser Information Disclosure Vulnerability
4030| [53412] eFront Cross Site Scripting and Arbitrary File Upload Vulnerabilities
4031| [53316] WellinTech KingView DLL Loading Arbitrary Code Execution Vulnerability
4032| [53277] Joomla! 'Host' HTTP Header Cross Site Scripting Vulnerability
4033| [53267] NetArt Media Car Portal Arbitrary File Upload and HTML Injection Vulnerabilities
4034| [53242] Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
4035| [53191] Xunlei Thunder Insecure Library Loading Arbitrary Code Execution Vulnerability
4036| [53190] RETIRED: Liferay Enterprise Portal Arbitrary File Download And Security Bypass Vulnerability
4037| [53176] WordPress Download Manager Plugin 'cid' Parameter Cross Site Scripting Vulnerability
4038| [53093] Oracle Database Server CVE-2012-0527 Remote HTTP Response Splitting Vulnerability
4039| [53084] Oracle Database Server CVE-2012-0526 Remote HTTP Response Splitting Vulnerability
4040| [53015] McAfee Web Gateway 'Host' HTTP Header Security Bypass Vulnerability
4041| [53011] ActiveScriptRuby 'GRScript18.dll' ActiveX Control DLL Loading Arbitrary Code Execution Vulnerability
4042| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
4043| [52994] CGIProxy Multiple Unspecified Security Vulnerabilities
4044| [52964] Nmedia Users File Uploader plugin for WordPress Multiple Security Vulnerabilities
4045| [52960] WordPress WP Marketplace Plugin File Enumeration Weakness and File Upload Vulnerabilities
4046| [52944] WordPress Uploadify Integration Plugin Multiple Cross Site Scripting Vulnerabilities
4047| [52933] Siemens Scalance X Switches 'HTTP' Request Denial of Service Vulnerability
4048| [52912] Umbraco CMS 'url' Parameter Open Proxy Vulnerability
4049| [52861] Wordpress Another WordPress Classifieds Plugin Unspecified Image Upload Vulnerability
4050| [52832] Red Hat Network Satellite Server NULL Organization Package Upload Security Bypass Vulnerability
4051| [52825] Havalite CMS SQL Injection and Arbitrary File Upload Vulnerabilities
4052| [52823] GetSimple CMS 'filebrowser.php' Remote Arbitrary File Upload Vulnerability
4053| [52713] vBulletin vBDownloads module 'mirrors[]' Parameter HTML Injection Vulnerability
4054| [52702] Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
4055| [52696] Apache Traffic Server HTTP Host Header Handling Heap Based Buffer Overflow Vulnerability
4056| [52653] F5 FirePass 'state' Parameter SQL Injection Vulnerability
4057| [52643] Tiny Server HTTP GET Request Remote Denial of Service Vulnerability
4058| [52635] Tiny Server HTTP HEAD Request Remote Denial of Service Vulnerability
4059| [52622] Gnuboard 'download.php' HTML Injection Vulnerability
4060| [52542] Xtreme RAT 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4061| [52512] TVersity Arbitrary File Download Vulnerability
4062| [52463] Mozilla Firefox/Thunderbird/SeaMonkey HTTP Header Security Bypass Vulnerability
4063| [52450] Ettercap NG 'wpcap.dll' DLL Loading Arbitrary Code Execution Vulnerability
4064| [52445] GoAhead WebServer HTTP Requests Denial Of Service Vulnerability
4065| [52421] WebKit HTTP Authentication Credentials Information Disclosure Vulnerability
4066| [52413] DVD Architect 'CFHDDecoder.dll' DLL Loading Arbitrary Code Execution Vulnerability
4067| [52412] moviEZ HD 'avrt.dll' DLL Loading Arbitrary Code Execution Vulnerability
4068| [52410] Vegas Movie Studio HD 'CFHDDecoder.dll' DLL Loading Arbitrary Code Execution Vulnerability
4069| [52402] Jam Trax Xpress 'sage.dll' DLL Loading Arbitrary Code Execution Vulnerability
4070| [52386] DotNetNuke Remote Arbitrary File Upload Vulnerability
4071| [52375] Microsoft Expression 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4072| [52336] OSClass Directory Traversal and Arbitrary File Upload Vulnerabilities
4073| [52325] Apple Safari Plugin Unloading Remote Code Execution Vulnerability
4074| [52282] KoolUploader Remote Arbitrary File Upload Vulnerability
4075| [52279] phpCAS Proxy Authorization Security Bypass Vulnerability
4076| [52234] BrewBlogger Multiple Arbitrary File Upload Vulnerabilities
4077| [52212] Cisco Wireless LAN Controller CVE-2012-0368 HTTP Request Denial of Service Vulnerability
4078| [52208] NetDecision HTTP Server Long HTTP Request Remote Denial of Service Vulnerability
4079| [52194] NetDecision HTTP Server Stack-Based Buffer Overflow Vulnerability
4080| [52179] python-httplib2 CVE-2013-2037 SSL Certificate Validation Security Bypass Vulnerability
4081| [52174] Piwigo 'index.php' Remote Arbitrary File Upload Vulnerability
4082| [52173] Dotclear 'swfupload.swf' Remote Arbitrary File Upload Vulnerability
4083| [52156] The Uploader 'username' Parameter SQL Injection Vulnerability
4084| [52136] Mobile Mp3 Search Script 'dl.php' HTTP Response Splitting Vulnerability
4085| [52130] WordPress Magn WP Drag and Drop Upload Plugin Arbitrary Shell Upload Vulnerability
4086| [52106] Mercury MR804 Router Multiple HTTP Header Fields Denial Of Service Vulnerabilities
4087| [52087] WebsiteBaker HTTP 'Referer' Header Cross Site Scripting Vulnerabilities
4088| [52080] Mitra Iranian CMS 'manager.php' Remote Arbitrary File Upload Vulnerability
4089| [52070] 7T AQUIS DLL Loading Arbitrary Code Execution Vulnerability
4090| [52069] 7T TERMIS DLL Loading Arbitrary Code Execution Vulnerability
4091| [51990] PBBoard 'index.php' Arbitrary File Upload Vulnerability
4092| [51984] ALFTP Insecure Excutable File Loading Arbitrary Code Execution Vulnerability
4093| [51950] Sysax Multi Server 'uploadfile_name1.htm' Buffer Overflow Vulnerability
4094| [51943] CVS CVE-2012-0804 'proxy_connect()' Heap Buffer Overflow Vulnerability
4095| [51924] HDWiki 'attachement.php' Arbitrary File Upload Vulnerability
4096| [51910] Scientific Toolworks Understand 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4097| [51838] TYPO3 Documents Download Extension Cross Site Scripting and SQL Injection Vulnerabilities
4098| [51767] Mindjet MindManager 2012 DLL Loading Arbitrary Code Execution Vulnerabilities
4099| [51725] phux Download Manager 'file' Parameter SQL Injection Vulnerability
4100| [51722] Ajax Upload Extension Wing Header Arbitrary File Upload Vulnerability
4101| [51706] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
4102| [51705] Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability
4103| [51677] Joomla! JE Story Submit 'update()' Function Arbitrary File Upload Vulnerability
4104| [51657] Joomla! 'com_jesubmit' Component 'index.php' Arbitrary File Upload Vulnerability
4105| [51650] glFusion SQL Injection and Arbitrary File Upload Vulnerabilities
4106| [51638] WordPress Guest Posting Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
4107| [51631] Raven 'connector.asp' Arbitrary File Upload Vulnerability
4108| [51630] ARYADAD CMS fckeditor Arbitrary File Upload Vulnerability
4109| [51615] WordPress AllWebMenus Plugin 'actions.php' Arbitrary File Upload Vulnerability
4110| [51576] appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
4111| [51456] Oracle JD Edwards EnterpriseOne Tools CVE-2011-2317 Arbitrary File Upload Vulnerability
4112| [51438] 7T Interactive Graphical SCADA System DLL Loading Arbitrary Code Execution Vulnerability
4113| [51415] Pragyan CMS 'frmupload.html' Arbitrary File Upload Vulnerability
4114| [51407] Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
4115| [51406] Tahoe-LAFS Mutable Downloader Security Bypass Vulnerability
4116| [51402] WordPress Count per Day Plugin Arbitrary File Download and Cross Site Scripting Vulnerabilities
4117| [51398] HP LoadRunner 'magentservice.exe' Remote Stack Buffer Overflow Vulnerability
4118| [51375] Multiple Cogent Datahub Products Unspecified HTTP Header Injection Vulnerability
4119| [51365] PHP-Fusion 'downloads.php' Cross Site Scripting Vulnerability
4120| [51347] dl Download Ticket Service Authentication Bypass Vulnerability
4121| [51320] AirTies Air 4450 'cgi-bin/loader' Denial of Service Vulnerability
4122| [51302] eFront 'download' Parameter Directory Traversal Vulnerability
4123| [51264] Moodle '/calendar/set.php' HTTP Response Splitting Vulnerability
4124| [51234] Joomla! Simple File Upload Arbitrary File Upload Vulnerability
4125| [51214] Joomla Simple File Upload 'index.php' Remote Code Execution Vulnerability
4126| [51188] WordPress WP Symposium Arbitrary File Upload Vulnerabilities
4127| [51164] IDAPython Script Loading Arbitrary Code Execution Vulnerability
4128| [51112] SecCommerce SecSigner Java Applet Arbitrary File Upload Vulnerability
4129| [51073] RSA SecurID Software Token DLL Loading Arbitrary Code Execution Vulnerability
4130| [51068] Google Chrome IFRAME Loading Information Disclosure Vulnerability
4131| [51066] Opera Web Browser IFRAME Loading Information Disclosure Vulnerability
4132| [51065] Microsoft Internet Explorer IFRAME Loading Information Disclosure Vulnerability
4133| [51063] FFFTP CVE-2011-4266 Insecure Executable File Loading Arbitrary Code Execution Vulnerability
4134| [51053] Mozilla Firefox IFRAME Loading Information Disclosure Vulnerability
4135| [51002] Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
4136| [50998] DoceboLMS Multiple Arbitrary File Upload and SQL Injection Vulnerabilities
4137| [50975] Microsoft Internet Explorer CVE-2011-2019 DLL Loading Arbitrary Code Execution Vulnerability
4138| [50967] Microsoft PowerPoint CVE-2011-3396 DLL Loading Arbitrary Code Execution Vulnerability
4139| [50925] Simple Machines Forum ''fckeditor' Arbitrary File Upload Vulnerability
4140| [50862] Manx HTTP Response Splitting and Cross Site Scripting Vulnerabilities
4141| [50851] lighttpd 'http_auth.c' Remote Denial of Service Vulnerability
4142| [50829] Linux GNU Debugger 'debug_gdb_scripts' Loading Arbitrary Code Execution Vulnerability
4143| [50828] Siemens SIMATIC WinCC Flexible Runtime 'HmiLoad.exe' Multiple Security Vulnerabilities
4144| [50823] Joomla! Fabrik Component 'importcsv.php' Arbitrary File Upload Vulnerability
4145| [50785] Prestashop 'displayImage.php' HTTP Response Splitting Vulnerability
4146| [50771] Namazu HTTP Cookie Cross Site Scripting Vulnerability
4147| [50768] Privoxy RFC 3986 HTTP Response Splitting Vulnerability
4148| [50706] V-CMS Multiple Cross Site Scripting Arbitrary File Upload and SQL Injection Vulnerabilities
4149| [50703] DVR Remote ActiveX Control 'DVRobot.dll' DLL Loading Arbitrary Code Execution Vulnerability
4150| [50695] FleaHttpd Remote Denial of Service Vulnerability
4151| [50673] QuiXplorer 'index.php' Arbitrary File Upload Vulnerability
4152| [50666] Seraphim Tech Upload Script 'uploadurl.php' Remote Arbitrary File Upload Vulnerability
4153| [50639] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
4154| [50608] LabWiki Multiple Cross Site Scripting And Arbitrary File Upload Vulnerabilities
4155| [50589] Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass Vulnerability
4156| [50587] 11in1 (Eleven in One) 'do.php' HTTP Response Splitting Vulnerability
4157| [50554] Barracuda Link Balancer Multiple Cross Site Scripting Vulnerabilities
4158| [50553] UBB.Threads Unspecified File Upload Vulnerability
4159| [50542] Mahara CVE-2011-2772 Upload Denial of Service Vulnerability
4160| [50509] EMC Documentum eRoom Arbitrary File Upload Vulnerability
4161| [50508] Web File Browser 'webFileBrowser.php' Arbitrary File Download Vulnerability
4162| [50507] Windows Mail and Windows Meeting Space DLL Loading Arbitrary Code Execution Vulnerability
4163| [50497] phpMyAdmin 'simplexml_load_string()' Function Information Disclosure Vulnerability
4164| [50496] Attachmate Reflection DLL Loading Arbitrary Code Execution Vulnerability
4165| [50494] Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
4166| [50449] Squid Proxy Caching Server CNAME Denial of Service Vulnerability
4167| [50447] IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
4168| [50412] FFFTP Insecure Excutable File Loading Arbitrary Code Execution Vulnerability
4169| [50363] Novell XTier Framework HTTP Header Remote Integer Overflow Vulnerability
4170| [50335] Cyclope Internet Filtering Proxy 'CEPMServer.exe' Denial of Service Vulnerability
4171| [50324] Mozilla NSS 'NSS_NoDB_Init()' Insecure Library Loading Arbitrary Code Execution Vulnerability
4172| [50317] Cyclope Internet Filtering Proxy 'user' HTML Injection Vulnerability
4173| [50306] TYPO3 pmkshadowbox and pmkslimbox Cross Site Scripting and Arbitrary File Download Vulnerabilities
4174| [50301] osCommerce Remote File Upload and File Disclosure Vulnerabilities
4175| [50290] fims File Management System 'f' Parameter Arbitrary File Download Vulnerability
4176| [50285] Cisco Show and Share CVE-2011-2585 Arbitrary File Upload Vulnerability
4177| [50275] 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
4178| [50084] Cisco TelePresence Video Communication Server 'User-Agent' HTTP Header HTML Injection Vulnerability
4179| [50078] Honeywell EBI TEMA Remote Installer ActiveX Control Arbitrary File Download Vulnerability
4180| [50027] eFront 'view_file.php' Multiple Arbitrary File Download Vulnerabilities
4181| [50007] VLC Media Player 'httpd_ClientRecv()' Heap Based Buffer Overflow Vulnerability
4182| [49985] WordPress Redirection Plug-in HTTP Referrer Header HTML Injection Vulnerability
4183| [49979] Microsoft Forefront Unified Access Gateway (CVE-2011-1895) HTTP Response Splitting Vulnerability
4184| [49976] Microsoft Windows Active Accessibility DLL Loading Arbitrary Code Execution Vulnerability
4185| [49962] Microsoft Internet Explorer OnLoad Event CVE-2011-1997 Memory Corruption Vulnerability
4186| [49955] Cisco Firewall Services Module Authentication Proxy Remote Denial of Service Vulnerability
4187| [49943] Microsoft Windows Media Center DLL Loading Arbitrary Code Execution Vulnerability
4188| [49908] Polipo POST/PUT Requests HTTP Header Processing Denial Of Service Vulnerability
4189| [49890] SabadKharid 'upload.php' Arbitrary File Upload Vulnerability
4190| [49882] TYPO3 'download.php' Local File Disclosure Vulnerability
4191| [49852] Mozilla Firefox and SeaMonkey 'loadSubScript()' Security Bypass Vulnerability
4192| [49849] Mozilla Firefox/Thunderbird/SeaMonkey CVE-2011-3000 HTTP Response Splitting Vulnerability
4193| [49817] TimeLive Time and Expense 'FileDownload.aspx' Arbitrary File Download Vulnerability
4194| [49779] Novell GroupWise Internet Agent HTTP Interface Stack Buffer Overflow Vulnerability
4195| [49762] Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
4196| [49693] WordPress Relocate Upload Plugin 'abspath' Parameter Remote File Include Vulnerability
4197| [49673] Toko LiteCMS HTTP Response Splitting and Cross Site Scripting Vulnerabilities
4198| [49669] WordPress Filedownload Local File Disclosure Vulnerability
4199| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
4200| [49616] Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
4201| [49604] Movicon 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4202| [49557] TYPO3 WEC Staff Directory Extension Arbitrary File Upload Vulnerability
4203| [49556] WordPress Easy Comment Uploads Plugin 'upload.php' Arbitrary File Upload Vulnerability
4204| [49535] Spring Security HTTP Header Injection Vulnerability
4205| [49519] Microsoft Office Shared Component CVE-2011-1980 DLL Loading Arbitrary Code Execution Vulnerability
4206| [49516] TYPO3 Drag Drop Mass Upload Extension 'ameos_dragndropupload' Arbitrary File Upload Vulnerability
4207| [49504] WordPress Paid Downloads Plugin 'download_key' Parameter SQL Injection Vulnerability
4208| [49501] WordPress WP-Filebase Download Manager 'base' Parameter SQL Injection Vulnerability
4209| [49495] 1 Flash Gallery 'upload.php' Arbitrary File Upload Vulnerability
4210| [49488] WordPress wpcu3er Plugin 'ajaxReq.php' Arbitrary File Upload Vulnerability_
4211| [49487] GnuCash Insecure Excutable File Loading Arbitrary Code Execution Vulnerability
4212| [49479] Siemens SIMATIC WinCC Flexible Runtime Advanced Loader Heap Buffer Overflow Vulnerability
4213| [49449] GTK+ Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4214| [49436] Microsoft Windows Script Host 'wshesn.dll' DLL Loading Arbitrary Code Execution Vulnerability
4215| [49434] Joomla! Simple File Uploader Module Arbitrary File Upload Vulnerability
4216| [49421] KaiBB SQL Injection and Arbitrary File Upload Vulnerabilities
4217| [49385] WordPress Image Gallery with Slideshow Plugin 'upload-file.php' Arbitrary File Upload Vulnerability
4218| [49384] WordPress Grapefile Plugin 'grapeupload.php' Arbitrary File Upload Vulnerability
4219| [49356] Squid Proxy Gopher Remote Buffer Overflow Vulnerability
4220| [49309] Zazavi 'filemanager/controller.php' Arbitrary File Upload Vulnerability
4221| [49303] Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
4222| [49274] JagoanStore CMS fckeditor Arbitrary File Upload Vulnerability
4223| [49185] Website Baker 'upload.php' Arbitrary File Upload Vulnerability
4224| [49026] Microsoft Windows Data Access Component DLL Loading Arbitrary Code Execution Vulnerability
4225| [48963] WordPress Timthumb Plugin 'timthumb' Cache Directory Arbitrary File Upload Vulnerability
4226| [48929] Linux Kernel Generic Receive Offload (GRO) CVE-2011-2723 Denial of Service Vulnerability
4227| [48911] Drupal Core File Download Security Bypass Vulnerability
4228| [48871] Download Accelerator Plus '.m3u' File Buffer Overflow Vulnerability
4229| [48863] PRADO 'TActiveFileUpload.php' Directory Traversal Vulnerability
4230| [48708] Joomla! AvReloaded Component SQL Injection Vulnerability
4231| [48643] Fire Soft Board 'User-Agent' HTTP Header HTML Injection Vulnerability
4232| [48614] Aruba Networks ArubaOS HTTP Response Splitting and HTML Injection Vulnerabilities
4233| [48608] Effective File Search (EFS) DLL Loading Arbitrary Code Execution Vulnerability
4234| [48579] F5 BIG-IP ASM Web Scraping Cross-Site Scripting Vulnerability
4235| [48577] HP-UX Dynamic Loader Unspecified Local Privilege Escalation Vulnerability
4236| [48562] XnView DLL Loading Arbitrary Code Execution Vulnerability
4237| [48535] Donar Player Multiple DLL Loading Arbitrary Code Execution Vulnerability
4238| [48514] IBM DB2 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
4239| [48484] Atlassian JIRA File Download Security Bypass Vulnerability
4240| [48432] xAurora 'RSRC32.DLL' DLL Loading Arbitrary Code Execution Vulnerability
4241| [48425] gdk-pixbuf 'gdk_pixbuf__gif_image_load()' Remote Denial of Service Vulnerability
4242| [48398] Drupal Download Count Module HTML Injection Vulnerability
4243| [48343] Retired: Blackice Cover Page 'DownloadImageFileURL()' Arbitrary File Download Vulnerability
4244| [48336] Blue Coat ProxySG core Files Local Information Disclosure Vulnerability
4245| [48331] Helium Music Manager DLL Loading Arbitrary Code Execution Vulnerability
4246| [48285] Gogago YouTube Video Converter ActiveX control 'Download()' Method Buffer Overflow Vulnerability
4247| [48274] WordPress Real WYSIWYG Plugin 'insert_file.php' Arbitrary File Upload Vulnerability
4248| [48257] Phpnuke 'upload.php' Arbitrary File Upload Vulnerability
4249| [48252] Adobe Acrobat and Reader CVE-2011-2100 DLL Loading Arbitrary Code Execution Vulnerability
4250| [48211] Microsoft Internet Explorer HTTP Redirect Uninitialized Memory Remote Code Execution Vulnerability
4251| [48194] PlotSoft PDFill Multiple DLL Loading Arbitrary Code Execution Vulnerability
4252| [48130] ACDSee Fotoslate DLL Loading Arbitrary Code Execution Vulnerability
4253| [48128] ACDSee Photo Editor 2008 DLL Loading Arbitrary Code Execution Vulnerability
4254| [48127] ACDSee Picture Frame Manager DLL Loading Arbitrary Code Execution Vulnerability
4255| [48111] Xitami HTTP Header Remote Buffer Overflow Vulnerability
4256| [48108] Joomla CCBoard SQL Injection and Arbitrary File Upload Vulnerabilities
4257| [48093] mcCMS 'manager.php' Arbitrary File Upload Vulnerability
4258| [48073] HP LoadRunner Virtual User Script Files Remote Buffer Overflow Vulnerability
4259| [48061] Belkin F5D7234-4V5 Wireless G Router 'login.stm' Administrator Password Disclosure Vulnerability
4260| [48055] Microsoft Windows Live Messenger 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4261| [48031] Lil' HTTP Server 'pbcgi.cgi' Cross Site Scripting Vulnerability
4262| [48022] Lil' HTTP Server Source Code Information Disclosure Vulnerability
4263| [48001] WalRack File Extension Handling Arbitrary File Upload Vulnerability
4264| [47970] MidiCMS Website Builder Local File Include and Arbitrary File Upload Vulnerabilities
4265| [47915] Drupal Webform Module Cross Site Scripting and Arbitrary File Upload Vulnerabilities
4266| [47908] Joomla! jDownloads Component Arbitrary File Upload Vulnerability
4267| [47897] Microsoft Windows 'nsiproxy.sys' Driver Local Denial of Service Vulnerability
4268| [47876] Web File Browser Arbitrary File Upload Vulnerability
4269| [47869] NoticeBoardPro SQL Injection and Arbitrary File Upload Vulnerabilities
4270| [47855] osCommerce 'banner_manager.php' Arbitrary File Upload Vulnerability
4271| [47805] Big Brother Arbitrary File Deletion Vulnerability and Arbitrary File Upload Vulnerability
4272| [47759] phpWebSite 'upload.php' Arbitrary File Upload Vulnerability
4273| [47757] Exponent CMS Local File Include and Arbitrary File Upload Vulnerabilities
4274| [47752] BlueFTP 'ProfUIS250m.dll' DLL Loading Arbitrary Code Execution Vulnerability
4275| [47751] FestOS 'upload.php' Arbitrary File Upload Vulnerability
4276| [47743] WP-DBManager Arbitrary File Download Vulnerability and Cross Site Request Forgery Vulnerability
4277| [47741] Multiple Microsoft Products DLL Loading Arbitrary Code Execution Vulnerability
4278| [47715] Tinyproxy 'conf.c' Integer Overflow Security Bypass Vulnerability
4279| [47709] WordPress '.phtml' Files Arbitrary File Upload Vulnerability
4280| [47701] SelectaPix 'uploadername' Parameter Cross Site Scripting Vulnerability
4281| [47689] WP-DBManager 'wp-config.php' Arbitrary File Download Vulnerability
4282| [47680] UDisks Kernel 'mount' Module Loading Security Vulnerability
4283| [47637] CMS Made Simple 'uploadview.php' Arbitrary File Upload Vulnerability
4284| [47636] ClanSphere Local File Include and Arbitrary File Upload Vulnerabilities
4285| [47624] libmodplug 'load_abc.cpp' Remote Stack Based Buffer Overflow Vulnerability
4286| [47591] Ariadne Multiple Arbitrary File Upload Vulnerabilities
4287| [47570] EasyPHP 'php5nsapi.dll' Loading Arbitrary Code Execution Vulnerability
4288| [47564] Xilisoft Video Converter Ultimate 'cmdProcess.dll' Loading Arbitrary Code Execution Vulnerability
4289| [47560] DynMedia Pro Web CMS 'downloadfile.php' Local File Disclosure Vulnerability
4290| [47508] PPLive TCP Port 9415 'tudouva.pac' Open Proxy Vulnerability
4291| [47487] Oracle Java System Access Manager Policy Agent CVE-2011-0846 Remote Web Proxy Agent Vulnerability
4292| [47406] SoftXMLCMS 'uploadfile1.asp' Arbitrary File Upload Vulnerability
4293| [47399] Joomla Component 'com_phocadownload' Local File Include Vulnerability
4294| [47379] cPassMan 'downloadfile.php' Arbitrary File Download Vulnerability
4295| [47358] Dotclear Media Manager Arbitrary File Upload Vulnerability
4296| [47349] EC Software Help & Manual 'ijl15.dll' DLL Loading Arbitrary Code Execution Vulnerability
4297| [47347] Open Text FirstClass Client 'FCP://' URI and DLL Loading Arbitrary Code Execution Vulnerabilities
4298| [47313] Joomla! Phoca Download Component Multiple SQL Injection Vulnerabilities
4299| [47309] eForum '/eforum.php' Arbitrary File Upload Vulnerability
4300| [47297] ManageEngine Applications Manager 'Upload.do' Arbitrary File Upload Vulnerability
4301| [47276] Tinyproxy ACL Security Bypass Vulnerability
4302| [47270] Simple Machines Forum Arbitrary File Upload Vulnerability
4303| [47259] WampServer 'index.php' Arbitrary File Download Vulnerability
4304| [47246] Microsoft Office Shared Component DLL Loading Arbitrary Code Execution Vulnerability
4305| [47199] Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
4306| [47195] PHPBoost 'gallery.php' Arbitrary File Upload Vulnerability
4307| [47145] EasyPHP 'index.php' Arbitrary File Download Vulnerability
4308| [47101] Virtual DJ 'schannel.dll' DLL Loading Arbitrary Code Execution Vulnerability
4309| [47090] BigACE Multiple Arbitrary File Upload Vulnerabilities
4310| [47075] jHTTPd Directory Traversal Vulnerability
4311| [47069] Toon Boom Studio 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4312| [47067] Ulead COOL 3D Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4313| [47057] Alkacon OpenCms HTTPOnly Cookie Flag Information Disclosure Weakness
4314| [47056] Linux Kernel Generic Receive Offload (GRO) Local Denial of Service Vulnerability
4315| [47049] Feng Office Arbitrary File Upload and Cross Site Scripting Vulnerabilities
4316| [47031] Google Picasa Insecure Library Loading Arbitrary Code Execution Vulnerability
4317| [47011] Constructr CMS Arbitrary File Upload Vulnerability
4318| [47002] PHP-Nuke 'HTTP_REFERER' Header Cross Site Request Forgery Vulnerability
4319| [46979] Immunity Debugger HTTP Request Buffer Overflow Vulnerability
4320| [46974] Apache HttpComponents 'HttpClient' Information Disclosure Vulnerability
4321| [46956] Kleophatra 'users.php' Arbitrary File Upload Vulnerability
4322| [46955] Phpbuddies 'index.php' Arbitrary File Upload Vulnerability
4323| [46949] CMS Balitbang Multiple Arbitrary File Upload Vulnerabilities
4324| [46927] Douran Portal 'download.aspx' Arbitrary File Download Vulnerability
4325| [46915] CMS Lokomedia 'downlot.php' Arbitrary File Download Vulnerability
4326| [46907] Progea Movicon 'TCPUploadServer.exe' Security Bypass Vulnerability
4327| [46905] Sybase OneBridge Server and DMZ Proxy Format String Vulnerability
4328| [46891] TIBCO tibbr 'HTTP Request' Cross Site Scripting Vulnerability
4329| [46880] nostromo nhttpd Directory Traversal Remote Command Execution Vulnerability
4330| [46857] SAP GUI DLL Loading Arbitrary Code Execution Vulnerability
4331| [46827] Air Contacts Lite HTTP Packet Denial Of Service Vulnerability
4332| [46774] WS Interactive Automne 'admin/upload-controler.php' Remote Arbitrary File Upload Vulnerability
4333| [46760] PBlogEX Arbitrary File Upload and Authentication Bypass Vulnerabilities
4334| [46755] Hiawatha HTTP Header Processing Denial Of Service Vulnerability
4335| [46682] Microsoft DirectShow DLL Loading Arbitrary Code Execution Vulnerability
4336| [46678] Microsoft Remote Desktop Connection Client DLL Loading Arbitrary Code Execution Vulnerability
4337| [46541] Python CGIHTTPServer Module Information Disclosure Vulnerability
4338| [46538] Cisco Secure Desktop ActiveX Control (CVE-2011-0925) Arbitrary File Download Vulnerability
4339| [46536] Cisco Secure Desktop ActiveX Control Executable File Arbitrary File Download Vulnerability
4340| [46532] Bo-Blog SQL Injection and Arbitrary File Upload Vulnerabilities
4341| [46516] Multiple Cisco TelePresence Products Arbitrary File Upload Vulnerability
4342| [46499] ProQuiz 'functions.php' Arbitrary File Upload Vulnerability
4343| [46475] Joomla! JCE Component Arbitrary File Upload Vulnerability
4344| [46459] Icy Phoenix HTTP Referrer Header HTML Injection Vulnerability
4345| [46441] PHP-Nuke 'Downloads' Module SQL Injection Vulnerability
4346| [46430] WordPress User Photo 'user-photo.php' Arbitrary File Upload Vulnerability
4347| [46427] GetSimple CMS 'admin/upload-ajax.php' Remote Arbitrary File Upload Vulnerability
4348| [46423] Ruby on Rails 'WEBrick::HTTPRequest' Module HTTP Header Injection Vulnerability
4349| [46388] Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
4350| [46374] A1 Website Download 'fwpuclnt.dll' DLL Loading Arbitrary Code Execution Vulnerability
4351| [46341] webERP 'InputSerialItemsFile.php' Arbitrary File Upload Vulnerability
4352| [46308] IDA Pro Mach-O loader Buffer Overflow Vulnerability
4353| [46286] WordPress Enable Media Replace Plugin SQL Injection and Arbitrary File Upload Vulnerabilities
4354| [46255] Adobe Acrobat and Reader CVE-2011-0570 DLL Loading Arbitrary Code Execution Vulnerability
4355| [46254] Adobe Acrobat and Reader CVE-2011-0588 DLL Loading Arbitrary Code Execution Vulnerability
4356| [46252] Adobe Acrobat and Reader CVE-2011-0562 DLL Loading Arbitrary Code Execution Vulnerability
4357| [46240] Media Player Classic 'iacenc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4358| [46239] Cain & Abel 'dagc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4359| [46197] Adobe Flash Player CVE-2011-0575 DLL Loading Arbitrary Code Execution Vulnerability
4360| [46176] JAKCMS 'User-Agent' HTTP Header HTML Injection Vulnerability
4361| [46159] Microsoft Internet Explorer DLL Loading Arbitrary Code Execution Vulnerability
4362| [46109] Xinha Multiple Remote Arbitrary File Upload Vulnerabilities
4363| [46058] SDP Downloader 'Content-Type' Header Remote Buffer Overflow Vulnerability
4364| [46054] Weborf 'get_param_value()' Function HTTP Header Handling Denial Of Service Vulnerability
4365| [46010] WordPress ImageManager Plugin 'manager.php' Arbitrary File Upload Vulnerability
4366| [46002] WordPress Recip.ly 'uploadImage.php' Arbitrary File Upload Vulnerability
4367| [45985] ActiveWeb Professional Arbitrary File Upload Vulnerability
4368| [45984] WordPress Uploader Plugin 'num' Parameter Cross Site Scripting Vulnerability
4369| [45964] Gallery Arbitrary File Upload Vulnerability
4370| [45945] Lunascape DLL Loading Arbitrary Code Execution Vulnerability
4371| [45939] DATEV Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4372| [45933] PHPCMS 'flash_upload.php' SQL Injection Vulnerability
4373| [45916] MyProxy SSL Certificate Validation Security Bypass Vulnerability
4374| [45848] Oracle Fusion Middleware CVE-2010-4455 Remote Oracle HTTP Server Vulnerability
4375| [45799] LifeType HTTP 'Referer' Header Cross Site Scripting Vulnerability
4376| [45794] Contao 'X_FORWARDED_FOR' HTTP Header Arbitrary Script Injection Vulnerability
4377| [45792] HP LoadRunner 'magentproc.exe' Remote Code Execution Vulnerability
4378| [45782] Joomla! Easy File Uploader Module Arbitrary File Upload Vulnerability
4379| [45689] Quick Notes Plus Multiple DLL Loading Arbitrary Code Execution Vulnerability
4380| [45685] concrete5 'index.php' Arbitrary File Upload and HTML Injection Vulnerabilities
4381| [45675] Ace Video Workshop 'ir50_lcs.dll' DLL Loading Arbitrary Code Execution Vulnerability
4382| [45657] ImgBurn 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4383| [45651] Joomla! 'com_jotloader' Component 'section' Parameter Directory Traversal Vulnerability
4384| [45629] Linux Kernel 'load_mixer_volumes()' Multiple Vulnerabilities
4385| [45619] News Script PHP 'fckeditor' Arbitrary File Upload Vulnerability
4386| [45602] Mongoose 'Content-Length' HTTP Header Remote Denial Of Service Vulnerability
4387| [45599] httpdASM Directory Traversal Vulnerability
4388| [45584] SocialEngine Music Sharing Plugin Arbitrary File Upload Vulnerability
4389| [45573] HttpBlitz Server HTTP Request Remote Denial of Service Vulnerability
4390| [45550] Social Share 'vote.php' HTTP Response Splitting Vulnerability
4391| [45549] Ecava IntegraXor 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4392| [45525] S9Y Serendipity 'manager.php' Arbitrary File Upload Vulnerability
4393| [45494] MH Download Center Multiple SQL Injection Vulnerabilities
4394| [45492] Adobe Photoshop DLL Loading Arbitrary Code Execution Vulnerability
4395| [45483] CubeCart Arbitrary File Upload Vulnerability
4396| [45474] MHP Downloadshop 'view_item.php' SQL Injection Vulnerability
4397| [45471] AttacheCase DLL Loading Arbitrary Code Execution Vulnerability
4398| [45404] Microsoft Windows Remote Access Phonebook Executable Loading Arbitrary Code Execution Vulnerability
4399| [45354] Mozilla Firefox and SeaMonkey Firebug 'XMLHttpRequestSpy' Chrome Privilege Escalation Vulnerability
4400| [45313] JE Messenger 'compose.php' Arbitrary File Upload Vulnerability
4401| [45309] Allegro RomPager UPnP HTTP Request Remote Denial of Service Vulnerability.
4402| [45295] Microsoft Windows BranchCache DLL Loading Arbitrary Code Execution Vulnerability
4403| [45269] Microsoft Windows Kernel NDProxy Local Privilege Escalation Vulnerability
4404| [45265] WWWThreads 'reputation.php' HTTP Response Splitting Vulnerability
4405| [45251] Raven 'register.asp' Arbitrary File Upload Vulnerability
4406| [45248] Altova MapForce 2011 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4407| [45210] AWStats Unspecified 'LoadPlugin' Directory Traversal Vulnerability
4408| [45209] SOOP Portal 'assetman3.asp' Arbitrary File Upload Vulnerability
4409| [45207] Altova Diffdog 2011 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4410| [45205] Altova DatabaseSpy 2011 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4411| [45199] WebEx Meeting Manager WebexUCFObject ActiveX DLL Loading Arbitrary Code Execution Vulnerability
4412| [45198] Intel Threading Building Blocks 'tbbmalloc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4413| [45196] Adobe Pixel Bender Toolkit 'd3d10.dll' DLL Loading Arbitrary Code Execution Vulnerability
4414| [45195] Adobe Device Central DLL Loading Arbitrary Code Execution Vulnerabilities
4415| [45191] WaveMax Sound Editor 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4416| [45171] Kindle for PC 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4417| [45144] Perl CGI-Simple 'multipart/x-mixed-replace' MIME Boundary HTTP Response Splitting Vulnerability
4418| [45136] Digitalus CMS 'config.php' Arbitrary File Upload Vulnerability
4419| [45129] OsCSS 'categories.php' Arbitrary File Upload Vulnerability
4420| [45111] Duhok Forum Multiple Remote Arbitrary File Upload Vulnerabilities
4421| [45103] Orbis CMS 'fileman_file_upload.php' Arbitrary File Upload Vulnerability
4422| [45085] Lightweight Rich Text Editor Plugin for jQuery 'uploader.php' Arbitrary File Upload Vulnerability
4423| [45083] AOL Instant Messenger 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4424| [45082] Google Desktop 'schannel.dll' DLL Loading Arbitrary Code Execution Vulnerability
4425| [45080] McAfee VirusScan Enterprise 'traceapp.dll' DLL Loading Arbitrary Code Execution Vulnerability
4426| [45078] MemHT Portal User-Agent HTTP Header HTML Injection Vulnerability
4427| [45044] ImageMagick 'configure.c' Configuration File Loading Local Privilege Escalation Vulnerability
4428| [45017] Acidcat CMS Arbitrary File Upload Vulnerability
4429| [45013] JCMS 'downfile.jsp' Arbitrary File Download Vulnerabilities
4430| [44998] Free Simple Software 'download_id' SQL Injection Vulnerability
4431| [44995] osCommerce 'categories.php' Arbitrary File Upload Vulnerability
4432| [44989] Native Instruments Multiple Products DLL Loading Arbitrary Code Execution Vulnerability
4433| [44917] SystemTap 'Staprun' Module Unloading Local Denial of Service Vulnerability
4434| [44911] Sitefinity ASP.NET CMS Arbitrary File Upload Vulnerability
4435| [44892] Perl CGI.pm 'multipart/x-mixed-replace' MIME Boundary HTTP Response Splitting Vulnerability
4436| [44850] EasyJobPortal 'jobseeker_document.php' Arbitrary File Upload Vulnerability
4437| [44810] Mono 'loader.c' Library Loading Local Privilege Escalation Vulnerability
4438| [44728] FL Studio Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4439| [44726] Silo 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4440| [44717] Acoustica 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4441| [44708] WordPress DB Toolkit 'uploadify.php' Arbitrary File Upload Vulnerability
4442| [44671] Adobe Flash Player DLL Loading Arbitrary Code Execution Vulnerability
4443| [44629] NetSupport Manager Gateway HTTP Protocol Information disclosure vulnerability
4444| [44621] eLouai's Force Download Script 'force-download.php' Arbitrary File Download Vulnerability
4445| [44600] Sybase Advantage Data Architect DLL Loading Arbitrary Code Execution Vulnerability
4446| [44594] Douran Portal Arbitrary File Upload and Cross Site Scripting Vulnerabilities
4447| [44588] GVim DLL Loading Arbitrary Code Execution Vulnerability
4448| [44583] HP Insight Control Performance Management CVE-2010-4100 Arbitrary File Download Vulnerability
4449| [44572] ACDSee Canvas DLL Loading Arbitrary Code Execution Vulnerability
4450| [44566] IBM Tivoli Directory Server Proxy Server Use-After-Free Denial of Service Vulnerability
4451| [44559] Joomla! 'com_jfuploader' Arbitrary File Upload Vulnerability
4452| [44546] Webradev Download Protect 'GLOBALS[RootPath]' Parameter Multiple Remote File Include Vulnerabilities
4453| [44542] HP Insight Recovery Arbitrary File Download Vulnerability
4454| [44541] Microsoft Data Access Objects (DAO) 'dao360.dll' DLL Loading Arbitrary Code Execution Vulnerability
4455| [44540] Active! Mail HTTP Header Injection Vulnerability
4456| [44532] HP Insight Managed System Setup Wizard Arbitrary File Download Vulnerability
4457| [44526] eZoneScripts Hot or Not Script 'upload_banners.php' Arbitrary File Upload Vulnerability
4458| [44506] Weborf HTTP Request Denial Of Service Vulnerability
4459| [44487] HP LoadRunner Web Tours Unspecified Denial of Service Vulnerability
4460| [44480] Internet Download Manager 'Schannel.dll' DLL Loading Arbitrary Code Execution Vulnerability
4461| [44477] Orbit Downloader 'schannel.dll' DLL Loading Arbitrary Code Execution Vulnerability
4462| [44474] ACDSee Photo Manager DLL Loading Arbitrary Code Execution Vulnerability
4463| [44472] Nessus 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4464| [44469] FlipAlbum Vista Pro 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4465| [44439] httpdx FTP Server Multiple Directory Traversal Vulnerabilities
4466| [44428] HP Virtual Server Environment Arbitrary File Download Vulnerability
4467| [44414] Microsoft Windows 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution Vulnerability
4468| [44395] Festival Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
4469| [44394] AutoPlay Media Studio 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4470| [44391] Headlight Software GetRight 'SvcTagLib.dll' DLL Loading Arbitrary Code Execution Vulnerability
4471| [44389] Wondershare DVD Slideshow Builder 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4472| [44387] Wondershare Flash Gallery Factory 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4473| [44386] Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerability
4474| [44385] Blue Coat ProxyAV Multiple Cross Site Request Forgery Vulnerabilities
4475| [44328] Sleipnir Binary Loading Arbitrary Code Execution Vulnerability
4476| [44327] YokkaSoft Multiple Products Executable Loading Arbitrary Code Execution Vulnerability
4477| [44326] HP Virtual Connect Enterprise Manager Arbitrary File Download Vulnerability
4478| [44302] RealPage Module Upload ActiveX Control Multiple Vulnerabilities
4479| [44286] TeraPad 'atoklib.dll' DLL Loading Arbitrary Code Execution Vulnerability
4480| [44284] Apsaly Executable Loading Arbitrary Code Execution Vulnerability
4481| [44257] Explzh Executable Loading Arbitrary Code Execution Vulnerability
4482| [44250] Mozilla Firefox SeaMonkey and Thunderbird DLL Loading Arbitrary Code Execution Vulnerability
4483| [44244] Archive Decoder 'explorer.exe' Executable Loading Arbitrary Code Execution Vulnerability
4484| [44205] Cool iPhone Ringtone Maker 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4485| [44198] Phoenix Project Manager DLL Loading Arbitrary Code Execution Vulnerability
4486| [44194] Free 3GP Video Converter 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability
4487| [44193] PowerDVD 'trigger.dll' DLL Loading Arbitrary Code Execution Vulnerability
4488| [44178] Sahar Money Manager 'unicows.dll' DLL Loading Arbitrary Code Execution Vulnerability
4489| [44177] Holoo Multiple DLL Loading Arbitrary Code Execution Vulnerability
4490| [44171] Accounting Pro 2003 Multiple DLL Loading Arbitrary Code Execution Vulnerability
4491| [44170] Xilisoft Video Converter Multiple DLL Loading Arbitrary Code Execution Vulnerability
4492| [44164] OpenConnect HTTP Status Code Remote Denial of Service Vulnerability
4493| [44163] 1CLICK DVD Converter Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4494| [44162] PCDJ Karaoki 'saMon2.exe' Executable Loading Arbitrary Code Execution Vulnerability
4495| [44161] Audiotool Ease Jukebox 'wmaudsdk.dll' DLL Loading Arbitrary Code Execution Vulnerability
4496| [44157] Windows Server 2008 Color Control Panel DLL Loading Arbitrary Code Execution Vulnerability
4497| [44156] Blue Coat ProxySG Content Filtering Security Bypass Vulnerability
4498| [44141] httpdx dot Character Remote File Disclosure Vulnerability
4499| [44132] K2Editor DLL Loading Arbitrary Code Execution Vulnerability
4500| [44129] MEO Encryption Software 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4501| [44128] STDU Explorer 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4502| [44127] KCFinder Project Arbitrary File Upload Vulnerability
4503| [44125] XacRett 'explorer.exe' Executable Loading Arbitrary Code Execution Vulnerability
4504| [44121] The Uploader 'download_checker.php' Directory Traversal Vulnerability
4505| [44119] httpdx 'tolog' Function Multiple Remote Format String Vulnerabilities
4506| [44110] Resell Scripts Data/File Upload and Management Arbitrary File Upload Vulnerability
4507| [44106] Ardour 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
4508| [44098] HP Systems Insight Manager Arbitrary File Download Vulnerability
4509| [44086] curl 'Content-Disposition' HTTP Header Arbitrary File Overwrite Vulnerability
4510| [44054] Torrent DVD Creator 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability
4511| [44052] Notepad++ 'libtidy.dll' DLL Loading Arbitrary Code Execution Vulnerability
4512| [44051] e2eSoft VCam DLL Loading Arbitrary Code Execution Vulnerability
4513| [44027] Oracle Java SE and Java for Business CVE-2010-3549 HTTP Response Splitting Vulnerability
4514| [43962] Oracle Fusion Middleware CVE-2010-2413 BI Publisher HTTP Response Splitting Vulnerability
4515| [43925] DiskPulse Server 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4516| [43922] Lhasa 'explorer.exe' Executable Loading Arbitrary Code Execution Vulnerability
4517| [43921] Lhaplus '7-ZIP32.DLL' DLL Loading Arbitrary Code Execution Vulnerability
4518| [43914] Microsoft Visio 'mfc80esn.dll' DLL Loading Arbitrary Code Execution Vulnerability
4519| [43913] NetStumbler 'mfc71esn.dll' DLL Loading Arbitrary Code Execution Vulnerability
4520| [43912] IsoBuster 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4521| [43911] Adobe Dreamweaver CS4 'mfc80esn.dll' DLL Loading Arbitrary Code Execution Vulnerability
4522| [43878] Gravy Media Photo Host 'forcedownload.php' Local File Disclosure Vulnerability
4523| [43873] Joomla Community Builder Enhenced Local File Include and Arbitrary File Upload Vulnerabilities
4524| [43863] Dupehunter Professional 'Fwpuclnt.dll' DLL Loading Arbitrary Code Execution Vulnerability
4525| [43859] Feindura File Manager Arbitrary File Upload Vulnerability
4526| [43853] PC4arb pc4uploader 'file' Parameter Local File Disclosure Vulnerability
4527| [43830] Visual Synapse HTTP Server Directory Directory Traversal Vulnerability
4528| [43790] DeDeCMS 'uploads_edit.php' Arbitrary File Upload Vulnerability
4529| [43728] LFTP 'Content-Disposition' HTTP Header Arbitrary File Overwrite Vulnerability
4530| [43675] Blue Coat ProxySG Unspecified Cross Site Scripting Vulnerability
4531| [43672] Qt Creator Insecure Library Loading Arbitrary Code Execution Vulnerability
4532| [43635] Novell iManager 'getMultiPartParameters()' Arbitrary File Upload Vulnerability
4533| [43629] Joomla! JomSocial Component Arbitrary File Upload Vulnerability
4534| [43625] PHP AdminPanel 'download.php' Directory Traversal Vulnerability
4535| [43585] phpCAS Proxy Mode Multiple Security Vulnerabilities
4536| [43583] Traidnt UP 'upload.php' Information Disclosure Vulnerability
4537| [43567] Admin News Tools 'download.php' Remote File Download Vulnerability
4538| [43540] AtomatiCMS 'fckeditor' Multiple Arbitrary File Upload Vulnerabilities
4539| [43539] Nero DLL Loading Arbitrary Code Execution Vulnerability
4540| [43538] Digital Music Pad DLL Loading Arbitrary Code Execution Vulnerability
4541| [43534] Alien Arena 'download' Command Denial of Service Vulnerability
4542| [43533] Siemens SIMATIC Manager Step7 Project Folder DLL Loading Arbitrary Code Execution Vulnerability
4543| [43512] LINDO Systems LINGO Multiple Insecure Library Loading Arbitrary Code Execution Vulnerabilities
4544| [43509] TuneUp Utilities DLL Loading Arbitrary Code Execution Vulnerability
4545| [43506] VirIT eXplorer 'tg-scan.dll' DLL Loading Arbitrary Code Execution Vulnerability
4546| [43492] powerUpload Insecure Cookie Authentication Bypass Vulnerability
4547| [43489] Proxy List Script 'index.php' Cross Site Scripting Vulnerability
4548| [43468] Prof-UIS DLL Loading Arbitrary Code Execution Vulnerability
4549| [43467] Gromada Multimedia Conversion Library DLL Loading Arbitrary Code Execution Vulnerability
4550| [43454] FreePBX System Recordings Menu Arbitrary File Upload Vulnerability
4551| [43427] gmail-lite Arbitrary File Upload Vulnerability
4552| [43417] Sothink SWF Decompiler 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4553| [43416] Easy Office Recovery 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4554| [43414] GreenBrowser 'RSRC32.DLL' DLL Loading Arbitrary Code Execution Vulnerability
4555| [43390] Cisco IOS SSL VPN HTTP Redirect Memory Leak Remote Denial of Service Vulnerability
4556| [43387] Agrin All DVD Ripper 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4557| [43379] In-Portal Arbitrary File Upload Vulnerability
4558| [43365] PHPSugar PHP Melody 'upload_avatar.php' Arbitrary File Upload Vulnerability
4559| [43363] Qt 'QtCore.dll' DLL Loading Arbitrary Code Execution Vulnerability
4560| [43357] Personal.Net Portal Arbitrary File Upload and HTML Injection Vulnerabilities
4561| [43332] SWiSH Max3 DLL Loading Arbitrary Code Execution Vulnerability
4562| [43328] Fotobook Editor 'Fwpuclnt.dll' DLL Loading Arbitrary Code Execution Vulnerability
4563| [43325] OpenCart 'fckeditor' Arbitrary File Upload Vulnerability
4564| [43308] Ultrize TimeSheet 'downloadFile.php' Directory Traversal Vulnerability
4565| [43269] HP System Management Homepage Unspecified HTTP Response Splitting Vulnerability
4566| [43263] chillyCMS Arbitrary File Upload Vulnerability
4567| [43203] Joomla! Mosets Tree Component Arbitrary File Upload Vulnerability
4568| [43200] gDoc Fusion Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4569| [43199] Nitro PDF Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
4570| [43198] E-PRESS ONE Multiple DLL Loading Arbitrary Code Execution Vulnerability
4571| [43196] ESTsoft ALShow Multiple DLL Loading Arbitrary Code Execution Vulnerability
4572| [43195] SoMud 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4573| [43194] ESTsoft ALSee 'patchani.dll' DLL Loading Arbitrary Code Execution Vulnerability
4574| [43193] Luftguitar CMS 'ftb.imagegallery.aspx' Arbitrary File Upload Vulnerability
4575| [43192] ESTsoft ALZip Multiple DLL Loading Arbitrary Code Execution Vulnerability
4576| [43191] osDate 'uploadvideos.php' Arbitrary File Upload Vulnerability
4577| [43190] RETIRED: Apple Quicktime Player Multiple DLL Loading Arbitrary Code Execution Vulnerability
4578| [43189] Microsoft Visual C++ 2008 Redistributable Package DLL Loading Arbitrary Code Execution Vulnerability
4579| [43186] Adobe LiveCycle ES DLL Loading Arbitrary Code Execution Vulnerability
4580| [43185] Sorax Software Sorax Reader 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4581| [43184] Nuance PDF Reader 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4582| [43183] IDM Computer Solutions UltraEdit 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4583| [43181] Kingsoft Office 'plgpf.dll' DLL Loading Arbitrary Code Execution Vulnerability
4584| [43179] NCP Secure Entry Client DLL Loading Arbitrary Code Execution Vulnerabilities
4585| [43172] Celframe Office Suite DLL Loading Arbitrary Code Execution Vulnerability
4586| [43170] IBM Lotus Symphony 'eclipse_1114.dll' DLL Loading Arbitrary Code Execution Vulnerability
4587| [43141] AradBlog Security Bypass and Arbitrary File Upload Vulnerabilities
4588| [43139] BlackBerry Desktop Software DLL Loading Arbitrary Code Execution Vulnerability
4589| [43137] Intuit QuickBooks DLL Loading Arbitrary Code Execution Vulnerability
4590| [43133] RETIRED: ES Simple Download 'download.php' Local File Disclosure Vulnerability
4591| [43130] snom VoIP Phone Web Interface HTTP Request Authentication Bypass Vulnerability
4592| [43127] RETIRED: phplemon MyWeight 'user_photo.php' Arbitrary File Upload Vulnerability
4593| [43124] EnergyScripts ES Simple Download 'file' Parameter Local File Include Vulnerability
4594| [43123] Thomson SpeedTouch 585 'user.ini' Arbitrary File Download Vulnerability
4595| [43104] Multiple Mozilla Products 'XMLHttpRequest' Cross Domain Information Disclosure Vulnerability
4596| [43086] phplemon MyWeight 'user_photo.php' Arbitrary File Upload Vulnerability
4597| [43065] Cisco Wireless LAN Controller HTTP Packet Denial of Service Vulnerability
4598| [43043] Integard Home and Pro 'password' Parameter HTTP POST Request Remote Buffer Overflow Vulnerability
4599| [43018] DynPage 'dynpage_load.php' Local File Disclosure Vulnerability
4600| [43016] Weborf HTTP 'modURL()' Function Directory Traversal Vulnerability
4601| [42994] InterPhoto Image Gallery Arbitrary File Upload and HTML Injection Vulnerabilities
4602| [42982] Squid Proxy String Processing NULL Pointer Dereference Denial Of Service Vulnerability
4603| [42980] IfNuke Arbitrary File Upload and HTML Injection Vulnerabilities
4604| [42962] QxDM 'mfc71enu.dll' DLL Loading Arbitrary Code Execution Vulnerability
4605| [42961] IZArc '.ztv7z.dll' DLL Loading Arbitrary Code Execution Vulnerability
4606| [42960] jetAudio 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4607| [42958] PhotoImpact Pro 'bwsconst.dll' DLL Loading Arbitrary Code Execution Vulnerability
4608| [42955] L0phtCrack 'mfc90.dll' DLL Loading Arbitrary Code Execution Vulnerability
4609| [42935] Pixia 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4610| [42931] Moovida Media Player 'libc.dll' and 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability
4611| [42929] StivaSoft Ticket Support Script 'ticket.php' Remote File Upload Vulnerability
4612| [42928] Agoko CMS 'editpage-2.php' Multiple Arbitrary File Upload Vulnerabilities
4613| [42918] Toolbar Uninstaller Arbitrary File Download Vulnerability
4614| [42915] Artlantis Studio Multiple DLL Loading Arbitrary Code Execution Vulnerability
4615| [42913] BS Contact 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4616| [42912] HTTrack 'httrack-plugin.dll' DLL Loading Arbitrary Code Execution Vulnerability
4617| [42910] IBM Lotus Notes Multiple DLL Loading Arbitrary Code Execution Vulnerability
4618| [42905] GFI Backup 'ArmAccess.dll' DLL Loading Arbitrary Code Execution Vulnerability
4619| [42903] MPLAB IDE 'mfc71enu.dll' DLL Loading Arbitrary Code Execution Vulnerability
4620| [42899] Pthreads-win32 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability
4621| [42893] KeePass 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4622| [42891] Techlogica HTTP Server Remote File Disclosure Vulnerability
4623| [42890] TortoiseSVN 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4624| [42889] Babylon 'besextension.dll' DLL Loading Arbitrary Code Execution Vulnerability
4625| [42886] httpdx 'h_readrequest()' Remote Format String Vulnerability
4626| [42884] Sophos Free Encryption 'pcrypt0406.dll' DLL Loading Arbitrary Code Execution Vulnerability
4627| [42871] WinImage 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4628| [42866] Kolibri+ HTTP GET Request Buffer Overflow Vulnerability
4629| [42861] Graffiti CMS Arbitrary File Upload Vulnerability
4630| [42858] PDF-XChange Viewer 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4631| [42857] Virtual DJ 'hdjapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4632| [42856] PGP Desktop DLL Loading Arbitrary Code Execution Vulnerability
4633| [42855] Microsoft Windows Media Encoder 9 DLL Loading Arbitrary Code Execution Vulnerability
4634| [42854] IBM Rational License Key Administrator DLL Loading Arbitrary Code Execution Vulnerability
4635| [42853] Microsoft Remote Desktop Protocol 'ieframe.dll' DLL Loading Arbitrary Code Execution Vulnerability
4636| [42852] Guidance Software EnCase 'rsaenh.dll' DLL Loading Arbitrary Code Execution Vulnerability
4637| [42851] Adobe Captivate 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4638| [42850] Forensic Toolkit 'MFC90DEU.DLL' DLL Loading Arbitrary Code Execution Vulnerability
4639| [42849] Internet Download Manager 'idmmkb.dll' DLL Loading Arbitrary Code Execution Vulnerability
4640| [42848] CDisplay 'trace32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4641| [42846] UltraVNC DLL Loading Arbitrary Code Execution Vulnerability
4642| [42832] Maxthon Browser 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4643| [42829] Notepad++ Multiple DLL Loading Arbitrary Code Execution Vulnerability
4644| [42828] QtWeb Browser 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4645| [42818] RETIRED: Microsoft Windows Mail 'wab32res.dll' DLL Loading Arbitrary Code Execution Vulnerability
4646| [42816] NetStumbler 'mfc71enu.dll' DLL Loading Arbitrary Code Execution Vulnerability
4647| [42815] MAGIX Music Studio 12 Deluxe 'playripla6.dll' DLL Loading Arbitrary Code Execution Vulnerability
4648| [42814] Gretech GOM Player 'schannel.dll' DLL Loading Arbitrary Code Execution Vulnerability
4649| [42813] Adobe Audition (Cool Edit Pro) Multiple DLL Loading Arbitrary Code Execution Vulnerability
4650| [42812] Microsoft Windows Live Messenger 'msgsres.dll' DLL Loading Arbitrary Code Execution Vulnerability
4651| [42811] Microsoft ATL/MFC Trace Tool 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4652| [42810] Dassault Systemes CATIA 'hzs_lm.dll' DLL Loading Arbitrary Code Execution Vulnerability
4653| [42809] Microsoft Visio 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4654| [42808] TFTPD32 'IPHLPAPI.DLL' DLL Loading Arbitrary Code Execution Vulnerability
4655| [42807] Adobe Flash Player 'schannel.dll' DLL Loading Arbitrary Code Execution Vulnerability
4656| [42805] DivX Plus Player DLL Loading Arbitrary Code Execution Vulnerability
4657| [42804] SiSoftware Sandra 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4658| [42803] Steam 'steamgamesupport.dll' DLL Loading Arbitrary Code Execution Vulnerability
4659| [42802] SMPlayer 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4660| [42800] Winmerge 'MFC71ESN.DLL' DLL Loading Arbitrary Code Execution Vulnerability
4661| [42799] Nokia PC Suite Applications 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4662| [42797] UltraISO Premium 'daemon.dll' DLL Loading Arbitrary Code Execution Vulnerability
4663| [42796] Real Networks RealPlayer SP 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4664| [42794] Joomla! 'com_remository' Component Arbitrary File Upload Vulnerability
4665| [42788] RETIRED: Camtasia Studio DLL Loading Arbitrary Code Execution Vulnerability
4666| [42787] Sony Sound Forge Pro 'MtxParhVegasPreview.dll' DLL Loading Arbitrary Code Execution Vulnerability
4667| [42786] ArchiCAD 'srcsrv.dll' DLL Loading Arbitrary Code Execution Vulnerability
4668| [42777] Anantasoft Gazelle CMS 'frmupload.html' Arbitrary File Upload Vulnerability
4669| [42774] Apple QuickTime Pictureviewer Multiple DLL Loading Arbitrary Code Execution Vulnerability
4670| [42772] Nero 'bcgpoleacc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4671| [42771] Real Networks RealPlayer SP 'rio500.dll' DLL Loading Arbitrary Code Execution Vulnerability
4672| [42770] PKZIP 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4673| [42769] Bentley Microstation Multiple DLL Loading Arbitrary Code Execution Vulnerability
4674| [42768] RETIRED: Mozilla SeaMonkey 'dwmapi.dll DLL Loading Arbitrary Code Execution Vulnerability
4675| [42765] Autodesk Design Review Multiple DLL Loading Arbitrary Code Execution Vulnerability
4676| [42763] Microsoft Windows Backup 'fveapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4677| [42762] Microsoft Windows Internet Communication Settings DLL Loading Arbitrary Code Execution Vulnerability
4678| [42760] Multiple CyberLink Products DLL Loading Arbitrary Code Execution Vulnerability
4679| [42759] Autodesk AutoCAD 'color.dll' DLL Loading Arbitrary Code Execution Vulnerability
4680| [42754] Camtasia Studio DLL Loading Arbitrary Code Execution Vulnerability
4681| [42753] Corel PHOTO-PAINT X3 'crlrib.dll' DLL Loading Arbitrary Code Execution Vulnerability
4682| [42752] DAEMON Tools Lite 'mfc80loc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4683| [42751] Google Earth 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability
4684| [42750] CorelDRAW X3 'crlrib.dll' DLL Loading Arbitrary Code Execution Vulnerability
4685| [42749] Adobe ExtendScript Toolkit CS5 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4686| [42747] Nullsoft Winamp 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4687| [42746] 010 Editor 'wintab32.dlll' DLL Loading Arbitrary Code Execution Vulnerability
4688| [42745] Adobe Extension Manager CS5 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4689| [42744] RETIRED: Mozilla Thunderbird 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4690| [42743] Roxio MyDVD 'HomeUtils9.dll' DLL Loading Arbitrary Code Execution Vulnerability
4691| [42742] Microsoft PowerPoint 2007 Multiple DLL Loading Arbitrary Code Execution Vulnerability
4692| [42738] NVIDIA nView 'nview.dll' DLL Loading Arbitrary Code Execution Vulnerability
4693| [42737] Bloodshed Dev-C++ Multiple EXE Loading Arbitrary Code Execution Vulnerability
4694| [42736] Wing FTP Server HTTP Request Denial Of Service Vulnerability
4695| [42735] Skype 'wab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4696| [42732] phpBugTracker SQL Injection and Arbitrary File Upload Vulnerabilities
4697| [42731] Microsoft Windows Contacts 'wab32res.dll' DLL Loading Arbitrary Code Execution Vulnerability
4698| [42730] Microsoft Windows Indeo Filter 'iacenc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4699| [42729] TechSmith Snagit 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4700| [42726] Cisco Packet Tracer 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4701| [42721] Adobe Premier Pro 'ibfs32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4702| [42719] Adobe OnLocation 'ibfs32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4703| [42718] Adobe InDesign 'ibfs32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4704| [42716] InterVideo WinDVD 'cpqdvd.dll' DLL Loading Arbitrary Code Execution Vulnerability
4705| [42715] Adobe Illustrator 'aires.dll' DLL Loading Arbitrary Code Execution Vulnerability
4706| [42714] Apple Safari 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4707| [42713] Microsoft Internet Connection Wizard DLL Loading Arbitrary Code Execution Vulnerability
4708| [42712] Roxio Creator DE 'homeutils9.dll' DLL Loading Arbitrary Code Execution Vulnerability
4709| [42709] Microsoft Windows BitLocker Drive Encryption DLL Loading Arbitrary Code Execution Vulnerability
4710| [42708] Roxio Photosuite 'homeutils9.dll' DLL Loading Arbitrary Code Execution Vulnerability
4711| [42707] VLC Media Player 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4712| [42706] Adobe Device Central CS5 'qtcf.dll' DLL Loading Arbitrary Code Execution Vulnerability
4713| [42705] Microsoft Windows Program Group Converter DLL Loading Arbitrary Code Execution Vulnerability
4714| [42704] ARC Logics TeamMate 'mfc71enu.dll' DLL Loading Arbitrary Code Execution Vulnerability
4715| [42697] Acunetix Web Vulnerability Scanner DLL Loading Arbitrary Code Execution Vulnerability
4716| [42695] Microsoft Groove 2007 'mso.dll' DLL Loading Arbitrary Code Execution Vulnerability
4717| [42694] Adobe Dreamweaver CS5 'mfc90loc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4718| [42693] Adobe Photoshop 'Wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4719| [42691] Avast! Antivirus 'mfc90loc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4720| [42690] Adobe Dreamweaver CS4 'ibfs32.dll' DLL Loading Arbitrary Code Execution Vulnerability
4721| [42688] BS.Player 'mfc71loc.dll' DLL Loading Arbitrary Code Execution Vulnerability
4722| [42687] TeamViewer 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4723| [42686] Adobe Photoshop 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4724| [42681] Microsoft Visio 2003 'mfc71enu.dll' DLL Loading Arbitrary Code Execution Vulnerability
4725| [42663] Opera 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4726| [42659] Microsoft Windows Movie Maker 'hhctrl.ocx' DLL Loading Arbitrary Code Execution Vulnerability
4727| [42654] Mozilla Firefox/Thunderbird/SeaMonkey dwmapi.dll DLL Loading Arbitrary Code Execution Vulnerability
4728| [42648] Microsoft Windows Address Book 'wab32res.dll' DLL Loading Arbitrary Code Execution Vulnerability
4729| [42634] Microsoft Windows Live Email 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
4730| [42632] uTorrent Multiple DLL Loading Arbitrary Code Execution Vulnerability
4731| [42630] Wireshark 'airpcap.dll' DLL Loading Arbitrary Code Execution Vulnerability
4732| [42628] Microsoft Office 'pptimpconv.dll' DLL Loading Arbitrary Code Execution Vulnerability
4733| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
4734| [42555] QuickDev 4 Php 'download.php' Directory Traversal Vulnerability
4735| [42554] InterPhoto Image Gallery Directory Traversal and Arbitrary File Upload Vulnerabilities
4736| [42541] Apple iTunes DLL Loading Arbitrary Code Execution Vulnerability
4737| [42531] Blue Coat ProxySG Read-Only-Administrator Security Bypass Vulnerability
4738| [42521] KesionCMS Arbitrary File Upload Vulnerability
4739| [42514] PHPCMS2008 'download.php' Information Disclosure Vulnerability
4740| [42495] Uploaderr 'upload.php' Arbitrary File Upload Vulnerability
4741| [42490] Blue Coat ProxySG Privilege Enforcement Remote Security Bypass Vulnerability
4742| [42468] KnowledgeTree 'KTUploadManager.inc.php' Security Bypass Vulnerability
4743| [42465] CMSQLite 'admin/mediaAdmin.php' Arbitrary File Upload Vulnerability
4744| [42378] Cisco ACE 4710 HTTP, RTSP, and SIP Inspection Denial of Service Vulnerability
4745| [42337] RADactive I-Load Multiple Security Vulnerabilities
4746| [42300] Microsoft XML Core Service Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability
4747| [42181] httpdx 'h_handlepeer()' Remote Buffer Overflow Vulnerability
4748| [42160] phpCAS CAS Proxy Mode Cross-Site Scripting Vulnerability
4749| [42153] D-Link WBR-2310 Web Server HTTP GET Request Remote Buffer Overflow Vulnerability
4750| [42104] Akamai Download Manager Arbitrary File Download Vulnerability
4751| [42090] NAS Uploader 'upload_multiple_js.php' Remote File Upload Vulnerability
4752| [42078] Lanai Core 'download.php' Directory Traversal Vulnerability
4753| [42055] WM Downloader '.m3u' File Buffer Overflow Vulnerability
4754| [42021] bozohttpd Security Bypass Vulnerability
4755| [41963] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
4756| [41956] OrzHTTPd Remote Format String Vulnerability
4757| [41910] ZEEWAYS ZeeMatri 'uploadsnaps.php' Arbitrary File Upload Vulnerability
4758| [41909] LILDBI 'uploader.php' Remote File Upload Vulnerability
4759| [41908] ZEEWAYS ZeeNetworking 'member_photo.php' Arbitrary File Upload Vulnerability
4760| [41886] EllisLab CodeIgniter 'Upload.php' Arbitrary File Upload Vulnerability
4761| [41844] MultipleFileUpload Arbitrary File Upload Vulnerability
4762| [41838] RapidLeech Arbitrary File Upload Vulnerability
4763| [41820] Uploaderr Arbitrary File Upload Vulnerability
4764| [41795] Novell Teaming 'ajaxUploadImageFile' Remote Code Execution Vulnerability
4765| [41783] BOLDfx eUploader 'admin.php' Multiple Remote Vulnerabilities
4766| [41707] Novell GroupWise WebAccess Proxy Feature Stack Buffer Overflow Vulnerability
4767| [41706] Novell GroupWise Agents HTTP Interfaces Multiple Cross Site Scripting Vulnerabilities
4768| [41705] Novell GroupWise Agents HTTP Interface HTTP Header Injection Vulnerability
4769| [41688] RETIRED: Uploadscript Remote File Upload and Information Disclosure Vulnerabilities
4770| [41671] F5 FirePass Pre-logon Pages Cross Site Scripting Vulnerability
4771| [41670] Element-IT Software Ultimate Uploader Arbitrary File Upload Vulnerability
4772| [41665] F5 FirePass Pre-Login Token Security Bypass Vulnerability
4773| [41618] Oracle Sun Java System Web Proxy Server CVE-2010-2385 Administration Server Remote Vulnerability
4774| [41569] CMS Made Simple Antz Toolkit Module Arbitrary File Upload Vulnerability
4775| [41564] CMS Made Simple Download Manager Module Arbitrary File Upload Vulnerability
4776| [41535] Joomla! 'com_mysms' Component Arbitrary File Upload Vulnerability
4777| [41528] The Uploader Remote File Upload Vulnerability
4778| [41492] Multiple Inout Applications Multiple Arbitrary File Upload Vulnerabilities
4779| [41489] PG Social Networking 'myprofile.php' Arbitrary File Upload Vulnerability
4780| [41473] Podcast Generator 'download.php' Directory Traversal Vulnerability
4781| [41452] MySimpleFileUploader Remote File Upload Vulnerability
4782| [41445] GiantIsland VideoIsland Remote File Upload Vulnerability
4783| [41441] PHP Uploader Downloader 'updown.php' Cross Site Scripting Vulnerability
4784| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
4785| [41418] kandalf upper 'upper.php' Arbitrary File Upload Vulnerability
4786| [41396] SocialABC NetworX Arbitrary File Upload and Cross Site Scripting Vulnerabilities
4787| [41351] Joomla! Front-End Article Manager System Component Arbitrary File Upload Vulnerability
4788| [41331] Dren's PHP Uploader 'index.php' Remote File Upload Vulnerability
4789| [41328] iScripts SocialWare 'photos.php' Arbitrary File Upload Vulnerability
4790| [41309] Wiki Web Help 'uploadimage.php' Arbitrary File Upload Vulnerability
4791| [41262] EA Battlefield 2 and Battlefield 2142 Multiple Arbitrary File Upload Vulnerabilities
4792| [41258] Joomla! CKForms Component SQL Injection and Arbitrary File Upload Vulnerabilities
4793| [41201] IDA Pro QNX File Loader Denial of Service Vulnerability
4794| [41180] RM Downloader '.m3u' File Buffer Overflow Vulnerability
4795| [41179] Speedy Arbitrary File Upload Vulnerability
4796| [41176] Bilder Upload Script Arbitrary File Upload Vulnerability
4797| [41160] Python Paste 'paste.httpexceptions' Multiple Cross Site Scripting Vulnerabilities
4798| [41159] Cisco Adaptive Security Response HTTP Response Splitting Vulnerability
4799| [41145] WM Downloader '.m3u' File Remote Stack Buffer Overflow Vulnerability
4800| [41133] Big Forum Local File Include and Arbitrary File Upload Vulnerabilities
4801| [41132] Cimy Counter for WordPress HTTP Response Splitting and Cross Site Scripting Vulnerabilities
4802| [41104] Multiple Image Upload Module For Drupal Security Bypass Vulnerability
4803| [41103] Mozilla Firefox/SeaMonkey Attachment With Content-Disposition HTTP Header Bypass Vulnerability
4804| [41081] IBM WebSphere Application Server 'mod_ibm_ssl' HTTP Request Remote Denial Of Service Vulnerability
4805| [41064] Weborf HTTP Header Processing Denial Of Service Vulnerability
4806| [41020] The Uploader 'download_launch.php' Directory Traversal Vulnerability
4807| [40994] Belitsoft E-portfolio Joomla! Component Arbitrary File Upload Vulnerability
4808| [40971] MarketSaz 'fckeditor' Arbitrary File Upload Vulnerability
4809| [40965] H264 WebCam HTTP Server Buffer Overflow Vulnerability
4810| [40954] Spring Framework 'class.classLoader' Code Injection Vulnerability
4811| [40950] Atlassian JIRA HTTPOnly Cookie Flag Information Disclosure Weakness
4812| [40931] Novell Access Manager Administration Console 'getEntry()' Arbitrary File Upload Vulnerability
4813| [40930] Splunk HTTP 'Referer' Header Cross Site Scripting Vulnerability
4814| [40921] Omid Samadbin Software Index Image Upload Remote Arbitrary File Upload Vulnerability
4815| [40857] QuickOffice Malformed HTTP Request Remote Denial Of Service Vulnerability
4816| [40834] Yamamah Photo Gallery 'download.php' Local File Disclosure Vulnerability
4817| [40752] WebKit HTTP URI Clipboard Information Disclosure Vulnerability
4818| [40750] WebKit HTTPS Redirect Information Disclosure Vulnerability
4819| [40732] WebKit HTTP Redirects Information Disclosure Vulnerability
4820| [40712] Bits Video Script Multiple Arbitrary File Upload Vulnerabilities
4821| [40700] BTS-GI Read Excel 'upload.php' Arbitrary File Upload Vulnerability
4822| [40640] Cobra Scripts Greeting Cards Remote Arbitrary File Upload Vulnerability
4823| [40611] Symantec Workspace Streaming Server Authentication Arbitrary File Download Vulnerability
4824| [40607] Ronnie Garcia uploadify Plugin for jQuery Remote File Upload Vulnerability
4825| [40575] Weborf HTTP Ranger Header Denial Of Service Vulnerability
4826| [40555] osCSS Remote File Upload Vulnerability
4827| [40511] TCExam 'admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload Vulnerability
4828| [40496] Kodak Gallery Easy Upload Manager ActiveX Control Unspecified Security Vulnerability
4829| [40489] EvoCam HTTP GET Request Buffer Overflow Vulnerability
4830| [40465] Websense 'Via' HTTP Header Web Filtering Security Bypass Vulnerability
4831| [40463] x10media Image Hosting Script 'create_image_gallery.php' Arbitrary File Upload Vulnerability
4832| [40456] osCommerce Online Merchant 'file_manager.php' Remote Arbitrary File Upload Vulnerability
4833| [40382] Cisco Network Building Mediator HTTP Communication Remote Information Disclosure Vulnerability
4834| [40358] TinyBrowser Remote File Upload Vulnerability
4835| [40353] Webby HTTP GET Request Buffer Overflow Vulnerability
4836| [40345] Simple:Press Plugin for WordPress Security Bypass and Arbitrary File Upload Vulnerabilities
4837| [40344] Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities
4838| [40341] DotNetNuke Remote Arbitrary File Upload Vulnerability
4839| [40295] Spaw Editor 'spawfm' Module Arbitrary File Upload Vulnerability
4840| [40275] Drupal download_count Module Cross Site Scripting Vulnerability
4841| [40254] Battle Scrypt 'upload.php' Remote Arbitrary File Upload Vulnerability
4842| [40245] Orbit Downloader Metalink File Directory Traversal Vulnerability
4843| [40227] NPDS Revolution 'download.php' Cross Site Scripting Vulnerability
4844| [40198] SimpleDownload Joomla! Component 'fileid' Parameter Information Disclosure Vulnerability
4845| [40192] SimpleDownload Joomla! Component 'controller' Parameter Local File Include Vulnerability
4846| [40162] SphereCMS 'downloads.php' SQL Injection Vulnerability
4847| [40159] PHP File Uploader Remote File Upload Vulnerability
4848| [40156] NPDS Revolution 'download.php' SQL Injection Vulnerability
4849| [40152] Free Download Manager Metalink File Directory Traversal Vulnerability
4850| [40146] Free Download Manager Multiple Remote Buffer Overflow Vulnerabilities
4851| [40132] Zervit HTTP Server Source Code Information Disclosure Vulnerability
4852| [40068] HP OpenView Network Node Manager (CVE-2010-1552) 'doLoad()' Remote Buffer Overflow Vulnerability
4853| [40062] gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
4854| [40033] Xinha Dynamic Configuration Arbitrary File Upload Vulnerability
4855| [40026] Joomla! 'com_articleman' Component Arbitrary File Upload Vulnerability
4856| [40025] Geo++ GNCASTER HTTP Digest Authentication Information Disclosure Vulnerability
4857| [40022] Geo++ GNCASTER HTTP Digest Authentication Nonce Regeneration Replay Security Bypass Vulnerability
4858| [40018] Geo++ GNCASTER HTTP Digest Authentication Bypass Vulnerability
4859| [40012] Basml Okul Scripti 'banneryukle.asp' Remote File Upload Vulnerability
4860| [40009] Geo++ GNCASTER HTTP GET Request Denial Of Service Vulnerability
4861| [40002] Cisco Application Control Engine (ACE) HTTP Parsing Security Weakness
4862| [39967] Multiple Lexmark Laser Printers HTTP 'Authorization' Header Remote Denial of Service Vulnerability
4863| [39965] HP LoadRunner Agent 'magnetproc.exe' Remote Code Execution Vulnerability
4864| [39957] GetSimple CMS 'download.php' Local File Include Vulnerability
4865| [39945] Limny Avatar Arbitrary File Upload Vulnerability
4866| [39888] CH-CMS.ch Multiple Arbitrary File Upload Vulnerabilities
4867| [39877] PHP 'php_dechunk()' HTTP Chunked Encoding Integer Overflow Vulnerability
4868| [39874] OpenTTD Map Download File Descriptor Consumption Remote Denial of Service Vulnerability
4869| [39870] CF Image Hosting Script 'upload.php' Arbitrary File Upload Vulnerability
4870| [39863] Woltlab Burning Board Arbitrary File Upload Vulnerability
4871| [39858] Joomla! DJ-Classifieds Component Arbitrary File Upload Vulnerability
4872| [39822] Internet Download Manager FTP Buffer Overflow Vulnerability
4873| [39809] Google Chrome prior to 4.1.249.1059 HTTP Request Unspecified Security Vulnerability
4874| [39793] TaskFreak! Tirzen Framework 'LoadByKey()' SQL Injection Vulnerability
4875| [39787] iScripts SocialWare Arbitrary File Upload and Cross Site Scripting Vulnerabilities
4876| [39781] WM Downloader '.asx' File Remote Stack Buffer Overflow Vulnerability
4877| [39764] Portaneo Open Source Homepage 'fckeditor' Arbitrary File Upload Vulnerability
4878| [39761] Zyke CMS 'admin/controlpanel.php' Arbitrary File Upload Vulnerability
4879| [39757] OneHTTPD Directory Traversal Vulnerability
4880| [39754] Joomla! JE Section/Property Finder Component Arbitrary File Upload Vulnerability
4881| [39753] Custom CMS Gaming Arbitrary File Upload and Cross Site Scripting Vulnerabilities
4882| [39748] WM Downloader '.pls' File Remote Stack Buffer Overflow Vulnerability
4883| [39744] Wing FTP Server HTTP Request Directory Traversal Vulnerability
4884| [39726] Webessence CMS SQL Injection and Arbitrary File Upload Vulnerabilities
4885| [39714] Auto-Img-Gallery 'upload.cgi' Multiple Cross-Site Scripting Vulnerabilities
4886| [39713] PostNuke modload Module 'sid' Parameter SQL Injection Vulnerability
4887| [39706] iNetScripts Arbitrary File Upload Vulnerability
4888| [39686] PHPegasus 'connectors/php/config.php' Remote File Upload Vulnerability
4889| [39674] Satellite-X 'admin/index.php' Arbitrary File Upload Vulnerability
4890| [39669] Google Chrome 'chrome://downloads' Cross Domain Scripting Vulnerability
4891| [39652] In-Portal 'config.php' Arbitrary File Upload Vulnerability
4892| [39638] Tembria Server Monitor HTTP Request Remote Buffer Overflow Vulnerability
4893| [39618] v2marketplacescript Arbitrary File Upload Vulnerability
4894| [39615] Adobe Download Manager 'gp.ocx' ActiveX Control Buffer Overflow Vulnerability
4895| [39596] Momche YUI Image Upload Script Arbitrary File Upload Vulnerability
4896| [39595] Uploader 0.7 Arbitrary File Upload Vulnerability
4897| [39590] HTTP 1.1 GET Request Directory Traversal Vulnerability
4898| [39568] Flex File Manager Arbitrary File Upload Vulnerability
4899| [39544] HTTP File Server Security Bypass and Denial of Service Vulnerabilities
4900| [39540] e107 Avatar/Photograph Arbitrary File Upload Vulnerability
4901| [39530] Ziggurat Farsi CMS Arbitrary File Upload Vulnerability
4902| [39478] Cisco Secure Desktop ActiveX Control Executable File Arbitrary File Download Vulnerability
4903| [39415] Vana CMS 'filename' Parameter Remote File Download Vulnerability
4904| [39365] Uiga Proxy 'template.php' Remote File Include Vulnerability
4905| [39362] MassMirror Uploader 'MM_ROOT_DIRECTORY' Parameter Multiple Remote File Include Vulnerabilities
4906| [39355] TYPO3 'autoloader' Remote File Include Vulnerability
4907| [39317] Pulse CMS Arbitrary File Upload Vulnerability
4908| [39296] velhost uploader script 'language' Parameter Local File Include Vulnerability
4909| [39294] vel File Uploader Remote File Upload Vulnerability
4910| [39289] Apple Mac OS X Wiki Server File Upload Security Bypass Vulnerability
4911| [39224] LionWiki Remote File Upload Vulnerability
4912| [39218] Free Image Hosting and Free File Hosting Remote File Upload Vulnerability
4913| [39182] uTorrent WebUI HTTP 'Authorization' Header Remote Denial of Service Vulnerability
4914| [39179] Musicbox 'up.php' Arbitrary File Upload Vulnerability
4915| [39124] Mozilla Firefox And SeaMonkey 'XMLHttpRequestSpy' Arbitrary Code Execution Vulnerability
4916| [39099] Snipe Gallery Arbitrary File Upload Vulnerability
4917| [39007] RETIRED: Simple Machines Forum Avatar Upload Arbitrary File Upload Vulnerability
4918| [38986] uHTTP Server GET Request Directory Traversal Vulnerability
4919| [38960] Interchange HTTP Response Splitting Vulnerability
4920| [38927] Mozilla Firefox Image Preloading Content-Policy Check Security Bypass Vulnerability
4921| [38920] Mozilla Firefox Asynchronous HTTP Authorization Prompt Information Disclosure Vulnerability
4922| [38875] Remote Help HTTP GET Request Format String Denial Of Service Vulnerability
4923| [38873] Wazzum Dating Software Arbitrary File Upload Vulnerabilities
4924| [38826] PHP-Nuke Downloads Module 'lid' Parameter SQL Injection Vulnerability
4925| [38744] Subdreamer CMS Image Gallery Remote File Upload Vulnerability
4926| [38741] Joomla! RokDownloads Component 'controller' Parameter Local File Include Vulnerability
4927| [38718] httpdx Multiple Remote Denial Of Service Vulnerabilities
4928| [38705] eZoneScripts Game Room Script Admin Upload Remote File Upload Vulnerability
4929| [38700] dl Download Ticket Service 'index.php' Cross Site Scripting Vulnerability
4930| [38670] lukeonweb.net MRW PHP Upload 'upload.html' Remote File Upload Vulnerability
4931| [38638] httpdx PNG File Handling Remote Denial of Service Vulnerability
4932| [38614] Php Toys Micro Upload 'microUpload.php' Remote File Upload Vulnerability
4933| [38610] wh-em.com upload Insecure Cookie Authentication Bypass Vulnerability
4934| [38600] TopDownloads MP3 Player '.mp3' File Remote Buffer Overflow Vulnerability
4935| [38527] DosyaYukle Scripti Remote File Upload Vulnerability
4936| [38491] Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
4937| [38488] RCA Digital Cable Modem DCM425 'micro_httpd' Remote Denial Of Service Vulnerability
4938| [38467] Linux Kernel KVM Segment Selector Loading Local Privilege Escalation Vulnerability
4939| [38450] SLAED CMS Remote File Upload Vulnerability
4940| [38443] Nemo Multiple File Attachments Mail Form 'upload.php' Arbitrary File Upload Vulnerability
4941| [38416] JSK Internet WebAdministrator 'download.php' SQL Injection Vulnerability
4942| [38406] PBoard 'upload/index.php' Remote File Upload Vulnerability
4943| [38400] PHP F1 Max's Photo Album 'admin.php' Arbitrary File Upload Vulnerability
4944| [38393] Linux Kernel TSB I-TLB Load Local Privilege Escalation Vulnerability
4945| [38370] WorkSimple 'uploader.php' Remote File Upload Vulnerability
4946| [38313] NOS getPlus Downloader Domain Validation Arbitrary File Download Vulnerability
4947| [38308] PortWise SSL VPN 'reloadFrame' Parameter Cross Site Scripting Vulnerability
4948| [38292] Drupal iTweak Upload Module HTML Injection Vulnerability
4949| [38242] httpdx 'MKD' Command Directory Traversal Vulnerability
4950| [38222] Symantec Client Proxy ActiveX Control Buffer Overflow Vulnerability
4951| [38212] Squid Web Proxy Cache HTCP Request Processing Remote Denial of Service Vulnerability
4952| [38173] Coppermine Photo Gallery 'upload.php' Cross Site Scripting Vulnerability
4953| [38169] Cisco IronPort Encryption Appliance HTTPS Server Unspecified Remote Code Execution Vulnerability
4954| [38143] JDownloader 'JDExternInterface.java' Remote Code Execution Vulnerability
4955| [38135] httpdx 'USER' Command Remote Format String Vulnerability
4956| [38128] odlican.net CMS 'upload.php' Arbitrary File Upload Vulnerability
4957| [38036] lighttpd Slow Request Handling Remote Denial Of Service Vulnerability
4958| [38021] C++ Sockets Library HTTP Headers Remote Denial Of Service Vulnerability
4959| [38008] Maian Greetings Arbitrary File Upload Vulnerability
4960| [37995] Sun Java System Application Server HTTP TRACE Information Disclosure Vulnerability
4961| [37940] boastMachine Arbitrary File Upload Vulnerability
4962| [37908] Windows Live Messenger ActiveX Control 'RichUploadControlContextData' Buffer Overflow Vulnerability
4963| [37902] cPanel and WHM 'failurl' Parameter HTTP Response Splitting Vulnerability
4964| [37860] XOOPS Arbitrary File Deletion and HTTP Header Injection Vulnerabilities
4965| [37840] Joomla! 'com_uploader' Component Arbitrary File Upload Vulnerability
4966| [37772] TYPO3 SB Folderdownload Unspecified Information Disclosure Vulnerability
4967| [37767] NetBSD VFS Filesystem Autoloading Local Denial of Service Vulnerability
4968| [37761] Adobe Reader and Acrobat DLL Loading in 3D Remote Code Execution Vulnerability
4969| [37714] Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability
4970| [37699] Sun Java System Directory Server 'core_get_proxyauth_dn' Denial of Service Vulnerability
4971| [37648] Sun Java System Web Server HTTP 'TRACE' Heap Buffer Overflow Vulnerability
4972| [37604] Joomla! 'com_cartikads' Component Arbitrary File Upload Vulnerability
4973| [37586] httpdx Space Character Remote File Disclosure Vulnerability
4974| [37549] phpYellow Arbitrary File Upload Vulnerability
4975| [37548] Run Digital Download Component for Joomla! Unspecified Unauthorized Access Vulnerability
4976| [37538] Joomla! 'com_rd_download' Component Directory Traversal Vulnerability
4977| [37533] Avatar Studio PHP-Fusion Module Local File Include and Arbitrary File Upload Vulnerabilities
4978| [37530] I-RATER Basic 'poza.php' Arbitrary File Upload Vulnerability
4979| [37512] Barbo91 'upload.php' Cross Site Scripting Vulnerability
4980| [37496] Memory Book Component for Joomla! SQL Injection and Arbitrary File Upload Vulnerabilities
4981| [37465] Kolab Groupware Server Image Upload Form Unspecified Vulnerability
4982| [37454] CoreHTTP CGI Support Remote Command Execution Vulnerability
4983| [37452] F5 BIG-IP ASM and PSM Remote Buffer Overflow Vulnerability
4984| [37446] ClarkConnect Linux 'proxy.php' Cross Site Scripting Vulnerability
4985| [37436] PHPPhotoalbum 'upload.php' Arbitrary File Upload Vulnerability
4986| [37424] Simplicity oF Upload 'upload.php' Arbitrary File Upload Vulnerability
4987| [37406] Celerondude Uploader 'index.php' Arbitrary File Upload Vulnerability
4988| [37382] IDevSpot PhpLinkExchange 'add_images.php' Arbitrary File Upload Vulnerability
4989| [37377] OSSIM 'repository_attachment.php' Arbitrary File Upload Vulnerability
4990| [37326] Google Chrome DNS Pre-Fetching Proxy Cache Information Disclosure Vulnerability
4991| [37320] DigitalHive 'base.php' Arbitrary File Upload Vulnerability
4992| [37314] Open Flash Chart 'ofc_upload_image.php' Remote PHP Code Execution Vulnerability
4993| [37307] Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability
4994| [37237] Corehttp 'src/http.c ' Buffer Overflow Vulnerability
4995| [37226] Polipo Malformed HTTP GET Request Memory Corruption Vulnerability
4996| [37224] LightNEasy fckeditor Arbitrary File Upload Vulnerability
4997| [37219] Achievo Document Types Section Arbitrary File Upload Vulnerability
4998| [37187] Photobox Uploader ActiveX Control URL Parsing Stack Buffer Overflow Vulnerability
4999| [37168] TYPO3 Simple download-system (kk_downloader) Unspecified Information Disclosure Vulnerability
5000| [37110] OpenX Arbitrary File Upload Vulnerability
5001| [37064] Xerver HTTP Response Splitting Vulnerability
5002| [37042] Novell eDirectory '/dhost/httpstk' Multiple Stack Buffer Overflow Vulnerabilities
5003| [37005] WordPress 'wp-admin/includes/file.php' Arbitrary File Upload Vulnerability
5004| [36996] WebKit Resource Load Callback Information Disclosure Weakness
5005| [36990] Apache HTTP TRACE Cross Site Scripting Vulnerability
5006| [36977] Apple Mac OS X Help Viewer Spoofed HTTP Response Remote Code Execution Vulnerability
5007| [36895] RhinoSoft Serv-U Web Client HTTP Request Remote Buffer Overflow Vulnerability
5008| [36867] Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
5009| [36856] Mozilla Firefox and SeaMonkey Proxy Auto-Configuration File Remote Code Execution Vulnerability
5010| [36852] Mozilla Firefox Download Manager World Writable File Local Privilege Escalation Vulnerability
5011| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
5012| [36817] Microsoft SharePoint Team Services Download Feature Source Code Information Disclosure Vulnerability
5013| [36802] MapServer HTTP Request Processing Integer Overflow Vulnerability
5014| [36656] Acritum Femitter Server HTTP Request Remote File Disclosure Vulnerability
5015| [36622] Microsoft Internet Explorer 'deflate' HTTP Content Encoding Remote Code Execution Vulnerability
5016| [36596] Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
5017| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
5018| [36431] Drupal Arbitrary File Upload and Session Fixation Vulnerabilities
5019| [36407] BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
5020| [36406] Belkin F5D7632-4V6 Wireless G Router Multiple Authentication Bypass Vulnerabilities
5021| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
5022| [36348] Nicecoder iDesk 'download.php' SQL Injection Vulnerability
5023| [36346] Symantec Altiris eXpress NS SC Download ActiveX Control Arbitrary File Download Vulnerability
5024| [36301] Novell eDirectory HTTP GET Request Unicode Strings Denial Of Service Vulnerability
5025| [36297] Ipswitch WS_FTP Professional HTTP Server Response Format String Vulnerability
5026| [36295] The Rat CMS 'admin/add_album.php' Arbitrary File Upload Vulnerability
5027| [36260] Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
5028| [36254] Apache mod_proxy_ftp Remote Command Injection Vulnerability
5029| [36199] VMware Studio Virtual Appliance Web Interface File Upload Directory Traversal Vulnerability
5030| [36197] MailEnable 'MEHTTPS.EXE' Stack-Based Buffer Overflow Vulnerability
5031| [36194] SILC Toolkit HTTP Server Format String Vulnerability
5032| [36180] PHP-Fusion 'Download System mSF' module SQL Injection Vulnerability
5033| [36174] OpenAutoClassifieds Arbitrary File Upload Vulnerability
5034| [36167] PHP-Fusion 'downloads.php' SQL Injection Vulnerability
5035| [36091] Squid Web Proxy Cache Authentication Header Parsing Remote Denial of Service Vulnerability
5036| [36074] ntop HTTP Basic Authentication NULL Pointer Dereference Denial Of Service Vulnerability
5037| [36045] Blue Coat ProxySG Proxy Authentication Bypass Vulnerability
5038| [36006] Papoo Upload Images Arbitrary File Upload Vulnerability
5039| [35943] Sun Java Runtime Environment Proxy Mechanism Implementation Privilege Escalation Vulnerabilities
5040| [35925] Mozilla Firefox SOCKS5 Proxy Response Denial of Service Vulnerability
5041| [35904] Adobe Flash Player and AIR Loader Object Heap Memory Corruption Vulnerability
5042| [35881] TYPO3 Myth download Extension Unspecified SQL Injection Vulnerability
5043| [35840] Apache HTTP Server HTTP-Basic Authentication Bypass Vulnerability
5044| [35825] Automatic Image Upload with Thumbnails for PunBB 'uploadimg.php' Arbitrary File Delete Vulnerability
5045| [35824] MODx Context Policy Loading Unspecified Vulnerability
5046| [35823] Automatic Image Upload with Thumbnails 'uploadimg_view.php' SQL Injection Vulnerability
5047| [35818] Cisco Wireless LAN Controller HTTP/HTTPS Denial of Service Vulnerability
5048| [35805] Cisco Wireless LAN Controller HTTP Authorization Denial of Service Vulnerability
5049| [35784] Joomla! 'com_joomloads' Component 'packageId' Parameter SQL Injection Vulnerability
5050| [35781] RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities
5051| [35780] Joomla! Remote File Upload Vulnerability And Information Disclosure Weakness
5052| [35778] Akamai Download Manager ActiveX Control Redswoosh Download Stack Buffer Overflow Vulnerability
5053| [35767] Mozilla Firefox Flash Player Unloading Remote Code Execution Vulnerability
5054| [35757] ZNC File Upload Directory Traversal Vulnerability
5055| [35740] NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability
5056| [35735] Crysis HTTP/XML-RPC Service Access Violation Remote Denial of Service Vulnerability
5057| [35701] Scriptsez Easy Image Downloader 'id' Parameter Cross Site Scripting Vulnerability
5058| [35688] Oracle Application Server CVE-2009-1976 Remote HTTP Server Vulnerability
5059| [35663] Hitachi Web Server Reverse Proxy Remote Denial of Service Vulnerability
5060| [35653] HP ProCurve Threat Management Services zl Module 'httpd' Denial of Service Vulnerability
5061| [35646] RunCMS 'upload.php' Arbitrary File Upload Vulnerability
5062| [35595] Winds3D Viewer 'GetURL()' Arbitrary File Download Vulnerability
5063| [35579] Ruby on Rails 'http_authentication.rb' Nil Credentials Authentication Bypass Vulnerability
5064| [35565] Apache 'mod_proxy' Remote Denial Of Service Vulnerability
5065| [35555] Apple Safari 'reload()' Denial of Service Vulnerability
5066| [35485] PinME! Joomla! Component Arbitrary File Upload Vulnerability
5067| [35462] Google Chrome HTTP Response Handling Remote Code Execution Vulnerability
5068| [35412] Multiple Browsers Web Proxy Redirect Handling Man In The Middle Vulnerability
5069| [35411] Multiple Browsers Cached Certificate HTTP Site Spoofing Vulnerability
5070| [35403] Multiple Browser HTTP Resource in HTTPS Context Security Bypass Vulnerability
5071| [35361] SugarCRM Email Attachment Arbitrary File Upload Vulnerability
5072| [35347] Apple Safari CFNetwork Downloaded Files Information Disclosure Vulnerability
5073| [35337] Serena Dimensions CM 'DOWNLOAD' Command Security Bypass Vulnerability
5074| [35315] WebKit JavaScript 'onload()' Event Cross Domain Scripting Vulnerability
5075| [35312] F5 Networks FirePass SSL VPN 'password' Field Cross-Site Scripting Vulnerability
5076| [35270] WebKit 'XMLHttpRequest' HTTP Response Splitting Vulnerability
5077| [35236] LogMeIn 'cfgadvanced.html' HTTP Header Injection Vulnerability
5078| [35222] Microsoft Internet Explorer XMLHttpRequest Uninitialized Memory Remote Code Execution Vulnerability
5079| [35217] Sun GlassFish Enterprise Server HTTP Engine/Admin Interface Local Denial of Service Vulnerability
5080| [35216] Hitachi Web Server Reverse Proxy Denial of Service Vulnerability
5081| [35204] Sun Java System Web Server Reverse Proxy Plug-in Cross-Site Scripting Vulnerability
5082| [35180] PHP-Nuke Downloads Module 'query' Parameter Cross Site Scripting Vulnerability
5083| [35177] AlstraSoft Article Manager Pro 'article/register.php' Remote File Upload Vulnerability
5084| [35155] eliteCMS Arbitrary File Upload and Cross Site Scripting Vulnerabilities
5085| [35097] Lighttpd Trailing Slash Information Disclosure Vulnerability
5086| [35078] ZaoCMS 'upload.php' Arbitrary File Upload Vulnerability
5087| [35058] Job Script 'mycv.php' Arbitrary File Upload Vulnerability
5088| [35047] CGI Rescue Web Mailer HTTP Header Injection Vulnerability
5089| [35039] DMXReady Registration Manager 'assetmanager.asp' Arbitrary File Upload Vulnerability
5090| [35026] Namad 'SecureDownloads.aspx' Arbitrary File Download Vulnerability
5091| [35024] VidsharePro Arbitrary File Upload Vulnerability
5092| [35006] httpdx Multiple Commands Remote Buffer Overflow Vulnerabilities
5093| [35004] Pc4Uploader 'code.php' SQL Injection Vulnerability
5094| [34995] Rama Zaiten CMS 'download.php' Local File Disclosure Vulnerability
5095| [34958] Apple Mac OS X CFNetwork HTTP Header Handling Heap Buffer Overflow Vulnerability
5096| [34929] Matt Wright FormMail HTTP Response Splitting and Cross Site Scripting Vulnerabilities
5097| [34913] openWYSIWYG 'addons/imagelibrary/insert_image.php' Arbitrary File Upload Vulnerability
5098| [34887] Battle Blog 'uploadform.asp' Arbitrary File Upload Vulnerability
5099| [34813] eLitius Arbitrary File Upload and Authentication Bypass Vulnerabilities
5100| [34794] RM Downloader '.smi' File Buffer Overflow Vulnerability
5101| [34789] BaoFeng Storm ActiveX Control 'OnBeforeVideoDownload()' Buffer Overflow Vulnerability
5102| [34773] Zubrag Smart File Download 'download.php' File Download Security Bypass Vulnerability
5103| [34747] libmodplug 'load_pat.c' Remote Buffer Overflow Vulnerability
5104| [34712] SDP Downloader 'ASX' File Heap Buffer Overflow Vulnerability
5105| [34681] Xitami HTTP Server Multiple Socket HEAD Request Remote Denial Of Service Vulnerability
5106| [34679] Elkagroup Image Gallery 'upload.php' Arbitrary File Upload Vulnerability
5107| [34663] Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
5108| [34653] Download Center Lite Unspecified Security Vulnerability
5109| [34643] Sun Java System Delegated Administrator HTTP Response Splitting Vulnerability
5110| [34640] CRE Loaded 'product_info.php' SQL Injection Vulnerability
5111| [34637] Zervit HTTP Server Malformed URI Remote Denial Of Service Vulnerability
5112| [34601] Adam Patterson Address Book 'upload-file.php' Arbitrary File Upload Vulnerability
5113| [34600] Multi-lingual E-Commerce System Local File Include and Arbitrary File Upload Vulnerabilities
5114| [34599] Flatnux Arbitrary File Upload and Multiple Local File Include Vulnerabilities
5115| [34590] e-cart 'admin/editor/image.php' Arbitrary File Upload Vulnerability
5116| [34575] SPIP Security Bypass and Arbitrary File Upload Vulnerability
5117| [34570] Zervit HTTP Server Directory Traversal Vulnerability
5118| [34535] Job2C Profile Arbitrary File Upload Vulnerability
5119| [34530] Zervit 'http.c' Remote Buffer Overflow Vulnerability
5120| [34520] Nortel Application Gateway 2000 'adminDownloads.htm' Password Disclosure Vulnerability
5121| [34510] Mongoose HTTP Server Directory Traversal Vulnerability
5122| [34478] Microsoft Internet Explorer File Download Denial of Service Vulnerability
5123| [34437] Microsoft WinHTTP Server Name Mismatch Certificate Validation Security Bypass Vulnerability
5124| [34435] Microsoft WinHTTP Integer Underflow Memory Corruption Remote Code Execution Vulnerability
5125| [34434] Photo-Graffix 'mp3upload.htm' Arbitrary File Upload Vulnerability
5126| [34415] Lanius CMS 'upload.php' Arbitrary File Upload Vulnerability
5127| [34368] Family Connections 'fcms/upload.php' Arbitrary File Upload Vulnerability
5128| [34356] TinyPHPForum Avatar Upload Arbitrary File Upload Vulnerability
5129| [34347] File Thingie '.sql' Extension Arbitrary File Upload Vulnerability
5130| [34277] Squid Proxy Cache ICAP Adaptation Denial of Service Vulnerability
5131| [34255] PHPizabi 'modules/interact/file.php' Arbitrary File Upload Vulnerability
5132| [34254] WeBid 'upldgallery.php' Arbitrary File Upload Vulnerability
5133| [34222] PHP Classifieds Arbitrary File Upload and Cross Site Scripting Vulnerabilities
5134| [34221] ZyXEL G570S Crafted HTTP Requests Multiple Vulnerabilities
5135| [34212] Free Arcade Script SQL Injection and Arbitrary File Upload Vulnerabilities
5136| [34200] Orbit Downloader ActiveX Control 'download()' Method Arbitrary File Delete Vulnerability
5137| [34188] SW-HTTPD Incomplete HTTP Request Remote Denial of Service Vulnerability
5138| [34135] HP OpenView Network Node Manager 'Accept-Language' HTTP Header Heap Buffer Overflow Vulnerability
5139| [34128] PPLive URI Handlers 'LoadModule' Parameter Multiple Remote Code Execution Vulnerabilities
5140| [34119] Rapid Leech Upload Function Multiple Remote Input Validation Vulnerabilities
5141| [34087] Traidnt UP 'uploadcp/files.php' Insecure Cookie Authentication Bypass Vulnerability
5142| [33993] Imera Systems ImeraIEPlugin ActiveX Control Arbitrary File Download Vulnerability
5143| [33964] WikyBlog Arbitrary File Upload Vulnerability
5144| [33962] cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
5145| [33956] access2asp 'default_Image.asp' Arbitrary File Upload Vulnerability
5146| [33934] Internet Download Manager Language File Parsing Buffer Overflow Vulnerability
5147| [33924] APC PowerChute Network Shutdown HTTP Response Splitting and Cross Site Scripting Vulnerabilities
5148| [33894] Orbit Downloader 'Connecting' Log Message Creation Remote Buffer Overflow Vulnerability
5149| [33874] M5zn Arbitrary File Upload Vulnerability
5150| [33862] PayPal Download Shop SQL Injection and Arbitrary File Upload Vulnerabilities
5151| [33832] Fujitsu Jasmine2000 Enterprise Edition WebLink HTTP Response Splitting Vulnerability
5152| [33823] Firepack User-Agent HTTP Header PHP Code Injection Vulnerability
5153| [33820] Apple Mac OS X Insecure Downloads Folder Permissions Information Disclosure Vulnerability
5154| [33817] SAS Hotel Management System Arbitrary File Upload Vulnerability
5155| [33804] WebKit XMLHttpRequest Cookie Information Disclosure Vulnerability
5156| [33803] Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability
5157| [33773] Google Chrome XMLHttpRequest Cookie Information Disclosure Vulnerability
5158| [33761] Sun Java System Directory Server Directory Proxy Server JDBC Backend Denial Of Service Vulnerability
5159| [33742] SkaDate 'photo' Arbitrary File Upload Vulnerability
5160| [33724] libvirt 'libvirt_proxy.c' Local Privilege Escalation Vulnerability
5161| [33712] Varnish HTTP Request Parsing Denial of Service Vulnerability
5162| [33699] Hedgehog-CMS 'specialacts.php' Arbitrary File Upload Vulnerability
5163| [33691] Taridnt UP Remote File Upload Vulnerability
5164| [33665] Ilch CMS 'HTTP_X_FORWARDED_FOR' SQL Injection Vulnerability
5165| [33663] BlackBerry Application Web Loader ActiveX Control Remote Buffer Overflow Vulnerability
5166| [33647] WikkiTikkiTavi 'upload.php' Arbitrary File Upload Vulnerability
5167| [33625] Cisco IOS HTTP Server Multiple Cross Site Scripting Vulnerabilities
5168| [33591] AJA Portal Rapidshare Module Arbitrary File Upload Vulnerability
5169| [33570] Small HTTP server FTP Directory Traversal Vulnerability
5170| [33559] Novell GroupWise HTTP POST/GET Request Information Disclosure Vulnerability
5171| [33555] Free Download Manager Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities
5172| [33554] Free Download Manager Remote Control Server Stack Buffer Overflow Vulnerability
5173| [33542] PHP 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
5174| [33516] Trickle 'LD_PRELOAD' Arbitrary Code Execution Vulnerability
5175| [33514] Coppermine Photo Gallery 'picEditor.php' Remote File Upload Vulnerability
5176| [33476] Flaxweb Article Manager Avatar Arbitrary File Upload Vulnerability
5177| [33450] Simple Machines Forum Package Upload Multiple HTML Injection Vulnerabilities
5178| [33424] MemHT Portal Avatar Upload Arbitrary File Upload Vulnerability
5179| [33410] PHP-Nuke Downloads Module 'url' Parameter SQL Injection Vulnerability
5180| [33374] Microsoft IIS HTTP TRACK Method Information Disclosure Vulnerability
5181| [33328] Multiple AJ Classifieds Scripts 'index.php' Arbitrary File Upload Vulnerability
5182| [33295] DMXReady Billboard Manager 'upload_document.asp' Arbitrary File Upload Vulnerability
5183| [33281] DMXReady SDK Arbitrary File Download Vulnerability
5184| [33260] Cisco IOS HTTP Server Multiple Cross Site Scripting Vulnerabilities
5185| [33255] DMXReady Members Area Manager 'upload_image_security_level.asp' SQL Injection Vulnerability
5186| [33253] DMXReady Multiple Products 'upload_image_category.asp' SQL Injection Vulnerability
5187| [33247] Symantec AppStream Client 'LaunchObj' ActiveX Control Arbitrary File Download Vulnerability
5188| [33225] PWP Wiki Processor 'run.php' Arbitrary File Upload Vulnerability
5189| [33198] Silentum Uploader Arbitrary File Deletion Vulnerability
5190| [33147] HP OpenView Network Node Manager HTTP Request Multiple Buffer Overflow Vulnerabilities
5191| [33094] Built2Go PHP Link Portal 'member.php' Arbitrary File Upload Vulnerability
5192| [33093] Built2Go PHP Rate My Photo 'member.php' Arbitrary File Upload Vulnerability
5193| [33088] MemberKit My Picture Album Arbitrary File Upload Vulnerability
5194| [33057] ThePortal '/admin/galeria.php' Arbitrary File Upload Vulnerability
5195| [33034] Flexphplink Pro 'submitlink.php' Arbitrary File Upload Vulnerability
5196| [33005] doop Administration Page Arbitrary File Upload Vulnerability
5197| [33000] W2B phpEmployment 'auth.php' Arbitrary File Upload Vulnerability
5198| [32998] W2B phpAdBoard 'index.php' Arbitrary File Upload Vulnerability
5199| [32995] W2B phpGreetCards 'index.php' Arbitrary File Upload Vulnerability
5200| [32968] Text Lines Rearrange Script 'download.php' Information Disclosure Vulnerability
5201| [32959] OneOrZero Arbitrary File Upload Vulnerability
5202| [32954] ReVou Arbitrary File Upload Vulnerability
5203| [32953] BLOG 'image_upload.php' Arbitrary File Upload Vulnerability
5204| [32936] Extract Website 'download.php' Local File Include Vulnerability
5205| [32932] Online Keyword Research Tool 'download.php' Local File Include Vulnerability
5206| [32911] 2532designs 2532|Gigs Local File Include and Arbitrary File Upload Vulnerabilities
5207| [32907] Irrlicht B3D loader Buffer Overflow Vulnerability
5208| [32888] K&S Shopsystem 'images.php' Arbitrary File Upload Vulnerability
5209| [32858] Faupload 'download.php' SQL Injection Vulnerability
5210| [32821] Multiple AvailScript Products Arbitrary File Upload Vulnerabilities
5211| [32803] Joomla Live Chat Multiple SQL Injection and Open Proxy Vulnerabilities
5212| [32795] Social Groupie 'create_album.php' Arbitrary File Upload Vulnerability
5213| [32785] PHP Support Tickets New Ticket Arbitrary File Upload Vulnerability
5214| [32760] eZoneScripts Living Local Arbitrary File Upload Vulnerability
5215| [32706] dotnetindex Professional Download Assistant SQL Injection Vulnerability
5216| [32699] Secure Downloads for vBulletin 'fileinfo.php' SQL Injection Vulnerability
5217| [32697] SIU Guarani SQL Injection and Arbitrary File Upload Vulnerabilities
5218| [32696] Neostrada Livebox ADSL Router HTTP Request Denial of Service Vulnerability
5219| [32675] w3blabor Local File Include and Arbitrary File Upload Vulnerabilities
5220| [32661] Tizag Countdown Creater 'index.php' Arbitrary File Upload Vulnerability
5221| [32560] Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
5222| [32559] Andy's PHP Knowledgebase 'saa.php' Arbitrary File Upload Vulnerability
5223| [32537] Minimal ABlog SQL Injection and Arbitrary File Upload Vulnerabilities
5224| [32509] Star Articles 'user.modify.profile.php' Arbitrary File Upload Vulnerability
5225| [32452] Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
5226| [32439] MauryCMS Unspecified Arbitrary File Upload Vulnerability
5227| [32433] getaphpsite.com Real Estate Arbitrary File Upload Vulnerability
5228| [32432] getaphpsite.com Auto Dealers Arbitrary File Upload Vulnerability
5229| [32428] Goople CMS '/win/content/upload.php' Arbitrary File Upload Vulnerability
5230| [32382] SocialEngine HTTP Response Splitting and SQL-injection Vulnerabilities
5231| [32371] 'imlib2' Library 'load()' Function Buffer Overflow Vulnerability
5232| [32367] wPortfolio '/admin/upload_form.php' Arbitrary File Upload Vulnerability
5233| [32359] Ruby on Rails 'redirect_to()' HTTP Header Injection Vulnerability
5234| [32318] GungHo LoadPrgAx ActiveX Control Unspecified Vulnerability
5235| [32293] Multiple Scriptsfeed Scripts Arbitrary File Upload Vulnerability
5236| [32277] AlstraSoft SendIt Pro Arbitrary File Upload Vulnerability
5237| [32275] Belkin F5D8233-4 Wireless N Router Multiple Scripts Authentication Bypass Vulnerabilities
5238| [32273] Belkin F5D8233-4 Wireless N Router IP-Based Authentication Session Hijacking Vulnerability
5239| [32257] Pre Real Estate Listings Seller Logo Arbitrary File Upload Vulnerability
5240| [32247] sISAPILocation HTTP Header Rewrite Security Bypass Vulnerability
5241| [32242] Multiple phpstore.info Scripts Arbitrary File Upload Vulnerability
5242| [32234] rtgdictionary for TYPO3 Arbitrary File Upload Vulnerability
5243| [32225] Zeeways ZEEJOBSITE Arbitrary File Upload Vulnerability
5244| [32224] Zeeways ZEEPROPERTY Arbitrary File Upload and Cross Site Scripting Vulnerabilities
5245| [32211] Multiple 2Wire DSL Routers 'xslt' HTTP Request Denial of Service Vulnerability
5246| [32203] Siemens SpeedStream 5200 HTTP Host Spoofing Authentication Bypass Vulnerability
5247| [32152] BigDump '.sql' Arbitrary File Upload Vulnerability
5248| [32105] NOS Microsystems getPlus Download Manager ActiveX Control Buffer Overflow Vulnerability
5249| [32103] NOS Microsystems getPlus Download Manager Unauthorized Access Vulnerability
5250| [32065] Apartment Search Script Arbitrary File Upload and Cross Site Scripting Vulnerabilities
5251| [32013] ComingChina.com U-Mail 'edit.php' Arbitrary File Upload Vulnerability
5252| [31982] Instinct WP e-Commerce 'image_processing.php' Arbitrary File Upload Vulnerability
5253| [31981] Mambo and Joomla! SimpleBoard 'image_upload.php' Arbitrary File Upload Vulnerability
5254| [31978] 7-Shop 'imageupload.php' Arbitrary File Upload Vulnerability
5255| [31914] BuzzScripts BuzzyWall 'download.php' Directory Traversal Vulnerability
5256| [31909] New Earth Programming Team Image Upload Script Arbitrary File Upload Vulnerability
5257| [31887] Snoopy '_httpsrequest()' Arbitrary Command Execution Vulnerability
5258| [31877] Joomla! ionFiles Component 'download.php' Directory Traversal Vulnerability
5259| [31873] Iamma Nuke Simple Gallery 'upload.php ' Arbitrary File Upload Vulnerability
5260| [31852] Bahar Download Script 'aspkat.asp' SQL Injection Vulnerability
5261| [31812] FCKeditor 'CurrentFolder' Parameter Arbitrary File Upload Vulnerability
5262| [31805] Apache HTTP Server OS Fingerprinting Unspecified Security Vulnerability
5263| [31696] KDE Konqueror JavaScript 'load' Function Denial of Service Vulnerability
5264| [31695] Scriptsez Easy Image Downloader 'main.php' Local File Include Vulnerability
5265| [31691] Sun Java System Web Proxy Server FTP Subsytem Heap Based Buffer Overflow Vulnerability
5266| [31685] Kusaba 'load_receiver.php' Remote Code Execution Vulnerability
5267| [31632] Microsoft PicturePusher 'PipPPush.dll' ActiveX Control Arbitrary File Download Vulnerability
5268| [31603] Internet Download Manager File Parsing Buffer Overflow Vulnerability
5269| [31600] Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability
5270| [31599] Lighttpd URI Rewrite/Redirect Information Disclosure Vulnerability
5271| [31594] Simple Machines Forum HTTP POST Request Filter Security Bypass Vulnerability
5272| [31577] OpenNMS HTTP Response Splitting Vulnerability
5273| [31574] FOSS Gallery Arbitrary File Upload Vulnerability
5274| [31568] Kwalbum 'UploadItems' Parameter Arbitrary File Upload Vulnerability
5275| [31491] eFront Multiple Arbitrary File Upload Vulnerabilities
5276| [31487] Autodesk DWF Viewer Control 'AdView.dll' Arbitrary File Download Vulnerability
5277| [31456] Camera Life Arbitrary File Upload Vulnerability
5278| [31445] E-Uploader PRO 'id' Parameter Multiple SQL Injection Vulnerabilities
5279| [31434] Lighttpd Duplicate Request Header Denial of Service Vulnerability
5280| [31406] Mass Downloader Malformed Executable Denial Of Service Vulnerability
5281| [31393] Vikingboard 'upload/index.php' Local File Include Vulnerability
5282| [31354] Cisco IOS AIC HTTP Transit Packet Remote Denial of Service Vulnerability
5283| [31351] osCMax 'test.html' Arbitrary File Upload Vulnerability
5284| [31297] AvailScript Job Portal Script Remote File Upload Vulnerability
5285| [31265] fhttpd Basic Authorization Remote Denial Of Service Vulnerability
5286| [31171] phsdev phsBlog 'upload/index.php' SQL Injection Vulnerability
5287| [31156] WebPortal CMS 'download.php' SQL Injection Vulnerability
5288| [31127] minb Multiple Arbitrary File Upload Vulnerabilities
5289| [31122] Ananta 'connectors.php' Arbitrary File Upload Vulnerability
5290| [31106] Red Hat Fedora Directory Server HTTP Unescaping Functions Buffer Overflow Vulnerability
5291| [31047] Samsung DVR SHR-2040 HTTPD Denial of Service Vulnerability
5292| [31035] Google Chrome Malformed 'view-source' HTTP Header Remote Denial of Service Vulnerability
5293| [31028] eZoneScripts Dating Website Remote File Upload Vulnerability
5294| [31010] Celerondude Uploader 'account.php' Cross-Site Scripting Vulnerability
5295| [31000] Google Chrome Arbitrary File Download Vulnerability
5296| [30988] 3Com Wireless 8760 Dual-Radio 11a/b/g PoE HTTP POST Request Denial of Service Vulnerability
5297| [30950] WeBid 'config.php' Arbitrary File Upload Vulnerability
5298| [30869] Red Hat Directory Server Accept Language HTTP Headers Buffer Overflow Vulnerability
5299| [30867] Mono 'System.Web' HTTP Header Injection Vulnerability
5300| [30839] Kolifa.net Download Script 'indir.php' SQL Injection Vulnerability
5301| [30754] GE Fanuc Proficy Information Portal HTTP Basic Authentication Information Disclosure Vulnerability
5302| [30721] VidiScript Remote File Upload Vulnerability
5303| [30677] Cardinal CMS 'upload.php' Arbitrary File Upload Vulnerability
5304| [30671] Sun Java System Web Proxy Server FTP Subsystem Denial of Service Vulnerability
5305| [30662] Amarok 'MagnatuneBrowser::listDownloadComplete()' Insecure Temporary File Creation Vulnerability
5306| [30652] Alcatel-Lucent OmniSwitch Products HTTP Header Remote Buffer Overflow Vulnerability
5307| [30620] RMSOFT Downloads Plus Multiple Cross-Site Scripting Vulnerabilities
5308| [30601] e107 CMS 'download.php' Arbitrary Variable Overwrite Vulnerability
5309| [30560] Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
5310| [30548] Aurigma Image Uploader Multiple ActiveX Controls Multiple Unspecified Security Vulnerabilities
5311| [30526] moziloCMS 'download.php' File Disclosure Vulnerability
5312| [30515] Max File Upload File Extension Arbitrary File Upload Vulnerability
5313| [30496] Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
5314| [30464] Blue Coat K9 Web Protection Centralized Server HTTP Responses Buffer Overflow Vulnerability
5315| [30365] WordPress Wp Downloads Manager Module 'upload.php' Arbitrary File Upload Vulnerability
5316| [30362] ibase 'download.php' Local File Include Vulnerability
5317| [30338] Ceica Groupware Multiple Remote File Upload Vulnerabilities
5318| [30336] AtomatiCMS 'upload.php' Arbitrary File Upload Vulnerability
5319| [30311] EZWebAlbum 'download.php' Local File Include Vulnerability
5320| [30283] LunarNight Laboratory WebProxy Cross Site Scripting Vulnerability
5321| [30273] Oracle mod_wl HTTP POST Request Remote Buffer Overflow Vulnerability
5322| [30265] Citrix XenServer XenAPI HTTP Interfaces Cross-Site Scripting Vulnerability
5323| [30261] Velocity Security Management System HTTP Server Directory Traversal Vulnerability
5324| [30249] PhotoPost vBGallery 'upload.php' Arbitrary File Upload Vulnerability
5325| [30223] Sina DLoader Class ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download Vulnerability
5326| [30220] Edit-Point 'upload.php' Arbitrary File Upload Vulnerability
5327| [30210] Maian Uploader 'uploader_cookie' Authentication Bypass Vulnerability
5328| [30193] Apple Safari HTTPS to HTTPS Referer Information Disclosure Vulnerability
5329| [30182] File Store PRO 'download.php' SQL Injection Vulnerability
5330| [30138] Download Accelerator Plus '.m3u' File Buffer Overflow Vulnerability
5331| [30117] WebXell Editor 'upload_pictures.php' Arbitrary File Upload Vulnerability
5332| [30114] Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download Vulnerability
5333| [30105] BlueZ SDP Payload Processing Multiple Buffer Overflow Vulnerabilities
5334| [30100] ImperialBB Remote File Upload Vulnerability
5335| [30094] THELIA Arbitrary File Upload and Authentication Bypass Vulnerabilities
5336| [30090] F5 FirePass SSL VPN SNMP Daemon Remote Denial of Service Vulnerability
5337| [29982] Seagull Arbitrary File Upload Vulnerability
5338| [29963] UUSee UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability
5339| [29949] RETIRED: PHPmotion SQL Injection and Arbitrary File Upload Vulnerabilities
5340| [29946] Google Talk 'http' and 'mailto' Remote Script Code Injection Vulnerability
5341| [29929] Page Manager 'upload.php' Arbitrary File Upload Vulnerability
5342| [29917] Php F1 Max's Image Uploader 'index.php' Arbitrary File Upload Vulnerability
5343| [29914] cmsWorks 'config.php' Arbitrary File Upload Vulnerability
5344| [29892] emuCMS 'upload.php' Arbitrary File Upload Vulnerability
5345| [29867] le.cms 'admin/upload.php' Arbitrary File Upload Vulnerability
5346| [29849] GL-SH Deaf Forum Cross-Site Scripting Vulnerability and Arbitrary File Upload Vulnerability
5347| [29825] TYPO3 Download system Extension SQL Injection Vulnerability
5348| [29809] OFFSystem HTTP Headers Remote Buffer Overflow Vulnerability
5349| [29795] aspWebCalendar 'calendar_admin.asp' Arbitrary File Upload Vulnerability
5350| [29786] CRE Loaded Multiple HTML Injection Vulnerabilities
5351| [29759] Crysis HTTP/XML-RPC Service Remote Denial of Service Vulnerability
5352| [29734] Simple Machines Forum 'load.php' SQL Injection Vulnerability
5353| [29707] Easy-Clanpage Arbitrary File Upload and Local File Include Vulnerabilities
5354| [29698] X-Poll 'admin/images/index.php' Arbitrary File Upload Vulnerability
5355| [29661] uTorrent and BitTorrent HTTP 'Range' Header Remote Denial of Service Vulnerability
5356| [29657] TYPO3 Cross-Site Scripting Vulnerability and File Upload Vulnerability
5357| [29621] Achievo 'config.php' Arbitrary File Upload Vulnerability
5358| [29618] Flux CMS 'loadsave.php' Arbitrary File Overwrite Vulnerability
5359| [29600] XOOPS Uploader Module 'filename' Parameter Directory Traversal Vulnerability
5360| [29577] Black Ice Multiple Applications 'BiDib.dll' ActiveX Control Arbitrary File Download Vulnerability
5361| [29574] F5 FirePass SSL VPN Multiple Cross-Site Request Forgery Vulnerabilities
5362| [29570] Linksys WRH54G Wireless-G Router Malformed HTTP Request Denial of Service Vulnerability
5363| [29554] Joomla! and Mambo JotLoader Component 'cid' Parameter SQL Injection Vulnerability
5364| [29530] HP Instant Support 'HPISDataManager.dll' ActiveX Control Arbitrary File Download Vulnerability
5365| [29519] C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability
5366| [29497] RETIRED: SiteXS CMS 'adm/visual/upload.php' Arbitrary File Upload Vulnerability
5367| [29476] Kaya CGI Framework HTTP Header Cross Site Scripting Vulnerability
5368| [29438] PHP Booking Calendar 'upload.php' Arbitrary File Upload Vulnerability
5369| [29434] CMS from Scratch 'image.php' Directory Traversal and Arbitrary File Upload Vulnerabilities
5370| [29431] CMS from Scratch 'upload.php' Arbitrary File Upload Vulnerability
5371| [29422] SyntaxCMS 'upload.php' Arbitrary File Upload Vulnerability
5372| [29419] FlashBlog 'imgupload.php' Arbitrary File Upload Vulnerability
5373| [29390] trombyn 'demoupload.php' Arbitrary File Upload Vulnerability
5374| [29374] OneCMS 'load' Parameter Local File Include Vulnerability
5375| [29372] ClassSystem Multiple SQL Injection Vulnerabilities and Arbitrary File Upload Vulnerability
5376| [29352] WordPress Upload File Plugin 'wp-uploadfile.php' SQL Injection Vulnerability
5377| [29341] WWW File Share Pro Unspecified Arbitrary File Upload Vulnerability
5378| [29334] Interchange Unspecified HTTP POST Request Denial Of Service Vulnerability
5379| [29310] IBM Lotus Domino Web Server 'Accept Language' HTTP Header Buffer Overflow Vulnerability
5380| [29279] PhotoStockPlus Uploader Tool ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities
5381| [29276] RETIRED: WordPress 'Blog' Module 'Write Tab' Arbitrary File Upload Vulnerability
5382| [29222] Cisco Unified Presence SIP Proxy Denial of Service Vulnerability
5383| [29216] Cisco Content Switching Module Layer 7 Load Balancing Denial of Service Vulnerability
5384| [29170] CMS Made Simple 'modules/FileManager/postlet/javaUpload.php' Arbitrary File Upload Vulnerability
5385| [29121] Microsoft Outlook Web Access 'no-store' HTTP Directive Information Disclosure Weakness
5386| [29112] Microsoft Internet Explorer UTF-7 HTTP Response Handling Weakness
5387| [29110] ZyWALL 100 HTTP Referer Header Cross Site Scripting Vulnerability
5388| [29072] QTO File Manager 'qtofm.php' Arbitrary File Upload Vulnerability
5389| [29051] Maian Uploader Multiple Cross Site Scripting Vulnerabilities
5390| [29029] SiteXS CMS 'upload.php' Arbitrary File Upload Vulnerability
5391| [28993] Akamai Download Manager ActiveX Control Remote Code Execution Vulnerability
5392| [28975] WordPress Download Monitor Plugin 'id' Parameter SQL Injection Vulnerability
5393| [28955] PHPG Upload 'form_upload.php' Arbitrary File Upload Vulnerability
5394| [28941] Sun Java System Directory Proxy Server Remote Unauthorized Access Vulnerability
5395| [28937] KDE KHTML PNGLoader Heap Buffer Overflow Vulnerability
5396| [28922] PHCDownload Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
5397| [28919] PHP-Nuke DownloadsPlus Module Arbitrary File Upload Vulnerability
5398| [28902] F5 Networks FirePass 4100 SSL VPN 'installControl.php3' Cross-Site Scripting Vulnerability
5399| [28887] EncapsGallery Cross-Site Scripting Vulnerability and File Upload Vulnerability
5400| [28817] eGroupWare Unspecified Arbitrary File Upload Vulnerability
5401| [28813] Apple Safari File Download Remote Memory Corruption Vulnerability
5402| [28795] BigAnt IM Server HTTP GET Request Remote Buffer Overflow Vulnerability
5403| [28788] KwsPHP Eskuel Module Arbitrary File Upload Vulnerability
5404| [28787] Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability
5405| [28766] Coppermine Photo Gallery 'upload.php' SQL Injection Vulnerability
5406| [28757] Novell eDirectory HTTP 'Connection' Header Denial Of Service Vulnerability
5407| [28718] ARWScripts Gallery Script Lite 'download.html' File Disclosure Vulnerability
5408| [28696] Adobe Flash Player Arbitrary Cross Domain HTTP Request Headers Security Vulnerability
5409| [28693] Squid Web Proxy Cache 'arrayShrink()' Remote Denial of Service Vulnerability
5410| [28685] phpTournois Avatar Arbitrary File Upload Vulnerability
5411| [28670] iScripts SocialWare Arbitrary File Upload Vulnerability
5412| [28666] CDNetworks Nefficient Download 'NeffyLauncher.dll' ActiveX Control Multiple Vulnerabilities
5413| [28656] Drake CMS HTTP 'Via' Header SQL Injection Vulnerability
5414| [28646] Pixel Motion Blog Arbitrary File Upload Vulnerability
5415| [28639] F5 BIG-IP Web Management Interface 'NEW_VALUE' Parameter Remote Code Injection Vulnerability
5416| [28610] SmarterTools SmarterMail HTTP Request Handling Denial Of Service Vulnerability
5417| [28578] Nuked-Klan HTTP Referer Header SQL Injection Vulnerability
5418| [28572] Novell eDirectory HTTP HEAD Request Handling Denial Of Service Vulnerability
5419| [28546] Chilkat HTTP 'ChilkatHttp.dll' ActiveX Control Insecure Method Vulnerabilities
5420| [28541] Orbit Downloader 'Download Failed' Remote Buffer Overflow Vulnerability
5421| [28516] WordPress 'wp-download' Plugin 'dl_id' Parameter SQL Injection Vulnerability
5422| [28491] Perlbal Buffered Upload Remote Denial Of Service Vulnerability
5423| [28490] Siemens SpeedStream 6520 HTTP Request Remote Denial Of Service Vulnerability
5424| [28489] Lighttpd SSL Error Denial of Service Vulnerability
5425| [28440] e107 My_Gallery Plugin 'dload.php' Arbitrary File Download Vulnerability
5426| [28428] Joomla! and Mambo Download3000 Component 'id' Parameter SQL Injection Vulnerability
5427| [28416] F5 Big-IP Web Management Audit Log HTML Injection Vulnerability
5428| [28404] Apple Safari File Download Remote Denial of Service Vulnerability
5429| [28394] ASUS Remote Console DPC Proxy Buffer Overflow Vulnerability
5430| [28355] Yehe 'envoyer' Arbitrary File Upload Vulnerability
5431| [28354] Piczo Fast Picture Uploader 'ImageUploader4.ocx' ActiveX Control Buffer Overflow Vulnerability
5432| [28346] PEEL Multiple SQL Injection Vulnerabilities and Arbitrary File Upload Vulnerability
5433| [28322] Belkin F5D7230-4 Wireless G Router 'setup_virtualserver.exe' Denial of Service Vulnerability
5434| [28319] Belkin F5D7230-4 Wireless G Router 'setup_dns.exe' Authentication Vulnerability
5435| [28317] Belkin F5D7230-4 Wireless G Router IP-Based Authentication State Authentication Bypass Vulnerability
5436| [28316] Asterisk Predictable HTTP Manager Session ID Security Bypass Vulnerability
5437| [28308] Asterisk RTP Codec Payload Handling Multiple Buffer Overflow Vulnerabilities
5438| [28257] AuraCMS 'HTTP_X_FORWARDED_FOR' SQL Injection Vulnerability
5439| [28226] Lighttpd mod_userdir Information Disclosure Vulnerability
5440| [28219] Download Center Multiple Cross Site Scripting Vulnerabilities
5441| [28199] RemotelyAnywhere HTTP Service Cross-Site Scripting Vulnerability
5442| [28151] F5 BIG-IP Web Management Interface Console HTML Injection Vulnerability
5443| [28129] SmartFactory WF-Downloads XOOPS Module 'viewcat.php' SQL Injection Vulnerability
5444| [28100] Lighttpd 'mod_cgi' Information Disclosure Vulnerability
5445| [28081] Timbuktu Pro File Upload and Log Input Manipulation Vulnerabilities
5446| [28051] netOffice Dwins Authentication Bypass Vulnerability and Arbitrary File Upload Vulnerability
5447| [27981] MyServer Mutltiple HTTP Methods '204 Not Content' Error Remote Denial of Service Vulnerabilities
5448| [27961] LWS php Download Manager 'body.inc.php' Local File Include Vulnerability
5449| [27943] Lighttpd File Descriptor Array Remote Denial of Service Vulnerability
5450| [27932] PHP-Nuke Downloads Module 'sid' Parameter SQL Injection Vulnerability
5451| [27877] Google Hack Honeypot File Upload Manager 'delall' Unauthorized File Access Vulnerability
5452| [27860] Joomla! and Mambo com_downloads Component 'cat' Parameter SQL Injection Vulnerability
5453| [27847] PHPizabi 'image.php' Arbitrary File Upload Vulnerability
5454| [27839] TRUC Tracking Requirements & Use Cases 'download.php' File Disclosure Vulnerability
5455| [27838] XPWeb 'Download.php' File Disclosure Vulnerability
5456| [27792] Dokeos Multiple SQL Injection, HTML Injection, Cross-Site Scripting, and File Upload Vulnerabilities
5457| [27788] ITheora 'download.php' Information Disclosure Vulnerability
5458| [27780] Joomla! User Home Pages Component 'com_uhp' Arbitrary File Upload Vulnerability
5459| [27756] Facebook Photo Uploader 'ImageUploader4.1.ocx' FileMask Method ActiveX Buffer Overflow Vulnerability
5460| [27747] Counter Strike Portals 'download' SQL Injection Vulnerability
5461| [27737] AliBOARD Arbitrary File Upload Vulnerability
5462| [27720] F5 BIG-IP Web Management Interface Cross-Site Request Forgery Vulnerability
5463| [27715] Sony ImageStation 'AxRUploadServer.dll' ActiveX Control Remote Buffer Overflow Vulnerability
5464| [27708] Spam Board Arbitrary File Upload Vulnerability
5465| [27701] Multiple IEA Software Products HTTP POST Request Denial of Service Vulnerability
5466| [27665] IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Vulnerability
5467| [27648] Joomla! and Mambo com_downloads Component 'filecatid' Parameter SQL Injection Vulnerability
5468| [27628] RaidenHTTPD Prior to 2.0.22 Unspecified Cross Site Scripting Vulnerability
5469| [27618] Download Management for PHP-Fusion Multiple Local File Include Vulnerabilities
5470| [27598] HispaH Youtube Clone 'load_message.php' Cross-Site Scripting Vulnerability
5471| [27595] IBM OS/400 HTTP Server Expect Header Cross-Site Scripting Vulnerability
5472| [27593] Anon Proxy Server Remote Authentication Buffer Overflow Vulnerability
5473| [27577] Aurigma Image Uploader ActiveX Controls 'ExtractIptc/ExtractExif' Buffer Overflow Vulnerabilities
5474| [27576] Facebook Photo Uploader 4 ActiveX Control 'ExtractIptc/ExtractExif' Buffer Overflow Vulnerabilities
5475| [27562] LightBlog 'cp_upload_image.php' Arbitrary File Upload Vulnerability
5476| [27550] Liferay Enterprise Portal 'User-Agent' HTTP Header Script Injection Vulnerability
5477| [27547] Liferay Enterprise Portal User-Agent HTTP Header Cross Site Scripting Vulnerability
5478| [27544] Drupal Comment Upload Module Upload Validation Function Arbitrary File Upload Vulnerability
5479| [27539] Aurigma Image Uploader 'ImageUploader4.ocx' ActiveX Control Buffer Overflow Vulnerability
5480| [27534] Facebook Photo Uploader 4 'ImageUploader4.1.ocx' ActiveX Control Buffer Overflow Vulnerability
5481| [27533] MySpace Uploader 'MySpaceUploader.ocx' ActiveX Control Buffer Overflow Vulnerability
5482| [27487] Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload Vulnerability
5483| [27472] Mambo MOStlyCE Module Image Manager Utility Arbitrary File Upload Vulnerability
5484| [27462] F5 BIG-IP Application Security Manager 'report_type' Cross-Site Scripting Vulnerability
5485| [27456] Persits Software XUpload 'AddFile()' Method ActiveX Control Remote Buffer Overflow Vulnerability
5486| [27423] HFS HTTP File Server Multiple Security Vulnerabilities
5487| [27411] Lycos File Upload Component 'FileUploader.dll' ActiveX Control Buffer Overflow Vulnerability
5488| [27409] Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
5489| [27391] Fujitsu Interstage HTTP Server Multiple Unspecified Denial Of Service Vulnerabilities
5490| [27379] IDMOS CMS 'download.php' Local File Include Vulnerability
5491| [27373] Numara FootPrints 'MRchat.pl' and 'MRABLoad2.pl' Multiple Remote Command Execution Vulnerabilities
5492| [27368] MegaBBS 'upload.asp' Cross-Site Scripting Vulnerability
5493| [27366] Galaxy Scripts Mini File Host 'upload.php' POST Parameter Local File Include Vulnerability
5494| [27358] BitDefender Products Update Server HTTP Daemon Directory Traversal Vulnerability
5495| [27348] Mahara HTML Arbitrary File Upload Vulnerability
5496| [27327] GalaxyScripts Mini File Host 'upload.php' Local File Include Vulnerability
5497| [27312] MailBee WebMail Pro 'download_view_attachment.aspx' Local File Include Vulnerability
5498| [27285] PHP F1 Max's File Uploader 'index.php' Arbitrary File Upload Vulnerability
5499| [27279] Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download Vulnerabilities
5500| [27272] F5 BIG-IP 'SearchString' Multiple Cross-Site Scripting Vulnerabilities
5501| [27247] StreamAudio ProxyManager 'InternalTuneIn()' ActiveX Control Buffer Overflow Vulnerability
5502| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
5503| [27234] Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
5504| [27203] UploadScript and UploadImage 'admin.php' Unauthorized Access Vulnerability
5505| [27186] Zero CMS Arbitrary File Upload Vulnerability and Multiple SQL-Injection Vulnerabilities
5506| [27166] ekinboard Multiple Authentication Bypass And Arbitrary File Upload Vulnerabilities
5507| [27158] OneCMS Arbitrary File Upload Vulnerability and Multiple SQL-injection Vulnerabilities
5508| [27151] WordPress Plugin Wp-FileManager 'ajaxfilemanager.php' Arbitrary File Upload Vulnerability
5509| [27128] ExpressionEngine HTTP Response Splitting and Cross Site Scripting Vulnerabilities
5510| [27107] Camtasia Studio 'csPreloader' Remote Code Execution Vulnerability
5511| [27106] DivX Web Player 'npUpload.dll' ActiveX Control Remote Denial of Service Vulnerability
5512| [27092] AGENCY4NET WEBFTP 'download2.php' Local File Include Vulnerability
5513| [27079] Bitweaver 'upload.php' Arbitrary File Upload Vulnerability
5514| [27076] Mihalism Multi Host 'download.php' Directory Traversal Vulnerability
5515| [27066] PHCDownload 'search.php' SQL Injection and Cross-Site Scripting Vulnerability
5516| [27062] MySpace Content Zone 'uploadgames.php' Arbitrary File Upload Vulnerability
5517| [27060] XCMS Multiple Local File Include Vulnerabilities and Arbitrary File Upload Vulnerability
5518| [27047] Extended Module Player (xmp) 'oxm.c' And 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities
5519| [27025] Persits Software XUpload ActiveX Control Remote Buffer Overflow Vulnerability
5520| [26998] Agares Media ThemeSiteScript 'loadadminpage' Parameter Remote File Include Vulnerability
5521| [26991] PHCDownload Username HTML Injection Vulnerability
5522| [26978] Sun Java Web Proxy Server and Sun Java Web Server Multiple Cross-Site Scripting Vulnerabilities
5523| [26969] Adobe Flash Player HTTP Response Splitting Vulnerability
5524| [26940] Dokeos 'My production' Arbitrary File Upload Vulnerability
5525| [26939] Apache HTTP Server Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
5526| [26925] Automatic Image Upload with Thumbnails for PunBB 'uploadimg.php' Arbitrary File Upload Vulnerability
5527| [26907] Uber-Uploader Multiple Arbitrary File Upload Vulnerabilities
5528| [26903] RaidenHTTPD 'workspace.php' Directory Traversal Vulnerability
5529| [26899] PeerCast HandshakeHTTP Multiple Buffer Overflow Vulnerabilities
5530| [26882] Anon Proxy Server Remote Shell Command Execution Vulnerabilities
5531| [26851] Kerio WinRoute Firewall Unspecified Proxy Authentication Bypass Weakness
5532| [26849] xml2owl 'filedownload.php' Directory Traversal Vulnerability
5533| [26827] ES Simple Uploader Arbitrary File Upload Vulnerability
5534| [26813] Simple HTTPD Aux Remote Denial of Service Vulnerability
5535| [26810] KLab HttpLogger Unspecified Cross Site Scripting Vulnerability
5536| [26775] PolDoc Document Management System Download_File.PHP Directory Traversal Vulnerability
5537| [26768] SHTTPD Multiple File Access And Directory Traversal Vulnerabilities
5538| [26740] RETIRED: phpBB .PNG and .RAR Multiple Arbitrary File Upload Vulnerabilities
5539| [26700] Apple Mac OS X Mach_Loader.C Local Denial of Service Vulnerability
5540| [26696] Jetty Unspecified HTTP Response Splitting Vulnerability
5541| [26687] Squid Proxy Cache Update Reply Processing Remote Denial of Service Vulnerability
5542| [26686] Microsoft Web Proxy Auto-Discovery Proxy Spoofing Vulnerability
5543| [26663] Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
5544| [26659] F5 Networks FirePass 4100 SSL VPN My.Logon.PHP3 Cross-Site Scripting Vulnerability
5545| [26651] LearnLoop File_download.PHP Remote File Include Vulnerability
5546| [26589] Mozilla Firefox and SeaMonkey Windows.Location Property HTTP Referer Header Spoofing Weakness
5547| [26559] PBLang NTopic.PHP Arbitrary File Upload Vulnerability
5548| [26537] Aurigma Image Uploader ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
5549| [26483] IceBB HTTP_X_FORWARDED_FOR SQL Injection Vulnerability
5550| [26457] IBM WebSphere Application Server WebContainer HTTP Request Header Security Weakness
5551| [26361] C++ Sockets Library HTTPSocket Class Remote Denial Of Service Vulnerability
5552| [26329] Galmeta Post Upload_Config.PHP Remote File Include Vulnerability
5553| [26286] Blue Coat ProxySG Management Console URI Handler Multiple Cross-Site Scripting Vulnerabilities
5554| [26278] RETIRED: phpMyConferences PageTraiteDownload.PHP Local File Include Vulnerability
5555| [26277] ISPworker Download.PHP Multiple Directory Traversal Vulnerabilities
5556| [26242] ProfileCMS Profile Creation Arbitrary File Upload Vulnerability
5557| [26212] Shttp Remote Directory Traversal Vulnerability
5558| [26186] FCKeditor Unspecified Arbitrary File Upload Vulnerability
5559| [26184] efileman Arbitrary File Upload And Access Validation Vulnerabilities
5560| [26180] 3proxy FTP Proxy Double Free Memory Corruption Vulnerability
5561| [26179] Japanese PHP Gallery Hosting Arbitrary File Upload Vulnerability
5562| [26171] Jeebles Technology Jeebles Directory Download.PHP Local File Include Vulnerability
5563| [26143] ReloadCMS Index.PHP Local File Include Vulnerability
5564| [26062] Microsoft Internet Explorer Extension Filter Bypass Arbitrary File Download Vulnerability
5565| [26044] Joomla! Flash Uploader mosConfig_Absolute_Path Multiple Remote File Include Vulnerabilities
5566| [26024] PHP ionCube Loader Extension Safe_Mode and Disable_Functions Restriction Bypass Vulnerability
5567| [25990] LightBlog Privilege Escalation and Arbitrary File Upload Vulnerabilities
5568| [25975] TYPOlight webCMS preview.php Arbitrary File Download Vulnerability
5569| [25928] Cart32 GetImage Arbitrary File Download Vulnerability
5570| [25903] Altnet Download Manager ADM4 ActiveX Buffer Overflow Vulnerability
5571| [25892] EDraw Office Viewer Component FtpDownloadFile ActiveX Buffer Overflow Vulnerability
5572| [25878] XOOPS Uploader Class Arbitrary File Upload Vulnerability
5573| [25861] Zomplog admin/upload_files.php Unauthorized Access Vulnerability
5574| [25847] Ruby Net::HTTP SSL Insecure Certificate Validation Weakness
5575| [25836] Microsoft Internet Explorer File Upload Vulnerability
5576| [25799] ELinks HTTPS POST Request Information Disclosure Weakness
5577| [25753] Microsoft ISA Server SOCKS4 Proxy Connection Remote Information Disclosure Vulnerability
5578| [25747] SimplePHPBlog img_upload_cgi.php Arbitrary File Upload Vulnerability
5579| [25727] Yahoo! Messenger CYFT FT60.DLL ActiveX Control GetFile Method Arbitrary File Upload Vulnerability
5580| [25685] PhotoChannel Networks Photo Upload Plugin ActiveX Control Multiple Buffer Overflow Vulnerabilities
5581| [25681] Chupix CMS download.php Arbitrary File Download Vulnerability
5582| [25622] Lighttpd Mod_FastCGI Request Headers Remote Header Overflow Vulnerability
5583| [25621] AuraCMS mod/contak.php Arbitrary File Upload Vulnerability
5584| [25618] QGit DataLoader::doStart Function Local Privilege Escalation Vulnerability
5585| [25617] SisfoKampus dwoprn.php Arbitrary File Download Vulnerability
5586| [25613] Proxy Anket anket.asp SQL Injection Vulnerability
5587| [25612] Joomla! Comp Restaurante Component Index.PHP Arbitrary File Upload Vulnerability
5588| [25589] RW::Download Index.PHP Multiple SQL Injection Vulnerabilities
5589| [25551] Barbo91 upload.php Arbitrary File Upload Vulnerability
5590| [25509] RETIRED: Olate Download Arbitrary File Upload Vulnerability
5591| [25491] Pakupaku CMS Index.PHP Arbitrary File Upload Vulnerability
5592| [25487] Our Space UploadMedia.CGI Arbitrary File Upload Vulnerability
5593| [25455] Dale Mooney Moon Gallery Upload.PHP Arbitrary File Upload Vulnerability
5594| [25412] Olate Download FLDM.PHP Cross-Site Scripting Vulnerability
5595| [25410] Olate Download Download.PHP Multiple SQL Injection Vulnerabilities
5596| [25405] phUploader 'phUploader.php' Arbitrary File Upload Vulnerability
5597| [25404] American Financing eMail Image Upload Output.PHP Arbitrary File Upload Vulnerability
5598| [25384] Olate Download Admin.PHP SQL Injection Vulnerability
5599| [25356] Olate Download Environment.PHP Arbitrary Script Code Execution Vulnerability
5600| [25343] Olate Download Admin.PHP Remote Authentication Bypass Vulnerability
5601| [25293] Szymon Kosok Best Top List Banner-Upload.PHP Arbitrary File Upload Vulnerability
5602| [25278] Streamripper HTTP Header Parsing Buffer Overflow Vulnerabilities
5603| [25253] Mapos-Scripts.de File Uploader Multiple Remote File Include Vulnerabilities
5604| [25192] Xunlei Web Thunder ThunderServer.webThunder.1 ActiveX AddCategory File Download Vulnerability
5605| [25190] Sun Java System Web Server Multiple HTTP Redirect Vulnerabilities
5606| [25164] WikiWebWeaver Index.PHP Arbitrary File Upload Vulnerability
5607| [25158] WordPress Upload.PHP Cross-Site Scripting Vulnerability
5608| [25142] Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
5609| [25137] RETIRED: Holotech Phorm FileUpload.PHP Arbitrary File Upload Vulnerability
5610| [25130] Neocrome Seditio PFS.PHP Arbitrary File Upload Vulnerability
5611| [25120] CoreHTTP Http.C Buffer Overflow Vulnerability
5612| [25084] IBM AIX Pioout Arbitrary Library Loading Code Execution Vulnerability
5613| [25070] Sun Solaris Low Bandwidth X Proxy Information Disclosure Vulnerability
5614| [25063] Clever Internet ActiveX Suite CLINetSuiteX6.OCX Arbitrary File Download Or Overwrite Vulnerability
5615| [25030] xserver HTTP Post Request Buffer Overflow Vulnerability
5616| [25028] StatCounter HTTP Referrer Field HTML Injection Vulnerability
5617| [24967] Lighttpd Multiple Code Execution, Denial of Service and Information Disclosure Vulnerabilities
5618| [24958] Joomla Expose Component Uploadimg.PHP Arbitrary File Upload Vulnerability
5619| [24911] Microsoft Internet Explorer OnBeforeUnload Javascript Browser Entrapment Vulnerability
5620| [24778] Microsoft .NET Framework PE Loader Remote Buffer Overflow Vulnerability
5621| [24773] SAP DB Web Server WAHTTP.EXE Multiple Buffer Overflow Vulnerabilities
5622| [24764] FarsiNews Admin.PHP Arbitrary File Upload Vulnerability
5623| [24758] GNU GLibC LD.SO Mask Dynamic Loader Integer Overflow Vulnerability
5624| [24752] LightBlog Main.PHP Arbitrary File Upload Vulnerability
5625| [24750] ImLib BMP Image _LoadBMP Function Denial of Service Vulnerability
5626| [24725] Mozilla Firefox OnKeyDown Event File Upload Vulnerability
5627| [24683] SHTTPd Unspecified Cross Site Scripting Vulnerability
5628| [24649] Apache HTTP Server Mod_Cache Denial of Service Vulnerability
5629| [24648] SlackRoll GnuPG And HTTP Codes Signature Validation Bypass Vulnerability And Weakness
5630| [24645] Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
5631| [24642] WordPress Custom Field Arbitrary File Upload Vulnerability
5632| [24639] Dreamlog Upload.PHP Arbitrary File Upload Vulnerability
5633| [24618] SHTTPD Filename Parse Error Information Disclosure Vulnerability
5634| [24609] E107 Signup.PHP Arbitrary File Upload Vulnerability
5635| [24598] Apple WebCore XMLHTTPRequest Cross-Site Scripting Vulnerability
5636| [24589] POWL Load_Lang.PHP Remote File Include Vulnerability
5637| [24581] SerWeb Load_Lang.PHP Remote File Include Vulnerability
5638| [24576] HTTP Server Request Handling Remote Denial Of Service Vulenrability
5639| [24568] RaidenHTTPD Unspecified Cross Site Scripting Vulnerability
5640| [24566] BugHunter HTTP Server Parse Error Information Disclosure Vulnerability
5641| [24552] Xunlei Web Thunder ThunderServer.webThunder.1 ActiveX Control Arbitrary File Download Vulnerability
5642| [24510] FCKeditor Alternative Data Stream Arbitrary File Upload Vulnerability
5643| [24492] Astaro Up2Date Secure Gateway SMTP Proxy Malformed Email Remote Denial of Service Vulnerability
5644| [24483] Microsoft Internet Explorer 7 HTTP Authentication International Domain Name Spoofing Weakness
5645| [24475] Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability
5646| [24456] Mbedthis AppWeb HTTP TRACE Information Disclosure Vulnerability
5647| [24408] Link Request Contact Form Arbitrary File Upload Vulnerability
5648| [24404] GeometriX Download Portal Down_Indir.ASP SQL Injection Vulnerability
5649| [24400] Internet Download Accelerator ActiveX Control Buffer Overflow Vulnerability
5650| [24375] MiniWeb HTTP POST Headers Remote Denial of Service Vulnerability
5651| [24354] Yahoo! Messenger Webcam Upload ActiveX Control Buffer Overflow Vulnerability
5652| [24345] ASP Folder Gallery Download_Script.ASP Arbitrary File Download Vulnerability
5653| [24306] F5 FirePass 4100 SSL VPN My.Activiation.PHP3 Remote Command Injection Vulnerability
5654| [24268] PHP EXT/Session HTTP Response Header Injection Vulnerability
5655| [24228] FileCloset Unspecified Arbitrary File Upload Vulnerability
5656| [24215] Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
5657| [24172] Ademco ATNBaseLoader100 ActiveX Control Buffer Overflow Vulnerability
5658| [24165] Sun Java Web Proxy Server Multiple Buffer Overflow Vulnerabilities
5659| [24074] FreeType TT_Load_Simple_Glyph() TTF File Integer Overflow Vulnerability
5660| [24034] PHP Soap Engine Make_HTTP_Soap_Request Weak Nonce HTTP Authentication Weakness
5661| [23996] Jetbox CMS Arbitrary File Upload Vulnerability
5662| [23975] W2Box Arbitrary File Upload Vulnerability
5663| [23962] Webdesproxy GET Request Buffer Overflow Vulnerability
5664| [23932] Interchange HTTP POST Requests Denial Of Service Vulnerability
5665| [23927] LibEXIF Exif_Data_Load_Data_Entry Remote Integer Overflow Vulnerability
5666| [23852] CubeCart Multiple HTTP Response Splitting Vulnerabilities
5667| [23851] Drake CMS Index.PHP HTTP Response Splitting Vulnerability
5668| [23840] Nuked-Klan Upload.PHP Arbitrary File Upload Vulnerability
5669| [23818] PHP FTP_Putcmd Function HTTP Response Splitting Vulnerability
5670| [23774] 1024 CMS Upload Manager Download.PHP Directory Traversal Vulnerability
5671| [23757] Motobit ASP Upload Manager Download.ASP Directory Traversal Vulnerability
5672| [23739] Psi-labs Photo Upload Share Script SQL Injection and Unauthorized Access Vulnerability
5673| [23714] Gazi Download Portal Down_Indir.ASP SQL Injection Vulnerability
5674| [23713] Pi3Web Overly Long HTTP Request Denial Of Service Vulnerability
5675| [23668] Multiple Web Browsers Digest Authentication HTTP Response Splitting Vulnerability
5676| [23643] Ext Feed-Proxy.PHP Directory Traversal Vulnerability
5677| [23636] Wavewoo Loading.PHP Remote File Include Vulnerability
5678| [23632] USP FOSS Distribution Download.PHP Directory Traversal Vulnerability
5679| [23628] DMCMS Upload_File.PHP Arbitrary File Upload Vulnerability
5680| [23614] Maran PHP Forum Forum_write.PHP Arbitrary File Upload Vulnerability
5681| [23595] Microgaming Download Helper ActiveX Control Remote Buffer Overflow Vulnerability
5682| [23553] Zomplog 'upload/force_download.php' Directory Traversal Vulnerability
5683| [23522] Akamai Download Manager ActiveX Control Multiple Buffer Overflow Vulnerabilities
5684| [23515] Lighttpd Multiple Remote Denial of Service Vulnerabilities
5685| [23480] Openads Max Media Manager CK.PHP HTTP Response Splitting Vulnerability
5686| [23463] Ice Download Gallery Arbitrary File Upload Vulnerability
5687| [23453] ToendaCMS HTTP Get And Post Forms HTML Injection Vulnerability
5688| [23445] KarjaSoft Sami HTTP Server Request Remote Denial of Service Vulnerabilities
5689| [23442] Openads Adclick.PHP HTTP Response Splitting Vulnerability
5690| [23438] Apache HTTPD suEXEC Local Multiple Privilege Escalation Weaknesses
5691| [23387] Xrousse Beryo Downloadpic.PHP Arbitrary File Download Vulnerability
5692| [23341] Wserve HTTP Server GET Request Buffer Overflow Vulnerability
5693| [23320] XOOPS Rha7 Downloads Module Visit.PHP SQL Injection Vulnerability
5694| [23290] SolidWorks SLDimdownload ActiveX Control Arbitrary Code Execution Vulnerability
5695| [23243] DProxy DNS_Decode_Reverse_Name Buffer-Overflow Vulnerability
5696| [23201] IBM Lotus SameTime STJNILoader.OCX ActiveX Control LoadLibrary Input Validation Vulnerability
5697| [23166] JBrowser Upload.PHP3 Arbitrary File Upload Vulnerability
5698| [23158] IceBB Avatar Upload Index.PHP SQL Injection Vulnerability
5699| [23151] IceBB Avatar Upload Remote PHP Code Execution Vulnerability
5700| [23132] Image_Upload Script Multiple Remote File Include Vulnerabilities
5701| [23112] DProxy Stack-Based Buffer-Overflow Vulnerability
5702| [23086] IBM WebSphere Application Server Unspecified HTTP Response Splitting Vulnerability
5703| [23085] Squid Proxy TRACE Request Remote Denial of Service Vulnerability
5704| [23084] Zope HTTP Get Request HTML Injection Vulnerability
5705| [23055] W-Agora Multiple Arbitrary File Upload Vulnerabilities
5706| [23032] MetaForum Arbitrary File Upload Vulnerability
5707| [22989] McGallery Download.PHP Information Disclosure Vulnerability
5708| [22960] Apache HTTP Server Tomcat Directory Traversal Vulnerability
5709| [22956] PHProjekt Arbitrary File Upload Vulnerability
5710| [22933] Xine DirectShow Loader Remote Buffer Overflow Vulnerability
5711| [22888] Trac Download Function Cross-Site Scripting Vulnerability
5712| [22763] Wiclear Upload Tool Unspecified Vulnerability
5713| [22741] NetProxy Security Restriction Bypass Vulnerability
5714| [22723] STWC-Counter Downloadcounter.PHP Remote File Include Vulnerability
5715| [22703] Pickle Download.PHP Local File Include Vulnerability
5716| [22688] Mozilla Firefox OnUnload Javascript Browser Entrapment Vulnerability
5717| [22686] Novell Zenworks Desktop Management Image Upload Security Bypass Vulnerability
5718| [22680] Microsoft Internet Explorer OnUnload Javascript Browser Entrapment Vulnerability
5719| [22679] Mozilla Firefox OnUnload Memory Corruption Vulnerability
5720| [22678] Microsoft Internet Explorer OnUnload Null Pointer Dereference Vulnerability
5721| [22527] RETIRED: LightTPD Search.PHP Cross-Site Scripting Vulnerability
5722| [22498] eXtreme File Hosting Arbitrary RAR File Upload Vulnerability
5723| [22445] FreeProxy Proxy Request Denial of Service Vulnerability
5724| [22393] Blue Coat Systems WinProxy Connect Remote Heap Overflow Vulnerability
5725| [22382] Ublog Reload HTML Injection and SQL Injection Vulnerabilities
5726| [22349] Gentoo Linux Acme Thttpd File Access Information Dislosure Vulnerability
5727| [22327] Modx FileDownload Snippet Arbitrary File Download Vulnerability
5728| [22298] HTTP Commander Multiple Cross-Site Scripting Vulnerabilities
5729| [22274] MPG123 HTTP_Open() Connection Handling Denial of Service Vulnerability
5730| [22255] PHProxy Index.Inc.PHP HTML Injection Vulnerability
5731| [22249] Apple CFNetwork HTTP NULL Pointer Dereference Denial of Service Vulnerability
5732| [22236] DokuWiki Fetch.PHP HTTP Response Splitting Vulnerability
5733| [22209] GTK2 GDKPixBufLoader Remote Denial of Service Vulnerability
5734| [22189] Bild Bearbeiten Online Upload Service Top.PHP Remote File Include Vulnerability
5735| [22185] Atozed Software Intraweb Component HTTP Request Handling Remote Denial of Service Vulnerability
5736| [22159] KarjaSoft Sami HTTP Server Request Remote Denial of Service Vulnerability
5737| [22150] Upload Service Top.PHP Remote File Include Vulnerability
5738| [22079] Squid Proxy FTP URI Remote Denial of Service Vulnerability
5739| [22034] LibSoup Library HTTP Headers Remote Denial of Service Vulnerability
5740| [21957] F5 Firepass Multiple Input Validation Vulnerabilities
5741| [21889] Kolayindir Download Down.ASP SQL Injection Vulnerability
5742| [21831] Rediff Bol Downloader ActiveX Control Remote Code Execution Vulnerability
5743| [21827] IMGallery Start.PHP Arbitrary File Upload Vulnerability
5744| [21816] AIDeX Mini-Webserver HTTP Request Remote Denial of Service Vulnerability
5745| [21789] PHP-Update Admin Upload.PHP Arbitrary File Upload Vulnerability
5746| [21754] Mxmania File Upload Manager Detail.ASP SQL Injection Vulnerability
5747| [21743] Logahead UNU Edition _Widged.PHP Arbitrary File Upload Vulnerability
5748| [21712] HTTP Explorer Web Server Directory Traversal Vulnerability
5749| [21696] PgmReloaded Multiple Remote File Include Vulnerabilities
5750| [21686] Oracle Portal Calendar.JSP Multiple HTTP Response Splitting Vulnerabilities
5751| [21679] Ozeki HTTP-SMS Gateway Password Information Disclosure Vulnerability
5752| [21676] Burak Yilmaz Download Portal Down.ASP SQL Injection Vulnerability
5753| [21648] Upload_download_de_fichiers Administre2.PHP SQL Injection Vulnerability
5754| [21639] EyeOS Aplic.PHP Arbitrary File Upload Vulnerability
5755| [21528] DadaIMC Default .HTAccess Configuration Arbitrary File Upload Vulnerability
5756| [21525] TorrentFlux Downloaddetails.PHP Directory Traversal Vulnerability
5757| [21473] Novell ZENworks Patch Management Downloadreport.ASP SQL Injection Vulnerability
5758| [21453] Adobe Download Manager AOM Buffer Overflow Vulnerability
5759| [21421] PHPMyAdmin Multiple HTTP Response Splitting Vulnerabilities
5760| [21417] PHP Upload Progress Meter UploadProgress.C Remote Buffer Overflow Vulnerability
5761| [21412] PHP Upload Center Remote File Include Vulnerability
5762| [21389] DZCP Clanportal Index.PHP Arbitrary File Upload Vulnerability
5763| [21344] P-News Profile Editory Arbitrary File Upload Vulnerability
5764| [21291] Apple Mac OS X Mach-O Binary Loading Integer Overflow Vulnerability
5765| [21272] Apple Mac OS X Mach-O Binary Loading Privilege Escalation Vulnerability
5766| [21179] PHP Easy Download Remote Code Execution Vulnerability
5767| [21150] PHP Upload Tool Arbitrary File Upload and Directory Traversal Vulnerabilities
5768| [21130] Bloo Googlespell_Proxy.PHP Cross-Site Scripting Vulnerability
5769| [21120] Verity Ultraseek Information Disclosure and Request Proxying Vulnerabilities
5770| [20950] GreenBeast CMS Up_Loader.PHP Arbitrary File Upload Vulnerability
5771| [20915] Microsoft XML Core Service XMLHTTP ActiveX Control Remote Code Execution Vulnerability
5772| [20896] RapidKill Arbitrary File Upload Vulnerability
5773| [20891] Acme Thttpd Insecure Temporary Logfile Creation Vulnerability
5774| [20881] ELOG Nonexistent File Download Cross-Site Scripting Vulnerability
5775| [20874] RunCMS Avatar Arbitrary File Upload Vulnerability
5776| [20784] Aktueldownload Haber Scripti HaberDetay.ASP SQL Injection Vulnerability
5777| [20754] MAXdev MD-Pro Multiple HTTP Response Splitting Vulnerabilities
5778| [20747] AOL YGPPDownload AddPictureNoAlbum ActiveX Controls Buffer Overflow Vulnerability
5779| [20745] AOL YGGPDownload DownloadFileDirectory ActiveX Controls Buffer Overflow Vulnerability
5780| [20743] MiniHTTPServer Web Forum and File Sharing Server Add User Authentication Bypass Vulnerability
5781| [20685] Shop-Script Multiple HTTP Response Splitting Vulnerabilities
5782| [20655] Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability
5783| [20616] PHP-Post Avatar Arbitrary File Upload Vulnerability
5784| [20593] RETIRED: Adobe Flash Player Plugin Multiple HTTP Response Splitting Vulnerabilities
5785| [20592] Adobe Flash Player Plugin HTTP Header Injection Weakness
5786| [20586] WSN Forum Avatar Upload PHP Code Execution Vulnerability
5787| [20583] F5 FirePass 1000 SSL VPN My.AccTab.PHP3 Cross-Site Scripting Vulnerability
5788| [20500] Alex DownloadEngine Spaw_Root Remote File Include Vulnerability
5789| [20494] FreeWPS Upload.PHP Remote Command Execution Vulnerability
5790| [20481] E-Uploader Pro Config.PHP Remote File Include Vulnerability
5791| [20466] FlatNuke Index.PHP Arbitrary File Upload Vulnerability
5792| [20393] SHTTPD Remote Buffer Overflow Vulnerability
5793| [20351] PolyCom IP-301 VoIP Desktop Phone HTTP Server Denial Of Service Vulnerabilities
5794| [20346] Linksys SPA921 VoIP Phone HTTP Server Denial Of Service Vulnerabilities
5795| [20288] McAfee EPolicy Orchestrator and ProtectionPilot HTTP Server Remote Buffer Overflow Vulnerability
5796| [20278] OlateDownload Multiple Input Validation Vulnerabilities
5797| [20174] Opial AV Download Management Index.PHP Cross-Site Scripting Vulnerability
5798| [20151] Simple HTTP Scanner Multiple Unspecified Vulnerabilities
5799| [20098] OSU HTTP Server Multiple Information Disclosure Vulnerabilities
5800| [20077] Mambo Hotornot Component Uploadfile.PHP Arbitrary File Upload Vulnerability
5801| [20067] BusyBox HTTPD Directory Traversal Vulnerability
5802| [20044] Limbo CMS Frontpage Arbitrary File Upload Vulnerability
5803| [20034] Apple Mac OS X KExtLoad Buffer Overflow Weakness
5804| [20031] Apple Mac OS X KExtLoad Format String Weakness
5805| [20011] NX5Linkx Links.PHP HTTP Response Splitting Vulnerability
5806| [19987] Microsoft Internet Explorer HTTP 1.1 and Compression Long URI Buffer Overflow Variant Vulnerability
5807| [19952] OPENi-CMS Fileloader.PHP Remote File Include Vulnerability
5808| [19918] RaidenHTTPD Check.PHP Remote File Include Vulnerability
5809| [19890] PHP-Nuke Book Catalog Module 'upload.php' Arbitrary File Upload Vulnerability
5810| [19872] PHP Download Download.PHP Directory Traversal Vulnerability
5811| [19867] SZEWO PhpCommander Download.PHP Local File Include Vulnerability
5812| [19810] Retro64 CR64Loader ActiveX Remote Buffer Overflow Vulnerability
5813| [19716] Fuji Xerox Printing Systems Embedded HTTP Server Multiple Vulnerabilities
5814| [19707] Streamripper HTTP Header Parsing Buffer Overflow Vulnerability
5815| [19667] Microsoft Internet Explorer HTTP 1.1 and Compression Long URI Buffer Overflow Vulnerability
5816| [19661] Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness
5817| [19545] Anti-Spam SMTP Proxy Server Unauthorized File Access Vulnerability
5818| [19539] Mensajeitor HTTP CLIENT IP HTML Injection Vulnerability
5819| [19537] WikiWebWeaver Index.PHP Arbitrary File Upload Vulnerability
5820| [19433] Comet WebFileManager CheckUpload.PHP Remote File Include Vulnerability
5821| [19380] The Address Book Reloaded Unspecified Multiple SQL Injection Vulnerabilities
5822| [19344] ChaosSoft CounterChaos HTTP_Referer SQL Injection Vulnerability
5823| [19336] ME Download System Header.PHP Remote File Include Vulnerability
5824| [19334] VBulletin Arbitrary File Upload Vulnerability
5825| [19270] Knusperleicht FileManager DWL_Download Remote File Include Vulnerability
5826| [19175] EzUpload Multiple Unauthorized Access Vulnerabilities
5827| [19157] Etomite CMS Rfiles.PHP Arbitrary File Upload Vulnerability
5828| [19115] Cheese Tracker XM Loader Buffer Overflow Vulnerability
5829| [19091] PlanetGallery Gallery_Admin.PHP Arbitrary File Upload Vulnerability
5830| [19072] ToendaCMS Connector.PHP Arbitrary File Upload Vulnerability
5831| [18901] RW::Download Stats.PHP Remote File Include Vulnerability
5832| [18877] Gimp XCF_load_vector Function Buffer Overflow Vulnerability
5833| [18854] TWiki Arbitrary File Upload Vulnerability
5834| [18799] F5 Firepass 4100 SSL VPN Multiple Unspecified Cross-Site Scripting Vulnerabilities
5835| [18768] PHPFormGenerator Arbitrary File Upload Vulnerability
5836| [18767] Geeklog Connector.PHP Arbitrary File Upload Vulnerability
5837| [18764] SturGeoN Upload Arbitrary File Upload Vulnerability
5838| [18723] PatchLink Update Server Proxyreg.ASP Authentication Bypass Vulnerability
5839| [18570] Fortinet FortiGate FTP Proxy Antivirus Engine Bypass Vulnerability
5840| [18499] Eduha Meeting Index.PHP Arbitrary File Upload Vulnerability
5841| [18496] Easy CMS Choose_file.PHP Arbitrary File Upload Vulnerability
5842| [18465] Zeroboard Arbitrary File Upload Vulnerability
5843| [18449] Cisco Secure ACS LoginProxy.CGI Cross-Site Scripting Vulnerability
5844| [18312] Qbik WinGate Remote HTTP Request Buffer Overflow Vulnerability
5845| [18301] TIBCO Rendezvous HTTP Interface Remote Buffer Overflow Vulnerability
5846| [18293] Alex DownloadEngine Comments.PHP SQL Injection Vulnerability
5847| [18279] ESTsoft InternetDisk Arbitrary File Upload and Script Execution Vulnerability
5848| [18271] Quake 3 Engine CL_ParseDownload Remote Buffer Overflow Vulnerability
5849| [18187] Xine-Lib HTTP Response Buffer Overflow Vulnerability
5850| [18174] Linux Kernel ELF Loader Mismatched Architecture Local Denial of Service Vulnerability
5851| [18135] EZUpload Path Parameter Multiple Remote File Include Vulnerabilities
5852| [18130] Seditio Referer HTTP Header HTML Injection Vulnerability
5853| [18089] Russcom PHPImages Arbitrary File Upload Vulnerability
5854| [18041] JemWeb DownloadControl DC.PHP SQL Injection Vulnerability
5855| [18038] Skype Technologies Skype URI Handling Remote File Download Vulnerability
5856| [18029] FCKeditor Arbitrary File Upload Vulnerability
5857| [18014] Snitz Forums Avatar Mod Arbitrary File Upload Vulnerability
5858| [17993] DUware DUbanner Arbitrary File Upload Vulnerability
5859| [17946] Ozzywork Galeri Arbitrary File Upload Vulnerability
5860| [17937] Cisco Application Velocity System Open TCP Proxy Vulnerability
5861| [17814] zawhttpd Remote HTTP GET Denial Of Service Vulnerability
5862| [17749] PHPNuke Downloads Module SQL Injection Vulnerability
5863| [17431] SIRE Arbitrary File Upload Vulnerability
5864| [17430] Shadowed Portal Load.PHP Cross-Site Scripting Vulnerability
5865| [17383] Cisco 11500 Content Services Switch HTTP Compression Remote Denial of Service Vulnerability
5866| [17372] Kaffeine Remote HTTP_Peek Buffer Overflow Vulnerability
5867| [17371] AngelineCMS Loadkernel.PHP Remote File Include Vulnerability
5868| [17353] ReloadCMS User-Agent HTML Injection Vulnerability
5869| [17350] AN HTTPD Source Disclosure Vulnerability
5870| [17271] Noah Grey Greymatter Arbitrary File Upload Vulnerability
5871| [17175] F5 Firepass 4100 SSL VPN Cross-Site Scripting Vulnerability
5872| [17163] BEA WebLogic Server and WebLogic Express HTTP Response Splitting Vulnerability
5873| [17156] Skull-Splitter Download Counter for Wallpapers Count.PHP SQL Injection Vulnerability
5874| [17129] php iCalendar Arbitrary File Upload Vulnerability
5875| [17123] Dwarf HTTP Server Multiple Input Validation Vulnerabilities
5876| [17116] DSDownload Multiple SQL-Injection Vulnerabilities
5877| [16972] Acme Labs thttpd HTPasswd Multiple Vulnerabilities
5878| [16934] RaidenHTTPD Remote Script Disclosure Vulnerability
5879| [16893] Lighttpd Remote Script Disclosure Vulnerability
5880| [16823] FreeHostShop Website Generator Arbitrary File Upload Vulnerability
5881| [16796] CubeCart Arbitrary File Upload Vulnerability
5882| [16690] D-Link DWL-G700AP HTTPD Denial Of Service Vulnerability
5883| [16509] PHPBB HTTP Referer Information Disclosure Vulnerability
5884| [16415] CRE Loaded Files.PHP Access Validation Vulnerability
5885| [16394] Cisco VPN 3000 Concentrator Malformed HTTP/TCP Packet Remote Denial of Service Vulnerability
5886| [16377] PMachine ExpressionEngine HTTP Referrer HTML Injection Vulnerability
5887| [16331] Rockliffe MailSite HTTP Mail Management Agent Denial Of Service Vulnerability
5888| [16330] Rockliffe MailSite HTTP Mail Management Cross-Site Scripting Vulnerability
5889| [16317] Ecartis PantoMIME Arbitrary Attachment Upload Vulnerability
5890| [16291] Cisco IOS HTTP Service CDP Status Page HTML Injection Vulnerability
5891| [16265] Widexl Download Tracker Down.PL Cross-Site Scripting Vulnerability
5892| [16236] Toshiba Bluetooth Stack Object Push Service File Upload Directory Traversal Vulnerability
5893| [16226] SuSE Open Enterprise Server Novell Remote Manager HTTP Request Header Heap Overflow Vulnerability
5894| [16208] MyPhPim Addresses.PHP3 Arbitrary File Upload Vulnerability
5895| [16149] Blue Coat Systems WinProxy Telnet Remote Denial Of Service Vulnerability
5896| [16148] Blue Coat Systems WinProxy Remote Denial Of Service Vulnerability
5897| [16147] Blue Coat Systems WinProxy Remote Host Header Buffer Overflow Vulnerability
5898| [16097] MyBB File Upload SQL Injection Vulnerability
5899| [16031] Httprint HTTP Response Handling Multiple Vulnerabilities
5900| [16025] Cisco Downloadable RADIUS Policies Information Disclosure Vulnerability
5901| [16001] Interaction SIP Proxy Remote Heap Corruption Denial Of Service Vulnerability
5902| [15981] Blender BlenLoader File Processing Integer Overflow Vulnerability
5903| [15919] EZUpload SQL Injection Vulnerability
5904| [15918] EZUpload Remote File Include Vulnerability
5905| [15835] Opera Web Browser Download Dialog Manipulation File Execution Vulnerability
5906| [15814] Blackboard Academic Suite Frameset.JSP Cross-Domain Frameset Loading Vulnerability
5907| [15810] Horde Application Framework CSV File Upload Code Execution Vulnerability
5908| [15788] Lyris Listmanager TCLHTTPd Service Multiple Information Disclosure Vulnerabilities
5909| [15772] Sun Solaris Sun Update Connection Web Proxy Password Disclosure Vulnerability
5910| [15744] DoceboLMS Arbitrary File Upload Vulnerability
5911| [15728] Sun Java System Application Server Reverse SSL Proxy Plug-in Man In The Middle Vulnerability
5912| [15673] WebCalendar Layers_Toggle.PHP HTTP Response Splitting Vulnerability
5913| [15663] Drupal Image Upload HTML Injection Vulnerability
5914| [15626] PHP Upload Center Directory Traversal Vulnerability
5915| [15621] PHP Upload Center Index.PHP Directory Traversal Vulnerability
5916| [15602] Cisco IOS HTTP Service HTML Injection Vulnerability
5917| [15517] PHP Download Manager Files.PHP SQL Injection Vulnerability
5918| [15509] Google Search Appliance ProxyStyleSheet Multiple Remote Vulnerabilities
5919| [15484] Revize CMS HTTPTranslatorServlet Cross-Site Scripting Vulnerability
5920| [15470] PHP Easy Download Edit.PHP Authentication Bypass Vulnerability
5921| [15422] PHPMyAdmin Header_HTTP_Inc.PHP HTTP Response Splitting Vulnerability
5922| [15399] PHPWebThings Download.PHP File Parameter SQL Injection Vulnerability
5923| [15391] Exponent CMS Image Upload Arbitrary Script Execution Vulnerability
5924| [15368] YaBB Image Upload HTML Injection Vulnerability
5925| [15360] SAP Web Application Server HTTP Response Splitting Vulnerability
5926| [15351] toendaCMS Remote File Upload Vulnerability
5927| [15335] PHPFM Arbitrary File Upload Vulnerability
5928| [15322] PunBB/Blog:CMS Image Upload HTML Injection Vulnerability
5929| [15320] Acme Thttpd Insecure Temporary File Creation Vulnerability
5930| [15301] PHP Handicapper Process_signup.PHP HTTP Response Splitting Vulnerability
5931| [15296] vBulletin Image Upload HTML Injection Vulnerability
5932| [15286] Invision Gallery Image Upload HTML Injection Vulnerability
5933| [15269] Cisco Management Center for IPS Sensors Configuration Download Weakness
5934| [15250] PHP File Upload GLOBAL Variable Overwrite Vulnerability
5935| [15230] Rockliffe MailSite Express Arbitrary Script File Upload Vulnerability
5936| [15225] Hasbani Web Server Malformed HTTP GET Request Remote Denial of Service Vulnerability
5937| [15222] Sun Solaris Management Console HTTP TRACE Information Disclosure Vulnerability
5938| [15170] phpBB Avatar Upload HTML Injection Vulnerability
5939| [15165] SUSE Linux Squid Proxy SSL Handling Denial of Service Vulnerability
5940| [15163] Oracle Application Server HTTP Response Splitting Vulnerability
5941| [15129] Rockliffe MailSite Express Arbitrary File Upload Vulnerability
5942| [15074] PHP Advanced Transfer Manager Arbitrary File Upload Vulnerability
5943| [15051] XLoadImage Multiple Remote Buffer Overflow Vulnerabilities
5944| [15048] Up-IMAPProxy Multiple Unspecified Remote Format String Vulnerabilities
5945| [15025] Computer Associates Multiple Product HTTP Request Remote Buffer Overflow Vulnerability
5946| [15019] Debian Linux Mason Init.d Firewall Loading Failure Vulnerability
5947| [14979] NTLM Authorization Proxy Server Insecure Configuration File Permissions Vulnerability
5948| [14977] Squid Proxy Client NTLM Authentication Denial Of Service Vulnerability
5949| [14974] NateOn Messenger Arbitrary File Download And Buffer Overflow Vulnerabilities
5950| [14969] Microsoft Internet Explorer XmlHttpRequest Parameter Validation Weakness
5951| [14926] JPortal Download.PHP SQL Injection Vulnerability
5952| [14924] Multiple Browser Proxy Auto-Config Script Handling Remote Denial of Service Vulnerability
5953| [14923] Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability
5954| [14920] Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness
5955| [14884] Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability
5956| [14821] Mail-it Now! Upload2Server Arbitrary File Upload Vulnerability
5957| [14814] PHPTagCool HTTP Header SQL Injection Vulnerability
5958| [14788] Sun Java System Web Proxy Server Unspecified Remote Denial Of Service Vulnerability
5959| [14770] Cisco IOS Firewall Authentication Proxy Buffer Overflow Vulnerability
5960| [14764] Microsoft IIS WebDAV HTTP Request Source Code Disclosure Vulnerability
5961| [14761] Squid Proxy Aborted Requests Remote Denial Of Service Vulnerability
5962| [14750] MAXdev MD-Pro Arbitrary Remote File Upload Vulnerability
5963| [14731] Squid Proxy SSLConnectTimeout Remote Denial Of Service Vulnerability
5964| [14678] FUDforum Avatar Upload Arbitrary Script Upload Vulnerability
5965| [14667] Simple PHP Blog Remote Arbitrary File Upload Vulnerability
5966| [14666] Simpleproxy Remote Syslog() Format String Vulnerability
5967| [14665] Astaro Security Linux HTTP CONNECT Unauthorized Access Weakness
5968| [14645] ZipTorrent Proxy Server Password Disclosure Vulnerability
5969| [14636] PostNuke DL-viewdownload.PHP SQL Injection Vulnerability
5970| [14577] CPaint xmlhttp Request Input Validation Vulnerability
5971| [14571] HP Ignite-UX TFTP File Upload Vulnerability
5972| [14564] Discuz! Arbitrary File Upload Vulnerability
5973| [14551] Veritas Backup Exec For Windows And NetWare Arbitrary File Download Vulnerability
5974| [14534] EZUpload Multiple Remote File Include Vulnerabilities
5975| [14479] Comdev eCommerce WCE.Download.PHP Directory Traversal Vulnerability
5976| [14424] Simplicity oF Upload Download.PHP Remote File Include Vulnerability
5977| [14406] Website Baker Arbitrary File Upload Vulnerability
5978| [14402] Opera Web Browser Content-Disposition Header Download Dialog File Extension Spoofing Vulnerability
5979| [14277] Oracle HTTP Server MOD_ORADAV ORAALTPASSWORD Obfuscation Weakness
5980| [14273] Oracle HTTP Server MOD_OSSO Partner Application Cookie Expiration Weakness
5981| [14272] Oracle HTTP Server Unspecified Malformed Request Denial Of Service Vulnerability
5982| [14215] F5 BIG-IP Unspecified SSL Authentication Bypass Vulnerability
5983| [14211] DownloadProtect Download.PHP Directory Traversal Vulnerability
5984| [14176] eRoom Plug-In Insecure File Download Handling Vulnerability
5985| [14159] Internet Download Manager Buffer Overflow Vulnerability
5986| [14132] SlimServe HTTPD Directory Traversal Vulnerability
5987| [14106] Apache HTTP Request Smuggling Vulnerability
5988| [14070] ASPPlayground.NET Remote Arbitrary File Upload Vulnerability
5989| [14063] ASPNuke Language_Select.ASP HTTP Response Splitting Vulnerability
5990| [14053] UBBCentral UBB.Threads Multiple HTTP Response Splitting Vulnerabilities
5991| [14032] HP VCRM Proxy Server Potential Password Disclosure Vulnerability
5992| [13994] Uapplication Ublog Reload Trackback.ASP Cross-Site Scripting Vulnerability
5993| [13991] Uapplication Ublog Reload Multiple SQL Injection Vulnerabilities
5994| [13990] Edgewall Software Trac Unauthorized File Upload/Download Vulnerability
5995| [13985] JBoss Malformed HTTP Request Remote Information Disclosure Vulnerability
5996| [13979] osCommerce Multiple HTTP Response Splitting Vulnerabilities
5997| [13970] Opera Web Browser XMLHttpRequest Object Cross-Domain Access Vulnerability
5998| [13956] Microsoft ISA Server HTTP Request Smuggling Vulnerability
5999| [13955] Microsoft ISA Server HTTP/HTTPS Service Basic Auth Information Disclosure Vulnerability
6000| [13936] RedHat Linux SysReport Proxy Information Disclosure Vulnerability
6001| [13931] Gaim Yahoo! Protocol Support File Download Denial of Service Vulnerability
6002| [13900] Loki Download Manager Catinfo.ASP SQL Injection Vulnerability
6003| [13898] Loki Download Manager Default.ASP SQL Injection Vulnerability
6004| [13877] YaPiG Upload.PHP Directory Traversal Vulnerability
6005| [13873] Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities
6006| [13871] YaPiG Upload.PHP Remote Arbitrary File Upload Vulnerability
6007| [13833] JiRo's Upload System Login.ASP SQL Injection Vulnerability
6008| [13822] PowerDownload IncDir Remote File Include Vulnerability
6009| [13799] Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution Vulnerability
6010| [13694] Apple Mac OS X Safari Dashboard Widget Download Validation Bypass Vulnerability
6011| [13630] Keyvan1 ImageGallery Database Download Vulnerability
6012| [13600] BoastMachine Remote Arbitrary File Upload Vulnerability
6013| [13592] Squid Proxy Unspecified DNS Spoofing Vulnerability
6014| [13562] IETF IPSEC Protocol Encapsulating Security Payload Vulnerability
6015| [13549] Orenosv HTTP/FTP Server CGISSI.EXE Remote Buffer Overflow Vulnerability
6016| [13546] Orenosv HTTP/FTP Server FTP Commands Remote Buffer Overflow Vulnerability
6017| [13542] PHP Advanced Transfer Manager Arbitrary File Upload Vulnerability
6018| [13450] DotText HTTP Referer HTML Injection Vulnerability
6019| [13434] Squid Proxy Synchronization Remote Cache Poisoning Vulnerability
6020| [13428] Just William's Amazon Webstore HTTP Response Splitting Vulnerability
6021| [13418] Oracle Application Server HTTP Service Mod_Access Restriction Bypass Vulnerability
6022| [13374] SQWebmail HTTP Response Splitting Vulnerability
6023| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
6024| [13350] MailEnable HTTP Authorization Buffer Overflow Vulnerability
6025| [13348] SNMPPD SNMP Proxy Daemon Remote Format String Vulnerability
6026| [13314] MailEnable HTTPMail Connector Unspecified Security Vulnerability
6027| [13289] Coppermine Photo Gallery ZipDownload.PHP SQL Injection Vulnerability
6028| [13268] Sun Java System Web Proxy Server Multiple Unspecified Remote Buffer Overflow Vulnerabilities
6029| [13261] CityPost Simple PHP Upload Simple-upload-53.PHP Cross-Site Scripting Vulnerability
6030| [13240] F5 BIG-IP User Interface Login Credential Caching Vulnerability
6031| [13202] Apple WebCore Framework XMLHttpRequests Remote Code Execution Vulnerability
6032| [13201] PHP-Nuke Surveys Module HTTP Response Splitting Vulnerability
6033| [13188] Monkey HTTP Daemon Zero Length File Request Denial Of Service Vulnerability
6034| [13187] Monkey HTTP Daemon CGI Processor Format String Vulnerability
6035| [13172] Oops! Proxy Server Auth Remote Format String Vulnerability
6036| [13166] Squid Proxy Aborted Connection Remote Denial Of Service Vulnerability
6037| [13088] DC++ Unspecified Download Drive File Appending Vulnerability
6038| [13084] File Upload Script PHPBB Module Arbitrary Script Upload Vulnerability
6039| [13069] AN HTTPD Arbitrary Log Content Injection Vulnerability
6040| [13066] AN HTTPD CMDIS.DLL Remote Buffer Overflow Vulnerability
6041| [13061] PHP-Nuke Downloads Module Multiple SQL Injection Vulnerabilities
6042| [13059] Axel HTTP Redirection Buffer Overflow Vulnerability
6043| [13027] RunCMS Remote Arbitrary File Upload Vulnerability
6044| [13011] PHP-Nuke Downloads Module Lid Parameter Cross-Site Scripting Vulnerability
6045| [12989] Adobe Acrobat Reader ActiveX Control LoadFile Information Disclosure Vulnerability
6046| [12961] BlueSoleil Object Push Service Bluetooth File Upload Directory Traversal Vulnerability
6047| [12935] Linux Kernel Elf Binary Loading Local Denial of Service Vulnerability
6048| [12890] Cerulean Studios Trillian Multiple Remote HTTP Response Buffer Overflow Vulnerabilities
6049| [12885] Mozilla Browser Remote Insecure XUL Start Up Script Loading Vulnerability
6050| [12869] Phorum HTTP Response Splitting Vulnerability
6051| [12866] NetWin SurgeMail Multiple Remote HTML Injection and File Upload Vulnerabilities
6052| [12769] KDE Konqueror Remote Download Dialog Box Source URI Spoofing Vulnerability
6053| [12754] Xoops Custom Avatar Remote Arbitrary PHP File Upload Vulnerability
6054| [12728] Mozilla Suite/Firefox HTTP Authentication Dialogs Tab Focus Vulnerability
6055| [12726] Stadtaus.Com Download Center Lite Arbitrary Remote PHP File Include Vulnerability
6056| [12722] Computalynx CProxy Directory Traversal Vulnerability
6057| [12716] Squid Proxy Set-Cookie Headers Information Disclosure Vulnerability
6058| [12712] XLoadImage Compressed Image Command Execution Vulnerability
6059| [12688] RaidenHTTPD Multiple Remote Vulnerabilities
6060| [12685] PostNuke Phoenix Download Module Multiple Cross-Site Scripting Vulnerabilities
6061| [12676] FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
6062| [12667] Gaim File Download Denial of Service Vulnerability
6063| [12653] PHPWebSite Image File Processing Remote Arbitrary PHP File Upload Vulnerability
6064| [12632] ArGoSoft FTP Server Site Copy Shortcut File Upload Vulnerability
6065| [12587] Yahoo! Messenger Download Dialogue Box File Name Spoofing Vulnerability
6066| [12567] Lighttpd Remote CGI Script Disclosure Vulnerability
6067| [12566] HP HTTP Server Remote Unspecified Buffer Overflow Vulnerability
6068| [12559] KarjaSoft Sami HTTP Server Multiple Remote Vulnerabilities
6069| [12557] CitrusDB CSV File Upload Access Validation Vulnerability
6070| [12551] Squid Proxy DNS Name Resolver Remote Denial Of Service Vulnerability
6071| [12495] Software602 602 Lan Suite Arbitrary File Upload Vulnerability
6072| [12451] RaidenHTTPD Remote File Disclosure Vulnerability
6073| [12443] Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
6074| [12432] Squid Proxy WCCP recvfrom() Buffer Overflow Vulnerability
6075| [12431] Squid Proxy squid_ldap_auth Authentication Bypass Vulnerability
6076| [12411] PostgreSQL LOAD Extension Local Privilege Escalation Vulnerability
6077| [12398] phpPGAds HTTP Response Splitting Vulnerability
6078| [12394] WebWasher Classic HTTP CONNECT Unauthorized Access Weakness
6079| [12374] BNC IRC Server Proxy select() Bit-Array Remote Buffer Overflow Vulnerability
6080| [12351] 3proxy select() Bitmap Remote Buffer Overflow Vulnerability
6081| [12339] Help Desk Reloaded Unspecified Remote Vulnerability
6082| [12324] Squid Proxy NTLM Fakeauth_Auth Memory Leak Remote Denial Of Service Vulnerability
6083| [12276] Squid Proxy Gopher To HTML Remote Buffer Overflow Vulnerability
6084| [12275] Squid Proxy Web Cache Communication Protocol Denial Of Service Vulnerability
6085| [12264] Microsoft Internet Explorer Dynamic IFRAME File Download Security Warning Bypass Weakness
6086| [12251] OpenBSD HTTPD mod_include Local Buffer Overflow Vulnerability
6087| [12220] Squid Proxy Malformed NTLM Type 3 Message Remote Denial of Service Vulnerability
6088| [12200] Easy Software Products CUPS HTTP GET Denial Of Service Vulnerability
6089| [12153] Mozilla/Firefox File Download Dialog Spoofing Vulnerability
6090| [12149] SIR GNUBoard File Upload Extension Restriction Bypass Vulnerability
6091| [12141] Microsoft FrontPage 2000 Internet Publishing Service Provider DAV File Upload Vulnerability
6092| [12137] Macallan Mail Solution HTTP GET Request Buffer Overflow Vulnerability
6093| [12115] PHProxy Error Parameter Cross-Site Scripting Vulnerability
6094| [12111] E107 Image Manager Unauthorized File Upload Vulnerability
6095| [12110] TikiWiki Unauthorized File Upload Vulnerability
6096| [12101] Linux Kernel ELF Binary Loading Denial Of Service Vulnerability
6097| [12095] Microsoft Windows LoadImage API Function Integer Overflow Vulnerability
6098| [12040] IMG2ASCII Unauthorized File Upload Vulnerability
6099| [12011] Junkie FTP Client Server Response Download Filename File Corruption Vulnerability
6100| [11985] MediaWiki Remote Arbitrary Script Upload Vulnerability
6101| [11983] JSBoard Remote Arbitrary Script Upload Vulnerability
6102| [11978] Junkie FTP Client Server Response Download Filename Command Execution Vulnerability
6103| [11975] Yanf HTTP Response Buffer Overflow Vulnerability
6104| [11961] IglooFTP File Upload Insecure Temporary File Vulnerability
6105| [11960] IglooFTP Server Response Download Filename File Corruption Vulnerability
6106| [11897] MediaWiki Images Directory Arbitrary Script Upload and Execution Vulnerability
6107| [11883] Opera Web Browser Download Dialogue Box File Name Spoofing Vulnerability
6108| [11877] OpenText FirstClass HTTP Daemon Search Function Remote Denial Of Service Vulnerability
6109| [11865] Squid Proxy Failed DNS Lookup Random Error Messages Information Disclosure Vulnerability
6110| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
6111| [11839] Blog Torrent BTDownload.PHP Cross-Site Scripting Vulnerability
6112| [11786] ACPID Proxy Unspecified Local Denial Of Service Vulnerability
6113| [11779] IPCop Web Administration Interface Proxy Log HTML Injection Vulnerability
6114| [11768] Microsoft Internet Explorer Image Download Filename Extension Spoofing Vulnerability
6115| [11723] ZyXEL Prestige Router HTTP Remote Administration Configuration Reset Vulnerability
6116| [11686] Microsoft Internet Explorer File Download Security Warning Bypass Vulnerability
6117| [11673] PHPWebSite User Module HTTP Response Splitting Vulnerability
6118| [11666] Youngzsoft CCProxy Logging Function Unspecified Remote Buffer Overflow Vulnerability
6119| [11650] BNC IRC Server Proxy Authentication Bypass Vulnerability
6120| [11646] Linux Kernel BINFMT_ELF Loader Local Privilege Escalation Vulnerabilities
6121| [11643] Mozilla Firefox Download Dialogue Box File Name Spoofing Vulnerability
6122| [11630] Up-IMAPProxy Multiple Remote Vulnerabilities
6123| [11605] Microsoft ISA and Proxy Server Web Site Spoofing Vulnerability
6124| [11604] Sun Java System Application Server HTTP TRACE Information Disclosure Vulnerability
6125| [11592] Proxytunnel Remote Format String Vulnerability
6126| [11589] ArGoSoft FTP Server Shortcut File Upload Vulnerability
6127| [11585] Minihttp Forum Web Server Plain Text Password Storage Vulnerability
6128| [11574] Cherokee HTTPD Auth_Pam Authentication Remote Format String Vulnerability
6129| [11566] Sun Java System Web Proxy Server Multiple Unspecified Buffer Overflow Vulnerabilities
6130| [11547] Mega Upload Progress Bar Unspecified File Upload Vulnerability
6131| [11514] OpenWFE Remote Cross-Site Scripting And Connection Proxy Vulnerabilities
6132| [11497] Serendipity Exit.PHP HTTP Response Splitting Vulnerability
6133| [11486] DokuWiki Remote Arbitrary File Upload Vulnerability
6134| [11413] Macromedia JRun Session ID Cookie HTTP Response Splitting Vulnerability
6135| [11385] Squid Proxy SNMP ASN.1 Parser Denial Of Service Vulnerability
6136| [11348] Wordpress Wp-login.PHP HTTP Response Splitting Vulnerability
6137| [11340] DCP-Portal Calendar.PHP HTTP Response Splitting Vulnerability
6138| [11299] Proxytunnel Local Proxy Credential Disclosure Vulnerability
6139| [11271] Icecast Server HTTP Header Buffer Overflow Vulnerability
6140| [11201] Snitz Forums Down.ASP HTTP Response Splitting Vulnerability
6141| [11190] PHP Remote Arbitrary Location File Upload Vulnerability
6142| [11180] SnipSnap HTTP Response Splitting Vulnerability
6143| [11140] Apple Safari Cross-Domain Frame Loading Vulnerability
6144| [11099] Oracle Database Server ctxsys.driload Access Validation Vulnerability
6145| [11098] Squid Proxy NTLM Authentication Denial Of Service Vulnerability
6146| [11087] TorrentTrader Download.PHP SQL Injection Vulnerability
6147| [11085] Cerb\xC3\xA8re Proxy Server Long Host Header Field Remote Denial of Service Vulnerability
6148| [11083] Comersus Cart HTTP Response Splitting Vulnerability
6149| [11030] Working Resources BadBlue Unauthorized Proxy Relay Vulnerability
6150| [11024] SWsoft Plesk Reloaded Login_name Parameter Cross-Site Scripting Vulnerability
6151| [11017] Gadu-Gadu File Download Filename Obfuscation Weakness
6152| [11006] Music Daemon LOAD Command File Disclosure Vulnerability
6153| [10999] Safari/WebCore HTTP Content Filtering Bypass Vulnerability
6154| [10936] Kerio Mailserver Embedded HTTP Server Multiple Unspecified Vulnerabilities
6155| [10921] KDE Konqueror Cross-Domain Frame Loading Vulnerability
6156| [10902] Microsoft Exchange Outlook Web Access HTTP Response Splitting Vulnerability
6157| [10877] Mozilla Cross-Domain Frame Loading Vulnerability
6158| [10862] Acme thttpd Directory Traversal Vulnerability
6159| [10812] RiSearch/RiSearch Pro Open Proxy Vulnerability
6160| [10788] Sun Java System Calendar Server Authentication Proxy Privilege Escalation Vulnerability
6161| [10765] Lexmark Network Printer HTTP Server Denial Of Service Vulnerability
6162| [10763] Opera Web Browser Cross-Domain Frame Loading Vulnerability
6163| [10753] PHPBB Multiple HTTP Response Splitting Vulnerabilities
6164| [10679] Opera Web Browser IFrame OnLoad Address Bar URL Obfuscation Weakness
6165| [10673] Mbedthis Software AppWeb HTTP Server Multiple Vulnerabilities
6166| [10627] Microsoft Internet Explorer Cross-Domain Frame Loading Vulnerability
6167| [10604] giFT-FastTrack HTTP Header Parser Remote Denial Of Service Vulnerability
6168| [10592] ArbitroWeb PHP Proxy Cross-Site Scripting Vulnerability
6169| [10550] Thy HTTP Daemon Null Pointer Exception Denial Of Service Vulnerability
6170| [10515] Blackboard Learning System Dropbox File Download Vulnerability
6171| [10509] SMTP.Proxy Remote Format String Vulnerability
6172| [10508] Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
6173| [10500] Squid Proxy NTLM Authentication Buffer Overflow Vulnerability
6174| [10496] OpenBSD ISAKMPD Security Association Piggyback Delete Payload Denial Of Service Vulnerability
6175| [10482] Microsoft ISA Server Redirect URI Handler Web Proxy Service Remote Denial Of Service Vulnerability
6176| [10481] Microsoft ISA Server HTTP Authentication Scheme Vulnerability
6177| [10477] Microsoft ISA Server Web Proxy Malformed SSL Packet Remote Denial of Service Vulnerability
6178| [10420] Orenosv HTTP/FTP Server HTTP GET Denial Of Service Vulnerability
6179| [10418] IRIX Checkpoint and Restart libcpr Library Loading Privilege Escalation Vulnerability
6180| [10376] Omnicron OmniHTTPD Get Request Buffer Overflow Vulnerability
6181| [10351] Microsoft Internet Explorer http-equiv Meta Tag Denial of Service Vulnerability
6182| [10315] National Science Foundation Squid Proxy Internet Access Control Bypass Vulnerability
6183| [10312] MailEnable Mail Server HTTPMail Remote Heap Overflow Vulnerability
6184| [10303] MyWeb HTTP Server GET Request Buffer Overflow Vulnerability
6185| [10292] Microsoft ASP.NET Malformed HTTP Request Information Disclosure Vulnerability
6186| [10256] Sambar Open Proxy and Authentication Bypass Vulnerability
6187| [10249] Rosiello Security Sphiro HTTPD Remote Heap Buffer Overflow Vulnerability
6188| [10218] OpenBB Arbitrary Avatar File Upload Vulnerability
6189| [10174] Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution Vulnerability
6190| [10158] Macromedia ColdFusion MX File Upload Denial Of Service Vulnerability
6191| [10123] Microsoft Windows COM Internet Service/RPC Over HTTP Remote Denial Of Service Vulnerability
6192| [10091] IBM HTTP Server PQ86671 and PQ85834 Fixes Released - Multiple Vulnerabilities Fixed
6193| [10031] OpenBSD ISAKMPD Delete Payload Denial Of Service Vulnerability
6194| [10030] OpenBSD ISAKMPD Malformed CERT Request Payload Denial Of Service Vulnerability
6195| [10029] OpenBSD ISAKMPD Malformed IPSEC SA Payload Denial Of Service Vulnerability
6196| [10028] OpenBSD ISAKMPD Zero Payload Length Denial Of Service Vulnerability
6197| [10027] ADA IMGSVR Remote File Download Vulnerability
6198| [10014] Cisco IOS HTTP Router Management Service Malformed Request Denial Of Service Vulnerability
6199| [10008] MPlayer Remote HTTP Header Buffer Overflow Vulnerability
6200| [10004] TCPDump ISAKMP Identification Payload Integer Underflow Vulnerability
6201| [10003] TCPDump ISAKMP Delete Payload Buffer Overrun Vulnerability
6202| [9971] HP Web Jetadmin Printer Firmware Update Script Arbitrary File Upload Weakness
6203| [9964] Kerio WinRoute Firewall Unspecified Malformed HTTP Header Denial of Service Vulnerability
6204| [9950] Centrinity FirstClass HTTP Server TargetName Parameter Cross-Site Scripting Vulnerability
6205| [9948] PHP-Nuke MS-Analysis Module HTTP Referrer Field SQL Injection Vulnerability
6206| [9901] IBM Lotus Domino HTTP webadmin.nsf Quick Console Cross-Site Scripting Vulnerability
6207| [9900] IBM Lotus Domino HTTP webadmin.nsf Directory Traversal Vulnerability
6208| [9868] Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability
6209| [9867] OpenBSD httpd Access Rule Bypass Vulnerability
6210| [9859] HP HTTP Server Trusted Certificate Compromise Vulnerability
6211| [9846] GNU MyProxy Cross-Site Scripting Vulnerability
6212| [9826] Apache Mod_SSL HTTP Request Remote Denial Of Service Vulnerability
6213| [9804] Multiple Vendor HTTP Response Splitting Vulnerability
6214| [9778] Squid Proxy NULL URL Character Unauthorized Access Vulnerability
6215| [9742] GWeb HTTP Server Directory Traversal Vulnerability
6216| [9724] Platform Load Sharing Facility EAuth Privilege Escalation Vulnerability
6217| [9723] Avirt Soho Web Service HTTP GET Buffer Overrun Vulnerability
6218| [9722] Avirt Soho Server HTTP GET Buffer Overrun Vulnerability
6219| [9721] Avirt Voice HTTP GET Remote Buffer Overrun Vulnerability
6220| [9719] Platform Load Sharing Facility EAuth Component Buffer Overflow Vulnerability
6221| [9716] Proxy-Pro Professional GateKeeper Web Proxy Buffer Overrun Vulnerability
6222| [9706] PSOProxy Remote Buffer Overflow Vulnerability
6223| [9679] KarjaSoft Sami HTTP Server GET Request Buffer Overflow Vulnerability
6224| [9642] Monkey HTTP Daemon Missing Host Field Denial Of Service Vulnerability
6225| [9611] Microsoft Internet Explorer LoadPicture File Enumeration Weakness
6226| [9608] Shaun2k2 Palmhttpd Server Remote Denial of Service Vulnerability
6227| [9591] Joe Lumbroso Jack's Formmail.php Unauthorized Remote File Upload Vulnerability
6228| [9582] Check Point VPN-1/SecuRemote ISAKMP Large Certificate Request Payload Buffer Overflow Vulnerability
6229| [9581] Multiple Check Point Firewall-1 HTTP Security Server Remote Format String Vulnerabilities
6230| [9561] Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
6231| [9545] MiniHTTPServer WebForums Forum HTML Injection Vulnerability
6232| [9528] Bodington Uploaded File Disclosure Vulnerability
6233| [9519] Loom Software SurfNow Remote HTTP GET Request Denial Of Service Vulnerability
6234| [9506] WebLogic Server and Express HTTP TRACE Credential Theft Vulnerability
6235| [9500] InternetNow ProxyNow Multiple Stack and Heap Overflow Vulnerabilities
6236| [9494] Mbedthis Software AppWeb HTTP Server Empty Options Request Denial Of Service Vulnerability
6237| [9484] Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
6238| [9478] Finjan SurfinGate FHTTP Restart Command Execution Vulnerability
6239| [9477] Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
6240| [9476] McAfee ePolicy Orchestrator Agent HTTP POST Buffer Mismanagement Vulnerability
6241| [9475] Netbus Directory Listings Disclosure and File Upload Vulnerability
6242| [9474] Acme thttpd CGI Test Script Cross-Site Scripting Vulnerability
6243| [9470] Mephistoles HTTPD Cross-Site Scripting Vulnerability
6244| [9421] Real Networks Helix Server/Gateway Administration Service HTTP Post System Compromise Vulnerability
6245| [9390] Hand-Crafted Software FreeProxy FreeWeb CreateFile Function Denial of Service Vulnerability
6246| [9388] Hand-Crafted Software FreeProxy FreeWeb Directory Traversal Vulnerability
6247| [9345] Cherokee HTTP Post Remote Content Length Denial Of Service Vulnerability
6248| [9326] Mozilla Browser Proxy Server Authentication Credential Disclosure Vulnerability
6249| [9299] Surfboard httpd Remote Buffer Overflow Vulnerability
6250| [9295] Microsoft Internet Explorer HTTP Referer Information Disclosure Vulnerability
6251| [9278] Microsoft Internet Explorer File Download Warning Bypass Vulnerability
6252| [9218] MVDSV Quake Server Download Buffer Overrun Vulnerability
6253| [9210] lftp Try_Netscape_Proxy Buffer Overflow Vulnerability
6254| [9172] MyServer HTTP File Name Request Handler Remote Denial Of Service Vulnerability
6255| [9167] EZMeeting EZNet.EXE Long HTTP Request Remote Buffer Overflow Vulnerability
6256| [9152] Linksys WRT54G Router Blank HTTP GET Request Denial Of Service Vulnerability
6257| [9121] Bitfolge Snif Downloads Directory Traversal Vulnerability
6258| [9099] Monit Overly Long HTTP Request Buffer Overrun Vulnerability
6259| [9098] Monit HTTP Content-Length Parameter Denial of Service Vulnerability
6260| [9055] PostMaster Proxy Service Cross-Site Scripting Vulnerability
6261| [9020] Nokia IPSO Voyager HTTPDAccessLog.TCL Remote Script injection Vulnerability
6262| [8964] OpenBSD isakmpd Multiple IKE Payload Handling Security Weaknesses
6263| [8949] HTTP Commander Path Disclosure Vulnerability
6264| [8948] HTTP Commander Directory Traversal Vulnerability
6265| [8947] BRS WebWeaver httpd `User-Agent` Remote Denial of Service Vulnerability
6266| [8927] Multiple Vendor HTTP Server IPv6 Socket IPv4 Mapped Address Handling Vulnerability
6267| [8925] TelCondex SimpleWebserver HTTP Referer Remote Buffer Overflow Vulnerability
6268| [8924] Acme thttpd/mini_httpd Virtual Hosting File Disclosure Vulnerability
6269| [8920] Centrinity FirstClass HTTP Server Directory Disclosure Vulnerability
6270| [8906] thttpd defang Remote Buffer Overflow Vulnerability
6271| [8897] SH-HTTPD Character Filtering Remote Information Disclosure Vulnerability
6272| [8858] Gast Arbeiter File Upload Validation Vulnerability
6273| [8854] Emule Web Control Panel HTTP Login Long Password Denial of Service Vulnerability
6274| [8841] Bajie HTTP Server Example Scripts And Servlets Cross-Site Scripting Vulnerability
6275| [8824] Apache Tomcat Non-HTTP Request Denial Of Service Vulnerability
6276| [8793] Centrinity FirstClass HTTP Server Long Version Field Denial Of Service Vulnerability
6277| [8782] MiniHTTPServer WebForums Forum HTML Injection Vulnerability
6278| [8781] MiniHTTPServer File-Sharing for NET Forum HTML Injection Vulnerability
6279| [8764] PHP-Nuke mailattach.php Remote File Upload Vulnerability
6280| [8742] IBM DB2 Remote LOAD Command Buffer Overrun Vulnerability
6281| [8724] Webfs HTTP Server Information Disclosure Vulnerability
6282| [8709] Athttpd Remote GET Request Buffer Overrun Vulnerability
6283| [8697] NullLogic Null HTTPd Remote Denial Of Service Vulnerability
6284| [8695] NullLogic Null HTTPd Error Page Long HTTP Request Cross-Site Scripting Vulnerablity
6285| [8688] TCLHttpd Multiple Cross-Site Scripting Vulnerabilities
6286| [8687] TCLhttpd Directory Listing Disclosure Vulnerability
6287| [8633] MiniHTTPServer WebForum Server Unauthorized Administrative Access Vulnerability
6288| [8620] MiniHTTPServer WebForums Server Default Password Vulnerability
6289| [8619] MiniHTTPServer WebForums/File-Sharing for NET Servers Directory Traversal Vulnerability
6290| [8617] WideChapter HTTP Request Buffer Overflow Vulnerability
6291| [8564] Kukol E.V. HTTP & FTP Server Suite File Disclosure Vulnerability
6292| [8487] AnalogX Proxy DNS Lookup Error Page Cross-Site Scripting Vulnerability
6293| [8471] Avant Browser Long HTTP Request Buffer Overflow Vulnerability
6294| [8438] DWebPro Http.ini Plaintext Password Storage Vulnerability
6295| [8432] cURL Proxy Authentication Header Information Leakage Vulnerability
6296| [8408] SurgeLDAP HTTP GET Denial Of Service Vulnerability
6297| [8375] Multiple Oracle XDB FTP / HTTP Services Buffer Overflow Vulnerabilities
6298| [8374] PostNuke Downloads / Web_Links Modules TTitle Cross-site Scripting Vulnerability
6299| [8373] Cisco IOS 2GB HTTP GET Buffer Overflow Vulnerability
6300| [8363] MiniHTTPServer WebForums Server Null Default Password Vulnerability
6301| [8361] Postfix Connection Proxying Vulnerability
6302| [8305] Sun Solaris Runtime Linker LD_PRELOAD Local Buffer Overflow Vulnerability
6303| [8297] KDE Konqueror HTTP REFERER Authentication Credential Leak Vulnerability
6304| [8290] Cisco Aironet AP1x00 Malformed HTTP GET Denial Of Service Vulnerability
6305| [8271] PHP Arena paFileDB Arbitrary File Upload And Execution Vulnerability
6306| [8226] Apache HTTP Server Multiple Vulnerabilities
6307| [8222] WatchGuard ServerLock Unauthorized Kernel Module Loading Vulnerability
6308| [8197] NetSuite HTTP Server Directory Traversal Vulnerability
6309| [8166] Mabry Software HTTPServer/X File Disclosure Vulnerability
6310| [8155] ChangshinSoft EZTrans Server Download.PHP Directory Traversal Vulnerability
6311| [8135] Apache Web Server FTP Proxy IPV6 Denial Of Service Vulnerability
6312| [8121] Canon GP300 Remote Malformed HTTP Get Denial Of Service Vulnerability
6313| [8064] Abyss Web Server HTTP Header Injection Vulnerability
6314| [8062] Abyss Web Server HTTP GET Heap Overrun Vulnerability
6315| [8061] GTKSee PNG Image Loading Heap Corruption Vulnerability
6316| [8048] iXmail Arbitrary File Upload Vulnerability
6317| [8043] MoreGroupWare Arbitrary File Upload Vulnerability
6318| [8012] Tutos File_New Arbitrary File Upload Vulnerability
6319| [7998] Zope Empty Upload Information DisclosureVulnerability
6320| [7955] MiniHTTPServer WebForums Server Remote Directory Traversal Vulnerability
6321| [7954] Proxomitron Proxy Server Long Get Request Remote Denial Of Service Vulnerability
6322| [7945] Dune HTTP Get Remote Buffer Overrun Vulnerability
6323| [7944] MyServer HTTP Server Directory Traversal Vulnerability
6324| [7939] Microsoft Internet Explorer Custom HTTP Error HTML Injection Vulnerability
6325| [7851] Sun Microsystems JRE HTTP Property Access Vulnerability
6326| [7841] Novell HTTPSTK.NLM Remote Abend Vulnerability
6327| [7830] Monkey HTTP Daemon Sample Script Cross-Site Scripting Vulnerability
6328| [7818] AdSubtract Proxy ACL Bypass Connection Proxying Vulnerability
6329| [7809] Computer Associates Unicenter TNG File_Upload.PL Command Execution Vulnerability
6330| [7802] MegaBrowser HTTP Directory Traversal File Disclosure Vulnerability
6331| [7770] myServer HTTP GET Argument Buffer Overflow Vulnerability
6332| [7765] iisCart2000 Arbitrary File Upload Vulnerability
6333| [7744] Geeklog Image Upload Extension Validation Vulnerability
6334| [7701] BNC IRC Proxy Multiple Session Denial of Service Vulnerability
6335| [7681] AnalogX Proxy URI Buffer Overflow Vulnerability
6336| [7670] EServ Unauthorized Proxy Access Vulnerability
6337| [7655] Platform Load Sharing Facility LSF_ENVDIR Local Command Execution Vulnerability
6338| [7652] Axis Network Camera HTTP Authentication Bypass Vulnerability
6339| [7640] Microsoft Windows Media Player Automatic File Download and Execution Vulnerability
6340| [7620] Venturi Client Unauthorized Connection Proxying Vulnerability
6341| [7619] Snowblind Web Server HTTP GET Request Buffer Overflow Vulnerability
6342| [7617] Snowblind Web Server Malformed HTTP Request Denial Of Service Vulnerability
6343| [7588] PHP-Nuke Multiple Downloads Module SQL Injection Vulnerabilities
6344| [7583] Phorum Login.PHP Connection Proxying Vulnerability
6345| [7581] Phorum Register.PHP Connection Proxying Vulnerability
6346| [7569] Phorum Download File Disclosure Vulnerability
6347| [7479] MDG Web Server 4D HTTP Command Buffer Overflow Vulnerability
6348| [7469] Microsoft BizTalk Server 2002 HTTP Receiver Buffer Overflow Vulnerability
6349| [7435] SonicWALL Pro Large HTTP POST Denial of Service Vulnerability
6350| [7420] Microsoft Internet Explorer Plugin.OCX Load() Method Buffer Overflow Vulnerability
6351| [7397] AN HTTPD Count.pl Directory Traversal Vulnerability
6352| [7314] Microsoft Winsock Proxy Service Remote Denial Of Service Vulnerability
6353| [7287] Abyss Web Server Incomplete HTTP Request Denial Of Service Vulnerability
6354| [7245] Kerio WinRoute Firewall Malformed HTTP GET Request Denial of Service Vulnerability
6355| [7238] CCLog HTTP Header HTML Injection Vulnerability
6356| [7203] Multitech ProxyServer Default NULL Password Vulnerability
6357| [7202] Monkey HTTP Daemon Excessive POST Data Buffer Overflow Vulnerability
6358| [7201] Monkey HTTP Daemon Missing Content-Type Field Denial Of Service Vulnerability
6359| [7196] Symantec Enterprise Firewall HTTP Pattern Matching Evasion Weakness
6360| [7143] Siteframe Download.php Information Disclosure Vulnerability
6361| [7111] McAfee ePolicy Orchestrator HTTP GET Request Format String Vulnerability
6362| [7056] Opera Long Filename Download Buffer Overrun Vulnerability
6363| [7051] Upload Lite Arbitrary File Upload Vulnerability
6364| [7015] WebLog Expert HTTP Header Code Injection Vulnerability
6365| [7010] Logan Pro HTTP Header Code Injection Vulnerability
6366| [6980] Axis Communications HTTP Server Messages Information Disclosure Vulnerability
6367| [6951] IBM Lotus Domino Web Server HTTP POST Denial Of Service Vulnerability
6368| [6876] Syslinux Boot Loader SetUID Installation Vulnerability
6369| [6870] IBM Lotus Domino HTTP Redirect Buffer Overflow Vulnerability
6370| [6839] IBM AIX Loadable Authentication Module Unauthorized Access Vulnerability
6371| [6813] Linked Eggdrop IRC Bot Unauthorized Proxy Vulnerability
6372| [6792] Netscape Enterprise Server HTTP Method Name Buffer Overflow Vulnerability
6373| [6789] Microsoft IIS Malformed HTTP Get Request Denial Of Service Vulnerability
6374| [6782] UMN GopherD Unauthorized Proxy Vulnerability
6375| [6760] DCGUI Remote Directory Parsing File Download Vulnerability
6376| [6752] NCSA Post-query CGI HTTP POST Buffer Overflow Vulnerability
6377| [6740] IlohaMail Arbitrary File Attachment Upload Path Vulnerability
6378| [6734] 3ware Disk Managment Malformed HTTP Request DoS Vulnerability
6379| [6708] Replicom ProxyView Default Password Vulnerability
6380| [6660] Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
6381| [6646] Lotus Domino HTTP Authentication Logging Buffer Overflow Vulnerability
6382| [6644] MyRoom save_item.php Arbitrary File Upload Vulnerability
6383| [6572] Mambo Site Server Arbitrary File Upload Vulnerability
6384| [6531] HTTP Fetcher Library Multiple Buffer Overflow Vulnerabilities
6385| [6529] AN HTTPD Cross Site Scripting Vulnerability
6386| [6528] AN HTTPD HTTP Request Buffer Overflow Vulnerability
6387| [6505] iCal Malformed HTTP Request Denial Of Service Vulnerability
6388| [6497] Perl-HTTPd File Disclosure Vulnerability
6389| [6471] Internet Junkbuster Proxy Unauthorized Connections Vulnerability
6390| [6458] RealNetworks Helix Universal Server Long URI Dual HTTP Request Buffer Overflow Vulnerability
6391| [6437] CUPS Negative Length HTTP Header Vulnerability
6392| [6433] CUPS HTTP Interface Integer Overflow Vulnerability
6393| [6424] SuSE gfxmenu GRUB Boot Loader Password Bypassing Vulnerability
6394| [6389] Symantec Enterprise Firewall RealAudio Proxy Buffer Overflow Vulnerability
6395| [6343] Ikonboard X-Forwarded-For: Proxy Header Field HTML Injection Vulnerability
6396| [6340] apt-www-proxy Format String Vulnerability
6397| [6321] Trend Micro InterScan VirusWall Unauthorized Proxy Connections Vulnerability
6398| [6308] Zeroo HTTP Server Directory Traversal Vulnerability
6399| [6292] Webster HTTP Server Cross Site Scripting Vulnerability
6400| [6291] Webster HTTP Server File Disclosure Vulnerability
6401| [6289] Webster HTTP Server Long Request Buffer Overrun Vulnerability
6402| [6287] Pserv HTTP Request Parsing Buffer Overflow
6403| [6286] Pserv User-Agent HTTP Header Buffer Overflow Vulnerability
6404| [6285] Pserv HTTP Version Specifier Buffer Overflow Vulnerability
6405| [6259] AOL Instant Messenger Forced File Download Vulnerability
6406| [6255] Null HTTPD Remote Heap Corruption Vulnerability
6407| [6242] Pserv HTTP POST Request Buffer Overflow Vulnerability
6408| [6236] acFreeProxy Cross Site Scripting Vulnerability
6409| [6230] RealPlayer RealFlash Source Loading Buffer Overflow Vulnerability
6410| [6198] TFTPD32 Arbitrary File Download/Upload Vulnerability
6411| [6190] Lonerunner Zeroo HTTP Server Remote Buffer Overflow Vulnerability
6412| [6181] IBM HTTP Server Information Disclosure Vulnerability
6413| [6172] LibHTTPD POST Buffer Overflow Vulnerability
6414| [6162] Light HTTPD GET Request Buffer Overflow Vulnerability
6415| [6158] TinyHTTPD Input Validation Vulnerability
6416| [6153] EZ Systems HTTPBench Information Disclosure Vulnerability
6417| [6137] Microsoft JVM CAB File Loading Vulnerability
6418| [6134] Microsoft JVM Class Loader Buffer Overrun Vulnerability
6419| [6096] Monkey HTTP Server Invalid POST Request Denial Of Service Vulnerability
6420| [6090] Multiple Vendor Access Point Embedded HTTP Server Denial of Service Vulnerability
6421| [6082] Cisco ONS15454/ONS15327 Optical Transport Platforms HTTP Request Denial of Service Vulnerability
6422| [6071] Microsoft IIS Script Source Access File Upload Vulnerability
6423| [6054] AN HTTPD Error Page Cross Site Scripting Vulnerability
6424| [6020] PHP Arena PAFileDB Download Cross-Site Scripting Vulnerability
6425| [6012] AN HTTPD Malformed SOCKS4 Request Buffer Overflow Vulnerability
6426| [6010] IPFilter FTP Proxy Unauthorized Access Vulnerability
6427| [6002] IBM Websphere Caching Proxy Denial Of Service Vulnerability
6428| [6001] IBM Websphere Edge Server HTTP Header Injection Vulnerability
6429| [5976] Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability
6430| [5960] ghttpd Log() Function Buffer Overflow Vulnerability
6431| [5956] ATP httpd Single Byte Buffer Overflow Vulnerability
6432| [5938] Nylon Proxy Receive Function Denial Of Service Vulnerability
6433| [5931] SurfControl SuperScout Email Filter Incomplete HTTP Request DoS Vulnerability
6434| [5930] SurfControl SuperScout Email Filter Missing Content-Length HTTP Header Field DoS Vulnerability
6435| [5926] VBZoom Arbitrary File Upload Vulnerability
6436| [5907] Microsoft IIS Malformed HTTP HOST Header Field Denial Of Service Vulnerability
6437| [5855] Midicart PHP Arbitrary File Upload Vulnerability
6438| [5829] Monkey HTTP Server Multiple Cross Site Scripting Vulnerabilities
6439| [5819] BEA WebLogic Server and Express HTTP Response Information Disclosure Vulnerability
6440| [5811] Multiple OpenVMS WASD HTTP Server Vulnerabilities
6441| [5792] Monkey HTTP Server File Disclosure Vulnerability
6442| [5774] Null HTTPd Remote Heap Overflow Vulnerability
6443| [5757] Mozilla Browser HTTP/HTTPS Redirection Weakness
6444| [5753] Mozilla Browser Large HTTP Header Buffer Overflow Vulnerability
6445| [5749] IBM WebSphere Large HTTP Header Buffer Overflow Vulnerability
6446| [5738] ISS Internet Scanner HTTP Banner Text Parsing Buffer Overflow Vulnerability
6447| [5725] DB4Web Connection Proxy Vulnerability
6448| [5697] Trend Micro InterScan VirusWall HTTP 1.1 Transfer-Encoding Bypass Vulnerability
6449| [5694] Mozilla OnUnload Referer Information Leakage Vulnerability
6450| [5692] Norton Antivirus 2001 Poproxy Username Local Denial of Service Vulnerability
6451| [5678] Oracle TNS Listener Service_CurLoad Remote Denial Of Service Vulnerability
6452| [5668] Netscreen-Remote VPN Client IKE Packet Excessive Payloads Vulnerability
6453| [5624] Cisco VPN Concentrator HTTP Error Page Device Information Leakage Vulnerability
6454| [5615] Cisco HTTP Interface Long Request Denial Of Service Vulnerability
6455| [5603] NullLogic Null HTTPd Error Page Cross-Site Scripting Vulnerability
6456| [5589] OpenBSD isakmpd IKE Payloads Denial Of Service Vulnerability
6457| [5572] OmniHTTPD Sample Application URL Encoded Newline HTML Injection Vulnerability
6458| [5571] Belkin F5D6130 Wireless Network Access Point SNMP Request Denial Of Service Vulnerability
6459| [5568] OmniHTTPD Sample Scripts Cross Site Scripting Vulnerabilities
6460| [5559] Microsoft Internet Explorer Download Dialogue File Source Obfuscation Vulnerability
6461| [5549] Abyss Web Server Malicious HTTP Request Information Disclosure Vulnerability
6462| [5520] Novell NetWare HTTP Post Arbitrary Perl Code Execution Vulnerability
6463| [5512] Microsoft File Transfer Manager Arbitrary File Upload/Download Vulnerability
6464| [5506] W3C Jigsaw Proxy Server Cross-Site Scripting Vulnerability
6465| [5494] Tomahawk Technologies SteelArrow Cookie HTTP Header Buffer Overflow Vulnerability
6466| [5470] MyWebServer Long HTTP Request HTML Injection Vulnerability
6467| [5443] Cisco VPN Client IKE Packet Excessive Payloads Vulnerability
6468| [5441] Cisco VPN Client IKE Security Parameter Index Payload Buffer Overflow Vulnerability
6469| [5421] Microsoft Content Management Server 2001 Arbitrary Upload Location Vulnerability
6470| [5416] 602Pro LAN SUITE 2002 Telnet Proxy Localhost Denial Of Service Vulnerability
6471| [5384] Inso DynaWeb httpd Format String Vulnerability
6472| [5369] Frederic Tyndiuk Eupload Plain Text Password Storage Vulnerability
6473| [5345] Abyss Web Server HTTP GET Request Directory Contents Disclosure Vulnerability
6474| [5334] HP ChaiVM EZLoader Arbitrary JAR Loading Vulnerability
6475| [5333] Lucent Access Point IP Services Router Long HTTP Request Denial Of Service Vulnerability
6476| [5323] IPSwitch IMail Web Messaging HTTP Get Buffer Overflow Vulnerability
6477| [5321] T. Hauck Jana Server SOCKS5 Proxy Server Authentication Buffer Overflow Vulnerability
6478| [5319] T. Hauck Jana Server HTTP Server Request Logging Buffer Overflow Vulnerability
6479| [5316] StatsPlus HTTP Header HTML Injection Vulnerability
6480| [5278] PHP HTTP POST Incorrect MIME Header Parsing Vulnerability
6481| [5275] Working Resources BadBlue HTTP 302 Message Cross-Site Scrpting Vulnerability
6482| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
6483| [5215] ATPhttpd Buffer Overflow Vulnerabilities
6484| [5211] Summit Computer Networks Lil' HTTP Server pbcgi.cgi Cross Site Scripting Vulnerability
6485| [5183] NcFTP Client PORT Allowed With Proxy Server Weakness
6486| [5158] Squid FTP Proxy Data Channel Vulnerabilities
6487| [5157] Squid Gopher Proxy Buffer Overflow Vulnerability
6488| [5154] Squid Proxy Authentication Credential Forwarding Information Disclosure Vulnerability
6489| [5139] AnalogX Proxy Web Proxy Buffer Overflow Vulnerability
6490| [5138] AnalogX Proxy Socks4A Buffer Overflow Vulnerability
6491| [5136] OmniHTTPD Long Request Buffer Overflow Vulnerability
6492| [5115] Summit Computer Networks Lil' HTTP Server URLCount.CGI HTML Injection Vulnerability
6493| [5080] GameCheats Advanced Web Server Malformed HTTP Request Denial Of Service Vulnerability
6494| [5045] 4D WebServer Long HTTP Request Buffer Overflow Vulnerability
6495| [4982] Belkin F5D5230-4 Router Internal Web Traffic Origin Obfuscation Vulnerability
6496| [4922] Core APM File Upload Execution Vulnerability
6497| [4751] Cisco Cache Engine Default Configuration Arbitrary User Proxy Vulnerability
6498| [4747] Cisco Content Service Switch HTTPS Post Denial Of Service Vulnerability
6499| [4711] Cisco ATA-186 HTTP Device Configuration Disclosure Vulnerability
6500| [4698] Novell BorderManager RTSP Proxy Denial Of Service Vulnerability
6501| [4696] Novell BorderManager FTP-Proxy Denial Of Service Vulnerability
6502| [4657] Snapgear Lite+ Firewall HTTP Denial of Service Vulnerability
6503| [4633] Solaris LBXProxy Display Name Buffer Overflow Vulnerability
6504| [4628] Mozilla / Netscape 6 XMLHttpRequest File Disclosure Vulnerability
6505| [4601] ACME Labs thttpd Cross-Site Scripting Vulnerability
6506| [4577] National Instruments LabVIEW HTTP Request Denial of Service Vulnerability
6507| [4576] Summit Computer Networks Lil' HTTP Server Directory Traversal Vulnerability
6508| [4487] Microsoft IIS HTTP Redirect Cross Site Scripting Vulnerability
6509| [4486] Microsoft IIS HTTP Error Page Cross Site Scripting Vulnerability
6510| [4476] Microsoft IIS HTTP Header Field Delimiter Buffer Overflow Vulnerability
6511| [4460] Funk Software Proxy Named Pipe Weak Permissions Arbitrary Access Vulnerability
6512| [4459] Funk Software Proxy Weak Password Storage Vulnerability
6513| [4458] Funk Proxy Weak Default Installation Permissions Vulnerability
6514| [4345] VNC HTTP Server Denial Of Service Vulnerability
6515| [4342] HP Praesidium Webproxy Unauthorized Access Vulnerability
6516| [4325] PHP Move_Uploaded_File Open_Basedir Circumvention Vulnerability
6517| [4286] Foundry Networks ServerIron Encoded URI Load Balancing Bypass Weakness
6518| [4252] Cobalt RaQ XTR MultiFileUpload.php Authentication Bypass Vulnerability
6519| [4229] Zope Proxy Role Elevated Object Access Vulnerability
6520| [4209] Sun Cobalt RaQ Service.CGI HTTP Server Denial of Service Vulnerablity
6521| [4199] Multiple Vendor MacOS Browser Arbitrary Program Download Vulnerability
6522| [4198] BPM Studio Pro HTTPD Directory Traversal Vulnerability
6523| [4183] PHP Post File Upload Buffer Overflow Vulnerabilities
6524| [4153] Summit Computer Networks Lil' HTTP Server Directory Disclosure Vulnerability
6525| [4148] Squid Cache FTP Proxy URL Buffer Overflow Vulnerability
6526| [4143] CacheFlow CacheOS HTTP CONNECT TCP Tunnel Vulnerability
6527| [4141] Symantec Enterprise Firewall SMTP Proxy Information Leak Vulnerability
6528| [4131] Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability
6529| [4055] Delegate POP Proxy USER Buffer Overflow Vulnerability
6530| [4002] Microsoft Site Server 3.0 Content Upload Denial of Service Vulnerability
6531| [3993] UBBThreads/WWWThreads Arbitrary File Upload Vulnerability
6532| [3964] Alteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty
6533| [3954] FormMail HTTP_Referer Spoofing Vulnerability
6534| [3937] CHUID Upload Directory Escaping File Owner Changing Vulnerability
6535| [3917] Working Resources BadBlue Enterprise Edition File Upload Vulnerability
6536| [3905] Avirt Gateway Suite Telnet Proxy Remote Buffer Overflow Vulnerability
6537| [3901] Avirt Gateway Suite Telnet Proxy Remote SYSTEM Access Vulnerability
6538| [3835] LIDS Capability Leakage via LD_PRELOAD Vulnerability
6539| [3814] Anti-Web HTTPD Script Engine Heap Overflow Vulnerability
6540| [3811] Hosting Controller Unauthorized File Access and Upload Vulnerability
6541| [3796] Apache HTTP Request Unexpected Behavior Vulnerability
6542| [3782] Anti-Web HTTPD Script Engine File Opening Denial Of Service Vulnerability
6543| [3773] Cherokee HTTPD Remote Command Execution Vulnerability
6544| [3772] Cherokee HTTPD Directory Traversal Vulnerability
6545| [3771] Cherokee HTTPD Insecure Privilege Release Vulnerability
6546| [3765] Oracle Oracle9iAS Web Cache HTTP Header DoS Vulnerability
6547| [3744] PHPFileExchange File Upload Vulnerability
6548| [3699] Microsoft Internet Explorer XMLHTTP File Disclosure Vulnerability
6549| [3608] Persits AspUpload Default Scripts Exploitable Vulnerability
6550| [3568] Oracle9iAS Web Cache HTTP Content Header Denial Of Service Vulnerability
6551| [3562] thttpd Basic Authentication Buffer Overflow Vulnerability
6552| [3528] Acme THTTPD/Mini_HTTPD File Disclosure Vulnerability
6553| [3523] Rational ClearCase DB Loader TERM Environment Variable Buffer Overflow Vulnerability
6554| [3518] IBM HTTP Server Source Code Disclosure Vulnerability
6555| [3506] Red Hat TUX HTTP Server Oversized Host Denial of Service Vulnerability
6556| [3471] Microsoft IE 5.1 for Mac OS X 10.1 Download Execution Vulnerability
6557| [3421] Microsoft Internet Explorer HTTP Request Encoding Vulnerability
6558| [3354] Squid Web Proxy Cache Denial of Service Vulnerabilty
6559| [3202] Nudester Unauthorized Arbitrary File Upload and Download Vulnerability
6560| [3197] Microsoft ISA Server Proxy Service Memory Leak Denial of Service Vulnerability
6561| [3158] NCSA HTTPd Buffer Overflow Vulnerability
6562| [3074] Multiple Linux Vendor Expect Insecure Library Loading Vulnerability
6563| [3069] HP-UX Dynamically Loadable Kernel Modules Vulnerability
6564| [3062] Squid Web Proxy Reverse Proxy Vulnerability
6565| [3059] Squid Web Proxy Cross-Site Scripting Vulnerability
6566| [3006] xloadimage Buffer Overflow Vulnerability
6567| [2980] SmallHTTP Server Long URL Denial of Service Vulnerability
6568| [2963] BisonFTP BDL File Upload Directory Traversal Vulnerability
6569| [2959] Trend Micro InterScan WebManager HttpSave.dll Buffer Overflow Vulnerability
6570| [2936] Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability
6571| [2879] ghttpd Daemon Buffer Overflow Vulnerability
6572| [2855] WatchGuard Firebox SMTP Proxy Attachment Bypassing Vulnerability
6573| [2804] Cisco IOS Router Scan Software Reloading Vulnerability
6574| [2788] Omnicron OmniHTTPD File Source Disclosure Vulnerability
6575| [2783] Omnicron OmniHTTPD PHP Denial of Service Vulnerability
6576| [2775] Beck GmbH IPC@CHIP HTTPD File Disclosure Vulnerability
6577| [2774] Beck IPC GmbH IPC@CHIP HTTP DoS Vulnerability
6578| [2740] Apache Web Server HTTP Request Denial of Service Vulnerability
6579| [2730] Omnicron Technologies OmniHTTPd Pro POST DoS Vulnerability
6580| [2721] 3COM OfficeConnect HTTP Port Router Denial of Service Vulnerability
6581| [2697] Michael Lamont Savant HTTP Server Directory Traversal Vulnerability
6582| [2649] Small HTTP Server MS-DOS Device Name DoS Vulnerability
6583| [2615] Netscape SmartDownload 1.3 Buffer Overflow Vulnerability
6584| [2600] Microsoft ISA Server Web Proxy DoS Vulnerability
6585| [2598] Lotus Domino R5 Server HTTP DoS Vulnerability
6586| [2565] Lotus Domino Web Server HTTP Header DoS Vulnerability
6587| [2543] 602Pro Lan Suite Long HTTP Request Denial of Service Vulnerability
6588| [2511] SurfControl SuperScout for MS Proxy Site Filtering Vulnerability
6589| [2500] Compaq Management Software Proxy Vulnerability
6590| [2451] WhitSoft SlimServe HTTPD Get Denial of Service Vulnerability
6591| [2436] Robin Twombly A1 HTTP Server Directory Traversal Vulnerability
6592| [2435] Robin Twombly A1 HTTP Server Denial of Service Vulnerability
6593| [2413] SEDUM HTTP Webserver Denial of Service Vulnerability
6594| [2335] Guido Frassetto SEDUM HTTP Server Directory Traversal Vulnerability
6595| [2318] Whitsoft SlimServe HTTPd Server DoS Vulnerability
6596| [2300] NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
6597| [2223] glibc LD_PRELOAD File Overwriting Vulnerability
6598| [2217] Tinyproxy Heap Overflow Vulnerability
6599| [2211] OmniHTTPD File Corruption and Command Execution Vulnerability
6600| [2175] IBM HTTP Server AfpaCache/WebSphereNet.Data DoS Vulnerability
6601| [2165] GTK+ Arbitrary Loadable Module Execution Vulnerability
6602| [2119] Watchguard SOHO Firewall HTTP Request Vulnerability
6603| [2099] Multiple Oops Proxy Server Buffer Overflow Vulnerabilities
6604| [2090] KTH Kerberos 4 Arbitrary Proxy Usage Vulnerability
6605| [2051] Sun JDK/JRE Disallowed Class Loading Vulnerability
6606| [2027] AnalogX Proxy Server DoS Vulnerability
6607| [2026] GlimpseHTTP and WebGlimpse Piped Command Vulnerability
6608| [1988] IBM HTTP Server Denial of Service Vulnerability
6609| [1975] NCSA HTTPd campas sample script Vulnerability
6610| [1953] Watchguard Firebox II FTP Proxy DoS Vulnerability
6611| [1942] Small HTTP Server Incomplete Request Denial of Service Vulnerability
6612| [1941] Small HTTP Server Non-Existent File DoS Vulnerability
6613| [1927] BNC IRC Proxy Buffer Overflow Vulnerability
6614| [1876] Unify eWave ServletExec File Upload Vulnerability
6615| [1838] Cisco IOS Software ?/ HTTP Request DoS Vulnerability
6616| [1811] Microsoft Site Server 2.0 with IIS 4.0 Malicious File Upload Vulnerability
6617| [1808] OmniHTTPD visiadmin.exe Denial of Service Vulnerability
6618| [1737] Acme thttpd Arbitrary World-Readable File Disclosure Vulnerability
6619| [1717] Unixware SCOhelp HTTP Server Format String Vulnerability
6620| [1695] Microsoft Proxy 2.0 FTP Permissions Bypass Vulnerability
6621| [1692] Microsoft Proxy 2.0 Internal Network Access Vulnerability
6622| [1678] Mandrake /perl http Directory Disclosure Vulnerability
6623| [1649] PHP Upload Arbitrary File Disclosure Vulnerability
6624| [1626] Worm httpd Directory Traversal Vulnerability
6625| [1570] BEA Weblogic Proxy Multiple Buffer Overflow Vulnerabilities
6626| [1504] AnalogX Proxy DoS Vulnerability
6627| [1497] WEBactive HTTP Server Default Log Vulnerability
6628| [1470] WEBactive HTTP Server Long GET Request Vulnerability
6629| [1423] LocalWEB HTTP Buffer Overflow Vulnerability
6630| [1415] Microsoft Windows 2000 Remote CPU-overload Vulnerability
6631| [1400] SapporoWorks WinProxy Buffer Overflow Vulnerability
6632| [1395] Fortech Proxy+ Telnet Gateway Vulnerability
6633| [1355] Small HTTP Server Buffer Overflow Vulnerability
6634| [1339] Microsoft Internet Explorer for Macintosh getImage and classloader Vulnerabilities
6635| [1337] Multiple Vendors HTTP Redirect Java Applet Vulnerability
6636| [1284] Apache HTTP Server (win32) Root Directory Access Vulnerability
6637| [1248] thttpd tdate_parse() Stack Overflow Vulnerability
6638| [1226] Fortech Proxy+ 2.30 Remote Administration Vulnerability
6639| [1213] CProxy 3.3 SP2 Buffer Overflow DoS Vulnerability
6640| [1196] NTMail Server 5.x Proxy Access Vulnerability
6641| [1154] Cisco IOS HTTP %% Vulnerability
6642| [1105] Microsoft NT 4.0 OffloadModExpo Registry Permissions Vulnerability
6643| [980] Internet Anywhere Mail Server Connection Overload Vulnerability
6644| [976] Novell Border Manager Audit Trail Proxy DoS Vulnerability
6645| [936] W3C httpd (Formerly 'CERN httpd') Path Revealing Vulnerability
6646| [883] Microsoft Outlook Express for MacOS HTML Attachment Automatic Download Vulnerability
6647| [877] Norton Antivirus 2000 POProxy USER Vulnerability
6648| [815] Microsoft IE5 XML HTTP Redirect Vulnerability
6649| [800] Microsoft Outlook Express For Mac Download Vulnerability
6650| [778] BigIP Config UI Vulnerabilities
6651| [762] AN-HTTPd CGI Vulnerabilities
6652| [741] Squid Web Proxy Authentication Failure Vulnerability
6653| [739] OmniHTTPD Buffer Overflow Vulnerability
6654| [705] Cisco Catalyst Supervisor Remote Reload
6655| [674] Microsoft IE5 Download Behavior Vulnerability
6656| [592] Persits AspUpload Buffer Overflow Vulnerability
6657| [579] NT IIS Malformed HTTP Request Header DoS Vulnerability
6658| [318] Debian Linux httpd Vulnerability
6659| [306] MacOS X Server Overload Vulnerability
6660| [164] Malicious Java applet security flaw in ClassLoader Vulnerability
6661| [115] Allaire ColdFusion Remote File Display, Deletion, Upload and Execution Vulnerability
6662| [33] OpenWindows loadmodule Vulnerability
6663|
6664| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6665| [39612] Apache HTTP Server mod_proxy_balancer buffer overflow
6666| [39474] Apache HTTP Server mod_proxy_balancer cross-site scripting
6667| [85605] Stage File Proxy module for Drupal repeated HTTP request denial of service
6668| [83284] WP-DownloadManager plugin for WordPress HTTP request cross-site request forgery
6669| [80726] Load Balancer multiple scripts cross-site scripting
6670| [80575] TVMOBiLi CHTTPServerTransaction::LoadFile() buffer overflow
6671| [80574] TVMOBiLi CHTTPServerTransaction::LoadResource() denial of service
6672| [79250] libproxy px_pac_reload() buffer overflow
6673| [79236] Zen Load Balancer content2-2.cgi command execution
6674| [78808] Cisco Application Control Engine Load Balancer denial of service
6675| [78769] Zen Load Balancer backup directory information disclosure
6676| [78768] Zen Load Balancer information disclosure
6677| [77913] Apache HTTP Server mod_proxy_ajp information disclosure
6678| [76095] SEIL routers HTTP-Proxy/Gateway security bypass
6679| [71617] Apache HTTP Server mod_proxy module information disclosure
6680| [71445] Apache HTTP Server mod_proxy security bypass
6681| [70336] Apache HTTP Server mod_proxy information disclosure
6682| [69804] Apache HTTP Server mod_proxy_ajp denial of service
6683| [66640] Apache HttpComponents HttpClient Proxy-Authorization information disclosure
6684| [65006] Caedo HTTPd Server file download
6685| [64958] HTTP request with large content payload
6686| [63651] Google Chrome HTTP proxy authentication denial of service
6687| [60883] Apache mod_proxy_http information disclosure
6688| [59413] Apache mod_proxy_http timeout information disclosure
6689| [56623] Apache HTTP Server mod_proxy_ajp denial of service
6690| [53453] Cisco IOS Authentication Proxy for HTTP security bypass
6691| [53124] mod_proxy_ftp module for Apache HTTP header security bypass
6692| [52604] HTTP request forwarding (Web Proxy) detected
6693| [51532] mod_proxy module for the Apache HTTP Server stream_reqbody_cl denial of service
6694| [50716] IPFilter load_http.c buffer overflow
6695| [48796] Barracuda Load Balancer index.cgi cross-site scripting
6696| [47935] EDraw Office Viewer ActiveX control HttpDownloadFile file overwrite
6697| [47898] Excel Viewer OCX ActiveX control HttpDownloadFile() file download
6698| [47305] Live Chat component for Joomla! xmlhttp.php open proxy
6699| [44467] HTTP Anti Virus Proxy (HAVP) sockethandler.cpp denial of service
6700| [44223] Apache HTTP Server mod_proxy_ftp cross-site scripting
6701| [42987] Apache HTTP Server mod_proxy module denial of service
6702| [41258] HTTP File Upload ActiveX control file delete
6703| [40694] BEA WebLogic Server and WebLogic Express HttpClusterServlet and HttpProxyServlet privilege escalation
6704| [39615] Apache HTTP Server mod_proxy_ftp.c UTF-7 cross-site scripting
6705| [39608] Apache HTTP Server balancer manager cross-site request forgery
6706| [39476] Apache mod_proxy_balancer balancer_handler function denial of service
6707| [38901] HFS (HTTP File Server) upload directory traversal
6708| [38439] F5 Networks FirePass 4100 SSL VPN download_plugin.php3 cross-site scripting
6709| [37405] DeleGate HTTP cache proxy denial of service
6710| [36354] Apache HTTP Server mod_proxy module denial of service
6711| [36352] Apache HTTP Server ap_proxy_date_canon() denial of service
6712| [34884] Astaro Secure Gateway HTTP proxy denial of service
6713| [34282] BEA WebLogic Server and WebLogic Express HttpProxyServlet and HttpClusterServlet unauthorized access
6714| [34123] VersalSoft HTTP File Uploader (UFileUploaderD.dll) ActiveX control buffer overflow
6715| [28367] libmusicbrainz MBHttp::Download buffer overflow
6716| [26970] WinGate HTTP proxy buffer overflow
6717| [26370] Symantec Enterprise Firewall HTTP proxy internal IP disclosure
6718| [23997] Blue Coat WinProxy SecureSuite HTTP request denial of service
6719| [23451] Microsoft Internet Explorer HTTPS proxy authentication information disclosure
6720| [22016] Simpleproxy HTTP Proxy reply format string
6721| [20391] Apple Mac OS X HTTP proxy service security bypass
6722| [20339] Squid Web Proxy Cache HTTP header cache poisoning
6723| [20334] Squid Web Proxy Cache httpProcessReplyHeader security bypass
6724| [19868] HTTP Anti Virus Proxy cab and zip files bypass filtering
6725| [19060] Squid Web Proxy Cache HTTP header cache poisoning
6726| [18308] Jana Server http-server and pna-proxy denial of service
6727| [16751] AnomicHTTPProxy "
6728| [16750] AnomicHTTPProxy allows elevated privileges
6729| [16749] AnomicHTTPProxy administration interface denial of service
6730| [16387] Apache HTTP Server mod_proxy Content-Length buffer overflow
6731| [15952] proxy server using the HTTP CONNECT directive has been detected
6732| [15466] HP Web-enabled Management Software HTTP Server unauthorized certificate upload
6733| [15277] Proxy-Pro GateKeeper Pro long HTTP GET buffer overflow
6734| [15275] PSOProxy long HTTP GET request buffer overflow
6735| [14955] ProxyNow! HTTP GET stack based buffer overflow or heap-based buffer overflow
6736| [14947] Gaim HTTP proxy buffer overflow
6737| [13663] Apache HTTP Server CGI support modules loaded
6738| [12681] Apache HTTP Server mod_proxy could allow mail relaying
6739| [12552] Apache HTTP Server FTP proxy server denial of service
6740| [11143] Astaro Security Linux HTTP Proxy can be used to make unauthorized TCP connections
6741| [10139] Check Point FireWall-1 HTTP proxy could allow HTTPS and FTP traffic to bypass the firewall
6742| [9914] Jigsaw HTTP Proxy server cross-site scripting
6743| [9834] CERN HTTPD proxy server cross-site scripting
6744| [9683] Jana Server HTTP GET proxy buffer overflow
6745| [9579] Symantec Norton Personal Firewall and Norton Internet Security HTTP proxy buffer overflow
6746| [9455] AnalogX Proxy malformed HTTP request buffer overflow
6747| [8425] Trend Micro InterScan VirusWall could allow virus infected Web pages to bypass the HTTP proxy filtering
6748| [8281] PHP multiple HTTP POST file upload overflows
6749| [7964] BlackJumboDog HTTP proxy buffer overflow
6750| [7916] Avirt SOHO, Gateway, and Gateway Suite HTTP proxy buffer overflow
6751| [4460] CProxy proxy server HTTP port denial of service
6752| [4252] HTTP PUT method allows clients to upload files to a Web server
6753| [153] HTTP proxy penetrated
6754| [60] HTTP proxy detected
6755|
6756| Exploit-DB - https://www.exploit-db.com:
6757| [30850] HFS HTTP File Server 2.2/2.3 Arbitrary File Upload Vulnerability
6758| [30834] F5 Networks FirePass 4100 SSL VPN Download_Plugin.PHP3 Cross-Site Scripting Vulnerability
6759| [30755] F5 FirePass 4100 SSL VPN Download_Plugin.PHP3 Cross-Site Scripting Vulnerability
6760| [27863] PHPBB 2.0.20 Unauthorized HTTP Proxy Vulnerability
6761| [27852] Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
6762| [23499] Enterpriser16 Load Balancer 7.1 - Multiple XSS Vulnerabilities
6763| [23137] CacheFlow CacheOS 4.1.10016 HTTP HOST Proxy Vulnerability
6764| [21849] ZEN Load Balancer Filelog Command Execution
6765| [21704] W3C CERN httpd 3.0 Proxy Cross-Site Scripting Vulnerability
6766| [21214] SapporoWorks Black JumboDog 2.6.4/2.6.5 HTTP Proxy Buffer Overflow Vulnerability
6767| [16598] Persits XUpload ActiveX MakeHttpRequest Directory Traversal
6768| [16526] Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)
6769| [16513] Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow
6770| [16078] SDP Downloader 2.3.0 (http_response) Remote Buffer Overflow Exploit
6771| [16075] Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download
6772| [13380] linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+
6773| [13355] linux/x86 HTTP/1.x GET, Downloads and execve() 111 bytes+
6774| [7762] EDraw Office Viewer 5.4 HttpDownloadFile() Insecure Method Vuln
6775| [4290] EDraw Office Viewer Component 5.1 HttpDownloadFile() Insecure Method
6776| [4200] Versalsoft HTTP File Uploader AddFile() Remote Buffer Overflow Exploit
6777| [3866] Versalsoft HTTP File Upload ActiveX 6.36 (AddFile) Remote DoS Exploit
6778| [2791] HTTP Upload Tool (download.php) Information Disclosure Vulnerability
6779| [31133] F5 BIG-IP 9.4.3 Web Management Interface Cross-Site Request Forgery Vulnerability
6780| [31128] Multiple IEA Software Products HTTP POST Request Denial of Service Vulnerability
6781| [31111] Download Management 1.00 for PHP-Fusion Multiple Local File Include Vulnerabilities
6782| [31101] HispaH Youtube Clone 'load_message.php' Cross-Site Scripting Vulnerability
6783| [31100] Anon Proxy Server 0.100/0.102 Remote Authentication Buffer Overflow Vulnerability
6784| [31082] Liferay Enterprise Portal 4.3.6 User-Agent HTTP Header Cross Site Scripting Vulnerability
6785| [31072] Symantec Backup Exec System Recovery Manager 7.0 FileUpload Class Unauthorized File Upload Vulnerability
6786| [31068] Mambo MOStlyCE Module 2.4 Image Manager Utility Arbitrary File Upload Vulnerability
6787| [31065] F5 BIG-IP Application Security Manager 9.4.3 'report_type' Cross-Site Scripting Vulnerability
6788| [31056] HFS HTTP File Server 1.5/2.x Multiple Security Vulnerabilities
6789| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
6790| [31042] MegaBBS 1.5.14b 'upload.asp' Cross-Site Scripting Vulnerability
6791| [31039] BitDefender Products Update Server HTTP Daemon Directory Traversal Vulnerability
6792| [31037] phpAutoVideo 2.21 sidebar.php loadpage Parameter Remote File Inclusion
6793| [31024] F5 BIG-IP <= 9.4.3 'SearchString' Multiple Cross-Site Scripting Vulnerabilities
6794| [30983] ExpressionEngine 1.2.1 HTTP Response Splitting and Cross Site Scripting Vulnerabilities
6795| [30972] Camtasia Studio 4.0.2 'csPreloader' Remote Code Execution Vulnerability
6796| [30958] PHCDownload 1.1 search.php string Parameter XSS
6797| [30957] PHCDownload 1.1 search.php string Parameter SQL Injection
6798| [30942] Extended Module Player (xmp) 2.5.1 'oxm.c' And 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities
6799| [30927] Agares Media ThemeSiteScript 1.0 'loadadminpage' Parameter Remote File Include Vulnerability
6800| [30926] Dokeos 1.x work/work.php display_upload_form Action origin Parameter XSS
6801| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
6802| [30894] PeerCast 0.12 HandshakeHTTP Multiple Buffer Overflow Vulnerabilities
6803| [30863] E-Xoops 1.0.5/1.0.8 mydownloads/ratefile.php lid Parameter SQL Injection
6804| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
6805| [30833] F5 Networks FirePass 4100 SSL VPN My.Logon.PHP3 Cross-Site Scripting Vulnerability
6806| [30830] Ossigeno CMS 2.2_pre1 upload/xax/ossigeno/admin/uninstall_module.php level Parameter Remote File Inclusion
6807| [30829] Ossigeno CMS 2.2_pre1 upload/xax/ossigeno/admin/install_module.php level Parameter Remote File Inclusion
6808| [30828] Ossigeno CMS 2.2_pre1 upload/xax/admin/patch/index.php level Parameter Remote File Inclusion
6809| [30827] Ossigeno CMS 2.2_pre1 upload/xax/admin/modules/uninstall_module.php level Parameter Remote File Inclusion
6810| [30826] Ossigeno CMS 2.2_pre1 upload/xax/admin/modules/install_module.php level Parameter Remote File Inclusion
6811| [30797] Aurigma Image Uploader 4.x ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
6812| [30787] vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload
6813| [30783] CCProxy 7.3 - Integer Overflow Exploit
6814| [30768] IBM WebSphere Application Server 5.1.1 WebContainer HTTP Request Header Security Weakness
6815| [30737] Galmeta Post 0.2 Upload_Config.PHP Remote File Include Vulnerability
6816| [30729] Blue Coat ProxySG Management Console URI Handler Multiple Cross-Site Scripting Vulnerabilities
6817| [30711] Shttp 0.0.x Remote Directory Traversal Vulnerability
6818| [30705] Korean GHBoard component/upload.jsp Unspecified Arbitrary File Upload
6819| [30704] Korean GHBoard FlashUpload Component download.jsp name Parameter Arbitrary File Access
6820| [30703] Japanese PHP Gallery Hosting Arbitrary File Upload Vulnerability
6821| [30701] Jeebles Technology Jeebles Directory 2.9.60 Download.PHP Local File Include Vulnerability
6822| [30697] ReloadCMS 1.2.5 Index.PHP Local File Include Vulnerability
6823| [30639] Cart32 6.x GetImage Arbitrary File Download Vulnerability
6824| [30622] Microsoft Internet Explorer 5.0.1 File Upload Vulnerability
6825| [30573] SisfoKampus dwoprn.php Arbitrary File Download Vulnerability
6826| [30571] Proxy Anket 3.0.1 anket.asp SQL Injection Vulnerability
6827| [30504] Olate Download 3.4.1 Admin.PHP Remote Authentication Bypass Vulnerability
6828| [30470] Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution
6829| [30467] File Uploader 1.1 datei.php config[root_ordner] Parameter Remote File Inclusion
6830| [30466] File Uploader 1.1 index.php config[root_ordner] Parameter Remote File Inclusion
6831| [30443] Wordpress Persuasion Theme - Arbitrary File Download and File Deletion Exploit
6832| [30439] Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
6833| [30392] Microsoft Windows ndproxy.sys - Local Privilege Escalation
6834| [30371] AlstraSoft Affiliate Network Pro 8.0 merchants/index.php uploadProducts Action pgmid Parameter SQL Injection
6835| [30322] Lighttpd <= 1.4.15 Multiple Code Execution, Denial of Service and Information Disclosure Vulnerabilities
6836| [30278] SAP DB 7.x Web Server WAHTTP.EXE Multiple Buffer Overflow Vulnerabilities
6837| [30229] SHTTPD 1.38 Filename Parse Error Information Disclosure Vulnerability
6838| [30228] Apple WebCore XMLHTTPRequest Cross-Site Scripting Vulnerability
6839| [30218] BugHunter HTTP Server 1.6.2 Parse Error Information Disclosure Vulnerability
6840| [30209] HP LoadRunner EmulationAdmin - Web Service Directory Traversal
6841| [30159] ASP Folder Gallery Download_Script.ASP Arbitrary File Download Vulnerability
6842| [30130] PHP <= 5.2.3 EXT/Session HTTP Response Header Injection Vulnerability
6843| [30105] Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross Site Scripting
6844| [30084] Wordpress page-flip-image-gallery plugins Remote File Upload
6845| [30024] LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow Vulnerability
6846| [30014] Windows NDPROXY - Local SYSTEM Privilege Escalation
6847| [30008] Cisco Prime Data Center Network Manager - Arbitrary File Upload
6848| [29946] Wordpress Orange Themes CSRF File Upload Vulnerability
6849| [29933] Gazi Download Portal Down_Indir.ASP SQL Injection Vulnerability
6850| [29919] TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS
6851| [29917] FlashComs Chat <= 6.5 - Arbitrary File Upload Vulnerability
6852| [29849] ToendaCMS 1.5.3 HTTP Get And Post Forms HTML Injection Vulnerability
6853| [29834] WordPress dzs-videogallery Plugins Remote File Upload Vulnerability
6854| [29812] DesktopCentral AgentLogUpload Arbitrary File Upload
6855| [29803] Static Http Server 1.0 - Denial of Service (DoS) Exploit
6856| [29775] Image_Upload Script 2.0 - Multiple Remote File Include Vulnerabilities
6857| [29763] W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities
6858| [29739] Apache HTTP Server Tomcat 5.x/6.0.x Directory Traversal Vulnerability
6859| [29675] Kaseya < 6.3.0.2 - Arbitrary File Upload Vulnerability
6860| [29674] ManageEngine DesktopCentral 8.0.0 build < 80293 - Arbitrary File Upload Vulnerability
6861| [29644] Pickle 0.3 Download.PHP Local File Include Vulnerability
6862| [29638] LoveCMS 1.4 index.php load Parameter Traversal Arbitrary File Access
6863| [29574] eXtreme File Hosting Arbitrary RAR File Upload Vulnerability
6864| [29525] Wordpress Highlight Premium Theme - CSRF File Upload Vulnerability
6865| [29520] GTK2 GDKPixBufLoader - Remote Denial of Service Vulnerability
6866| [29503] KarjaSoft Sami HTTP Server 1.0.4/1.0.5/2.0.1 Request Remote Denial of Service Vulnerability
6867| [29482] WordPress Theme Kernel - Remote File Upload Vulnerability
6868| [29473] Squid Proxy 2.5/2.6 FTP URI Remote Denial of Service Vulnerability
6869| [29451] All In One Control Panel 1.3.x cp_downloads.php did Parameter SQL Injection
6870| [29430] Magic Photo Storage Website user/upload_photo.php _config[site_path] Parameter Remote File Inclusion
6871| [29385] Kolayindir Download Down.ASP SQL Injection Vulnerability
6872| [29348] phpCMS 1.1.7 include/class.http_indexer_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion
6873| [29332] WordPress Think Responsive Themes Arbitrary File Upload Vulnerability
6874| [29330] WordPress Switchblade Themes Arbitrary File Upload Vulnerability
6875| [29301] Oracle Portal 9.0.2 Calendar.JSP Multiple HTTP Response Splitting Vulnerabilities
6876| [29219] DUdownload 1.0/1.1 detail.asp Multiple Parameter SQL Injection
6877| [29211] WordPress Curvo Themes - CSRF File Upload Vulnerability
6878| [29210] Open Flash Chart 2 Arbitrary File Upload
6879| [29190] Apple Mac OS X 10.4.x Mach-O Binary Loading Integer Overflow Vulnerability
6880| [29150] WordPress SAICO theme Arbitrary File Upload Vulnerability
6881| [29130] HP Intelligent Management Center BIMS UploadServlet Directory Traversal
6882| [29072] PHP Upload Tool 1.0 - Arbitrary File Upload and Directory Traversal Vulnerabilities
6883| [29068] WordPress Area53 theme Arbitrary File Upload Vulnerability
6884| [29052] Bloo 1.00 Googlespell_Proxy.PHP Cross-Site Scripting Vulnerability
6885| [28922] AIOCP 1.3.x /admin/code/index.php load_page Parameter Remote File Inclusion
6886| [28896] RunCMS 1.x Avatar Arbitrary File Upload Vulnerability
6887| [28845] Shop-Script Multiple HTTP Response Splitting Vulnerabilities
6888| [28837] Novell eDirectory 8.x iMonitor HTTPSTK Buffer Overflow Vulnerability (3)
6889| [28836] Novell eDirectory 8.x iMonitor HTTPSTK Buffer Overflow Vulnerability (2)
6890| [28835] Novell eDirectory 8.x iMonitor HTTPSTK Buffer Overflow Vulnerability (1)
6891| [28809] HP LoadRunner magentproc.exe Overflow
6892| [28795] FreeWPS 2.11 Upload.PHP Remote Command Execution Vulnerability
6893| [28731] OlateDownload 3.4 search.php query Parameter SQL Injection
6894| [28730] OlateDownload 3.4 details.php page Parameter SQL Injection
6895| [28713] Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE
6896| [28709] FlashChat - Arbitrary File Upload Vulnerability
6897| [28664] Opial AV Download Management 1.0 Index.PHP Cross-Site Scripting Vulnerability
6898| [28655] Nodejs js-yaml load() Code Exec
6899| [28605] NeoSys Neon Webmail for Java 5.06/5.07 downloadfile Servlet Traversal Arbitrary File Access
6900| [28602] OSU HTTP Server 3.10/3.11 Multiple Information Disclosure Vulnerabilities
6901| [28595] BusyBox 1.01 HTTPD Directory Traversal Vulnerability
6902| [28581] Jupiter CMS 1.1.4/1.1.5 galleryuploadfunction.php Arbitrary File Upload
6903| [28578] Apple Mac OS X 10.x KExtLoad Buffer Overflow Weakness
6904| [28576] Apple Mac OS X 10.x KExtLoad Format String Weakness
6905| [28568] NX5Linkx 1.0 Links.PHP HTTP Response Splitting Vulnerability
6906| [28546] e107 website system 0.7.5 download.php Query String (PATH_INFO) Parameter XSS
6907| [28493] PHP-Nuke Book Catalog Module 1.0 'upload.php' Arbitrary File Upload Vulnerability
6908| [28452] Wordpress Lazy SEO plugin Shell Upload Vulnerability
6909| [28434] BigACE 1.8.2 download.cmd.php GLOBALS Parameter Remote File Inclusion
6910| [28433] BigACE 1.8.2 upload_form.php GLOBALS Parameter Remote File Inclusion
6911| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
6912| [28393] AspxCommerce 2.0 - Arbitrary File Upload Vulnerability
6913| [28392] Zen Cart Web Shopping Cart 1.x autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion
6914| [28377] Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability
6915| [28337] HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
6916| [28336] HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
6917| [28195] RW::Download Stats.PHP Remote File Include Vulnerability
6918| [28143] SturGeoN Upload Arbitrary File Upload Vulnerability
6919| [28083] HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
6920| [28058] Eduha Meeting Index.PHP Arbitrary File Upload Vulnerability
6921| [28030] Cisco Secure ACS 2.3 LoginProxy.CGI Cross-Site Scripting Vulnerability
6922| [27980] Alex DownloadEngine 1.4.1 Comments.PHP SQL Injection Vulnerability
6923| [27972] ESTsoft InternetDisk Arbitrary File Upload and Script Execution Vulnerability
6924| [27969] Quake 3 Engine CL_ParseDownload Remote Buffer Overflow Vulnerability
6925| [27939] HP LoadRunner lrFileIOService ActiveX Remote Code Execution
6926| [27899] JemWeb DownloadControl 1.0 DC.PHP SQL Injection Vulnerability
6927| [27811] Albinator 2.0.8 showpic.php preloadSlideShow Parameter XSS
6928| [27704] Cogent DataHub HTTP Server Buffer Overflow
6929| [27656] Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities
6930| [27610] Joomla Media Manager File Upload Vulnerability
6931| [27608] Ultra Mini HTTPD Stack Buffer Overflow
6932| [27607] MiniWeb (Build 300) Arbitrary File Upload
6933| [27592] SIRE 2.0 - Arbitrary File Upload Vulnerability
6934| [27591] Shadowed Portal 5.7 Load.PHP Cross-Site Scripting Vulnerability
6935| [27556] Open-FTPD 1.2 - Arbitrary File Upload
6936| [27553] onehttpd 0.7 - Denial of Service
6937| [27501] Arab Portal System 2.0 download.php title Parameter XSS
6938| [27452] F5 Firepass 4100 SSL VPN Cross-Site Scripting Vulnerability
6939| [27424] DSDownload 1.0 - Multiple SQL-Injection Vulnerabilities
6940| [27380] myBloggie 2.1.2/2.1.3 upload.php Multiple Parameter XSS
6941| [27378] Easy File Sharing Web Server 3.2 Full Path Request Arbitrary File Upload
6942| [27312] FreeHostShop Website Generator 3.3 - Arbitrary File Upload Vulnerability
6943| [27309] myPHPNuke 1.8.8 download.php dcategory Parameter XSS
6944| [27304] CubeCart 3.0.x Arbitrary File Upload Vulnerability
6945| [27275] FunGamez Remote File Upload Vulnerability
6946| [27272] SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload
6947| [27268] Dragonfly CMS 9.0.6 .1 Downloads Module c Parameter XSS
6948| [27241] D-Link DWL-G700AP 2.00/2.01 HTTPD Denial of Service Vulnerability
6949| [27200] ImageVue 0.16.1 upload.php Unrestricted File Upload
6950| [27127] PMachine ExpressionEngine 1.4.1 HTTP Referrer HTML Injection Vulnerability
6951| [27115] Rockliffe MailSite 5.3.4/6.1.22/7.0.3 HTTP Mail Management Cross-Site Scripting Vulnerability
6952| [27061] Hummingbird Collaboration - Crafted URL File Property Obscuration Download
6953| [27046] VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
6954| [26984] IceWarp Universal WebMail /mail/include.html - Crafted HTTP_USER_AGENT Arbitrary File Access
6955| [26977] Dev Web Management System 1.5 download_now.php target Parameter SQL Injection
6956| [26973] Cerberus Helpdesk 2.649 cer_KnowledgebaseHandler.class.php _load_article_details Function SQL Injection
6957| [26967] httprint 202.0 HTTP Response Server Field Overflow DoS
6958| [26966] httprint 202.0 HTTP Response Server Field Arbitrary Script Injection
6959| [26922] Interaction SIP Proxy 3.0 - Remote Heap Corruption Denial of Service Vulnerability
6960| [26915] Blender BlenLoader 2.x File Processing Integer Overflow Vulnerability
6961| [26778] Blackboard Academic Suite 6.2.3.23 Frameset.JSP Cross-Domain Frameset Loading Vulnerability
6962| [26739] Ultra Mini HTTPD 1.21 - Stack Buffer Overflow
6963| [26691] WebCalendar 1.0.1 Layers_Toggle.PHP HTTP Response Splitting Vulnerability
6964| [26646] PHP Upload Center Index.PHP Directory Traversal Vulnerability
6965| [26610] Bedeng PSP 1.1 download.php a.ngroup Parameter SQL Injection
6966| [26544] PHP Download Manager 1.1.x Files.PHP SQL Injection Vulnerability
6967| [26534] Revize CMS HTTPTranslatorServlet Cross-Site Scripting Vulnerability
6968| [26520] Static HTTP Server 1.0 - SEH Overflow
6969| [26500] PHPWebThings 1.4 Download.PHP File Parameter SQL Injection Vulnerability
6970| [26474] PHPFM Arbitrary File Upload Vulnerability
6971| [26467] PHP Handicapper Process_signup.PHP HTTP Response Splitting Vulnerability
6972| [26443] PHP 4.x/5.0.x File Upload GLOBAL Variable Overwrite Vulnerability
6973| [26422] MoinMoin twikidraw Action Traversal File Upload
6974| [26421] LibrettoCMS File Manager Arbitary File Upload Vulnerability
6975| [26414] PodHawk 1.85 - Arbitary File Upload Vulnerability
6976| [26388] Nuked-Klan 1.7 Download Module dl_id Parameter SQL Injection
6977| [26340] Up-IMAPProxy 1.2.3/1.2.4 - Multiple Unspecified Remote Format String Vulnerabilities
6978| [26316] imacs CMS 0.3.0 - Unrestricted File Upload Exploit
6979| [26306] NateOn Messenger 3.0 Arbitrary File Download And Buffer Overflow Vulnerabilities
6980| [26293] JPortal 2.2.1/2.3.1 Download.PHP SQL Injection Vulnerability
6981| [26255] Mail-it Now! Upload2Server 1.5 - Arbitrary File Upload Vulnerability
6982| [26243] Havalite CMS 1.1.7 - Unrestricted File Upload Exploit
6983| [26241] Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit
6984| [26233] Cisco IOS 12.x Firewall Authentication Proxy Buffer Overflow Vulnerability
6985| [26230] Microsoft IIS 5.1 WebDAV HTTP Request Source Code Disclosure Vulnerability
6986| [26225] MAXdev MD-Pro 1.0.73 Arbitrary Remote File Upload Vulnerability
6987| [26213] LibrettoCMS 2.2.2 - Arbitrary File Upload
6988| [26198] Astaro Security Linux 6.0 01 HTTP CONNECT Unauthorized Access Weakness
6989| [26189] PostNuke 0.75/0.76 DL-viewdownload.PHP SQL Injection Vulnerability
6990| [26156] CPaint 1.3 xmlhttp Request Input Validation Vulnerability
6991| [26143] ezUpload 2.2 form.php path Parameter Remote File Inclusion
6992| [26142] ezUpload 2.2 customize.php path Parameter Remote File Inclusion
6993| [26141] ezUpload 2.2 initialize.php path Parameter Remote File Inclusion
6994| [26140] ezUpload 2.2 index.php path Parameter Remote File Inclusion
6995| [26080] Comdev eCommerce 3.0 WCE.Download.PHP Directory Traversal Vulnerability
6996| [25969] Netgear WPN824v3 - Unauthorized Config Download
6997| [25950] eRoom 6.0 Plug-In Insecure File Download Handling Vulnerability
6998| [25933] slimserve httpd 1.0/1.1 - Directory Traversal vulnerability
6999| [25908] ASPPlayground.NET 3.2 SR1 Remote Arbitrary File Upload Vulnerability
7000| [25907] ASPNuke 0.80 Language_Select.ASP HTTP Response Splitting Vulnerability
7001| [25897] UBBCentral UBB.threads 5.5.1/6.x download.php Number Parameter SQL Injection
7002| [25845] Uapplication Ublog Reload 1.0.5 Trackback.ASP Cross-Site Scripting Vulnerability
7003| [25844] Ublog Reload 1.0.5 blog_comment.asp y Parameter SQL Injection
7004| [25843] Ublog Reload 1.0.5 index.asp Multiple Parameter SQL Injection
7005| [25842] JBoss 3.x/4.0.2 Malformed HTTP Request Remote Information Disclosure Vulnerability
7006| [25840] osCommerce 2.1/2.2 - Multiple HTTP Response Splitting Vulnerabilities
7007| [25837] Monkey HTTPD 1.1.1 - Crash PoC
7008| [25805] Loki Download Manager 2.0 Catinfo.ASP SQL Injection Vulnerability
7009| [25804] Loki Download Manager 2.0 Default.ASP SQL Injection Vulnerability
7010| [25794] YaPiG 0.9x Upload.PHP Directory Traversal Vulnerability
7011| [25780] JiRo's Upload System 1.0 Login.ASP SQL Injection Vulnerability
7012| [25777] PowerDownload 3.0.2/3.0.3 IncDir Remote File Include Vulnerability
7013| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
7014| [25661] Keyvan1 ImageGallery Database Download Vulnerability
7015| [25631] Orenosv HTTP/FTP Server 0.8.1 CGISSI.EXE Remote Buffer Overflow Vulnerability
7016| [25629] Orenosv HTTP/FTP Server 0.8.1 FTP Commands Remote Buffer Overflow Vulnerability
7017| [25627] PHP Advanced Transfer Manager 1.21 Arbitrary File Upload Vulnerability
7018| [25567] Just William's Amazon Webstore HTTP Response Splitting Vulnerability
7019| [25559] Oracle Application Server 9.0 HTTP Service Mod_Access Restriction Bypass Vulnerability
7020| [25534] SQWebmail 3.x/4.0 HTTP Response Splitting Vulnerability
7021| [25517] Mutiny 5 Arbitrary File Upload
7022| [25464] CityPost Simple PHP Upload Simple-upload-53.PHP Cross-Site Scripting Vulnerability
7023| [25440] Wordpress wp-FileManager - Arbitrary File Download Vulnerability
7024| [25430] PHP-Nuke 7.6 Surveys Module HTTP Response Splitting Vulnerability
7025| [25418] MiniWeb MiniWeb HTTP Server (build 300) - Crash PoC
7026| [25405] GetSimpleCMS 3.2.1 - Arbitrary File Upload Vulnerability
7027| [25365] AN HTTPD 1.42 Arbitrary Log Content Injection Vulnerability
7028| [25364] AN HTTPD CMDIS.DLL Remote Buffer Overflow Vulnerability
7029| [25341] PHP-Nuke 6.x/7.x Downloads Module Lid Parameter Cross-Site Scripting Vulnerability
7030| [25325] BlueSoleil 1.4 Object Push Service Bluetooth File Upload Directory Traversal Vulnerability
7031| [25258] Phorum 3.x/5.0.x HTTP Response Splitting Vulnerability
7032| [25253] betaparticle blog 2.0/3.0 upload.asp Unauthenticated File Upload
7033| [25189] Stadtaus.Com Download Center Lite 1.5 Arbitrary Remote PHP File Include Vulnerability
7034| [25187] Computalynx CProxy 3.3/3.4.x Directory Traversal Vulnerability
7035| [25164] Gaim 1.1.3 File Download Denial of Service Vulnerability
7036| [25161] PHPWebSite 0.x Image File Processing Remote Arbitrary PHP File Upload Vulnerability
7037| [25126] eggBlog 4.1.2 - Arbitrary File Upload Vulnerability
7038| [25100] CitrusDB 0.3.6 uploadcc.php Arbitrary Database Injection
7039| [25092] Software602 602 Lan Suite 2004 2004.0.04.1221 Arbitrary File Upload Vulnerability
7040| [25083] RaidenHTTPD 1.1.27 Remote File Disclosure Vulnerability
7041| [25082] Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial of Service
7042| [25066] WebWasher Classic 2.2/2.3 HTTP CONNECT Unauthorized Access
7043| [25065] Magic Winmail Server 4.0 (Build 1112) upload.php Traversal Arbitrary File Upload
7044| [25064] Magic Winmail Server 4.0 (Build 1112) download.php Traversal Arbitrary File Access
7045| [24999] Windows Light HTTPD 0.1 - Buffer Overflow
7046| [24996] SAP ConfigServlet Remote Unauthenticated Payload Execution
7047| [24994] MediaWiki 1.3.x Remote Arbitrary Script Upload Vulnerability
7048| [24987] JSBoard 2.0.x Remote Arbitrary Script Upload Vulnerability
7049| [24980] Yanf 0.4 HTTP Response Buffer Overflow Vulnerability
7050| [24964] Oracle WebCenter Sites Satellite Server - HTTP Header Injection
7051| [24924] Belkin Wemo - Arbitrary Firmware Upload
7052| [24891] HP Intelligent Management Center Arbitrary File Upload
7053| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
7054| [24803] Blog Torrent 0.80 BTDownload.PHP Cross-Site Scripting Vulnerability
7055| [24792] IPCop 1.4.1 Web Administration Interface Proxy Log HTML Injection Vulnerability
7056| [24760] ZyXEL 3 Prestige Router HTTP Remote Administration Configuration Reset Vulnerability
7057| [24736] PHPWebSite 0.7.3/0.8.x/0.9.3 User Module HTTP Response Splitting Vulnerability
7058| [24701] OpenWFE 1.4.x Remote Cross-Site Scripting And Connection Proxy Vulnerabilities
7059| [24697] Serendipity 0.x Exit.PHP HTTP Response Splitting Vulnerability
7060| [24667] Wordpress 1.2 Wp-login.PHP HTTP Response Splitting Vulnerability
7061| [24665] DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability
7062| [24651] W-Agora 4.1.6 a subscribe_thread.php HTTP Response Splitting
7063| [24650] W-Agora 4.1.6 a download_thread.php thread Parameter XSS
7064| [24604] Snitz Forums 2000 Down.ASP HTTP Response Splitting Vulnerability
7065| [24598] SnipSnap 0.5.2 HTTP Response Splitting Vulnerability
7066| [24567] Oracle Database Server 8.1.7/9.0.x ctxsys.driload Access Validation Vulnerability
7067| [24549] PolarPearCms PHP File Upload Vulnerability
7068| [24548] Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload Vulnerability
7069| [24547] Kordil EDMS 2.2.60rc3 - Unauthenticated Arbitrary File Upload Vulnerability
7070| [24543] iOS IPMap 2.5 - Arbitrary File Upload
7071| [24529] OpenEMR PHP File Upload Vulnerability
7072| [24528] BigAnt Server DUPF Command Arbitrary File Upload
7073| [24526] MS Office 2010 Download Execute
7074| [24492] OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability
7075| [24486] Google Chrome Silent HTTP Authentication
7076| [24423] Cerbere Proxy Server 1.2 Long Host Header Field Remote Denial of Service Vulnerability
7077| [24422] Comersus Cart 5.0 HTTP Response Splitting Vulnerability
7078| [24409] Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability
7079| [24405] SWsoft Plesk Reloaded 7.1 Login_name Parameter Cross-Site Scripting Vulnerability
7080| [24404] Gadu-Gadu 6.0 File Download Filename Obfuscation Weakness
7081| [24402] Axis Network Camera 2.x And Video Server 1-3 HTTP Authentication Bypass
7082| [24366] Windows Manage Memory Payload Injection
7083| [24350] acme thttpd 2.0.7 - Directory Traversal vulnerability
7084| [24326] RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Open Proxy Relay
7085| [24322] SonicWALL GMS 6 Arbitrary File Upload
7086| [24318] Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode
7087| [24262] Opera Web Browser 7.5x IFrame OnLoad Address Bar URL Obfuscation Weakness
7088| [24248] IBM WebSphere Caching Proxy Server 5.0 2 Denial of Service Vulnerability
7089| [24231] ArbitroWeb PHP Proxy 0.5/0.6 Cross-Site Scripting Vulnerability
7090| [24228] Joomla com_collector Component Arbitrary File Upload Vulnerability
7091| [24188] Blackboard Learning System 6.0 Dropbox File Download Vulnerability
7092| [24181] OpenBSD 3.x ISAKMPD Security Association Piggyback Delete Payload Denial of Service Vulnerability
7093| [24147] Orenosv HTTP/FTP Server 0.5.9 HTTP GET Denial of Service Vulnerability (3)
7094| [24146] Orenosv HTTP/FTP Server 0.5.9 HTTP GET Denial of Service Vulnerability (2)
7095| [24145] Orenosv HTTP/FTP Server 0.5.9 HTTP GET Denial of Service Vulnerability (1)
7096| [24129] Omnicron OmniHTTPD 2.x/3.0 Get Request Buffer Overflow Vulnerability
7097| [24119] Microsoft Internet Explorer 5.0.1 http-equiv Meta Tag Denial of Service Vulnerability
7098| [24111] Serva 2.0.0 - HTTP Server GET Remote Denial of Service Vulnerability
7099| [24105] National Science Foundation Squid Proxy 2.3 Internet Access Control Bypass Vulnerability
7100| [24103] MailEnable Mail Server HTTPMail 1.x Remote Heap Overflow Vulnerability
7101| [24097] MyWeb HTTP Server 3.3 GET Request Buffer Overflow Vulnerability
7102| [24076] Sambar 5.x Open Proxy and Authentication Bypass Vulnerability
7103| [24070] Rosiello Security Sphiro HTTPD 0.1 B Remote Heap Buffer Overflow Vulnerability
7104| [24035] phProfession 2.5 upload.php Direct Request Path Disclosure
7105| [24024] Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution Vulnerability
7106| [24018] eXtplorer 2.1 - Arbitrary File Upload Vulnerability
7107| [23960] TikiWiki Project 1.8 tiki-upload_file.php galleryId Parameter XSS
7108| [23948] TikiWiki Project 1.8 img/wiki_up Arbitrary File Upload
7109| [23906] ADA IMGSVR 0.4 - Remote File Download Vulnerability
7110| [23896] MPlayer 0.9/1.0 - Remote HTTP Header Buffer Overflow Vulnerability
7111| [23878] HP Web Jetadmin 7.5.2456 Printer Firmware Update Script Arbitrary File Upload Weakness
7112| [23871] Centrinity FirstClass HTTP Server 5/7 TargetName Parameter Cross-Site Scripting Vulnerability
7113| [23870] PHP-Nuke MS-Analysis Module HTTP Referrer Field SQL Injection Vulnerability
7114| [23837] IBM Lotus Domino 6.5.1 HTTP webadmin.nsf Quick Console Cross-Site Scripting Vulnerability
7115| [23836] IBM Lotus Domino 6/7 HTTP webadmin.nsf Directory Traversal Vulnerability
7116| [23819] Phorum 3.x login.php HTTP_REFERER XSS
7117| [23818] Phorum 3.x register.php HTTP_REFERER XSS
7118| [23801] GNU MyProxy 20030629 Cross-Site Scripting Vulnerability
7119| [23777] Squid Proxy 2.4/2.5 NULL URL Character Unauthorized Access Vulnerability
7120| [23758] gweb http server 0.5/0.6 - Directory Traversal vulnerability
7121| [23743] Platform Load Sharing Facility 4/5/6 EAuth Privilege Escalation Vulnerability
7122| [23741] Proxy-Pro Professional GateKeeper 4.7 Web Proxy Buffer Overrun Vulnerability
7123| [23734] PSOProxy 0.91 Remote Buffer Overflow Vulnerability (3)
7124| [23733] PSOProxy 0.91 Remote Buffer Overflow Vulnerability (2)
7125| [23732] PSOProxy 0.91 Remote Buffer Overflow Vulnerability (1)
7126| [23714] KarjaSoft Sami HTTP Server 1.0.4 GET Request Buffer Overflow Vulnerability
7127| [23686] Monkey HTTP Daemon 0.x Missing Host Field Denial of Service Vulnerability
7128| [23676] MaxWebPortal 1.3x down.asp HTTP_REFERER XSS
7129| [23668] Microsoft Internet Explorer 5.0.1 LoadPicture File Enumeration Weakness
7130| [23665] Shaun2k2 Palmhttpd Server 3.0 - Remote Denial of Service Vulnerability
7131| [23652] WordPress Asset-Manager PHP File Upload Vulnerability
7132| [23651] WordPress WP-Property PHP File Upload Vulnerability
7133| [23614] Loom Software SurfNow 1.x/2.x Remote HTTP GET Request Denial of Service Vulnerability
7134| [23608] InternetNow ProxyNow 2.6/2.75 Multiple Stack and Heap Overflow Vulnerabilities
7135| [23593] Oracle HTTP Server 8.1.7/9.0.1/9.2 isqlplus Cross-Site Scripting Vulnerability
7136| [23585] Finjan SurfinGate 6.0/7.0 FHTTP Restart Command Execution Vulnerability
7137| [23584] McAfee ePolicy Orchestrator 1.x/2.x/3.0 Agent HTTP POST Buffer Mismanagement Vulnerability
7138| [23583] Netbus 2.0 Pro Directory Listings Disclosure and File Upload Vulnerability
7139| [23582] Acme thttpd 1.9/2.0.x CGI Test Script Cross-Site Scripting Vulnerability
7140| [23571] SelectSurvey CMS (ASP.NET) Arbitrary File Upload
7141| [23567] Sony PC Companion 2.1 (Load()) Stack-based Unicode Buffer Overflow
7142| [23565] Sony PC Companion 2.1 (DownloadURLToFile()) Stack-based Unicode Buffer Overflow
7143| [23564] Mephistoles HTTPD 0.6 Cross-Site Scripting Vulnerability
7144| [23534] Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service Vulnerability
7145| [23532] Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb Directory Traversal Vulnerability
7146| [23494] Clockstone and other CMSMasters Theme File Upload Vulnerabilities
7147| [23480] Surfboard httpd 1.1.9 - Remote Buffer Overflow Vulnerability
7148| [23439] MVDSV 0.165 b/0.171 Quake Server Download Buffer Overrun Vulnerability
7149| [23417] EZMeeting 3.x EZNet.EXE Long HTTP Request Remote Buffer Overflow Vulnerability
7150| [23397] Monit 1.4/2.x/3/4 Overly Long HTTP Request Buffer Overrun Vulnerability
7151| [23385] PostMaster 3.16/3.17 Proxy Service Cross-Site Scripting Vulnerability
7152| [23360] PostgreSQL for Linux Payload Execution
7153| [23326] http commander 4.0 - Directory Traversal vulnerability
7154| [23325] BRS WebWeaver 1.06 httpd `User-Agent` Remote Denial of Service Vulnerability
7155| [23310] TelCondex SimpleWebserver 2.12.30210 build 3285 HTTP Referer Remote Buffer Overflow Vulnerability
7156| [23309] Centrinity FirstClass 7.1 HTTP Server Directory Disclosure Vulnerability
7157| [23306] thttpd 2.2x defang Remote Buffer Overflow Vulnerability (2)
7158| [23305] thttpd 2.2x defang Remote Buffer Overflow Vulnerability (1)
7159| [23295] SH-HTTPD 0.3/0.4 Character Filtering Remote Information Disclosure Vulnerability
7160| [23257] Bajie HTTP Server 0.95 Example Scripts And Servlets Cross-Site Scripting Vulnerability
7161| [23245] Apache Tomcat 4.0.x Non-HTTP Request Denial of Service Vulnerability
7162| [23234] Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Vulnerability
7163| [23226] FreeFloat FTP Server Arbitrary File Upload
7164| [23188] Athttpd 0.4 b Remote GET Request Buffer Overrun Vulnerability
7165| [23181] NullLogic Null HTTPd 0.5 - Remote Denial of Service Vulnerability
7166| [23176] NullLogic Null HTTPd 0.5.1 Error Page Long HTTP Request Cross-Site Scripting Vulnerablity
7167| [23174] TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities
7168| [23173] TCLhttpd 3.4.2 Directory Listing Disclosure Vulnerability
7169| [23144] minihttp file-sharing for net 1.5 - Directory Traversal vulnerability
7170| [23142] WideChapter 3.0 HTTP Request Buffer Overflow Vulnerability
7171| [23121] Kukol E.V. HTTP & FTP Server Suite 6.2 File Disclosure Vulnerability
7172| [23110] Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
7173| [23050] Avant Browser 8.0.2 Long HTTP Request Buffer Overflow Vulnerability
7174| [23037] DWebPro 3.4.1 Http.ini Plaintext Password Storage Vulnerability
7175| [23005] FCKEditor ASP 2.6.8 - File Upload Protection Bypass
7176| [22997] PostNuke 0.6/0.7 Downloads Module TTitle Cross-site Scripting Vulnerability
7177| [22962] Cisco Aironet AP1x00 Malformed HTTP GET Denial of Service Vulnerability
7178| [22955] PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload And Execution Vulnerability
7179| [22935] Websense Proxy Filter Bypass
7180| [22909] NetSuite 1.0/1.2 HTTP Server Directory Traversal Vulnerability
7181| [22902] lighttpd 1.4.31 Denial of Service PoC
7182| [22892] Mabry Software HTTPServer/X 1.0 0.047 File Disclosure Vulnerability
7183| [22886] ChangshinSoft EZTrans Server Download.PHP Directory Traversal Vulnerability
7184| [22876] Canon GP300 Remote Malformed HTTP Get Denial of Service Vulnerability
7185| [22819] Tutos 1.1 File_New Arbitrary File Upload Vulnerability
7186| [22795] MiniHTTPServer WebForums Server 1.x/2.0 - Remote Directory Traversal Vulnerability
7187| [22794] Proxomitron Proxy Server Long Get Request Remote Denial of Service Vulnerability
7188| [22787] NFR Agent FSFUI Record File Upload RCE
7189| [22786] Dune 0.6.7 HTTP Get Remote Buffer Overrun Vulnerability
7190| [22785] MyServer 0.4.1/0.4.2 HTTP Server Directory Traversal Vulnerability
7191| [22784] Microsoft Internet Explorer 5 Custom HTTP Error HTML Injection Vulnerability
7192| [22749] Novell Netware 6.0,eDirectory 8.7 HTTPSTK.NLM Remote Abend Vulnerability
7193| [22723] MegaBrowser 0.3 HTTP Directory Traversal File Disclosure Vulnerability
7194| [22714] Oracle Database Client System Analyzer Arbitrary File Upload
7195| [22701] MyServer 0.5 HTTP GET Argument Buffer Overflow Vulnerability
7196| [22700] MyServer 0.4.3 HTTP GET Argument Buffer Overflow Vulnerability
7197| [22697] iisCart2000 Arbitrary File Upload Vulnerability
7198| [22628] Platform Load Sharing Facility 4/5 LSF_ENVDIR Local Command Execution Vulnerability
7199| [22626] Axis Network Camera 2.x HTTP Authentication Bypass Vulnerability
7200| [22610] Snowblind Web Server 1.0/1.1 HTTP GET Request Buffer Overflow Vulnerability
7201| [22608] Snowblind Web Server 1.0/1.1 Malformed HTTP Request Denial of Service Vulnerability
7202| [22597] PHP-Nuke 6.5 - Multiple Downloads Module SQL Injection Vulnerabilities
7203| [22556] MDG Web Server 4D 3.6 HTTP Command Buffer Overflow Vulnerability
7204| [22553] Microsoft BizTalk Server 2002 HTTP Receiver Buffer Overflow Vulnerability
7205| [22548] Xivo 1.2 Arbitrary File Download
7206| [22515] AN HTTPD 1.x Count.pl Directory Traversal Vulnerability
7207| [22460] Abyss Web Server 1.1.2 Incomplete HTTP Request Denial of Service Vulnerability
7208| [22433] Monkey HTTP Daemon 0.4/0.5/0.6 Excessive POST Data Buffer Overflow Vulnerability
7209| [22386] Siteframe 2.2.4 Download.php Information Disclosure Vulnerability
7210| [22341] Opera 6.0/7.0 Long Filename Download Buffer Overrun Vulnerability
7211| [22296] Axis Communications HTTP Server 2.x Messages Information Disclosure Vulnerability
7212| [22230] Netscape Enterprise Server 4.1 HTTP Method Name Buffer Overflow Vulnerability
7213| [22207] 3ware Disk Managment 1.10 Malformed HTTP Request DoS Vulnerability
7214| [22186] MyRoom 3.5 GOLD save_item.php Arbitrary File Upload Vulnerability
7215| [22130] AN HTTPD 1.41 e Cross Site Scripting Vulnerability
7216| [22117] iCal 3.7 Malformed HTTP Request Denial of Service Vulnerability
7217| [22106] CUPS 1.1.x Negative Length HTTP Header Vulnerability
7218| [22064] zeroo http server 1.5 - Directory Traversal vulnerability (2)
7219| [22063] zeroo http server 1.5 - Directory Traversal vulnerability (1)
7220| [22059] Pserv 2.0 HTTP Request Parsing Buffer Overflow
7221| [22058] Pserv 2.0 User-Agent HTTP Header Buffer Overflow Vulnerability (2)
7222| [22057] Pserv 2.0 User-Agent HTTP Header Buffer Overflow Vulnerability (1)
7223| [22056] Pserv 2.0 - HTTP Version Specifier Buffer Overflow Vulnerability
7224| [22046] Null HTTPD 0.5 - Remote Heap Corruption Vulnerability
7225| [22038] Sisfokol 4.0 - Arbitrary File Upload
7226| [22024] TFTPD32 2.50 Arbitrary File Download/Upload Vulnerability
7227| [22021] Lonerunner Zeroo HTTP Server 1.5 - Remote Buffer Overflow Vulnerability
7228| [22016] LibHTTPD 1.2 POST Buffer Overflow Vulnerability
7229| [22013] Light HTTPD 0.1 GET Request Buffer Overflow Vulnerability (2)
7230| [22012] Light HTTPD 0.1 GET Request Buffer Overflow Vulnerability (1)
7231| [22009] EZ Systems HTTPBench 1.1 Information Disclosure Vulnerability
7232| [21981] Monkey HTTP Server 0.4/0.5 Invalid POST Request Denial of Service Vulnerability
7233| [21978] Linksys WAP11 1.3/1.4,D-Link DI-804 4.68/Dl-704 2.56 b5 Embedded HTTP Server DoS Vulnerability
7234| [21955] AN HTTPD 1.38/1.39/1.40/1.41 Malformed SOCKS4 Request Buffer Overflow Vulnerability
7235| [21949] IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service Vulnerability
7236| [21948] IBM Websphere Edge Server 3.69/4.0 HTTP Header Injection Vulnerability
7237| [21944] Cisco CatOS 5.x/6.1/7.3/7.4 CiscoView HTTP Server Buffer Overflow Vulnerability
7238| [21937] ghttpd 1.4.x Log() Function Buffer Overflow Vulnerability
7239| [21936] ATP httpd 0.4 Single Byte Buffer Overflow Vulnerability
7240| [21929] Project Pier Arbitrary File Upload Vulnerability
7241| [21921] VBZoom 1.0 - Arbitrary File Upload Vulnerability
7242| [21896] Midicart PHP Arbitrary File Upload Vulnerability
7243| [21880] Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross Site Scripting Vulnerabilities
7244| [21857] Monkey HTTP Server 0.1.4 File Disclosure Vulnerability
7245| [21847] Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution
7246| [21837] InduSoft Web Studio Arbitrary Upload Remote Code Execution
7247| [21836] Auxilium RateMyPet Arbitrary File Upload Vulnerability
7248| [21835] qdPM 7.0 - Arbitrary PHP File Upload Vulnerability
7249| [21818] Null HTTPd 0.5 - Remote Heap Overflow Vulnerability
7250| [21801] DB4Web 3.4/3.6 Connection Proxy Vulnerability
7251| [21782] Oracle 8.1.x/9.0/9.2 TNS Listener Service_CurLoad Remote Denial of Service
7252| [21767] NullLogic Null HTTPd 0.5 Error Page Cross-Site Scripting Vulnerability
7253| [21757] OmniHTTPD 1.1/2.0.x/2.4 Sample Application URL Encoded Newline HTML Injection
7254| [21756] Belkin F5D6130 Wireless Network Access Point SNMP Request Denial of Service
7255| [21754] OmniHTTPd 1.1/2.0.x/2.4 test.shtml Sample Application XSS
7256| [21753] OmniHTTPd 1.1/2.0.x/2.4 test.php Sample Application XSS
7257| [21731] Novell NetWare 5.1/6.0 HTTP Post Arbitrary Perl Code Execution Vulnerability
7258| [21710] MyWebServer 1.0.2 Long HTTP Request HTML Injection Vulnerability
7259| [21694] 602Pro LAN SUITE 2002 Telnet Proxy Localhost Denial of Service Vulnerability
7260| [21678] Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String Vulnerability
7261| [21656] Lucent Access Point 300/600/1500 IP Services Router Long HTTP Request DoS
7262| [21654] IPSwitch IMail 6.x/7.0/7.1 Web Messaging HTTP Get Buffer Overflow Vulnerability
7263| [21614] ATPhttpd 0.4 b Buffer Overflow Vulnerabilities
7264| [21611] Summit Computer Networks Lil' HTTP Server 2.1/2.2 pbcgi.cgi Cross Site Scripting
7265| [21589] AnalogX Proxy 4.0 Socks4A Buffer Overflow Vulnerability
7266| [21581] Summit Computer Networks Lil' HTTP Server 2 URLCount.CGI HTML Injection Vulnerability
7267| [21510] MS IE 5/6,MS ISA Server 2000,MS Proxy Server 2.0 Gopher Client Buffer Overflow
7268| [21441] Cisco ATA-186 HTTP Device Configuration Disclosure Vulnerability
7269| [21422] ACME Labs thttpd 2.20 Cross-Site Scripting Vulnerability
7270| [21413] National Instruments LabVIEW 5.1.1/6.0/6.1 HTTP Request Denial of Service Vulnerability
7271| [21372] Microsoft IIS 4/5 HTTP Error Page Cross Site Scripting Vulnerability
7272| [21347] PHP 3.0.x/4.x Move_Uploaded_File Open_Basedir Circumvention Vulnerability
7273| [21335] Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (2)
7274| [21334] Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (1)
7275| [21320] Internet Download Manager All Versions - SEH Based Buffer Overflow
7276| [21318] Internet Download Manager All Versions - Stack Based Buffer Overflow
7277| [21311] BPM Studio Pro 4.2 HTTPD Directory Traversal Vulnerability
7278| [21297] Squid 2.0-4 Cache FTP Proxy URL Buffer Overflow Vulnerability
7279| [21269] Webify eDownloads Cart Arbitrary File Deletion Vulnerability
7280| [21243] Alteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty
7281| [21202] Anti-Web HTTPD 2.2 Script Engine File Opening Denial of Service Vulnerability
7282| [21150] Rational ClearCase 3.2/4.x DB Loader TERM Environment Variable Buffer Overflow Vulnerability
7283| [21145] IBM HTTP Server 1.3.x Source Code Disclosure Vulnerability
7284| [21141] Red Hat TUX 2.1 .0-2 HTTP Server Oversized Host Denial of Service Vulnerability
7285| [21138] Sflog! CMS 1.0 - Arbitrary File Upload Vulnerability
7286| [21050] NCSA httpd 1.x Buffer Overflow Vulnerability (2)
7287| [21049] NCSA httpd 1.x Buffer Overflow Vulnerability (1)
7288| [21017] Squid Web Proxy 2.3 Reverse Proxy Vulnerability
7289| [20998] xloadimage 4.1 - Buffer Overflow Vulnerability
7290| [20978] Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (4)
7291| [20977] Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (3)
7292| [20976] Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (2)
7293| [20975] Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (1)
7294| [20955] Internet Download Manager All Versions - Memory Corruption Vulnerability
7295| [20929] ghttpd 1.4 Daemon Buffer Overflow Vulnerability
7296| [20886] Omnicron OmniHTTPD 2.0.4-8 File Source Disclosure Vulnerability
7297| [20864] Elcom CMS 7.4.10 Community Manager Insecure File Upload
7298| [20847] 3Com OfficeConnect DSL Router 812 1.1.7/840 1.1.7 HTTP Port Router DoS
7299| [20825] michael lamont savant http server 2.1 - Directory Traversal vulnerability
7300| [20790] businesswiki 2.5rc3 - Stored XSS & arbitrary file upload
7301| [20775] Netscape SmartDownload 1.3 - Buffer Overflow Vulnerability
7302| [20763] Microsoft ISA Server 2000 Web Proxy DoS Vulnerability
7303| [20728] 602Pro Lan Suite 2000a Long HTTP Request Denial of Service Vulnerability
7304| [20713] XODA 0.4.5 Arbitrary PHP File Upload Vulnerability
7305| [20703] XODA Document Management System 0.4.5 - XSS & Arbitrary File Upload
7306| [20662] WhitSoft SlimServe HTTPD 1.1 Get Denial of Service Vulnerability
7307| [20657] robin twombly a1 http server 1.0 - Directory Traversal vulnerability
7308| [20656] Robin Twombly A1 HTTP Server 1.0 - Denial of Service Vulnerability
7309| [20608] guido frassetto sedum http server 2.0 - Directory Traversal vulnerability
7310| [20595] NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability
7311| [20559] tinyproxy tinyproxy 1.3.2/1.3.3 Heap Overflow Vulnerability
7312| [20557] Omnicron OmniHTTPD 2.0.7 File Corruption and Command Execution Vulnerability
7313| [20539] MobileCartly 1.0 - Remote File Upload Vulnerability
7314| [20531] IBM HTTP Server 1.3 AfpaCache/WebSphereNet.Data DoS Vulnerability
7315| [20526] GTK+ 1.2.8 Arbitrary Loadable Module Execution Vulnerability
7316| [20500] TestLink 1.9.3 - Arbitrary File Upload Vulnerability
7317| [20496] Oops Proxy Server 1.4.22 Buffer Overflow Vulnerabilities (2)
7318| [20495] Oops Proxy Server 1.4.22 Buffer Overflow Vulnerabilities (1)
7319| [20491] KTH Kerberos 4 Arbitrary Proxy Usage Vulnerability
7320| [20465] Squid Web Proxy 2.2 cachemgr.cgi Unauthorized Connection Vulnerability
7321| [20449] GlimpseHTTP 1.0/2.0 and WebGlimpse 1.0 Piped Command Vulnerability
7322| [20435] Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability
7323| [20423] NCSA httpd-campas 1.2 sample script Vulnerability
7324| [20403] Small HTTP server 2.0 1 Non-Existent File DoS Vulnerability
7325| [20395] BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow Vulnerability (2)
7326| [20394] BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow Vulnerability (1)
7327| [20323] "Cisco IOS 12 Software ""?/"" HTTP Request DoS Vulnerability"
7328| [20305] Microsoft Site Server 2.0 with IIS 4.0 - File Upload Vulnerability
7329| [20304] Omnicron OmniHTTPD 1.1/2.0 Alpha 1 visiadmin.exe Denial of Service Vulnerability
7330| [20295] AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution
7331| [20242] Unixware 7.0 SCOhelp HTTP Server Format String Vulnerability
7332| [20220] Mandrake 6.1/7.0/7.1 /perl http Directory Disclosure Vulnerability
7333| [20173] WebPageTest Arbitrary PHP File Upload
7334| [20123] Symantec Web Gateway 5.0.3.18 (deptUploads_data.php groupid parameter) Blind SQLi
7335| [20120] httpdx <= 1.5.4 - Remote Heap Overflow
7336| [20111] CuteFlow 2.11.2 - Arbitrary File Upload Vulnerability
7337| [20109] Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow
7338| [20099] AnalogX Proxy 4.0 4 DoS Vulnerability
7339| [20083] WordPress Front End Upload 0.5.4.4 - Arbitrary PHP File Upload
7340| [20054] West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow
7341| [20048] Microsoft Windows 2000 Remote CPU-overload Vulnerability
7342| [20040] SapporoWorks WinProxy 2.0/2.0.1 - Buffer Overflow Vulnerability
7343| [20029] EGallery PHP File Upload Vulnerability
7344| [20017] Max Feoktistov Small HTTP server 1.212 Buffer Overflow
7345| [19988] httpdx 1.5.4 - Remote HTTP Server Denial of Service
7346| [19942] Fortech Proxy+ 2.30 Remote Administration Vulnerability
7347| [19920] Computalynx CProxy Server 3.3 SP2 Buffer Overflow DoS Vulnerability
7348| [19882] Cisco IOS 11.x/12.x HTTP %% Vulnerability
7349| [19866] DomsHttpd <= 1.0 - Remote Denial of Service Exploit
7350| [19829] Joomla OS Property 2.0.2 Unrestricted File Upload
7351| [19792] Joomla KISS Advertiser Remote File & Bypass Upload Vulnerability
7352| [19791] WordPress Resume Submissions & Job Postings 2.5.1 - Unrestricted File Upload
7353| [19746] Novell BorderManager 3.0/3.5 Audit Trail Proxy DoS Vulnerability
7354| [19637] MS IE 5.0 for Windows 2000/95/98/NT 4 XML HTTP Redirect Vulnerability
7355| [19587] AN-HTTPd 1.2 b CGI Vulnerabilities
7356| [19567] National Science Foundation Squid Web Proxy 1.0/1.1/2.1 Authentication Failure
7357| [19566] Omnicron OmniHTTPD 1.1/2.4 Pro Buffer Overflow Vulnerability
7358| [19536] Apache <= 1.1,NCSA httpd <= 1.5.2,Netscape Server 1.12/1.1/2.0 a nph-test-cgi Vulnerability
7359| [19530] MS IE 5.0 Download Behavior Vulnerability
7360| [19398] Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload
7361| [19253] Debian Linux 2.1 httpd Vulnerability
7362| [19244] Apple Mac OS X Server 10.0 Overload Vulnerability
7363| [19154] qdPM 7 - Arbitrary File upload
7364| [19100] WordPress plugin Foxypress uploadify.php Arbitrary Code Execution
7365| [19099] F5 BIG-IP SSH Private Key Exposure
7366| [19093] Allaire ColdFusion Server <= 4.0 - Remote File Display, Deletion, Upload and Execution Vulnerability
7367| [19091] F5 BIG-IP Remote Root Authentication Bypass Vulnerability
7368| [19064] F5 BIG-IP Remote Root Authentication Bypass Vulnerability
7369| [19059] Agora-Project 2.12.11 Arbitrary File Upload Vulnerability
7370| [19058] Wordpress Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload Vulnerability
7371| [19057] Wordpress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability
7372| [19056] Wordpress Mac Photo Gallery 2.7 - Arbitrary File Upload
7373| [19055] Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability
7374| [19054] Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability
7375| [19053] Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability
7376| [19052] Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability
7377| [19051] ClanSuite 2.9 - Arbitrary File Upload Vulnerability
7378| [19050] Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability
7379| [19038] Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
7380| [19036] Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload
7381| [19023] Wordpress wpStoreCart Plugin 2.5.27-2.5.29 Arbitrary File Upload
7382| [19020] Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure
7383| [19019] Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload
7384| [19012] Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload
7385| [19009] Wordpress Omni Secure Files Plugin 0.1.13 Arbitrary File Upload
7386| [19008] Wordpress Front End Upload 0.5.3 - Arbitrary File Upload
7387| [18998] Wordpress Gallery Plugin 3.06 Arbitrary File Upload
7388| [18997] Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload
7389| [18994] Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload
7390| [18993] Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload
7391| [18991] Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload
7392| [18990] Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload
7393| [18988] Wordpress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload
7394| [18987] Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload
7395| [18978] PHP 5.3.10 spl_autoload_call() Local Denial of Service
7396| [18977] PHP 5.3.10 spl_autoload_register() Local Denial of Service
7397| [18976] PHP 5.3.10 spl_autoload() Local Denial of Service
7398| [18959] Browser Navigation Download Trick
7399| [18957] PHP Volunteer Management System 1.0.2 - Arbitrary File Upload
7400| [18922] appRain CMF Arbitrary PHP File Upload Vulnerability
7401| [18768] Mega File Manager - File Download Vulnerability
7402| [18738] V-CMS PHP File Upload and Execute
7403| [18727] IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow
7404| [18629] Tiny Server <= 1.1.9 HTTP HEAD DoS
7405| [18624] 2X Client for RDP 10.1.1204 ClientSystem Class ActiveX Control Download and Execute Vulnerability
7406| [18611] RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (MSF)
7407| [18604] NetDecision 4.5.1 HTTP Server Buffer Overflow
7408| [18603] TVersity <= 1.9.7 Arbitrary File Download
7409| [18574] RazorCMS <= 1.2.1 STABLE File Upload Vulnerability
7410| [18541] Netmechanica NetDecision HTTP Server Denial of Service Vulnerability
7411| [18524] Tiny HTTP Server <= 1.1.9 - Remote Crash PoC
7412| [18518] The Uploader 2.0.4 (Eng/Ita) Remote File Upload Remote Code Execution
7413| [18515] Orbit Downloader - URL Unicode Conversion Overflow
7414| [18457] torrent-stats httpd.c Denial of Service
7415| [18449] Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
7416| [18442] Apache httpOnly Cookie Disclosure
7417| [18432] phux Download Manager Blind SQL Injection Vulnerability
7418| [18431] Ajax Upload Arbitrary File Upload
7419| [18412] Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload
7420| [18407] AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload
7421| [18392] appRain CMF <= 0.1.5 (uploadify.php) Unrestricted File Upload Exploit
7422| [18367] XAMPP WebDAV PHP Upload
7423| [18365] Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution Vulnerability
7424| [18357] Pragyan CMS 2.6.1 - Arbitrary File Upload Vulnerability
7425| [18295] lighttpd Denial of Service Vulnerability PoC
7426| [18287] Joomla Module Simple File Upload 1.3 - Remote Code Execution
7427| [18277] Free Image Hosting Script Arbitrary File Upload Vulnerability
7428| [18276] Wordpress Mailing List Plugin Arbitrary File Download
7429| [18221] Apache HTTP Server Denial of Service
7430| [18185] Muster Render Farm Management System Arbitrary File Download
7431| [18148] PHP-Nuke <= 8.1.0.3.5b (Downloads) Remote Blind SQL Injection
7432| [18125] Wireshark console.lua pre-loading vulnerability
7433| [18120] FleaHttpd Remote Denial of Service Exploit
7434| [18118] QuiXplorer 2.3 - Bugtraq File Upload Vulnerability
7435| [18105] glibc LD_AUDIT arbitrary DSO load Privilege Escalation
7436| [18070] Web File Browser 0.4b14 File Download Vulnerability
7437| [18032] SAP Management Console OSExecute Payload Execution
7438| [18017] Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe DoS (Poc)
7439| [18013] Cyclope Internet Filtering Proxy 4.0 - Stored XSS Vuln.
7440| [18000] 1024 CMS 1.1.0 Beta force_download.php Local File Inclusion
7441| [17975] PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability
7442| [17969] Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
7443| [17882] JAKCMS PRO <= 2.2.5 - Remote Arbitrary File Upload Exploit
7444| [17869] Wordpress Relocate Upload Plugin 0.14 Remote File Inclusion
7445| [17859] Toko Lite CMS 1.5.2 (edit.php) HTTP Response Splitting Vulnerability
7446| [17858] WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability
7447| [17808] WordPress WP-Filebase Download Manager plugin <= 0.2.9 - SQL Injection Vulnerability
7448| [17801] Wordpress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF)
7449| [17797] WordPress Paid Downloads plugin <= 2.01 SQL Injection Vulnerability
7450| [17760] Wordpress grapefile plugin <= 1.1 - Arbitrary File Upload
7451| [17721] Sunway Force Control SCADA 6.1 SP3 httpsrv.exe Exploit
7452| [17702] WordPress Block-Spam-By-Math-Reloaded Plugin Bypass
7453| [17696] Apache httpd Remote Denial of Service (memory exhaustion)
7454| [17669] Simple HTTPd 1.42 PUT Request Remote Buffer Overflow Vulnerability
7455| [17658] Simple HTTPd 1.42 Denial of Servive Exploit
7456| [17644] FCKeditor all version - Arbitrary File Upload Vulnerability
7457| [17584] cFTP <= 0.1 (r80) Arbitrary File Upload
7458| [17581] MyWebServer 1.0.3 - Arbitrary File Download
7459| [17563] Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow Exploit (Unicode SEH)
7460| [17424] Black Ice Cover Page ActiveX Control Arbitrary File Download
7461| [17422] DreamBox DM800 Arbitrary File Download Vulnerability
7462| [17415] Black Ice Cover Page SDK insecure method DownloadImageFileURL() exploit
7463| [17393] Oracle HTTP Server XSS Header Injection
7464| [17366] Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute
7465| [17349] Belkin G Wireless Router F5D7234-4 v5 Exploit
7466| [17346] w-Agora Forum 4.2.1 - Arbitrary File Upload Exploit
7467| [17326] DNS Reverse Download and Exec Shellcode
7468| [17305] "Microsoft Windows Vista/Server 2008 ""nsiproxy.sys"" Local Kernel DoS Exploit"
7469| [17303] Joomla 1.0 Component jDownloads Arbitrary File Upload Vulnerability
7470| [17285] osCommerce 2.3.1 (banner_manager.php) Remote File Upload Vulnerability
7471| [17284] EditorMonkey WordPress plugin (FCKeditor) Arbitrary File Upload
7472| [17279] DreamBox DM500(+) - Arbitrary File Download Vulnerability
7473| [17200] ZenPhoto 1.4.0.3 x-forwarded-for HTTP Header presisitent XSS
7474| [17176] SoftXMLCMS Shell Upload Vulnerability
7475| [17172] cPassMan 1.82 - Arbitrary File Download
7476| [17155] Cisco Security Agent Management Console ?st_upload? RCE Exploit
7477| [17085] PHPBoost 3.0 - Remote Download Backup Vulnerability
7478| [17080] Bigace 2.7.5 - Remote File Upload Vulnerability
7479| [17068] jHTTPd 0.1a Directory Traversal Vulnerability
7480| [17037] PostgreSQL for Microsoft Windows Payload Execution
7481| [17035] Constructr CMS 3.03 Arbitrary File Upload
7482| [17034] Progea Movicon 11 TCPUploadServer Remote Exploit
7483| [17016] EAFlashUpload 2.5 - File Arbitrary Upload
7484| [17015] Element-IT PowUpload 1.3 File Arbitrary Upload
7485| [17014] CMS Lokomedia 1.5 Arbitary File Upload Vulnerability
7486| [17011] Douran 3.9.7.8 File Download/Source Code Disclosure Vulnerability
7487| [17009] CMS Balitbang 3.3 Arbitary File Upload Vulnerability
7488| [17007] Phpbuddies Arbitrary Upload File Vulnerability
7489| [17005] Kleophatra 0.1.4 0day Arbitrary Upload File Vulnerability
7490| [17002] CMS Loko Media Local File Download Vulnerability
7491| [16990] Sun Java Applet2ClassLoader Remote Code Execution Exploit
7492| [16970] Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow
7493| [16959] Oracle WebLogic Session Fixation Via HTTP POST
7494| [16957] Oracle MySQL for Microsoft Windows Payload Execution
7495| [16907] Google Appliance ProxyStyleSheet Command Execution
7496| [16906] Joomla 1.5.12 TinyBrowser File Upload Code Execution
7497| [16903] OpenX banner-edit.php File Upload PHP Code Execution
7498| [16874] MacOS X EvoCam HTTP GET Buffer Overflow
7499| [16856] DD-WRT HTTP Daemon Arbitrary Command Execution
7500| [16809] Oracle 9i XDB HTTP PASS Overflow (win32)
7501| [16802] Webster HTTP Server GET Buffer Overflow
7502| [16800] Streamcast <= 0.9.75 HTTP User-Agent Buffer Overflow
7503| [16799] HTTPDX h_handlepeer() Function Buffer Overflow
7504| [16794] HTTPDX tolog() Function Format String Vulnerability
7505| [16790] PSO Proxy 0.91 - Stack Buffer Overflow
7506| [16789] Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
7507| [16788] ColdFusion 8.0.1 - Arbitrary File Upload and Execute
7508| [16777] Free Download Manager Remote Control Server Buffer Overflow
7509| [16759] SHTTPD <= 1.34 URI-Encoded POST Request Overflow (win32)
7510| [16755] Novell iManager getMultiPartParameters Arbitrary File Upload
7511| [16732] HTTPDX tolog() Function Format String Vulnerability
7512| [16698] Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)
7513| [16692] Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow
7514| [16691] Blue Coat WinProxy Host Header Overflow
7515| [16690] Qbik WinGate WWW Proxy Server URL Processing Overflow
7516| [16689] CCProxy <= 6.2 - Telnet Proxy Ping Overflow
7517| [16642] WM Downloader 3.1.2.2 - Buffer Overflow
7518| [16634] Free Download Manager Torrent Parsing Buffer Overflow
7519| [16605] Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download
7520| [16601] FlipViewer FViewerLoading ActiveX Control Buffer Overflow
7521| [16600] Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute
7522| [16588] HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
7523| [16576] Persits XUpload ActiveX AddFile Buffer Overflow
7524| [16570] AwingSoft Winds3D Player 3.5 SceneURL Download and Execute
7525| [16569] Orbit Downloader Connecting Log Creation Buffer Overflow
7526| [16554] America Online ICQ ActiveX Control Arbitrary File Download and Execute
7527| [16553] BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow
7528| [16540] Zenturi ProgramChecker ActiveX Control Arbitrary File Download
7529| [16532] Internet Explorer XML Core Services HTTP Request Handling
7530| [16512] Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute
7531| [16505] Facebook Photo Uploader 4 ActiveX Control Buffer Overflow
7532| [16502] IBM Lotus Domino Web Access Upload Module Buffer Overflow
7533| [16496] Kazaa Altnet Download Manager ActiveX Control Buffer Overflow
7534| [16493] EnjoySAP SAP GUI ActiveX Control Arbitrary File Download
7535| [16439] NetTransport Download Manager 2.90.510 Buffer Overflow
7536| [16425] Asus Dpcproxy Buffer Overflow
7537| [16395] Microsoft SQL Server Payload Execution
7538| [16394] Microsoft SQL Server Payload Execution via SQL injection
7539| [16339] Timbuktu Pro Directory Traversal/File Upload
7540| [16319] JBoss JMX Console Beanshell Deployer WAR upload and deployment
7541| [16318] JBoss JMX Console Deployer Upload and Execute
7542| [16288] Generic Payload Handler
7543| [16220] ProQuiz 2.0.0b Arbitrary Upload Vulnerability
7544| [16199] Icy Phoenix 1.3.0.53a HTTP Referer stored XSS
7545| [16181] WordPress User Photo Component Remote File Upload Vulnerability
7546| [16131] SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload
7547| [16128] jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection
7548| [16103] Majordomo2 - Directory Traversal (SMTP/HTTP)
7549| [16088] NetLink Arbitrary File Upload Vulnerability
7550| [16080] RW-Download 4.0.6 - (index.php) SQL Injection Vulnerability
7551| [16072] WM Downloader 3.1.2.2 2010.04.15 (.m3u) Buffer Overflow + DEP Bypass
7552| [16058] MultiPowUpload 2.1 - Remote File Upload Vulnerability
7553| [16050] class.upload.php 0.30 - Remote File Upload Vulnerability
7554| [15981] LifeType 1.2.10 HTTP Referer stored XSS
7555| [15960] Maximus CMS (fckeditor) Arbitrary File Upload Vulnerability
7556| [15868] QuickPHP Web Server Arbitrary (src .php) File Download
7557| [15861] httpdasm 0.92 - Directory Traversal
7558| [15843] News Script PHP Pro (fckeditor) File Upload Vulnerability
7559| [15830] Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability
7560| [15821] HttpBlitz Web Server Denial of Service Exploit
7561| [15795] Serendipity 1.5.4 0day Arbitrary File Upload Vulnerability
7562| [15793] Vacation Rental Script 4.0 - Arbitrary File Upload Vulnerability
7563| [15791] Joomla Component Jotloader 2.2.1 - Local File Inclusion Vulnerability
7564| [15770] Download Center 2.2 - SQL injection Vulnerability
7565| [15768] MCFileManager Plugin for TinyMCE 3.2.2.3 - Arbitrary File Upload Vulnerability
7566| [15765] CubeCart 3.x - Remote File Upload Vulnerability
7567| [15756] MHP Downloadshop SQL Injection Vulnerability
7568| [15719] JE Messenger 1.0 - Arbitrary File Upload Vulnerability
7569| [15703] SOOP Portal Raven 1.0b Shell Upload Vulnerability
7570| [15690] SOOP Portal 2.0 - Remote Upload Shell Vulnerability
7571| [15654] Digitalus 1.10.0 Alpha2 - Arbitrary File Upload Vulnerability
7572| [15651] OsCSS 1.2 - Arbitrary File Upload Vulnerability
7573| [15638] Duhok Forum <= 1.1 - Remote File Upload Vulnerability
7574| [15636] Orbis CMS 1.0.2 - Arbitrary File Upload Vulnerability
7575| [15611] JDownloader Webinterface Source Code Disclosure Vulnerability
7576| [15602] PHPMotion FCKeditor File Upload Vulnerability
7577| [15597] Acidcat CMS 3.3 - (fckeditor) Shell Upload Vulnerability
7578| [15596] JCMS 2010 file download vulnerability
7579| [15563] Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
7580| [15516] EasyJobPortal Shell Upload Vulnerability
7581| [15484] FCKeditor 2.x <= 2.4.3 - Arbitrary File Upload Vulnerability
7582| [15455] xt:Commerce Shopsoftware (fckeditor) Arbitrary File Upload Vulnerability
7583| [15441] MassMirror Uploader Remote File Inclusion Vulnerability
7584| [15422] Sami HTTP Server 2.0.1 GET Request Denial of Service Exploit
7585| [15404] eLouai's Force Download Script Arbitrary Local File Download Vulnerability
7586| [15389] MetInfo 3.0 (fckeditor) Arbitrary File Upload Vulnerability
7587| [15354] Zoopeer 0.1 & 0.2 (fckeditor) Shell Upload Vulnerability
7588| [15353] Joomla Component com_jfuploader < 2.12 Remote File Upload
7589| [15336] MinaliC Webserver 1.0 - Remote Source Disclosure/File Download
7590| [15316] ARM Loader Port 0x1337
7591| [15307] HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS
7592| [15304] GNU C library dynamic linker LD_AUDIT arbitrary DSO load Vulnerability
7593| [15292] MS10-070 ASP.NET Auto-Decryptor File Download Exploit
7594| [15290] Oracle Sun Java System Web Server - HTTP Response Splitting
7595| [15277] GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability
7596| [15265] MS10-070 ASP.NET Padding Oracle File Download
7597| [15254] KCFinder 2.2 - Arbitrary File Upload Vulnerability
7598| [15249] Data/File upload and management Arbitrary File Upload Vulnerability
7599| [15217] Feindura File Manager 1.0(rc) - Remote File Upload
7600| [15194] TinyMCE MCFileManager 2.1.2 - Arbitrary File Upload Vulnerability
7601| [15164] JomSocial 1.8.8 Shell Upload Vulnerability
7602| [15160] MOAUB #30 - ASPMass Shopping Cart Vulnerability File Upload CSRF
7603| [15139] MOAUB #28 - AtomatiCMS Upload Arbitrary File Vulnerability
7604| [15050] Opencart 1.4.9.1 - Remote File Upload Vulnerability
7605| [15041] Maian Gallery 2 - Local File Download Vulnerability
7606| [14995] Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability
7607| [14991] MOAUB #13 - Luftguitar CMS Vulnerability: Upload Arbitrary File
7608| [14989] osDate (uploadvideos.php) Shell Upload Vulnerability
7609| [14960] ES Simple Download 1.0. Local File Inclusion Vulnerability
7610| [14941] Integard Home and Pro 2 - Remote HTTP Buffer Overflow Exploit
7611| [14938] Internet Download Accelerator 5.8 - Remote Buffer Overflow PoC
7612| [14840] Mereo 1.9.2 - Remote HTTP Server Denial of Service Vulnerability
7613| [14819] Pc4Uploader 9.0 Cross-site Request Forgery
7614| [14811] Joomla Component (com_remository) Remote Upload File
7615| [14683] Httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) PoC
7616| [14629] Kleeja Upload - CSRF Change Admin Password
7617| [14609] Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption (MS10-051)
7618| [14532] Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr Stack Buffer Overflow
7619| [14527] WM Downloader 3.1.2.2 - Buffer Overflow Exploit
7620| [14522] Xerver 4.32 - Source Disclosure and HTTP Authentication Bypass
7621| [14497] WM Downloader 3.1.2.2 2010.04.15 Buffer Overflow (SEH)
7622| [14496] UPlusFTP Server 1.7.1.01 - HTTP Remote Buffer Overflow (Post Auth)
7623| [14457] DM Filemanager 3.9.11 Arbitrary File Upload Vulnerability
7624| [14445] ZeeMatri 3.x - Arbitrary File Upload Vulnerability
7625| [14444] ZeeNetworking 1x- Arbitrary File Upload Vulnerability
7626| [14443] LILDBI Shell Upload Vulnerability
7627| [14430] RapidLeech Scripts Remote File Upload Vulnerability
7628| [14415] EZ-Oscommerce 3.1 - Remote File Upload
7629| [14390] Freelancer Marketplace Script Upload Vulnerability
7630| [14315] Joomla MySMS Component (com_mysms) Upload Vulnerability
7631| [14308] Wordpress Firestats Remote Configuration File Download
7632| [14293] Minify4Joomla Upload and Persistent XSS Vulnerability
7633| [14280] PG Social Networking Shell Upload Vulnerabilty
7634| [14279] Inout Ad server Ultimate Shell Upload Vulnerabilty
7635| [14278] Inout Article Base Ultimate Shell Upload Vulnerabilty
7636| [14277] Inout Music 1.0 - Shell Upload Vulnerabilty
7637| [14267] EA Battlefield 2 and Battlefield 2142 Multiple Arbitrary File Upload Vulnerabilities
7638| [14209] Joomla Front-End Article Manager System Upload Vulnerability
7639| [14184] SweetRice < 0.6.4 (fckeditor) Remote File Upload
7640| [14176] iScripts SocialWare 2.2.x Arbitrary File Upload Vulnerability
7641| [14150] RM Downloader 3.1.3 - Local SEH Exploit (Win7 ASLR and DEP Bypass)
7642| [14101] Subdreamer Pro 3.0.4 - CMS Upload Vulnerability
7643| [14081] RM Downloader 3.1.3 - Buffer Overflow (SEH)
7644| [14078] Bilder Upload Script - Datei Upload 1.09 - Remote Shell Upload Vulnerability
7645| [14070] Speedy 1.0 - Remote Shell Upload Vulnerability
7646| [14058] PHPnuke 8.2 - Remote Upload File Exploit
7647| [14044] WM Downloader 2.9.2 Stack Buffer Overflow
7648| [14033] Big Forum 5.2v Arbitrary File Upload & LFI Vulnerability
7649| [14014] ShellCode WinXP SP3 SPA URLDownloadToFileA + CreateProcessA + ExitProcess
7650| [14012] Weborf HTTP Server Denial of Service Vulnerability
7651| [14004] InterScan Web Security 5.0 - Arbitrary File Upload
7652| [14001] InterScan Web Security Virtual Appliance 5.0 - Arbitrary File Download
7653| [13999] Software Index (Remote File Upload) Exploit
7654| [13966] The Uploader 2.0.4 - Remote File Disclosure Vulnerability
7655| [13951] Joomla Component com_eportfolio Upload Vulnerability
7656| [13927] MarketSaz remote file Upload Vulnerability
7657| [13898] DMSEasy0.9.7 (fckeditor) Arbitrary File Upload
7658| [13893] Nakid CMS (fckeditor) Remote Arbitrary File Upload Exploit
7659| [13892] PHPAuctionSystem Upload Vulnerability
7660| [13888] SasCam 2.6.5 - Remote HTTP Server Crash
7661| [13870] iOS QuickOffice 3.1.0 - HTTP Method Remote DoS
7662| [13856] Yamamah Photo Gallery 1.00 (download.php) Local File Disclosure Vulnerability
7663| [13853] Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan
7664| [13835] DaLogin 2.2 (FCKeditor) Remote Arbitrary File Upload Exploit
7665| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
7666| [13814] Pars Design CMS Arbitrary File Upload
7667| [13782] Image Store Remote file Upload Vulnerability
7668| [13774] Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC
7669| [13773] Holiday Travel Portal Upload Vulnerability
7670| [13772] Rayzz Photoz Upload Vulnerability
7671| [13751] greeting card Remote Upload Vulnerability
7672| [13748] Joomla Component com_annonces Upload Vulnerability
7673| [13711] Solaris/x86 - Remote Download file - 79 bytes
7674| [13699] WinXP SP2 Fr Download and Exec Shellcode
7675| [13533] win64 (URLDownloadToFileA) download and execute 218+ bytes
7676| [13530] windows/XP download and exec source
7677| [13529] win xp/2000/2003 Download File and Exec 241 bytes
7678| [13524] Windows 9x/NT/2k/XP Reverse Generic Shellcode without Loader 249 bytes
7679| [13522] win32 Download & Exec Shellcode 226 bytes+
7680| [13517] win32 download and execute 124 bytes
7681| [13516] win32 Tiny Download and Exec Shellcode 192 bytes
7682| [13515] win32 Download and Execute Shellcode Generator (browsers edition)
7683| [13489] solaris/sparc download and execute 278 bytes
7684| [13416] linux/x86 upload & exec 189 bytes
7685| [13414] linux/x86 /bin/sh sysenter Opcode Array Payload 45 bytes
7686| [13413] linux/x86 /bin/sh sysenter Opcode Array Payload 27 Bytes
7687| [13412] linux/x86 /bin/sh sysenter Opcode Array Payload 23 Bytes
7688| [13411] linux/x86 examples of long-term payloads hide-wait-change 187 bytes+
7689| [13410] linux/x86 examples of long-term payloads hide-wait-change (.s)
7690| [13409] linux/x86 /bin/sh Standard Opcode Array Payload 21 Bytes
7691| [13402] linux/x86 socket-proxy shellcode 372 bytes
7692| [13381] linux/x86 TCP Proxy Shellcode 236 bytes
7693| [13337] linux/x86 connect back, download a file and execute 149 bytes
7694| [13308] linux/x86 shellcode that forks a HTTP Server on port tcp/8800 166 bytes
7695| [13288] Utility for generating HTTP/1.x requests for shellcodes
7696| [13287] Download & Exec polymorphed shellcode Engine
7697| [13283] windows xp/sp1 generate portbind payload
7698| [13282] linux/x86 generate portbind payload
7699| [13275] freebsd/x86 kldload /tmp/o.o 74 bytes
7700| [12856] osCSS 1.2.1 (REMOTE FILE UPLOAD) Vulnerabilities
7701| [12811] Oscommerce Online Merchant 2.2 - Remote File Upload
7702| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
7703| [12797] Webiz - Local Shell Upload Vulnerability
7704| [12763] Script Upload Up Your Shell (Sql Inject)
7705| [12731] Webloader 8 - SQL Injection Vulnerability
7706| [12700] DotNetNuke Remote File upload Vulnerability
7707| [12699] eWebEditor 1.x - (WYSIWYG) Remote File Upload
7708| [12697] hustoj (fckeditor) Remote Arbitrary File Upload Exploit
7709| [12693] Asset Manager Remote File upload Vulnerability
7710| [12692] TinyBrowser Remote File upload Vulnerability
7711| [12690] cardinalCms 1.2 (fckeditor) Arbitrary File Upload Exploit.
7712| [12672] Spaw Editor 1.0 & 2.0 - Remote File Upload
7713| [12656] Battle Scrypt Shell Upload Vulnerability
7714| [12647] Webloader 7 - 8 (vid) SQL Injection Vulnerability
7715| [12646] B-Hind CMS (tiny_mce) Remote File Upload
7716| [12636] MidiCart PHP,ASP Shell Upload Vulnerability
7717| [12628] EgO 0.7b - (fckeditor) Remote File Upload
7718| [12623] Joomla Component simpledownload Local File Disclosure
7719| [12618] Joomla Component simpledownload LFI Vulnerability
7720| [12613] CompactCMS 1.4.0 (tiny_mce) Remote File Upload
7721| [12584] PolyPager 1.0rc10 (fckeditor) Remote Arbitrary File Upload Vulnerability
7722| [12581] zervit Web Server 0.4 - Source Disclosure/Download
7723| [12570] Uploader 0.1.5 - Multiple Vulnerabilities
7724| [12569] Fast Free Media 1.3 - Adult Site Upload Shell Exploit
7725| [12568] Digital College 1.0 Upload Vulnerability
7726| [12556] Tadbir CMS (fckeditor) Remote Arbitrary File Upload Exploit Vulnerability
7727| [12539] Joomla Component com_articleman Upload Vulnerability
7728| [12531] GeoHttpServer Remote DoS Vulnerability
7729| [12506] Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit
7730| [12485] Burning Board Lite 1.0.2 Shell Upload Vulnerability
7731| [12479] Joomla DJ-Classifieds Extension com_djclassifieds Upload Vulnerability
7732| [12454] Zyke CMS 1.0 - Remote File Upload Vulnerability
7733| [12448] Socialware 2.2 - Upload Vulnerability and XSS
7734| [12447] XT-Commerce 1.0 Beta 1 => Pass / Creat and Download Backup Vulnerability
7735| [12432] Joomla JE Property Finder Component Upload Vulnerability
7736| [12420] Portaneo Portal 2.2.3 - Remote Arbitrary File Upload Exploit
7737| [12410] PostNuke 0.764 Module modload SQL Injection Vulnerability
7738| [12402] Kasseler CMS 2.0.5 - Bypass / Download Backup Vulnerability
7739| [12388] WM Downloader 3.0.0.9 - Buffer Overflow (Meta)
7740| [12384] Powered by iNetScripts: Shell Upload Vulnerability
7741| [12383] clipak Upload Vulnerability
7742| [12381] phpegasus (fckeditor) Remote Arbitrary File Upload Exploit
7743| [12376] SmodCMS 4.07 (fckeditor) - Remote Arbitrary File Upload Exploit
7744| [12350] In-portal 5.0.3 - Remote Arbitrary File Upload Exploit
7745| [12331] MultiThreaded HTTP Server 1.1 - Directory Traversal
7746| [12315] v2marketplacescript Upload_images Script (-7777) - Upload Shell Vulnerability
7747| [12308] MultiThreaded HTTP Server 1.1 - Source Disclosure
7748| [12304] MultiThreaded HTTP Server 1.1 - Directory Traversal
7749| [12302] HP Operations Manager <= 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow PoC
7750| [12292] Flex File Manager Shell Upload Vulnerability
7751| [12279] eclime 1.1 - Bypass / Create and Download Backup Vulnerability
7752| [12272] PHP RapidKill Pro 5.x Shell Upload Vulnerability
7753| [12268] Uploader 0.7 Shell Upload Vulnerability
7754| [12267] WebAdmin Shell Upload Vulnerability
7755| [12264] Apache OFBiz - FULLADMIN Creator PoC Payload
7756| [12263] Apache OFBiz - SQL Remote Execution PoC Payload
7757| [12254] CMS (fckeditor) Remote Arbitrary File Upload Exploit
7758| [12251] Camiro-CMS_beta-0.1 (fckeditor) Remote Arbitrary File Upload Exploit
7759| [12227] YUI Images Script Shell Upload Vulnerability
7760| [12226] Magic Uploader Mini Upload Vulnerability
7761| [12224] Mihalism Multi Host 4.0.0 - Upload Vulnerability
7762| [12223] Multi-Mirror Remote Upload Vulnerability
7763| [12199] My School Script Data Base Download Vulnerability
7764| [12197] Mp3 MuZik Data Base Download Vulnerability
7765| [12133] Asset Manager 1.0 Shell Upload Vulnerability
7766| [12128] GarageSales Remote Upload Vulnerability
7767| [12105] Free Image & File Hosting Upload Vulnerability
7768| [12075] LionWiki 3.x - (index.php) Shell Upload Vulnerability
7769| [12050] MassMirror Uploader Multiple RFI Exploit
7770| [12049] Uiga Proxy Remote File Inclusion Vulnerability
7771| [12038] Advanced Management For Services Sites Bypass Create And Download SQL Backup Vulnerability
7772| [12028] PHP-fusion dsmsf (module downloads) SQL Injection Exploit
7773| [12019] Velhost Uploader Script 1.2 - Local File Inclusion Vulnerability
7774| [12006] Simple Calculator by Peter Rekdal Sunde Remote Upload Vulnerability
7775| [12002] Musicbox 3.3 - Upload Shell Vulnerability
7776| [11981] WM Downloader 3.0.0.9 (.asx) Local Buffer Overflow
7777| [11967] Snipe Photo Gallery - Bypass Remote Upload Vulnerability
7778| [11953] RM Downloader 3.0.2.1 (.asx) Local Buffer Overflow (SEH)
7779| [11856] uhttp Server Path Traversal Vulnerability
7780| [11823] Trouble Ticket Software ttx.cgi Remote File Download
7781| [11788] PHP-Nuke ratedownload SQL Injection
7782| [11771] osCMax 2.0 (fckeditor) Remote File Upload
7783| [11760] Joomla Component com_rokdownloads - Local File Inclusion
7784| [11749] Subdreamer 3.0.1 - CMS upload Vulnerability
7785| [11747] CH-CMS.ch-V2 Upload Vulnerability
7786| [11746] Torrent Hoster Remont Upload Exploit
7787| [11745] FreeHost 1.00 - Upload Vulnerability
7788| [11734] httpdx 1.5.3b - Multiple Remote Pre-Authentication DoS (PoC)
7789| [11726] PHP-Fusion <= 6.01.15.4 (downloads.php) SQL Injection Vulnerability
7790| [11652] TopDownloads MP3 Player 1.0 m3u crash
7791| [11620] Dosya Yukle Scrtipi 1.0 - Shell Upload Vulnerability
7792| [11614] Uploadify Sample Collection Shell Upload Vulnerability
7793| [11613] PHP Advanced Transfer Manager 1.10 - Shell Upload Vulnerability
7794| [11611] Al Sat Scripti Database Download Vulnerability
7795| [11597] RCA DCM425 Cable Modem micro_httpd DoS/PoC
7796| [11571] Maian Uploader 4.0 - Shell Upload Vulnerability
7797| [11557] Max's Photo Album Shell Upload Vulnerability
7798| [11500] Easy~Ftp Server 1.7.0.2 - (HTTP) Remote BoF Exploit
7799| [11485] Multiple File Attachments Mail Form Pro 2.0 - WebShell upload
7800| [11476] SongForever.com Clone Shell Upload Vulnerability
7801| [11472] iOS FTP On The Go 2.1.2 - HTTP Remote DoS
7802| [11466] microUpload Shell Upload Vulnerability
7803| [11460] Dodo Upload 1.3 - Upload Shell (Bypass) Vulnerability
7804| [11450] File Upload Manager 1.3
7805| [11447] Joomla (Jw_allVideos) Remote File Download Vulnerability
7806| [11431] MRW PHP Upload Remote file upload Vulnerability
7807| [11398] GameRoom Script Admin Bypass and File Upload Vulnerability
7808| [11384] WM Downloader 3.0.0.9 - PLS PLA Exploit (WinXP SP3)
7809| [11377] Limny 1.01 - Remote File Upload Vulnerability
7810| [11374] WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)
7811| [11365] CPA Site Solutions Remote File Upload Vulnerability
7812| [11343] httpdx 1.5.2 - Remote Pre-Authentication DoS (PoC)
7813| [11340] odlican.net cms 1.5 - Remote File Upload Vulnerability
7814| [11309] Snif 1.5.2 - Any Filetype Download Exploit
7815| [11301] Maian Greetings 2.1 - Shell Upload Vulnerability
7816| [11273] iOS Serversman 3.1.5 - HTTP Remote DoS Exploit
7817| [11261] UGiA PHP UPLOADER 0.2 - Shell Upload Vulnerability
7818| [11254] P2GChinchilla HTTP Server 1.1.1 - Denial of Service Exploit
7819| [11249] boastMachine 3.1 - Remote File Upload Vulnerability
7820| [11218] jQuery uploadify 2.1.0 - Remote File Upload
7821| [11211] cPanel HTTP Response Splitting Vulnerability
7822| [11203] Pidgin MSN <= 2.6.4 File Download Vulnerability
7823| [11202] RM Downloader .m3u BOF (SEH)
7824| [11169] Max's Image Uploader Shell Upload Vulnerability
7825| [11166] Uploader by CeleronDude 5.3.0 - Upload Vulnerability
7826| [11155] Transload Script Upload Vulnerability
7827| [11148] PonVFTP Bypass and Shell Upload Vulnerability
7828| [11147] Max's File Uploader Shell Upload Vulnerability
7829| [11142] Multiple Media Player HTTP DataHandler Overflow (Itunes, Quicktime, etc)
7830| [11134] Asp VevoCart Control System 3.0.4 - DB Download Vulnerability
7831| [11110] Image Hosting Script Remote shell upload Vulnerability
7832| [11104] CMScontrol 7.x File Upload
7833| [11057] Read Excel Script 1.1 - Shell Upload Vulnerability
7834| [11045] SpawCMS Editor Shell Upload Vulnerability
7835| [11019] MobPartner Counter - Remote File Upload Vulnerability
7836| [11018] VP-ASP Shopping Cart 7.0 DB Download Vulnerability
7837| [11016] Net Gitar Shop 1.0 - DB Download Vulnerability
7838| [11015] Lebi soft Ziyaretci Defteri 7.5 - DB Download Vulnerability
7839| [11014] Myuploader >> upload shell exploit
7840| [11008] YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability
7841| [10984] Joomla component com_cartikads Remote File Upload Vulnerability
7842| [10938] Service d'upload 1.0.0 - Shell Upload Vulnerability
7843| [10912] Proxyroll.com Clone PHP Script Cookie Handling Vulnerability
7844| [10911] NetTransport Download Manager version:2.90.510 0day
7845| [10899] XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection Vulnerability
7846| [10822] Joomla Component com_rd_download Local File Disclosure Vulnerability
7847| [10811] Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability
7848| [10802] PicMe 2.1.0 - Upload Shell Vulnerability
7849| [10800] I-RATER Basic Shell Upload Vulnerability
7850| [10780] ASP Battle Blog DB Download Vulnerability
7851| [10778] makit news/blog poster 3.1 - DB Download Vulnerability
7852| [10777] Fully Functional ASP Forum 1.0 DB Download Vulnerability
7853| [10776] BaalASP 2.0 DB Download Vulnerability
7854| [10775] Uguestbook DB Download Vulnerability
7855| [10774] htmlArea 2.03 - DB Download Vulnerability
7856| [10773] Futility Forum 1.0 Revamp DB Download Vulnerability
7857| [10772] AspBB - Active Server Page Bulletin Board DB Download Vulnerability
7858| [10771] QuickEStore 7.9 - SQL Injection and Path Diclosure Download Vulnerability
7859| [10770] PSnews DB Download Vulnerability
7860| [10767] jgbbs-3.0beta1 DB Download Vulnerability
7861| [10763] Dren's PHP Uploader Remote File Upload Vulnerability
7862| [10757] PHP Forum ohne My SQL Remote File Upload Vulnerability
7863| [10756] MySimpleFileUploader 1.6 - Upload Shell Vulnerability
7864| [10753] ASP Simple Blog 3.0 - Upload shell Vulnerability
7865| [10752] Yonja Remote File Upload Vulnerability
7866| [10732] PHP upload - (unijimpe) Remote File Upload Vulnerability
7867| [10727] Smart PHP Uploader 1.0 - Remote File Upload Vulnerability
7868| [10722] PHP Uploader Downloader 2.0 - Cross Site Scripting Vulnerability
7869| [10719] PHP Uploader Downloader 2.0 - Upload Shell Vulnerability
7870| [10718] ta3arof [dating] Script Arabic Version - Upload Shell Vulnerability
7871| [10707] oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability
7872| [10706] MyCart shopping cart Upload Shell Vulnerability
7873| [10704] Mega Upload Upload Shell Vulnerability
7874| [10700] Image File Upload Upload Shell Vulnerability
7875| [10695] Lizard Cart Upload Shell Vulnerability
7876| [10694] ES Simple Uploader 1.1 - Upload Shell Vulnerability
7877| [10691] EZPX My photoblog 1.2 - Upload Shell Vulnerability
7878| [10689] file upload Ar Version - Upload Shell Vulnerability
7879| [10685] Best Top List 2.11 - Upload Shell Vulnerability
7880| [10684] Upload-Point 1.6 Beta - Upload Shell Vulnerability
7881| [10681] Saibal Download Area 2.0 - Upload Shell Vulnerability
7882| [10672] kandalf upper 0.1 Upload Shell Vulnerability
7883| [10671] Info Fisier 1.0 - Remote File Upload Vulnerability
7884| [10660] barbo91 uploads Upload Shell Vulnerability
7885| [10647] VideoIsland Remote shell upload Vulnerability
7886| [10612] Add An Ad Script Remote File Upload
7887| [10610] CoreHTTP Arbitrary Command Execution Vulnerability
7888| [10601] Mini File Host 1.5 - Remote File Upload Vulnerability
7889| [10599] The Uploader 2.0 File Disclosure Vulnerability
7890| [10594] The Uploader 2.0 - Remote File Upload Vulnerability
7891| [10584] PHPhotoalbum Remote File Upload Vulnerability
7892| [10578] Ultimate Uploader 1.3 - Remote File Upload Vulnerability
7893| [10574] phUploader Remote File Upload Vulnerability
7894| [10568] Simplicity oF Upload 1.3.2 - Remote File Upload Vulnerability
7895| [10523] Uploader by CeleronDude 5.3.0 Shell Upload
7896| [10511] PHP F1 Upload Shell Upload Vulnerability
7897| [10499] eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities
7898| [10495] PhpLinkExchange 1.02 - XSS/Upload Vulerability
7899| [10481] OSSIM 2.1.5 - Arbitrary File Upload
7900| [10472] Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities
7901| [10469] Monkey HTTP Daemon < 0.9.3 - Denial of Service Vulnerability
7902| [10430] NAS Uploader 1.0 & 1.5 - Remote File Upload Vulnerability
7903| [10429] myPHPupload 0.5.1 - Remote File Upload Vulnerability
7904| [10428] Maxs AJAX File Uploader Remote File Upload Vulnerability
7905| [10426] [WS] upload Remote File Upload Vulnerability
7906| [10423] RM Downloader 3.0.2.1 - (.M3U File) Stack Overflow exploit
7907| [10403] Uploadscript 1.0 - Multiple Vulnerabilities
7908| [10401] iDesk (download.php cat_id) SQL Injection Vulnerability
7909| [10368] Free ASP Upload Shell Upload Vulnerability
7910| [10362] THOMSON TG585n 7.4.3.2 (user.ini) Arbitrary Download Vulnerability
7911| [10349] CoreHTTP web server off-by-one buffer overflow vulnerability
7912| [10331] iWeb HTTP Server Directory Transversal Vulnerability
7913| [10325] Wordpress Image Manager Plugins Shell Upload Vulnerability
7914| [10306] Achievo 1.4.2 - Arbitrary File Upload
7915| [10282] OrzHTTPd Format String Exploit
7916| [10241] Uploaderr 1.0 - File Hosting Script Shell Upload Vulnerability
7917| [10236] Flashden Multiple File Uploader Shell Upload Vulnerability
7918| [10230] Fake Hit Generator <= 2.2 Shell Upload Vulnerability
7919| [10183] Joomla 1.5.12 RCE via TinyMCE - Upload Vulnerability
7920| [10170] Xerver 4.31, 4.32 HTTP Response Splitting
7921| [10169] phpMyBackupPro - Arbitrary File Download
7922| [10163] Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability
7923| [10161] JBS 2.0 / JBSX - Administration panel Bypass and File Upload Vulnerability
7924| [10089] WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
7925| [10053] httpdx 1.4 Get Request Buffer Overflow
7926| [10047] Femitter HTTP Server 1.03 Remote Source Disclosure
7927| [10030] DD-WRT HTTP v24-SP1 - Command Injection Vulnerability
7928| [10009] Free Download Manager Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities
7929| [9962] Piwik <= 1357 2009-08-02 file upload and code execution
7930| [9926] Joomla 1.5.12 tinybrowser Remote File Upload/Execute Vulnerability
7931| [9896] MiniShare HTTP 1.5.5 BoF
7932| [9886] httpdx 1.4 h_handlepeer BoF
7933| [9885] httpdx <= 1.4.6b source disclosure
7934| [9882] Firefox 3.5.3 - Local Download Manager Temp File Creation
7935| [9855] Geeklog <= 1.6.0sr2 - Remote File Upload
7936| [9806] HP LoadRunner 9.5 remote file creation PoC
7937| [9718] Xerver HTTP Server 4.32 - XSS / Directory Traversal Vulnerability
7938| [9717] Xerver HTTP Server <= 4.32 - Remote Denial of Service
7939| [9660] Techlogica HTTP Server 1.03 Arbitrary File Disclosure Exploit
7940| [9657] httpdx Web Server 1.4 (Host Header) Remote Format String DoS Exploit
7941| [9649] Xerver HTTP Server 4.32 Arbitrary Source Code Disclosure Vuln
7942| [9631] iDesk (download.php cat_id) Remote SQL Injection Vulnerability
7943| [9629] Graffiti CMS 1.x Arbitrary File Upload Vulnerability
7944| [9599] The Rat CMS Alpha 2 Arbitrary File Upload Vulnerability
7945| [9591] Ticket Support Script (ticket.php) Remote Shell Upload Vulnerability
7946| [9549] MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC
7947| [9505] Geeklog <= 1.6.0sr1 Remote Arbitrary File Upload Vulnerability
7948| [9478] HTTP SERVER (httpsv) 1.6.2 (GET 404) Remote Denial of Service Exploit
7949| [9472] Best Dating Script Arbitrary Shell Upload Vulnerability
7950| [9469] Ultimate Fade-in slideshow 1.51 Shell Upload Vulnerability
7951| [9453] Videos Broadcast Yourself 2 - (UploadID) SQL Injection Vuln
7952| [9441] MyWeight 1.0 - Remote Shell Upload Vulnerability
7953| [9433] Gazelle CMS 1.0 - Remote Arbitrary Shell Upload Vulnerability
7954| [9432] THOMSON ST585 (user.ini) Arbitrary Download Vulnerability
7955| [9334] QuickDev 4 (download.php file) File Disclosure Vulnerability
7956| [9290] In-Portal 4.3.1 Arbitrary Shell Upload Vulnerability
7957| [9280] PunBB Automatic Image Upload <= 1.3.5 Delete Arbitrary File Exploit
7958| [9279] PunBB Automatic Image Upload <= 1.3.5 - Remote SQL Injection Exploit
7959| [9239] PHP Melody 1.5.3 - Remote File Upload Injection Vulnerability
7960| [9238] Joomla Component com_joomloads (packageId) SQL Injection Vuln
7961| [9219] powerUpload 2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability
7962| [9209] DD-WRT (httpd service) Remote Command Execution Vulnerability
7963| [9122] Opial 1.0 - Arbitrary File Upload/XSS/SQL Injection Vulnerabilities
7964| [9086] MRCGIGUY Thumbnail Gallery Post 1b Arb. Shell Upload Vulnerability
7965| [9071] Apple Safari 4.x JavaScript Reload Remote Crash Exploit
7966| [9011] Joomla Component com_pinboard Remote File Upload Vulnerability
7967| [8991] Multiple HTTP Server Low Bandwidth Denial of Service #2
7968| [8988] pc4 Uploader <= 10.0 - Remote File Disclosure Vulnerability
7969| [8976] Multiple HTTP Server Low Bandwidth Denial of Service (slowloris.pl)
7970| [8916] Free Download Manager 2.5/3.0 (Control Server) Remote BOF Exploit
7971| [8897] httpdx <= 0.8 FTP Server Delete/Get/Create Directories/Files Exploit
7972| [8855] AlstraSoft Article Manager Pro Remote Shell Upload Vulnerability
7973| [8811] Joomla Component Com_Agora 3.0.0 RC1 Remote File Upload Vulnerability
7974| [8792] Webradev Download Protect 1.0 - Remote File Inclusion Vulnerabilities
7975| [8786] Lighttpd < 1.4.23 Source Code Disclosure Vulnerability (BSD/Solaris bug)
7976| [8773] ZaoCMS (PhpCommander) Arbitary Remote File Upload Vulnerability
7977| [8764] ZaoCMS (download.php) Remote File Disclosure Vulnerability
7978| [8749] DMXReady Registration Manager 1.1 - Arbitrary File Upload Vulnerability
7979| [8732] httpdx <= 0.5b FTP Server (CWD) Remote BOF Exploit (SEH)
7980| [8730] VidShare Pro Arbitrary Shell Upload Vulnerability
7981| [8716] httpdx <= 0.5b FTP Server (USER) Remote BOF Exploit (SEH)
7982| [8712] httpdx <= 0.5b Multiple Remote Denial of Service Vulnerabilities
7983| [8709] Pc4Uploader 9.0 - Remote Blind SQL Injection Vulnerability
7984| [8700] Rama CMS <= 0.9.8 (download.php file) File Disclosure Vulnerability
7985| [8647] Battle Blog 1.25 (uploadform.asp) Arbitrary File Upload Vulnerability
7986| [8628] RM Downloader 3.0.0.9 (.RAM) Local Buffer Overflow Exploit
7987| [8594] RM Downloader (.smi File) Universal Local Buffer Overflow Exploit
7988| [8589] RM Downloader (.smi File) Local Stack Overflow Exploit
7989| [8579] BaoFeng ActiveX OnBeforeVideoDownload() Remote BOF Exploit
7990| [8567] Zubrag Smart File Download 1.3 Arbitrary File Download Vulnerability
7991| [8554] Belkin Bulldog Plus HTTP Server Remote Buffer Overflow Exploit
7992| [8540] SDP Downloader 2.3.0 (.ASX) Local Buffer Overflow Exploit (SEH) #2
7993| [8536] SDP Downloader 2.3.0 (.ASX) Local Buffer Overflow Exploit (SEH)
7994| [8534] libvirt_proxy <= 0.5.1 - Local Privilege Escalation Exploit
7995| [8531] SDP Downloader 2.3.0 - (.ASX File) Local Heap Overflow PoC
7996| [8522] Zervit HTTP Server <= 0.3 (sockets++ crash) Remote Denial of Service
7997| [8514] elkagroup Image Gallery 1.0 - Arbitrary File Upload Vulnerability
7998| [8501] CRE Loaded 6.2 (products_id) SQL Injection Vulnerability
7999| [8483] flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities
8000| [8481] Studio Lounge Address Book 2.5 (profile) Shell Upload Vulnerability
8001| [8474] e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability
8002| [8444] Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit
8003| [8436] Job2C 4.2 (profile) Remote Shell Upload Vulnerability
8004| [8422] Steamcast (HTTP Request) Remote Buffer Overflow Exploit (SEH) [2]
8005| [8421] Steamcast (HTTP Request) Remote Buffer Overflow Exploit (SEH) [1]
8006| [8411] WM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit
8007| [8410] RM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit
8008| [8404] RM Downloader (.M3U File) Local Stack Overflow PoC
8009| [8403] WM Downloader (.M3U File) Local Stack Overflow PoC
8010| [8397] FunkyASP AD System 1.1 - Remote Shell Upload Vulnerability
8011| [8362] Lanius CMS <= 0.5.2 - Remote Arbitrary File Upload Exploit
8012| [8349] Family Connections <= 1.8.2 - Remote Shell Upload Exploit
8013| [8346] ActiveKB Knowledgebase (loadpanel.php Panel) Local File Inclusion Vuln
8014| [8313] Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow
8015| [8310] Sami HTTP Server 2.x (HEAD) Remote Denial of Service Exploit
8016| [8288] WeBid 0.7.3 RC9 (upldgallery.php) Remote File Upload Vulnerability
8017| [8287] PHPizabi 0.848b C1 HFP1-3 - Remote Arbitrary File Upload Exploit
8018| [8277] Free Arcade Script 1.0 Auth Bypass (SQL) / Upload Shell Vulnerabilities
8019| [8257] Orbit Downloader 2.8.7 Arbitrary File Deletion Vulnerability
8020| [8245] SW-HTTPD Server 0.x Remote Denial of Service Exploit
8021| [8219] Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash
8022| [8215] PPLive <= 1.9.21 (/LoadModule) URI Handlers Argument Injection Vuln
8023| [8196] Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability
8024| [8132] Access2asp imageLibrary Arbitrary ASP Shell Upload Vulnerability
8025| [8120] SkyPortal Downloads Manager 1.1 - Remote Contents Change Vuln
8026| [8097] MLdonkey <= 2.9.7 HTTP DOUBLE SLASH Arbitrary File Disclosure Vuln
8027| [8091] Mozilla Firefox 3.0.6 (BODY onload) Remote Crash Exploit
8028| [8070] SAS Hotel Management System Remote Shell Upload Vulnerability
8029| [8060] Falt4 CMS RC4 (fckeditor) Arbitrary File Upload Exploit
8030| [8048] Baran CMS 1.0 Arbitrary ASP File Upload/DB/SQL/XSS/CM Vulns
8031| [8041] GeoVision Digital Video Surveillance System (geohttpserver) DT Vuln
8032| [8039] SkaDate Online 7 Remote Shell Upload Vulnerability
8033| [8021] Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service Exploit
8034| [8006] Traidnt UP 1.0 - Remote File Upload Vulnerability
8035| [7998] WikkiTikkiTavi 1.11 Remote PHP File Upload Vulnerability
8036| [7987] gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities
8037| [7986] Free Download Manager 2.5/3.0 (Authorization) Stack BOF PoC
8038| [7960] AJA Modules Rapidshare 1.0.0 - Remote Shell Upload Vulnerability
8039| [7957] Free Download Manager <= 3.0 Build 844 .torrent BOF Exploit
8040| [7909] Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability
8041| [7884] Flax Article Manager 1.1 - Remote PHP Script Upload Vulnerability
8042| [7866] Simple Machines Forum <= 1.1.7 - CSRF/XSS/Package Upload
8043| [7811] Aj Classifieds - For Sale 3.0 - Remote Shell Upload Vulnerability
8044| [7810] Aj Classifieds - Personals 3.0 - Remote Shell Upload Vulnerability
8045| [7809] Aj Classifieds - Real Estate 3.0 - Remote Shell Upload Vulnerability
8046| [7791] DMXReady Billboard Manager <= 1.1 - Remote File Upload Vulnerability
8047| [7789] DMXReady SDK <= 1.1 - Remote File Download Vulnerability
8048| [7740] PWP Wiki Processor 1-5-1 Remote File Upload Vulnerability
8049| [7739] ExcelOCX ActiveX 3.2 (Download File) Insecure Method Exploit
8050| [7732] Silentum Uploader 1.4.0 - Remote File Deletion Exploit
8051| [7645] Built2Go PHP Rate My Photo 1.46.4 - Remote File Upload Vulnerability
8052| [7644] Built2Go PHP Link Portal 1.95.1 - Remote File Upload Vulnerability
8053| [7638] Memberkit 1.0 - Remote PHP File Upload Vulnerability
8054| [7630] Megacubo 5.0.7 (mega://) Remote File Download and Execute Exploit
8055| [7620] ThePortal 2.2 Arbitrary Remote File Upload Exploit
8056| [7608] IntelliTamper 2.07/2.08 (ProxyLogin) Local Stack Overflow Exploit
8057| [7600] Flexphplink Pro Arbitrary File Upload Exploit
8058| [7569] doop cms <= 1.4.0b (csrf/upload shell) Multiple Vulnerabilities
8059| [7563] phpEmployment (php upload) Arbitrary File Upload Vulnerability
8060| [7562] phpAdBoard (php uploads) Arbitrary File Upload Vulnerability
8061| [7561] phpGreetCards XSS/Arbitrary File Upload Vulnerability
8062| [7544] Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit
8063| [7537] BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability
8064| [7535] Linksys Wireless ADSL Router (WAG54G V.2) httpd DoS Exploit
8065| [7531] ReVou Twitter Clone Arbitrary File Upload Vulnerability
8066| [7528] OneOrZero helpdesk 1.6.x. - Remote Shell Upload Exploit
8067| [7525] Extract Website (download.php filename) File Disclosure Vulnerability
8068| [7524] Online Keyword Research Tool (download.php) File Disclosure Vuln
8069| [7509] Mini File Host 1.x Arbitrary PHP File Upload Vulnerability
8070| [7500] K&S Shopsysteme Arbitrary Remote File Upload Vulnerability
8071| [7487] FaScript FaUpload (download.php) SQL Injection Vulnerability
8072| [7457] Availscript Classmate Script Remote File Upload Vulnerability
8073| [7456] Availscript Article Script Remote File Upload Vulnerability
8074| [7455] The Rat Cms Alpha 2 (download.php) Remote Vulnerability
8075| [7441] joomla live chat (sql/proxy) Multiple Vulnerabilities
8076| [7435] Social Groupie (create_album.php) Remote File Upload Vulnerability
8077| [7426] PHP Support Tickets 2.2 - Remote File Upload Vulnerability
8078| [7390] Professional Download Assistant 0.1 (Auth Bypass) SQL Injection Vuln
8079| [7385] vBulletin Secure Downloads 2.0.0r - SQL Injection Vulnerability
8080| [7383] Simple Directory Listing 2 Cross Site File Upload Vulnerability
8081| [7371] Professional Download Assistant 0.1 Database Disclosure Vulnerability
8082| [7369] w3blabor CMS 3.0.5 - Arbitrary File Upload & LFI Exploit
8083| [7354] Tizag Countdown Creator .v.3 Insecure Upload Vulnerability
8084| [7312] Andy's PHP Knowledgebase 0.92.9 - Arbitrary File Upload Vulnerability
8085| [7251] Star Articles 6.0 - Remote File Upload Vulnerability
8086| [7233] LoveCMS 1.6.2 Final (Download Manager 1.0) File Upload Exploit
8087| [7197] Goople Cms 1.7 - Remote File Upload Vulnerability
8088| [7189] getaphpsite Auto Dealers Remote File Upload Vulnerability
8089| [7188] getaphpsite Real Estate Remote File Upload Vulnerability
8090| [7165] wPortfolio <= 0.3 - Remote Arbitrary File Upload Exploit
8091| [7162] MauryCMS <= 0.53.2 - Remote Shell Upload Exploit
8092| [7158] Alex Article-Engine 1.3.0 (fckeditor) Arbitrary File Upload Vulnerability
8093| [7157] Alex News-Engine 1.5.1 - Remote Arbitrary File Upload Vulnerability
8094| [7136] mxCamArchive 2.2 Bypass Config Download Vulnerability
8095| [7112] ScriptsFeed (SF) Recipes Listing Portal Remote File Upload Vulnerability
8096| [7111] ScriptsFeed (SF) Auto Classifieds Software Remote File Upload Vuln
8097| [7110] ScriptsFeed (SF) Real Estate Classifieds Software File Upload Vuln
8098| [7101] AlstraSoft SendIt Pro Remote File Upload Vulnerability
8099| [7094] Pre Real Estate Listings File Upload Vulnerability
8100| [7085] PHPStore Real Estate Remote File Upload Vulnerability
8101| [7084] PHPStore Complete Classifieds Script File Upload Vulnerability
8102| [7083] PHPStore PHP Job Search Script Remote File Upload Vulnerability
8103| [7082] PHPStore Car Dealers Remote File Upload Vulnerability
8104| [7076] Collabtive 0.4.8 (XSS/Auth Bypass/Upload) Multiple Vulnerabilities
8105| [7062] ZEEJOBSITE 2.0 - Remote File Upload Vulnerability
8106| [7058] zeeproperty 1.0 (upload/xss) Multiple Vulnerabilities
8107| [7055] SpeedStream 5200 Authentication Bypass Config Download Vulnerability
8108| [6868] Mambo Component SimpleBoard <= 1.0.1 - Arbitrary File Upload Exploit
8109| [6867] Wordpress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit
8110| [6866] 7Shop <= 1.1 - Remote Arbitrary File Upload Exploit
8111| [6865] e107 plugin fm pro 1- (fd/upload/dt) Multiple Vulnerabilities
8112| [6859] Agares ThemeSiteScript 1.0 (loadadminpage) RFI Vulnerability
8113| [6835] BuzzyWall 1.3.1 (download id) Remote File Disclosure Vulnerability
8114| [6830] NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability
8115| [6803] Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload Vulnerability
8116| [6784] PHP Easy Downloader <= 1.5 - Remote File Creation Exploit
8117| [6783] Nuke ET <= 3.4 (fckeditor) Remote Arbitrary File Upload Exploit
8118| [6770] PHP Easy Downloader 1.5 (file) File Disclosure Vulnerability
8119| [6740] My PHP Indexer 1.0 (index.php) Local File Download Vulnerability
8120| [6718] Konqueror 3.5.9 (load) Remote Crash Vulnerability
8121| [6715] ScriptsEz Easy Image Downloader Local File Download Vulnerability
8122| [6699] Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC
8123| [6680] FOSS Gallery Public <= 1.0 - Arbitrary File Upload Vulnerabilities
8124| [6674] FOSS Gallery Public <= 1.0 Arbitrary Upload / Information c99 Expoit
8125| [6670] FOSS Gallery Admin <= 1.0 - Remote Arbitrary Upload Exploit
8126| [6664] Kwalbum <= 2.0.2 Arbitary File Upload Vulnerability
8127| [6633] eFront <= 3.5.1 / build 2710 Remote Arbitrary Upload Vulnerability
8128| [6596] E-Uploader Pro <= 1.0 - Multiple Remote SQL Injection Vulnerabilities
8129| [6594] Camera Life 2.6.2b4 Arbitrary File Upload Vulnerability
8130| [6573] LanSuite 3.3.2 (fckeditor) Arbitrary File Upload Exploit
8131| [6541] Galmeta Post CMS <= 0.2 - Remote Code Execution / Arbitrary File Upload
8132| [6519] PHP iCalendar <= 2.24 (cookie_language) LFI / File Upload Exploit
8133| [6514] Availscript Jobs Portal Script File Upload Vulnerability (auth)
8134| [6493] fhttpd 0.4.2 un64() - Remote Denial of Service Exploit
8135| [6477] Cisco Router HTTP Administration CSRF Command Execution Exploit 2
8136| [6476] Cisco Router HTTP Administration CSRF Command Execution Exploit
8137| [6448] WebPortal CMS <= 0.7.4 (fckeditor) Arbitrary File Upload Vulnerability
8138| [6443] WebPortal CMS <= 0.7.4 (download.php aid) SQL Injection Exploit
8139| [6439] Sports Clubs Web Panel 0.0.1 - Remote File Upload Vulnerability
8140| [6419] Zanfi CMS lite / Jaw Portal free (fckeditor) Arbitrary File Upload Vuln
8141| [6410] Kim Websites 1.0 (fckeditor) Remote Arbitrary File Upload Vulnerability
8142| [6394] Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC
8143| [6390] IntegraMOD 1.4.x (Insecure Directory) Download Database Vulnerability
8144| [6360] TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload Vulnerability
8145| [6357] aspwebalbum 3.2 (upload/sql/xss) Multiple Vulnerabilities
8146| [6355] Google Chrome Browser 0.2.149.27 Automatic File Download Exploit
8147| [6344] WeBid 0.5.4 (fckeditor) Remote Arbitrary File Upload Exploit
8148| [6310] Kolifa.net Download Script 1.2 (id) SQL Injection Vulnerability
8149| [6306] GeekLog <= 1.5.0 - Remote Arbitrary File Upload Exploit
8150| [6286] BandSite CMS 1.1.4 (Download Backup/XSS/CSRF) Remote Vulnerabilities
8151| [6259] VidiScript (Avatar) Remote Arbitrary File Upload Vulnerability
8152| [6231] Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
8153| [6227] IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
8154| [6216] Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC
8155| [6194] moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit
8156| [6191] e-vision cms <= 2.02 (sql/upload/ig) Multiple Vulnerabilities
8157| [6151] velocity web-server 1.0 - Directory Traversal file download vulnerability
8158| [6127] Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit
8159| [6126] ibase <= 2.03 (download.php) Remote File Disclosure Vulnerability
8160| [6082] PhotoPost vBGallery 2.4.2 - Arbitrary File Upload Vulnerability
8161| [6065] Maian Uploader <= 4.0 Insecure Cookie Handling Vulnerability
8162| [6039] Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
8163| [6030] Download Accelerator Plus - DAP 8.x (m3u) Local BOF Exploit 0day
8164| [6015] WebXell Editor 0.1.3 - Arbitrary File Upload Vulnerability
8165| [6011] contentnow 1.4.1 (upload/xss) Multiple Vulnerabilities
8166| [6008] ImperialBB <= 2.3.5 - Remote File Upload Exploit
8167| [6005] Site@School <= 2.4.10 (fckeditor) Session Hijacking / File Upload Exploit
8168| [5973] Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure Exploit
8169| [5945] Seagull PHP Framework <= 0.6.4 (fckeditor) Arbitrary File Upload Exploit
8170| [5938] PHPmotion <= 2.0 (update_profile.php) Remote Shell Upload Exploit
8171| [5936] Page Manager CMS Remote Arbitrary File Upload Vulnerability
8172| [5923] Demo4 CMS 1b (fckeditor) Arbitrary File Upload Exploit
8173| [5922] cmsWorks 2.2 RC4 (fckeditor) Remote Arbitrary File Upload Exploit
8174| [5918] uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit
8175| [5907] emuCMS 0.3 (fckeditor) Arbitrary File Upload Exploit
8176| [5887] LE.CMS <= 1.4 - Remote Arbitrary File Upload Exploit
8177| [5886] LaserNet CMS <= 1.5 - Arbitrary File Upload Exploit
8178| [5880] sitexs cms 0.1.1 (upload/xss) Multiple Vulnerabilities
8179| [5850] AspWebCalendar 2008 Remote File Upload Vulnerability
8180| [5844] FreeCMS.us 0.2 (fckeditor) Arbitrary File Upload Exploit
8181| [5780] ASP Download 1.03 Arbitrary Change Administrator Account Vulnerability
8182| [5770] Achievo <= 1.3.2 (fckeditor) Arbitrary File Upload Exploit
8183| [5767] Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit
8184| [5756] XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability
8185| [5741] Akamai Download Manager < 2.2.3.7 ActiveX Remote Download Exploit
8186| [5737] Joomla Component jotloader <= 1.2.1.a Blind SQL injection Exploit
8187| [5732] C6 Messenger ActiveX Remote Download & Execute Exploit
8188| [5728] FlashBlog 0.31b Remote Arbitrary File Upload Vulnerability
8189| [5716] mebiblio 0.4.7 (sql/upload/xss) Multiple Vulnerabilities
8190| [5700] CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload Exploit
8191| [5697] PHP Booking Calendar 10 d (fckeditor) Arbitrary File Upload Exploit
8192| [5694] ASUS DPC Proxy 2.0.0.16/19 Remote Buffer Overflow Exploit
8193| [5691] CMS from Scratch <= 1.1.3 (fckeditor) Remote Shell Upload Exploit
8194| [5688] SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit
8195| [5636] Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability
8196| [5618] La-Nai CMS <= 1.2.16 (fckeditor) Arbitrary File Upload Exploit
8197| [5600] CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit
8198| [5547] Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers DoS Vulnerability
8199| [5519] VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit
8200| [5465] 2532/Gigs <= 1.2.2 - Arbitrary Database Backup/Download Vulnerability
8201| [5449] KwsPHP (Upload) Remote Code Execution Exploit
8202| [5404] phpTournois <= G4 Remote File Upload/Code Execution Exploit
8203| [5397] CDNetworks Nefficient Download (NeffyLauncher.dll) Code Execution Vuln
8204| [5381] Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability
8205| [5344] Novel eDirectory HTTP Denial of Service Exploit
8206| [5338] ChilkatHttp ActiveX 2.3 Arbitrary Files Overwrite Exploit
8207| [5326] Wordpress Plugin Download (dl_id) SQL Injection Vulnerability
8208| [5308] e107 Plugin My_Gallery 2.3 Arbitrary File Download Vulnerability
8209| [5281] PEEL CMS Admin Hash Extraction and Remote Upload Exploit
8210| [5220] zKup CMS 2.0 <= 2.3 - Remote Upload Exploit
8211| [5218] XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability
8212| [5215] Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory Traversal Vulnerability
8213| [5183] php Download Manager <= 1.1 - Local File Inclusion Vulnerability
8214| [5137] XPWeb 3.3.2 (Download.php url) Remote File Disclosure Vulnerability
8215| [5136] PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability
8216| [5129] TRUC 0.11.0 (download.php) Remote File Disclosure Vulnerability
8217| [5111] IBM Domino Web Access Upload Module - SEH Overwrite Exploit
8218| [5102] FaceBook PhotoUploader <= 5.0.14.0 - Remote Buffer Overflow Exploit
8219| [5100] ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX BOF Exploit
8220| [5086] ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow PoC
8221| [5078] Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit
8222| [5074] Mihalism Multi Host Download (Username) Blind SQL Injection Exploit
8223| [5073] Mambo Component com_downloads Remote SQL Injection Vulnerability
8224| [5049] FaceBook PhotoUploader (ImageUploader4.ocx 4.5.57.0) BOF Exploit
8225| [5033] LightBlog 9.5 cp_upload_image.php Remote File Upload Vulnerability
8226| [5025] MySpace Uploader (MySpaceUploader.ocx 1.0.0.4) BOF Exploit
8227| [4987] Persits XUpload 3.0 AddFile() Remote Buffer Overflow Exploit
8228| [4981] ImageShack Toolbar 4.5.7 FileUploader Class InsecureMethod PoC
8229| [4967] Lycos FileUploader Control ActiveX Remote Buffer Overflow Exploit
8230| [4954] IDM-OS 1.0 (download.php fileName) File Disclosure Vulnerability
8231| [4941] Belkin Wireless G Plus MIMO Router F5D9230-4 Auth Bypass Vulnerability
8232| [4940] Mini File Host 1.2.1 (upload.php language) Local File Inclusion Exploit
8233| [4930] Mini File Host 1.2 (upload.php language) LFI Vulnerability
8234| [4913] Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit
8235| [4909] Macrovision FlexNet DownloadManager Insecure Methods Exploit
8236| [4894] StreamAudio ChainCast ProxyManager ccpm_0237.dll BoF Exploit
8237| [4871] UploadImage/UploadScript 1.0 - Remote Change Admin Password Exploit
8238| [4864] Zero CMS 1.0 Alpha Arbitrary File Upload / SQL Injection Vulnerabilities
8239| [4859] EkinBoard <= 1.1.0 - Remote File Upload / Auth Bypass Vulnerabilities
8240| [4857] OneCMS 2.4 - Remote SQL Injection / Upload Vulnerabilities
8241| [4844] Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability
8242| [4828] AGENCY4NET WEBFTP 1 download2.php File Disclosure Vulnerability
8243| [4820] IBM Domino Web Access Upload Module dwa7w.dll BoF Exploit
8244| [4818] IBM Domino Web Access Upload Module inotes6.dll BoF Exploit
8245| [4814] Bitweaver R2 CMS Remote File Upload / Disclosure Vulnerabilities
8246| [4812] Mihalism Multi Host 2.0.7 download.php Remote File Disclosure Vuln
8247| [4806] Persits Software XUpload Control AddFolder() Buffer Overflow Exploit
8248| [4780] ThemeSiteScript 1.0 (index.php loadadminpage) RFI Vulnerability
8249| [4764] Arcadem LE 2.04 (loadadminpage) Remote File Inclusion Vulnerability
8250| [4754] 3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (win32) (pl)
8251| [4753] Dokeos 1.8.4 Bypass Upload Shell From Your Profile Vulnerability
8252| [4747] RaidenHTTPD 2.0.19 (ulang) Remote Command Execution Exploit
8253| [4741] MySpace Content Zone 3.x Remote File Upload Vulnerability
8254| [4734] Anon Proxy Server 0.1000 Remote Command Execution Vulnerability
8255| [4729] xml2owl 0.1.1 (filedownload.php) Remote File Disclosure Vulnerability
8256| [4717] Simple HTTPD <= 1.41 (/aux) Remote Denial of Service Exploit
8257| [4714] MonAlbum 0.87 Upload Shell / Password Grabber Exploit
8258| [4704] PolDoc CMS 0.96 (download_file.php) File Disclosure Vulnerability
8259| [4700] simple httpd <= 1.38 Multiple Vulnerabilities
8260| [4666] Eurologon CMS files.php Arbitrary File Download Vulnerability
8261| [4592] ISPworker 1.21 download.php Remote File Disclosure Vulnerability
8262| [4586] ProfileCMS 1.0 - Remote File Upload Vulnerability Shell Upload Exploit
8263| [4542] Boa 0.93.15 HTTP Basic Authentication Bypass Exploit
8264| [4521] Joomla Flash uploader 2.5.1 - Remote File Inclusion Vulnerabilities
8265| [4474] EDraw Office Viewer Component 5.3 FtpDownloadFile() Remote BoF
8266| [4466] Zomplog <= 3.8.1 upload_files.php Arbitrary File Upload Exploit
8267| [4437] Lighttpd <= 1.4.17 FastCGI Header Overflow Remote Exploit
8268| [4428] Yahoo! Messenger 8.1.0.421 CYFT Object Arbitrary File Download
8269| [4427] jetAudio 7.x ActiveX DownloadFromMusicStore() Code Execution Exploit
8270| [4426] Airsensor M520 HTTPD Remote Preauth DoS / BOF PoC
8271| [4411] Chupix CMS 0.2.3 (download.php) Remote File Disclosure Vulnerability
8272| [4391] Lighttpd <= 1.4.16 FastCGI Header Overflow Remote Exploit
8273| [4386] Sisfo Kampus 2006 (dwoprn.php f) Remote File Download Vulnerability
8274| [4383] Joomla Component Restaurante Remote File Upload Vulnerability
8275| [4371] RW::Download 2.0.3 lite (index.php dlid) Remote SQL Injection Vuln
8276| [4360] CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (meta)
8277| [4343] Ourspace 2.0.9 (uploadmedia.cgi) Remote File Upload Vulnerability
8278| [4341] Pakupaku CMS <= 0.4 - Remote File Upload / LFI Vulnerability
8279| [4307] Joomla Component RSfiles <= 1.0.2 (path) File Download Vulnerability
8280| [4243] corehttp 0.5.3alpha (httpd) Remote Buffer Overflow Exploit
8281| [4235] Seditio CMS <= 121 - (pfs.php) Remote File Upload Vulnerability
8282| [4232] IBM AIX <= 5.3 sp6 pioout Arbitrary Library Loading Local Root Exploit
8283| [4227] PHP php_gd2.dll imagepsloadfont Local Buffer Overflow PoC
8284| [4226] Clever Internet ActiveX Suite 6.2 Arbitrary File Download/Overwrite
8285| [4194] Joomla Component Expose <= RC35 Remote File Upload Vulnerability
8286| [4113] WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit
8287| [4106] DreamLog 0.5 (upload.php) Arbitrary File Upload Exploit
8288| [4099] e107 <= 0.7.8 - (photograph) Arbitrary File Upload Vulnerability
8289| [4089] SerWeb 0.9.4 (load_lang.php) Remote File Inclusion Exploit
8290| [4057] GeometriX Download Portal (down_indir.asp id) SQL Injection Vuln
8291| [4056] Internet Download Accelerator 5.2 - Remote Buffer Overflow PoC
8292| [4053] Yahoo! Messenger Webcam 8.1 (Ywcupl.dll) Download / Execute Exploit
8293| [4052] Yahoo! Messenger Webcam 8.1 (Ywcvwr.dll) Download / Execute Exploit
8294| [4046] MiniWeb Http Server 0.8.x Remote Denial of Service Exploit
8295| [4008] Zenturi ProgramChecker ActiveX File Download/Overwrite Exploit
8296| [3993] IE 6 / Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit
8297| [3985] Mac OS X <= 10.4.8 pppd Plugin Loading Privilege Escalation Exploit
8298| [3922] webdesproxy 0.0.1 (GET Request) Remote Root Exploit (exec-shield)
8299| [3918] phpAtm 1.30 (downloadfile) Remote File Disclosure Vulnerability
8300| [3913] webdesproxy 0.0.1 (GET Request) Remote Buffer Overflow Exploit
8301| [3908] YAAP <= 1.5 __autoload() Remote File Inclusion Vulnerability
8302| [3888] Gimp 2.2.14 .RAS File Download/Execute Buffer Overflow Exploit (win32)
8303| [3832] 1024 CMS 0.7 (download.php item) Remote File Disclosure Vulnerability
8304| [3831] PStruh-CZ 1.3/1.5 (download.asp File) File Disclosure Vulnerability
8305| [3829] 3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)
8306| [3822] 3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (win32)
8307| [3821] 3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (linux)
8308| [3800] Ext 1.0 (feed-proxy.php feed) Remote File Disclosure Vulnerability
8309| [3796] wavewoo 0.1.1 (loading.php path_include) Remote File Inclusion Exploit
8310| [3764] Zomplog 3.8 (force_download.php file) Remote File Disclosure Vuln
8311| [3715] Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit
8312| [3677] cattaDoc 2.21 (download2.php fn1) Remote File Disclosure Vulnerability
8313| [3676] Beryo 2.0 (downloadpic.php chemin) Remote File Disclosure Vulnerability
8314| [3674] Wserve HTTP Server 4.6 (Long Directory Name) Denial of Service Exploit
8315| [3666] XOOPS Module Rha7 Downloads 1.0 (visit.php) SQL Injection Exploit
8316| [3615] dproxy-nexgen Remote Root Buffer Overflow Exploit (x86-lnx)
8317| [3554] dproxy <= 0.5 - Remote Buffer Overflow Exploit (meta 2.7)
8318| [3516] MetaForum <= 0.513 Beta Remote File Upload Exploit
8319| [3494] McGallery 0.5b (download.php) Arbitrary File Download Vulnerability
8320| [3458] AssetMan <= 2.4a (download_pdf.php) Remote File Disclosure Vuln
8321| [3435] netForo! 0.1 (down.php file_to_download) Remote File Disclosure Vuln
8322| [3381] NetProxy <= 4.03 Web Filter Evasion / Bypass Logging Exploit
8323| [3379] STWC-Counter <= 3.4.0 (downloadcounter.php) RFI Exploit
8324| [3346] PHP-Nuke <= 8.0 Final (HTTP Referers) Remote SQL Injection Exploit
8325| [3318] Aktueldownload Haber scripti (id) Remote SQL Injection Vulnerability
8326| [3311] Jupiter CMS 1.1.5 - Remote File Upload Exploit
8327| [3249] WebBuilder 2.0 (StageLoader.php) Remote File Include Vulnerability
8328| [3203] FdScript <= 1.3.2 (download.php) Remote File Disclosure Vulnerability
8329| [3200] Apple CFNetwork HTTP Response Denial of Service Exploit (rb code)
8330| [3182] Sami HTTP Server 2.0.1 (HTTP 404 - Object not found) DoS Exploit
8331| [3174] Upload Service 1.0 (top.php maindir) Remote File Inclusion Vulnerability
8332| [3148] MS Internet Explorer VML Download and Execute Exploit (MS07-004)
8333| [3125] JV2 Folder Gallery 3.0 0 - (download.php) Remote File Disclosure Exploit
8334| [3078] Acunetix WVS <= 4.0 20060717 HTTP Sniffer Component Remote DoS
8335| [3058] Rediff Bol Downloader (ActiveX Control) Execute Local File Exploit
8336| [3049] IMGallery <= 2.5 Create Uploader Script Exploit
8337| [3020] PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit
8338| [3014] logahead UNU edition 1.0 - Remote Upload File / Code Execution Vuln
8339| [3000] Pagetool CMS <= 1.07 (pt_upload.php) Remote File Include Vulnerability
8340| [2997] File Upload Manager <= 1.0.6 (detail.asp) Remote SQL Injection Exploit
8341| [2974] Http explorer Web Server 1.02 Directory Transversal Vulnerability
8342| [2971] PgmReloaded <= 0.8.5 - Multiple Remote File Include Vulnerabilities
8343| [2962] Burak Yilmaz Download Portal (down.asp) SQL Injection Vulnerability
8344| [2945] Uploader & Downloader 3.0 (id_user) Remote SQL Injection Vulnerability
8345| [2936] GNU InetUtils ftpd 1.4.2 (ld.so.preload) Remote Root Exploit
8346| [2929] MS Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC
8347| [2902] TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit
8348| [2886] PHP Upload Center 2.0 (activate.php) File Include Vulnerabilities
8349| [2876] deV!Lz Clanportal [DZCP] <= 1.3.6 - Arbitrary File Upload Vulnerability
8350| [2847] Sisfo Kampus <= 0.8 - Remote File Inclusion / Download Vulnerabilities
8351| [2812] PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit
8352| [2776] contentnow 1.30 (upload/xss) Multiple Vulnerabilities
8353| [2768] contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities
8354| [2651] MiniHttpServer Web Forum & File Sharing Server 4.0 Add User Exploit
8355| [2637] AEP SmartGate 4.3b (GET) Arbitrary File Download Exploit
8356| [2598] PH Pexplorer <= 0.24 (explorer_load_lang.php) Local Include Exploit
8357| [2569] Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Local Root Exploit
8358| [2556] E-Uploader Pro <= 1.0 Image Upload with Code Execution Vulnerability
8359| [2521] Download-Engine <= 1.4.2 (spaw) Remote File Include Vulnerability
8360| [2482] SHTTPD 1.34 (POST) Remote Buffer Overflow Exploit
8361| [2374] Site@School <= 2.4.02 Advisory / Remote File Upload Exploit
8362| [2352] webSPELL <= 4.01.01 Database Backup Download Vulnerability
8363| [2328] RaidenHTTPD 1.1.49 (SoftParserFileXml) Remote Code Execution Exploit
8364| [2310] PhpCommander <= 3.0 (upload) Remote Code Execution Exploit
8365| [2277] Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit 2
8366| [2274] Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit
8367| [2122] ME Download System <= 1.3 (header.php) Remote Inclusion Vulnerability
8368| [2073] libmikmod <= 3.2.2 (GT2 loader) Local Heap Overflow PoC
8369| [2035] toendaCMS <= 1.0.0 (FCKeditor) Remote File Upload Exploit
8370| [1980] ImgSvr <= 0.6.5 (long http post) Denial of Service Exploit
8371| [1852] gxine 0.5.6 (HTTP Plugin) Remote Buffer Overflow PoC
8372| [1746] zawhttpd <= 0.8.23 (GET) Remote Buffer Overflow DoS
8373| [1671] panic-reloaded TCP Denial of Service Tool
8374| [1656] Sire 2.0 (lire.php) Remote File Inclusion/Arbitary File Upload Vulnerability
8375| [1631] ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit
8376| [1628] MS Internet Explorer (createTextRang) Download Shellcoded Exploit (2)
8377| [1607] MS Internet Explorer (createTextRang) Download Shellcoded Exploit
8378| [1605] XHP CMS <= 0.5 (upload) Remote Command Execution Exploit
8379| [1597] ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit
8380| [1556] D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit
8381| [1484] FCKEditor 2.0 <= 2.2 (connector.php) - Remote Shell Upload Exploit
8382| [1446] creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit
8383| [1420] MS Windows Metafile (WMF) Remote File Download Exploit Generator
8384| [1409] BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit
8385| [1408] BlueCoat WinProxy 6.0 R1c (Host) Remote Stack/SEH Overflow Exploit
8386| [1396] MS Windows IIS Malformed HTTP Request Denial of Service Exploit (cpp)
8387| [1377] MS Windows IIS Malformed HTTP Request Denial of Service Exploit (pl)
8388| [1376] MS Windows IIS Malformed HTTP Request Denial of Service Exploit (c)
8389| [1365] Oracle 9.2.0.1 Universal XDB HTTP Pass Overflow Exploit
8390| [1356] DoceboLMS <= 2.0.4 connector.php Shell Upload Exploit
8391| [1340] eFiction <= 2.0 Fake GIF Shell Upload Exploit
8392| [1333] Google Search Appliance proxystylesheet XSLT Java Code Execution
8393| [1315] XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit
8394| [1277] Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit
8395| [1274] Hasbani-WindWeb/2.0 - HTTP GET Remote DoS
8396| [1174] ZipTorrent <= 1.3.7.3 - Local Proxy Password Disclosure Exploit
8397| [1137] Acunetix HTTP Sniffer Denial of Service Exploit
8398| [1108] Small HTTP Server <= 3.05.28 Arbitrary Data Execution Exploit
8399| [1091] Internet Download Manager <= 4.05 Input URL Stack Overflow Exploit
8400| [1068] PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit
8401| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
8402| [970] Snmppd SNMP Proxy Daemon Remote Format String Exploit
8403| [964] FilePocket 1.2 - Local Proxy Password Disclosure Exploit
8404| [952] MailEnable Enterprise & Professional https Remote BoF Exploit
8405| [940] Sumus 0.2.2 httpd Remote Buffer Overflow Exploit
8406| [937] BitComet 0.57 Local Proxy Password Disclosure Exploit
8407| [919] FireFly 1.0 - Local Proxy Password Disclosure Exploit
8408| [907] phpBB <= 2.0.13 'downloads.php' mod Remote Exploit
8409| [870] Download Center Lite (DCL) <= 1.5 - Remote File Inclusion
8410| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
8411| [802] MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit
8412| [771] MS Internet Explorer .ANI files handling Downloader Exploit (MS05-002)
8413| [759] Apple iTunes Playlist Buffer Overflow Download Shellcoded Exploit
8414| [702] phpBB highlight Arbitrary File Upload (Santy.A)
8415| [687] OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS
8416| [667] Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit
8417| [659] EZshopper Directory Transversal in loadpage.cgi
8418| [641] MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass
8419| [621] CCProxy 6.2 (ping) Remote Buffer Overflow Exploit
8420| [619] CCProxy Log Remote Stack Overflow Exploit
8421| [570] WordPress Blog HTTP Splitting Vulnerability
8422| [556] MS Windows JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload
8423| [478] MS Windows JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028)
8424| [371] Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
8425| [360] Apache HTTPd Arbitrary Long HTTP Headers DoS
8426| [358] Lexmark Multiple HTTP Servers Denial of Service Vulnerability
8427| [290] GLIBC 2.1.3 ld_preload Local Exploit
8428| [228] Oops! 1.4.6 (one russi4n proxy-server) Heap Buffer Overflow Exploit
8429| [171] tcpdump ISAKMP Identification payload Integer Overflow Exploit
8430| [156] PSOProxy 0.91 Remote Buffer Overflow Exploit (Win2k/XP)
8431| [155] GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit
8432| [77] Cisco IOS 12.x/11.x HTTP Remote Integer Overflow Exploit
8433| [12] Linux Kernel < 2.4.20 Module Loader Local Root Exploit
8434| [9] Apache HTTP Server 2.x Memory Leak Exploit
8435|
8436| OpenVAS (Nessus) - http://www.openvas.org:
8437| [902825] at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
8438| [900325] Qbik WinGate HTTP Proxy Server Access Controls Bypass Vulnerability
8439| [900222] IBM HTTP Server mod_proxy Interim Responses DoS Vulnerability
8440| [801834] SDP Downloader HTTP Header Handling Buffer Overflow Vulnerability
8441| [800827] Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
8442| [800552] Versalsoft HTTP Image Uploader ActiveX Vulnerability
8443| [103293] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
8444| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
8445| [100083] HTTP Proxy Server Detection
8446| [100057] MLdonkey HTTP Request Arbitrary File Download Vulnerability
8447| [11715] Header overflow against HTTP proxy
8448| [903012] ALFTP Insecure Executable File Loading Vulnerability
8449| [902830] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
8450| [902820] Tiny Server HTTP HEAD Request Remote Denial of Service Vulnerability
8451| [902664] Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
8452| [902579] APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
8453| [902526] Oracle HTTP Server 'Expect' Header Cross-Site Scripting Vulnerability
8454| [902489] IBM DB2 'DT_RPATH' Insecure Library Loading Code Execution Vulnerabilities
8455| [902437] Lil' HTTP Server Cross Site Scripting Vulnerability
8456| [902404] jHTTPd Directory Traversal Vulnerability
8457| [902312] BlackBerry Desktop Software Insecure Library Loading Vulnerability
8458| [902307] UltraEdit Insecure Library Loading Vulnerability
8459| [902255] Microsoft Visual Studio Insecure Library Loading Vulnerability
8460| [902254] Microsoft Office Products Insecure Library Loading Vulnerability
8461| [902242] Mozilla Products Insecure Library Loading Vulnerability (Windows)
8462| [902241] Avast! Antivirus File Opening Insecure Library Loading Vulnerability (Win)
8463| [902240] uTorrent File Opening Insecure Library Loading Vulnerability
8464| [902239] Wireshark File Opening Insecure Library Loading Vulnerability (Windows)
8465| [902238] Skype Insecure Library Loading Vulnerability (Windows)
8466| [902171] Ipswitch WS_FTP Professional 'HTTP' Response Format String Vulnerability
8467| [902052] Task Freak 'loadByKey()' SQL Injection Vulnerability
8468| [902036] Mini Stream RM Downloader '.smi' File Buffer Overflow Vulnerability
8469| [901305] Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)
8470| [901203] Apache httpd Web Server Range Header Denial of Service Vulnerability
8471| [901155] Integard Home and Pro HTTP Buffer Overflow Vulnerability
8472| [901149] Adobe Dreamweaver Insecure Library Loading Vulnerability
8473| [901147] Adobe Photoshop Insecure Library Loading Vulnerability
8474| [901128] Ziproxy PNG Image Processing Buffer Overflow Vulnerability
8475| [901104] Tembria Server Monitor HTTP Request Denial of Service Vulnerability
8476| [900869] Insecure Saving Of Downloadable File In Mozilla Firefox (Linux)
8477| [900842] Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)
8478| [900841] Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
8479| [900832] Google Chrome 'JavaScript' And 'HTTPS' Multiple Vulnerabilities - Aug09
8480| [900642] SDP Downloader ASX File Heap Buffer Overflow Vulnerability
8481| [900641] SDP Downloader Version Detection
8482| [900523] Ziproxy Security Bypass Vulnerability
8483| [900522] Ziproxy Server Version Detection
8484| [900499] Apache mod_proxy_ajp Information Disclosure Vulnerability
8485| [900489] Orbit Downloader File Deletion ActiveX Vulnerability
8486| [900349] CUPS HTTP Host Header DNS Rebinding Attacks
8487| [900110] Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
8488| [900107] Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
8489| [900092] Windows HTTP Services Could Allow Remote Code Execution Vulnerabilities (960803)
8490| [881537] CentOS Update for libproxy CESA-2012:1461 centos6
8491| [881450] CentOS Update for httpd CESA-2011:1392 centos4 x86_64
8492| [881436] CentOS Update for httpd CESA-2011:1392 centos5 x86_64
8493| [881394] CentOS Update for httpd CESA-2011:1245 centos4 x86_64
8494| [881089] CentOS Update for httpd CESA-2012:0128 centos6
8495| [881032] CentOS Update for httpd CESA-2011:1392 centos4 i386
8496| [881020] CentOS Update for httpd CESA-2011:1392 centos5 i386
8497| [880970] CentOS Update for httpd CESA-2011:1245 centos4 i386
8498| [880849] CentOS Update for httpd CESA-2009:1148 centos5 i386
8499| [880842] CentOS Update for httpd CESA-2009:1205 centos3 i386
8500| [880739] CentOS Update for httpd CESA-2009:1579 centos3 i386
8501| [880706] CentOS Update for httpd CESA-2009:1579 centos5 i386
8502| [880692] CentOS Update for httpd CESA-2009:1108 centos3 i386
8503| [880691] CentOS Update for httpd CESA-2009:1580 centos4 i386
8504| [880683] CentOS Update for httpd CESA-2009:1075 centos5 i386
8505| [880565] CentOS Update for httpd CESA-2010:0168 centos5 i386
8506| [880383] CentOS Update for httpd CESA-2010:0175 centos4 i386
8507| [880313] CentOS Update for httpd CESA-2008:0005 centos3 i386
8508| [880279] CentOS Update for httpd CESA-2008:0967 centos3 x86_64
8509| [880256] CentOS Update for httpd CESA-2008:0005 centos3 x86_64
8510| [880231] CentOS Update for httpd CESA-2008:0006 centos4 i386
8511| [880227] CentOS Update for httpd CESA-2008:0006 centos4 x86_64
8512| [880200] CentOS Update for httpd CESA-2008:0967 centos3 i386
8513| [880024] CentOS Update for httpd CESA-2008:0967 centos4 x86_64
8514| [880012] CentOS Update for httpd CESA-2008:0967 centos4 i386
8515| [870862] RedHat Update for libproxy RHSA-2012:1461-01
8516| [870631] RedHat Update for httpd RHSA-2012:0128-01
8517| [870617] RedHat Update for httpd RHSA-2011:1391-01
8518| [870571] RedHat Update for httpd RHSA-2012:0323-01
8519| [870505] RedHat Update for httpd RHSA-2011:1392-01
8520| [870487] RedHat Update for httpd RHSA-2011:1294-01
8521| [870479] RedHat Update for httpd RHSA-2011:1245-01
8522| [870314] RedHat Update for httpd RHSA-2010:0659-01
8523| [870241] RedHat Update for httpd RHSA-2010:0168-01
8524| [870239] RedHat Update for httpd RHSA-2010:0175-01
8525| [870119] RedHat Update for httpd RHSA-2008:0006-01
8526| [870081] RedHat Update for httpd RHSA-2008:0005-01
8527| [870034] RedHat Update for httpd RHSA-2008:0008-01
8528| [870016] RedHat Update for httpd RHSA-2008:0967-01
8529| [864921] Fedora Update for php-symfony2-HttpFoundation FEDORA-2012-19455
8530| [864918] Fedora Update for php-symfony2-HttpFoundation FEDORA-2012-19442
8531| [864871] Fedora Update for libproxy FEDORA-2012-17574
8532| [864812] Fedora Update for haproxy FEDORA-2012-16033
8533| [864801] Fedora Update for haproxy FEDORA-2012-16056
8534| [864513] Fedora Update for lighttpd FEDORA-2012-9040
8535| [864498] Fedora Update for lighttpd FEDORA-2012-9078
8536| [864331] Fedora Update for mozilla-https-everywhere FEDORA-2012-7051
8537| [864201] Fedora Update for mozilla-https-everywhere FEDORA-2012-7175
8538| [864197] Fedora Update for mozilla-https-everywhere FEDORA-2012-7136
8539| [863961] Fedora Update for httpd FEDORA-2012-1598
8540| [863892] Fedora Update for httpd FEDORA-2011-12667
8541| [863759] Fedora Update for httpd FEDORA-2012-1642
8542| [863514] Fedora Update for httpd FEDORA-2011-12715
8543| [863286] Fedora Update for httpcomponents-client FEDORA-2011-7747
8544| [862826] Fedora Update for myproxy FEDORA-2011-0512
8545| [862821] Fedora Update for myproxy FEDORA-2011-0514
8546| [862314] Fedora Update for httpd FEDORA-2010-12478
8547| [862126] Fedora Update for httpd FEDORA-2010-6055
8548| [861951] Fedora Update for lighttpd FEDORA-2010-7636
8549| [861946] Fedora Update for lighttpd FEDORA-2010-7643
8550| [861929] Fedora Update for httpd FEDORA-2010-6131
8551| [861746] Fedora Update for httpd FEDORA-2009-12747
8552| [861534] Fedora Update for httpd FEDORA-2007-2214
8553| [861479] Fedora Update for lighttpd FEDORA-2007-1299
8554| [861373] Fedora Update for httpd FEDORA-2007-0704
8555| [861345] Fedora Update for httpd FEDORA-2007-707
8556| [861325] Fedora Update for httpd FEDORA-2007-617
8557| [861246] Fedora Update for httpd FEDORA-2007-615
8558| [861123] Fedora Update for lighttpd FEDORA-2007-2132
8559| [860849] Fedora Update for lighttpd FEDORA-2008-3376
8560| [860683] Fedora Update for lighttpd FEDORA-2008-3343
8561| [860638] Fedora Update for httpd FEDORA-2008-6393
8562| [860350] Fedora Update for httpd FEDORA-2008-1711
8563| [860293] Fedora Update for lighttpd FEDORA-2008-2262
8564| [860246] Fedora Update for lighttpd FEDORA-2008-2278
8565| [860205] Fedora Update for lighttpd FEDORA-2008-4119
8566| [860097] Fedora Update for httpd FEDORA-2008-6314
8567| [860087] Fedora Update for httpd FEDORA-2008-1695
8568| [855564] Solaris Update for /usr/sadm/lib/smc/lib/preload/jsdk21.jar 116808-02
8569| [855212] Solaris Update for /usr/sadm/lib/smc/lib/preload/jsdk21.jar 116807-02
8570| [850054] SuSE Update for XFree86-server,xorg-x11-server,xloader SUSE-SA:2007:008
8571| [841215] Ubuntu Update for libproxy USN-1629-1
8572| [840915] Ubuntu Update for python-httplib2 USN-1375-1
8573| [835056] HP-UX Update for Java VM Classloader (J2SE) HPSBUX00295
8574| [831751] Mandriva Update for libproxy MDVSA-2012:172 (libproxy)
8575| [830230] Mandriva Update for hdf5 MDKA-2007:080 (hdf5)
8576| [803125] TVMOBiLi Media Server HTTP Request Multiple BOF Vulnerabilities
8577| [803085] LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X)
8578| [803084] LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows)
8579| [803080] Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
8580| [802966] PHP 'main/SAPI.c' HTTP Header Injection Vulnerability
8581| [802923] Null HTTPd Server Content-Length HTTP Header Buffer overflow Vulnerability
8582| [802838] Asterisk HTTP Manager Buffer Overflow Vulnerability
8583| [802819] Apple Safari Plugin Unloading Remote Code Execution Vulnerability (Win)
8584| [802737] Opera 'HTTPS-Session' Multiple Vulnerabilities (Linux)
8585| [802702] Google Chrome 'HTTP session' Information Disclosure Vulnerability (MAC OS X)
8586| [802701] Google Chrome 'HTTP session' Information Disclosure Vulnerability (Linux)
8587| [802700] Google Chrome 'HTTP session' Information Disclosure Vulnerability (Windows)
8588| [802617] NetDecision HTTP Server Long HTTP Request Remote Denial of Service Vulnerability
8589| [802614] Tiny HTTP Server Remote Denial of Service Vulnerability
8590| [802586] phux Download Manager 'file' Parameter SQL Injection Vulnerability
8591| [802560] Joomla Simple File Upload Module Remote Code Execution Vulnerability
8592| [802402] LabWiki Multiple Cross-site Scripting (XSS) and Shell Upload Vulnerabilities
8593| [802350] Mbedthis AppWeb HTTP TRACE Method Cross-Site Scripting Vulnerability
8594| [802341] Web File Browser 'act' Parameter File Download Vulnerability
8595| [802312] PowerZip Insecure Library Loading Vulnerability
8596| [802297] Interactive Graphical SCADA System DLL Loading Arbitrary Code Execution Vulnerability
8597| [802293] XAMPP WebDAV PHP Upload Vulnerability
8598| [802207] Dotclear Arbitrary File Upload Vulnerability
8599| [802187] Mozilla Firefox and SeaMonkey 'loadSubScript()' Security Bypass Vulnerability (MAC OS X)
8600| [802176] Mozilla Firefox and SeaMonkey 'loadSubScript()' Security Bypass Vulnerability
8601| [802156] Sunway ForceControl WebServer 'httpsvr.exe' Buffer Overflow Vulnerability
8602| [802143] Opera 'HTTPS-Session' Multiple Vulnerabilities (Mac OS X)
8603| [802141] Opera 'HTTPS-Session' Multiple Vulnerabilities (Windows)
8604| [802140] Microsoft Explorer HTTPS Sessions Multiple Vulnerabilities (Windows)
8605| [802136] Microsoft Windows Insecure Library Loading Vulnerability (2269637)
8606| [802114] NoticeBoardPro SQL Injection and Arbitrary File Upload Vulnerabilities
8607| [802104] CRE Loaded Multiple Security Bypass Vulnerabilities
8608| [802044] Lighttpd Connection header Denial of Service Vulnerability
8609| [802010] Nostromo nhttpd Webserver Directory Traversal Vulnerability
8610| [801996] IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
8611| [801969] Progea Movicon 'TCPUploadServer.exe' Multiple Vulnerabilities
8612| [801824] IBM Tivoli Directory Proxy Server Denial of Service Vulnerability
8613| [801796] Python CGIHTTPServer Module Information Disclosure Vulnerability
8614| [801770] Google Picasa Insecure Library Loading Arbitrary Code Execution Vulnerability (Windows)
8615| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
8616| [801532] Oracle Java System Web Server HTTP Response Splitting Vulnerability
8617| [801526] Visual Synapse HTTP Server Directory Traversal Vulnerability
8618| [801511] Adobe On Location Insecure Library Loading Vulnerability (Win)
8619| [801510] Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)
8620| [801509] Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
8621| [801508] Adobe InDesign Insecure Library Loading Vulnerability (Win)
8622| [801500] VLC Media Player File Opening Insecure Library Loading Vulnerability (Win)
8623| [801457] Microsoft Windows Address Book Insecure Library Loading Vulnerability
8624| [801456] Microsoft Windows Progman Group Converter Insecure Library Loading Vulnerability
8625| [801437] Winamp Insecure Library Loading Vulnerability
8626| [801436] TeamViewer File Opening Insecure Library Loading Vulnerability
8627| [801399] MS Windows Insecure Library Loading Remote Code Execution Vulnerabilities (2269637)
8628| [801339] Free Download Manager Multiple Buffer Overflow Vulnerabilities
8629| [801290] TortoiseSVN Insecure Library Loading Vulnerability
8630| [801274] TechSmith Snagit Insecure Library Loading Vulnerability
8631| [801273] Google Earth Insecure Library Loading Vulnerability
8632| [801267] Adobe Captivate Insecure Library Loading Vulnerability
8633| [801246] bozotic HTTP server Information Disclosure Vulnerability
8634| [801245] bozotic HTTP server Denial of Service Vulnerability
8635| [801244] bozotic HTTP server Version Detection
8636| [801236] httpdx Multiple Vulnerabilities
8637| [801214] Orbit Downloader metalink 'name' Directory Traversal Vulnerability
8638| [801213] Orbit Downloader Version Detection
8639| [801019] Xerver HTTP Server Source Code Disclosure Vulnerability
8640| [801018] Xerver HTTP Server Directory Traversal Vulnerability
8641| [801015] Xerver HTTP Server Cross Site Scripting Vulnerability
8642| [800962] httpdx Web Server 'h_handlepeer()' Buffer Overflow Vulnerability
8643| [800961] httpdx 'h_readrequest()' Host Header Format String Vulnerability
8644| [800866] Sun Java System Web Proxy Server Denial Of Service Vulnerability (Linux)
8645| [800865] Sun Java System Web Proxy Server Denial Of Service Vulnerability (Win)
8646| [800864] Sun Java System Web Proxy Server Version Detection
8647| [800858] Mozilla Firefox SOCKS5 Proxy Server DoS Vulnerability Aug-09 (Linux)
8648| [800857] Mozilla Firefox SOCKS5 Proxy Server DoS Vulnerability Aug-09 (Win)
8649| [800835] Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
8650| [800812] Sun Java System Web Proxy Server Vulnerabilities (Win)
8651| [800811] Sun Java System Web Proxy Server Vulnerabilities (Win)
8652| [800793] TCExam 'tce_functions_tcecode_editor.php' File Upload Vulnerability
8653| [800776] Internet Download Manager FTP Buffer Overflow Vulnerability
8654| [800771] PostNuke modload Module 'sid' Parameter SQL Injection Vulnerability
8655| [800539] CCProxy CONNECTION Request Buffer Overflow Vulnerability
8656| [800538] CCProxy Version Detection
8657| [800373] PHP 'mbstring.func_overload' DoS Vulnerability
8658| [800349] Multiple Buffer Overflow Vulnerabilities in Free Download Manager
8659| [800348] Free Download Manager Version Detection
8660| [800175] Xerver HTTP Server Web Administration Denial of Service Vulnerability
8661| [800144] Ruby on Rails redirect_to() HTTP Header Injection Vulnerability - Linux
8662| [800101] CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities
8663| [800026] Sun Java System Web Proxy Server Two Vulnerabilities (Linux)
8664| [800025] Sun Java System Web Proxy Server Vulnerabilities (Win)
8665| [200100] XHP CMS Version <= 0.5 File Upload Vulnerability
8666| [103494] F5 BIG-IP remote root authentication bypass Vulnerability
8667| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
8668| [103446] OSClass Directory Traversal and Arbitrary File Upload Vulnerabilities
8669| [103395] appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
8670| [103377] QuiXplorer 'index.php' Arbitrary File Upload Vulnerability
8671| [103333] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
8672| [103330] LabWiki Multiple Cross Site Scripting And Arbitrary File Upload Vulnerabilities
8673| [103320] Squid Proxy Caching Server CNAME Denial of Service Vulnerability
8674| [103309] osCommerce Remote File Upload and File Disclosure Vulnerabilities
8675| [103307] 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
8676| [103291] TYPO3 'download.php' Local File Disclosure Vulnerability
8677| [103240] HTTP Brute Force Logins with default Credentials
8678| [103233] Squid Proxy Gopher Remote Buffer Overflow Vulnerability
8679| [103142] DynMedia Pro Web CMS 'downloadfile.php' Local File Disclosure Vulnerability
8680| [103133] Feng Office Arbitrary File Upload and Cross Site Scripting Vulnerabilities
8681| [103121] CMS Lokomedia 'downlot.php' Arbitrary File Download Vulnerability
8682| [103120] Douran Portal 'download.aspx' Arbitrary File Download Vulnerability
8683| [103119] nostromo nhttpd Directory Traversal Remote Command Execution Vulnerability
8684| [103050] Weborf 'get_param_value()' Function HTTP Header Handling Denial Of Service Vulnerability
8685| [103041] AWStats Unspecified 'LoadPlugin' Directory Traversal Vulnerability
8686| [103005] httpdASM Directory Traversal Vulnerability
8687| [103004] Mongoose 'Content-Length' HTTP Header Remote Denial Of Service Vulnerability
8688| [100949] HttpBlitz Server HTTP Request Remote Denial of Service Vulnerability
8689| [100913] osCommerce 'categories.php' Arbitrary File Upload Vulnerability
8690| [100890] FreePBX System Recordings Menu Arbitrary File Upload Vulnerability
8691| [100878] Weborf HTTP Request Denial Of Service Vulnerability
8692| [100873] HP Systems Insight Manager Arbitrary File Download Vulnerability
8693| [100835] Novell iManager 'getMultiPartParameters()' Arbitrary File Upload Vulnerability
8694| [100816] OpenCart 'fckeditor' Arbitrary File Upload Vulnerability
8695| [100809] chillyCMS Arbitrary File Upload Vulnerability
8696| [100790] DynPage 'dynpage_load.php' Local File Disclosure Vulnerability
8697| [100789] Squid Proxy String Processing NULL Pointer Dereference Denial Of Service Vulnerability
8698| [100788] Weborf HTTP 'modURL()' Function Directory Traversal Vulnerability
8699| [100777] Wing FTP Server HTTP Request Denial Of Service Vulnerability
8700| [100750] bozohttpd Security Bypass Vulnerability
8701| [100725] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
8702| [100709] Podcast Generator 'download.php' Directory Traversal Vulnerability
8703| [100702] Wiki Web Help 'uploadimage.php' Arbitrary File Upload Vulnerability
8704| [100691] Weborf HTTP Header Processing Denial Of Service Vulnerability
8705| [100661] osCommerce Online Merchant 'file_manager.php' Remote Arbitrary File Upload Vulnerability
8706| [100650] Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities
8707| [100637] Zervit HTTP Server Source Code Information Disclosure Vulnerability
8708| [100629] Woltlab Burning Board Arbitrary File Upload Vulnerability
8709| [100620] OneHTTPD Directory Traversal Vulnerability
8710| [100617] PHP 'php_dechunk()' HTTP Chunked Encoding Integer Overflow Vulnerability
8711| [100585] HTTP File Server Security Bypass and Denial of Service Vulnerabilities
8712| [100560] uHTTP Server GET Request Directory Traversal Vulnerability
8713| [100553] Interchange HTTP Response Splitting Vulnerability
8714| [100548] Remote Help HTTP GET Request Format String Denial Of Service Vulnerability
8715| [100534] httpdx Multiple Remote Denial Of Service Vulnerabilities
8716| [100525] httpdx PNG File Handling Remote Denial of Service Vulnerability
8717| [100504] Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
8718| [100496] httpdx 'MKD' Command Directory Traversal Vulnerability
8719| [100491] httpdx 'USER' Command Remote Format String Vulnerability
8720| [100480] lighttpd Slow Request Handling Remote Denial Of Service Vulnerability
8721| [100461] boastMachine Arbitrary File Upload Vulnerability
8722| [100459] XOOPS Arbitrary File Deletion and HTTP Header Injection Vulnerabilities
8723| [100449] Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability
8724| [100447] Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability
8725| [100438] Sun Java System Directory Server 'core_get_proxyauth_dn' Denial of Service Vulnerability
8726| [100421] httpdx Space Character Remote File Disclosure Vulnerability
8727| [100418] CoreHTTP CGI Support Remote Command Execution Vulnerability
8728| [100397] Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability
8729| [100379] Polipo Malformed HTTP GET Request Memory Corruption Vulnerability
8730| [100377] CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability
8731| [100370] ISPworker Download.PHP Multiple Directory Traversal Vulnerabilities
8732| [100364] OpenX Arbitrary File Upload Vulnerability
8733| [100355] Xerver HTTP Response Splitting Vulnerability
8734| [100333] Joomla! Remote File Upload Vulnerability And Information Disclosure Weakness
8735| [100332] Serv-U Web Client HTTP Request Remote Buffer Overflow Vulnerability
8736| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
8737| [100317] MapServer HTTP Request Processing Integer Overflow Vulnerability
8738| [100304] Acritum Femitter Server HTTP Request Remote File Disclosure Vulnerability
8739| [100301] JDownloader Web Detection
8740| [100278] BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
8741| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
8742| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
8743| [100245] RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities
8744| [100244] ZNC File Upload Directory Traversal Vulnerability
8745| [100212] Lighttpd Trailing Slash Information Disclosure Vulnerability
8746| [100210] httpdx Multiple Commands Remote Buffer Overflow Vulnerabilities
8747| [100202] Matt Wright FormMail HTTP Response Splitting and Cross Site Scripting Vulnerabilities
8748| [100167] Zervit HTTP Server Malformed URI Remote Denial Of Service Vulnerability
8749| [100084] Squid Proxy Cache ICAP Adaptation Denial of Service Vulnerability
8750| [100034] HTTP-Version Detection
8751| [80076] PHP Easy Download admin/save.php Paramater Code Injection Vulnerability
8752| [80047] Abyss httpd crash
8753| [80010] HTTP NIDS evasion
8754| [72598] FreeBSD Ports: lighttpd
8755| [72568] Debian Security Advisory DSA 2573-1 (radsecproxy)
8756| [72566] Debian Security Advisory DSA 2571-1 (libproxy)
8757| [72536] Debian Security Advisory DSA 2564-1 (tinyproxy)
8758| [71965] Slackware Advisory SSA:2012-041-01 httpd
8759| [71958] Slackware Advisory SSA:2011-252-01 httpd
8760| [71947] Slackware Advisory SSA:2011-133-02 httpd
8761| [71945] Slackware Advisory SSA:2011-145-02 httpd
8762| [71941] Slackware Advisory SSA:2011-284-01 httpd
8763| [71553] Gentoo Security Advisory GLSA 201206-27 (mini_httpd)
8764| [71366] FreeBSD Ports: haproxy
8765| [70687] Debian Security Advisory DSA 2368-1 (lighttpd)
8766| [70584] FreeBSD Ports: lighttpd
8767| [69602] FreeBSD Ports: tinyproxy
8768| [69565] Debian Security Advisory DSA 2222-1 (tinyproxy)
8769| [69020] Gentoo Security Advisory GLSA 201006-17 (lighttpd)
8770| [68922] Slackware Advisory SSA:2011-041-03 httpd
8771| [68175] Slackware Advisory SSA:2010-240-02 httpd
8772| [67715] FreeBSD Ports: ziproxy
8773| [67408] FreeBSD Ports: ziproxy
8774| [67045] Slackware Advisory SSA:2010-067-01 httpd
8775| [66846] FreeBSD Ports: lighttpd
8776| [66806] Debian Security Advisory DSA 1987-1 (lighttpd)
8777| [66780] Slackware Advisory SSA:2010-024-01 httpd
8778| [66557] Fedora Core 12 FEDORA-2009-12606 (httpd)
8779| [66498] Fedora Core 10 FEDORA-2009-12604 (httpd)
8780| [66275] CentOS Security Advisory CESA-2009:1580 (httpd)
8781| [66274] CentOS Security Advisory CESA-2009:1579 (httpd)
8782| [65963] SLES10: Security update for libexif5
8783| [64741] Fedora Core 11 FEDORA-2009-8812 (httpd)
8784| [64661] CentOS Security Advisory CESA-2009:1205 (httpd)
8785| [64571] Slackware Advisory SSA:2009-214-01 httpd
8786| [64448] CentOS Security Advisory CESA-2009:1148 (httpd)
8787| [64269] CentOS Security Advisory CESA-2009:1108 (httpd)
8788| [64124] CentOS Security Advisory CESA-2009:1075 (httpd)
8789| [63864] FreeBSD Ports: ziproxy
8790| [63385] Fedora Core 9 FEDORA-2008-11923 (lighttpd)
8791| [61943] Gentoo Security Advisory GLSA 200812-04 (lighttpd)
8792| [61701] FreeBSD Ports: lighttpd
8793| [61476] Slackware Advisory SSA:2008-210-02 httpd
8794| [61364] Debian Security Advisory DSA 1540-3 (lighttpd)
8795| [61357] Debian Security Advisory DSA 1609-1 (lighttpd)
8796| [60834] FreeBSD Ports: lighttpd
8797| [60808] Gentoo Security Advisory GLSA 200804-08 (lighttpd)
8798| [60793] Debian Security Advisory DSA 1540-2 (lighttpd)
8799| [60786] Debian Security Advisory DSA 1540-1 (lighttpd)
8800| [60573] Debian Security Advisory DSA 1521-1 (lighttpd)
8801| [60513] Gentoo Security Advisory GLSA 200803-10 (lighttpd)
8802| [60499] Debian Security Advisory DSA 1513-1 (lighttpd)
8803| [60388] Slackware Advisory SSA:2008-045-01 httpd
8804| [58862] FreeBSD Ports: lighttpd
8805| [58861] FreeBSD Ports: lighttpd
8806| [58828] FreeBSD Ports: lighttpd
8807| [58805] FreeBSD Ports: lighttpd
8808| [58773] FreeBSD Ports: dirproxy
8809| [58752] Gentoo Security Advisory GLSA 200711-13 (3proxy)
8810| [58646] Gentoo Security Advisory GLSA 200709-16 (lighttpd)
8811| [58644] Debian Security Advisory DSA 1362-2 (lighttpd)
8812| [58581] Debian Security Advisory DSA 1362-1 (lighttpd)
8813| [58546] Gentoo Security Advisory GLSA 200708-11 (lighttpd)
8814| [58257] Gentoo Security Advisory GLSA 200705-07 (lighttpd)
8815| [58223] Gentoo Security Advisory GLSA 200704-17 (3proxy)
8816| [57988] Gentoo Security Advisory GLSA 200701-28 (thttpd)
8817| [57875] Gentoo Security Advisory GLSA 200608-25 (xorg-x11,xorg-server,xtrans,xload,xinit,xterm,xf86dga,xdm,libX11)
8818| [57684] Debian Security Advisory DSA 1205-2 (thttpd)
8819| [57168] Slackware Advisory SSA:2006-209-01 Apache httpd
8820| [56731] Slackware Advisory SSA:2006-129-01 Apache httpd
8821| [56729] Slackware Advisory SSA:2006-130-01 Apache httpd redux
8822| [56677] Gentoo Security Advisory GLSA 200510-26 (xli xloadimage)
8823| [56365] Gentoo Security Advisory GLSA 200603-04 (up-imapproxy)
8824| [55795] Debian Security Advisory DSA 883-1 (thttpd)
8825| [55710] FreeBSD Ports: xloadimage
8826| [55601] Debian Security Advisory DSA 852-1 (up-imapproxy)
8827| [55595] Debian Security Advisory DSA 858-1 (xloadimage)
8828| [55172] Debian Security Advisory DSA 786-1 (simpleproxy)
8829| [54853] Gentoo Security Advisory GLSA 200502-21 (lighttpd)
8830| [54728] Gentoo Security Advisory GLSA 200411-07 (Proxytunnel)
8831| [53910] Slackware Advisory SSA:2004-266-02 GTK+ image loading flaws
8832| [53819] Debian Security Advisory DSA 069-1 (xloadimage)
8833| [53781] Debian Security Advisory DSA 018-1 (tinyproxy)
8834| [53726] Debian Security Advisory DSA 145-1 (tinyproxy)
8835| [53692] Debian Security Advisory DSA 694-1 (xloadimage)
8836| [53377] Debian Security Advisory DSA 396-1 (thttpd)
8837| [52301] FreeBSD Ports: proxytunnel
8838| [52256] FreeBSD Ports: up-imapproxy
8839| [52169] FreeBSD Ports: lighttpd
8840| [20225] Kerio WinRoute Firewall HTTP/HTTPS Management Detection
8841| [20089] F5 BIG-IP Cookie Persistence
8842| [19751] Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw
8843| [17231] CERN httpd CGI name heap overflow
8844| [17230] CERN HTTPD access control bypass
8845| [17154] Proxy accepts CONNECT requests to itself
8846| [16363] BlueCoat ProxySG console management detection
8847| [16313] RaidenHTTPD directory traversal
8848| [16069] PHProxy XSS
8849| [15853] up-imapproxy Literal DoS Vulnerability
8850| [15714] ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)
8851| [15642] Format string on HTTP header value
8852| [15641] Format string on HTTP header name
8853| [15588] Detect Apache HTTPS
8854| [15563] Abyss httpd DoS
8855| [15555] Apache mod_proxy content-length buffer overflow
8856| [15553] OmniHTTPd pro long POST DoS
8857| [15397] ICECast HTTP basic authorization DoS
8858| [14783] Snitz Forums 2000 HTTP Response Splitting
8859| [14656] MailEnable HTTPMail Service GET Overflow Vulnerability
8860| [14655] MailEnable HTTPMail Service Content-Length Overflow Vulnerability
8861| [14654] MailEnable HTTPMail Service Authorization Header DoS Vulnerability
8862| [14632] IlohaMail Attachment Upload Vulnerability
8863| [14247] Opera web browser file download extension spoofing
8864| [14229] HTTP Directory Traversal (Windows)
8865| [12286] JS.Scob.Trojan or Download.Ject Trojan
8866| [12073] Sami HTTP Server v1.0.4
8867| [11801] Format string on HTTP method name
8868| [11746] AspUpload vulnerability
8869| [11720] S-HTTP detection
8870| [11213] http TRACE XSS attack
8871| [11183] HTTP negative Content-Length buffer overflow
8872| [11174] HTTP negative Content-Length DoS
8873| [11171] HTTP unfinished line denial
8874| [11162] WebSphere Edge caching proxy denial of service
8875| [11158] Novell NetWare HTTP POST Perl Code Execution Vulnerability
8876| [11149] HTTP login page
8877| [11130] BrowseGate HTTP headers overflows
8878| [11129] HTTP 1.1 header overflow
8879| [11127] HTTP 1.0 header overflow
8880| [11096] Avirt gateway insecure telnet proxy
8881| [11084] Infinite HTTP request
8882| [11078] HTTP header overflow
8883| [11077] HTTP Cookie overflow
8884| [11075] dwhttpd format string
8885| [11069] HTTP User-Agent overflow
8886| [11065] HTTP method overflow
8887| [11061] HTTP version number overflow
8888| [11040] HTTP TRACE
8889| [10963] Compaq Web Based Management Agent Proxy Vulnerability
8890| [10930] HTTP Windows 98 MS/DOS device names DOS
8891| [10867] php POST file uploads
8892| [10820] F5 Device Default Support Password
8893| [10818] Alchemy Eye HTTP Command Execution
8894| [10799] IBM-HTTP-Server View Code
8895| [10768] DoSable squid proxy server
8896| [10763] Detect the HTTP RPC endpoint mapper
8897| [10759] Private IP address leaked in HTTP headers
8898| [10758] Check for VNC HTTP
8899| [10716] OmniPro HTTPd 2.08 scripts source full disclosure
8900| [10657] NT IIS 5.0 Malformed HTTP Printer Request Header Buffer Overflow Vulnerability
8901| [10570] Unify eWave ServletExec 3.0C file upload
8902| [10523] thttpd ssi file retrieval
8903| [10498] Test HTTP dangerous methods
8904| [10107] HTTP Server type and version
8905|
8906| SecurityTracker - https://www.securitytracker.com:
8907| [1028638] RSA Authentication Manager Writes Operating System, SNMP, and HTTP Plug-in Proxy Passwords in Clear Text to Log Files
8908| [1028025] F5 BIG-IP Input Validation Flaws Lets Remote Users Inject SQL Commands and Download Files
8909| [1027165] Squid XMLHttpRequest Allows Remote Users to Obtain the Target User's Proxy Username and Password
8910| [1026797] Citrix XenServer Workload Balancer Lets Remote Users Deny Service
8911| [1026054] Apache mod_proxy_ajp HTTP Processing Error Lets Remote Users Deny Service
8912| [1024096] Apache mod_proxy_http May Return Results for a Different Request
8913| [1022592] Akamai Download Manager Stack Overflow in Processing HTTP Responses Lets Remote Users Execute Arbitrary Code
8914| [1022272] IP Filter ippool Buffer Overflow in 'lib/load_http.c' May Let Local Users Gain Elevated Privileges
8915| [1020900] HTTP Anti Virus Proxy Bug in 'sockethandler.cpp' Lets Remote Users Deny Service
8916| [1018937] F5 FirePass Input Validation Hole in 'download_plugin.php3' Permits Cross-Site Scripting Attacks
8917| [1017586] Blue Coat WinProxy Heap Overflow in Processing HTTP CONNECT Requests May Let Remote Users Execute Arbitrary Code
8918| [1017324] Sun Java System Web Proxy Server Lets Remote Users Conduct HTTP Request Smuggling Attacks
8919| [1016239] WinGate Buffer Overflow in HTTP Proxy Lets Remote Users Execute Arbitrary Code
8920| [1016058] Symantec Gateway Security HTTP Proxy May Disclose Internal NAT Addresses
8921| [1016057] Symantec Enterprise Firewall HTTP Proxy May Disclose Internal NAT Addresses
8922| [1014359] DeleGate Proxy Lets Remote Users Conduct HTTP Request Smuggling Attacks
8923| [1014358] Sun Java System Web Proxy Server Lets Remote Users Conduct HTTP Request Smuggling Attacks
8924| [1013370] HTTP Anti Virus Proxy May Not Detect Viruses in Certain Archives
8925| [1012365] JanaServer 2 http-server and pna-proxy Flaws Let Remote Users Deny Service
8926| [1009528] FirstClass HTTP Server Input Validation Flaw in 'Upload.shtml' Permits Cross-Site Scripting Attacks
8927| [1009411] HP HTTP Server Certificates Can Be Uploaded By Remote Users to Gain Access to Managed Hosts
8928| [1007712] Nokia Electronic Documentation Default Configuration Permits Remote HTTP Proxy Services
8929| [1007146] Apache HTTP Server FTP Proxy Bug May Cause Denial of Service Conditions
8930| [1006833] EServ Can Be Used as HTTP and FTP Proxy Even When Not Configured as a Proxy
8931| [1005253] Check Point FireWall-1 HTTP Proxy Default Configuration May Allow HTTPS and FTP Traffic to Pass Through the Proxy
8932| [1005026] CERN HTTP Proxy Server Input Validation Hole Lets Remote Users Conduct Cross-site Scripting Attacks
8933| [1004780] Norton Personal Firewall Buffer Overflow in HTTP Proxy May Allow Remote Users to Execute Arbitrary Code on the System
8934| [1004779] Norton Internet Security Buffer Overflow in HTTP Proxy May Allow Remote Users to Execute Arbitrary Code on the System
8935| [1003875] HP Webproxy for HP-UX VVOS Operating System May Forward Certain HTTP Requests to the Internal Network Without Fully Processing the Packet Against the Rule Set
8936| [1003600] Check Point FireWall-1 HTTP Proxy Bug Lets Remote Users Bypass Some Access Controls and Connect to Arbitrary Ports on Internal/Protected Hosts
8937| [1003367] Nortel Alteon ACEdirector Load Balancer May Disclose the Real and Otherwise Hidden IP Addresses of Load Balanced Servers to Remote Users
8938| [1002077] Cisco LocalDirector Load Balancer May Allow Remote Users to Deny Service in Certain Configurations
8939| [1028833] HP LoadRunner Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code
8940| [1028825] Cisco Unified Operations Manager Input Validation Flaw Permits HTTP Header Injection Attacks
8941| [1028788] F5 FirePass Component Lets Remote Users Install and Execute Arbitrary Code
8942| [1028787] F5 BIG-IP Component Lets Remote Users Install and Execute Arbitrary Code
8943| [1028675] Cisco Video Surveillance Operations Manager Software Flaw Lets Remote Users Load Arbitrary HTML on the Target User's System
8944| [1028653] VMware vCenter Chargeback Manager File Upload Flaw Lets Remote Users Execute Arbitrary Code
8945| [1028602] IBM WebSphere Portal Input Validation Flaw Permits HTTP Response Splitting Attacks
8946| [1028546] Windows HTTP Stack Header Processing Flaw Lets Remote Users Deny Service
8947| [1028516] RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks
8948| [1028479] McAfee ePolicy Orchestrator Input Validation Flaw Lets Remote Users Inject SQL Commands, Execute Arbitrary Code, and Upload Files
8949| [1028475] VMware vCenter Server Bugs Let Remote Users Bypass Authentication and Remote Authenticated Users Upload Arbitrary Files and Execute Files on the Target System
8950| [1028416] Cisco Firewall Services Module IKE and Auth-Proxy Bugs Let Remote Users Deny Service
8951| [1028360] Asterisk HTTP POST Content-Length Processing Flaw Lets Remote Users Deny Service
8952| [1028337] Novell ZENworks Configuration Management File Upload Authentication Flaw Lets Remote Users Execute Arbitrary Code
8953| [1028329] Symantec NetBackup Appliance Management Console Lets Remote Authenticated Users Download Files
8954| [1028281] Microsoft Office for Mac HTML Loading Bug Lets Remote Users Obtain Potentially Sensitive Information
8955| [1028252] Apache Commons FileUpload Unsafe Temporary File Lets Local Users Gain Elevated Privileges
8956| [1028247] mnoGoSearch Lets Certain Remote Users Download Arbitrary Files
8957| [1028231] Cisco Aironet HTTP Profiler Bug Lets Remote Users Deny Service
8958| [1028203] IBM HTTP Server (IHS) Input Validation Flaws in Optional Modules Permit Cross-Site Scripting Attacks
8959| [1028191] GNU Project Debugger (GDB) Untrusted File Loading Flaw Lets Local Users Gain Elevated Privileges
8960| [1028094] Cisco IOS Software HTTP Server Socket Handling Bug Lets Remote Users Execute Arbitrary Code
8961| [1028073] RSA Archer eGRC Permits Cross-Site Scripting, Cross-Domain Access, Clickjacking, and File Upload Attacks
8962| [1028035] Barracuda Link Balancer SSH Backdoor Lets Remote Users Access the System
8963| [1027860] Windows IP-HTTPS Certificate Processing Flaw Lets Remote Users Bypass Security Restrictions
8964| [1027832] F5 FirePass SSL VPN Include File Bug Lets Remote Users Deny Service and Potentially Execute Arbitrary Code
8965| [1027802] lighttpd Connection Header Processing Flaw Lets Remote Users Deny Service
8966| [1027786] Novell File Reporter 'NFRAgent.exe' Bugs Let Remote Users Upload and Download Arbitrary Files and Execute Arbitrary Code
8967| [1027690] IBM Tivoli Monitoring Web Server HTTP TRACE/TRACK Support Lets Remote Users Obtain Potentially Sensitive Information
8968| [1027688] F5 FirePass SSL VPN Input Validation Flaw Permits Cross-Site URL Redirection Attacks
8969| [1027686] Linux Kernel Bug in load_script() Lets Local Users Obtain Portions of Kernel Memory
8970| [1027611] VMware Movie Decoder DLL Loading Error Lets Remote Users Execute Arbitrary Code
8971| [1027581] Foxit Reader DLL Loading Error Lets Remote Users Execute Arbitrary Code
8972| [1027515] F5 BIG-IP Input Validation Flaw in Configuration Utility Permits Cross-Site Scripting Attacks
8973| [1027463] PHP HTTP Response Splitting Header Injection Protection Can Be Bypassed Using Carriage Return Characters
8974| [1027442] EMC ApplicationXtender Lets Remote Users Upload Files to Execute Arbitrary Code
8975| [1027412] Tinyproxy Hashmap Collision Lets Remote Users Deny Service
8976| [1027343] Novell Remote Manager Off-by-one Error in 'httpstkd' Lets Remote Users Deny Service
8977| [1027336] Citrix Access Gateway Bugs Let Remote Users Traverse the Directory, Proxy Connections via the Target System, and Inject Text Content
8978| [1027318] Ruby on Rails Bug in 'with_http_digest' Methods Lets Remote Users Deny Service
8979| [1027290] Symantec Backup Exec System Recovery and Symantec System Recovery DLL Loading Error Lets Remote Users Execute Arbitrary Code
8980| [1027229] Microsoft Office DLL Loading Error Lets Remote Users Execute Arbitrary Code
8981| [1027228] Microsoft Visual Basic for Applications DLL Loading Error Lets Remote Users Execute Arbitrary Code
8982| [1027158] F5 FirePass Controller Input Validation Flaw Lets Remote Users Inject SQL Commands
8983| [1027150] Microsoft Lync DLL Loading Error Lets Remote Users Execute Arbitrary Code
8984| [1027146] Adobe ColdFusion Bug in Component Browser Lets Remote Users Conduct HTTP Response Splitting Attacks
8985| [1027144] Check Point Endpoint Security DLL Loading Error Lets Remote Users Execute Arbitrary Code
8986| [1027137] F5 BIG-IP SSH Configuration Error Lets Remote Users Gain Root Access
8987| [1027099] VMware vMA Library Loading Error Lets Local Users Gain Elevated Privileges
8988| [1027090] Xen PV Bootloader Bug Lets Local Guest Users Crash the System
8989| [1027078] Symantec Web Gateway Bugs Let Remote Users View/Upload/Delete Files, Execute Arbitrary Commands, and Conduct Cross-Site Scripting Attacks
8990| [1027008] Cisco ASA Bugs Let Remote Users Conduct HTTP Response Splitting and Denial of Service Attacks and Obtain Potentially Sensitive Information
8991| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
8992| [1026861] Cisco IOS Zone-Based Firewall IP/HTTP/H.323/SIP Bugs Let Remote Users Deny Service
8993| [1026835] Novell ZENworks Configuration Management Bugs Let Remote Users Download Arbitrary Files and Execute Arbitrary Code
8994| [1026834] F5 FirePass Input Validation Flaw in 'my.activation.php3' Lets Remote Users Inject SQL Commands
8995| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
8996| [1026813] Asterisk Stack Overflow in HTTP Manager Lets Remote Users Execute Arbitrary Code
8997| [1026791] Microsoft Expression Design DLL Loading Error Lets Remote Users Execute Arbitrary Code
8998| [1026778] VMware vCenter Chargeback Manager Lets Remote Users Deny Service and Download Files
8999| [1026736] Cisco Small Business SRP500 Series Bugs Let Remote Users Upload Files and Remote Authenticated Users Inject Commands
9000| [1026719] CVS Heap Overflow in proxy_connect() Lets Remote Users Execute Arbitrary Code
9001| [1026693] Lenovo ThinkManagement Console SOAP Interface Lets Remote Users Upload and Delete Files and Execute Arbitrary Code
9002| [1026683] Windows XP Indeo Codec DLL Loading Error Lets Remote Users Execute Arbitrary Code
9003| [1026682] Windows Color Control Panel DLL Loading Error Lets Remote Users Execute Arbitrary Code
9004| [1026640] IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service
9005| [1026546] F5 FirePass PHP Bug Lets Remote Users Deny Service
9006| [1026515] HP LoadRunner Stack Overflow in 'magentservice.exe' Lets Remote Users Execute Arbitrary Code
9007| [1026426] RSA SecurID Software Token for Windows DLL Loading Error Lets Remote Users Execute Arbitrary Code
9008| [1026413] Microsoft Internet Explorer DLL Loading Error Lets Remote Users Execute Arbitrary Code and HTML Processing Bugs Let Remote Users Obtain Information
9009| [1026411] Microsoft PowerPoint DLL Loading and OfficeArt Object Processing Flaws Let Remote Users Execute Arbitrary Code
9010| [1026359] lighttpd Authentication Decoding Bug Lets Remote Users Deny Service
9011| [1026353] Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers
9012| [1026339] JBoss Enterprise SOA httpha-invoker Bug Lets Remote Users Bypass Access Controls
9013| [1026293] Windows Mail DLL Loading Error Lets Remote Users Execute Arbitrary Code
9014| [1026292] Windows Meeting Space DLL Loading Error Lets Remote Users Execute Arbitrary Code
9015| [1026283] Barracuda Link Balancer Input Validation Hole Permits Cross-Site Scripting Attacks
9016| [1026169] Microsoft Forefront Unified Access Gateway Input Validation Flaws Permits Cross-Site Scripting, HTTP Response Splitting, and Denial of Service Attacks
9017| [1026166] Windows Media Center DLL Loading Error Lets Remote Users Execute Arbitrary Code
9018| [1026164] Microsoft Active Accessibility Component DLL Loading Error Lets Remote Users Execute Arbitrary Code
9019| [1026154] IBM Rational AppScan Import/Load Function Flaws Let Remote Users Execute Arbitrary Code
9020| [1026144] Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers
9021| [1026095] Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks
9022| [1026061] Blue Coat Director HTTP Trace Processing Flaw Permits Cross-Site Scripting Attacks
9023| [1026041] Microsoft Windows Components DLL Loading Error Lets Remote Users Execute Arbitrary Code
9024| [1026039] Microsoft Office DLL Loading Error and Unspecified Bug Lets Remote Users Execute Arbitrary Code
9025| [1026005] Windows Script Host DLL Loading Error Lets Remote Users Execute Arbitrary Code
9026| [1025960] Apache httpd Byterange Filter Processing Error Lets Remote Users Deny Service
9027| [1025955] Ruby on Rails Bugs Permit HTTP Response Splitting, Cross-Site Scripting, and SQL Injection
9028| [1025895] Microsoft Data Access Components Insecure Library Loading Lets Remote Users Execute Arbitrary Code
9029| [1025883] Cisco Warranty CD May Load Malware From a Remote Site
9030| [1025881] Google Android Browser URL Loading Flaw Permits Cross-Application Scripting Attacks
9031| [1025819] Foxit Reader DLL Loading Error Lets Remote Users Execute Arbitrary Code
9032| [1025774] Trend Micro Control Manager 'proxy_request.php' Input Validation Flaw Lets Remote Users Traverse the Directory
9033| [1025763] Microsoft Visio May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9034| [1025749] HP-UX Dynamic Loader Lets Local Users Gain Elevated Privileges
9035| [1025714] Novell ZENworks Handheld Management Directory Traversal Flaw Lets Remote Users Upload Files
9036| [1025679] Blue Coat ProxySG Discloses Potentially Sensitive Information in Core Files
9037| [1025659] PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System
9038| [1025609] HP Mercury LoadRunner Buffer Overflow in Processing Virtual User Script Files Lets Remote Users Execute Arbitrary Code
9039| [1025489] Python CGIHTTPServer Lets Remote Users View CGI Source Code
9040| [1025487] WordPress Lets Remote Authenticated Authors Upload Arbitrary Files and Execute Arbitrary Code
9041| [1025455] Blue Coat ProxySG's Blue Coat Authentication and Authorization Agent Stack Overflow Lets Remote Users Execute Arbitrary Code
9042| [1025449] Cisco Unified Communications Manager Multiple Bugs Let Remote Users Deny Service, Inject SQL Commands, and Upload Arbitrary Files
9043| [1025348] Windows Operating System Loader Driver Signing Restrictions Can Be Bypassed
9044| [1025346] Microsoft Foundation Classes May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9045| [1025343] Microsoft Office DLL Loading and Graphic Object Processing Flaws Let Remote Users Execute Arbitrary Code
9046| [1025307] Linux Kernel Generic Receive Offload (GRO) Null Pointer Dereference Lets Remote Users Deny Service
9047| [1025303] Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
9048| [1025252] Immunity Debugger HTTP Update Buffer Overflow Lets Remote Users Execute Arbitrary Code via Man-in-the-Middle Attacks
9049| [1025172] Windows Remote Desktop Client DLL Loading Error Lets Remote Users Execute Arbitrary Code
9050| [1025171] Microsoft Groove DLL Loading Error Lets Remote Users Execute Arbitrary Code
9051| [1025170] Microsoft DirectShow DLL Loading Error Lets Remote Users Execute Arbitrary Code
9052| [1025027] Apache Tomcat maxHttpHeaderSize Parsing Error Lets Remote Users Deny Service
9053| [1025004] OpenOffice.org Library Loading Error Lets Remote Users Execute Arbitrary Code
9054| [1024956] HP LoadRunner Unspecified Flaw Lets Remote Users Execute Arbitrary Code
9055| [1024948] Windows Backup Manager May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9056| [1024913] Kerio WinRoute Firewall HTTP Cache Can Be Poisoned By Remote Users
9057| [1024895] F-Secure Internet Security DLL Loading Error Lets Remote Users Execute Arbitrary Code
9058| [1024881] Windows Routing and Remote Access NDProxy Buffer Overflow Lets Local Users Gain Elevated Privileges
9059| [1024879] Microsoft Windows Internet Connection Signup Wizard May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9060| [1024878] Windows Address Book May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9061| [1024877] Microsoft Windows May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9062| [1024876] Windows Media Encoder May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9063| [1024875] Windows Movie Maker May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9064| [1024865] Adobe Illustrator DLL Loading Error Lets Remote Users Execute Arbitrary Code
9065| [1024683] Bugzilla Permits Cross-Site Scripting and HTTP Response Splitting Attacks and Discloses Certain Information to Remote Users
9066| [1024675] HP Insight Control Performance Management for Windows Lets Remote Users Download Arbitrary Files
9067| [1024670] IBM Tivoli Directory Server Proxy Server Can Be Crashed By Remote Users
9068| [1024667] HP Insight Managed System Setup Wizard for Windows Lets Remote Users Download Arbitrary Files
9069| [1024657] HP LoadRunner Web Tours Lets Remote Users Deny Service
9070| [1024640] HP Virtual Server Environment Lets Remote Users Download Arbitrary Files
9071| [1024632] Blue Coat ProxyAV Permits Cross-Site Request Forgery Attacks
9072| [1024612] Adobe InDesign DLL Loading Error Lets Remote Users Execute Arbitrary Code
9073| [1024600] Blue Coat ProxySG Lets Remote Users Bypass JavaScript Filtering
9074| [1024503] Blue Coat ProxySG Input Validation Hole Permits Cross-Site Scripting Attacks
9075| [1024497] Novell iManager Lets Remote Users Upload Arbitrary Files
9076| [1024472] Cisco IOS SSL VPN HTTP Redirect Memory Leak Lets Remote Users Deny Serivce
9077| [1024453] HP System Management Homepage Input Validation Flaw Permits HTTP Response Splitting Attacks
9078| [1024452] Apple QuickTime DLL Loading and ActiveX Control Bugs Let Remote Users Execute Arbitrary Code
9079| [1024425] BlackBerry Desktop Software May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9080| [1024407] Mozilla Thunderbird DLL Loading Error Lets Remote Users Execute Arbitrary Code
9081| [1024406] Mozilla Firefox DLL Loading Error Lets Remote Users Execute Arbitrary Code
9082| [1024355] Windows Applications May Load DLLs Unsafely and Remotely Execute Arbitrary Code
9083| [1024341] Blue Coat ProxySG Privilege Enforcement Mechanism Can Be Bypassed By Remote Authenticated Administrators
9084| [1024301] Microsoft XML Core Services (MSXML) HTTP Response Processing Flaw Lets Remote Users Execute Arbitrary Code
9085| [1024211] F5 FirePass Input Validation Flaw in Pre-Logon Sequence Permits Cross-Site Scripting Attacks
9086| [1024204] Oracle WebLogic Plugin Encoding Error Lets Remote Users Inject HTTP Headers
9087| [1024168] Cisco Application Control Engine Newline Processing Flaw May Let Remote Users Modify HTTP Headers
9088| [1024167] Cisco Content Services Switch HTTP and ClientCert Headers Can Be Spoofed or Modified By Remote USers
9089| [1024155] Cisco ASA URL Processing Flaw Lets Remote Users Conduct HTTP Response Splitting Attacks
9090| [1024153] Trend Micro InterScan Web Security Virtual Appliance Flaws Let Local Users Gain Elevated Privileges and Remote Users Upload/Download Arbitrary Files
9091| [1024132] Novell Access Manager Directory Traversal Flaw Lets Remote Users Upload Arbitrary Files
9092| [1024103] Mac OS X Multiple Flaws Let Remote Users Execute Arbitrary Code, Deny Service, and Upload/Access Files and Local Users Gain Elevated Privileges
9093| [1023960] Lexmark Printers HTTP Authorization Field Processing Bug Lets Remote Users Deny Service
9094| [1023946] HP Mercury LoadRunner Agent Lets Remote Users Execute Arbitrary Commands
9095| [1023942] Apache mod_proxy_ajp Error Condition Lets Remote Users Deny Service
9096| [1023933] Internet Download Manager Stack Overflow in Sending Certain Command Sequences Lets Remote Users Execute Arbitrary Code
9097| [1023914] Novell ZENworks Configuration Management UploadServlet File Upload Bug Lets Remote Users Execute Arbitrary Code
9098| [1023908] Adobe Download Manager Buffer Overflow in 'gp.ocx' ActiveX Control Lets Remote Users Execute Arbitrary Code
9099| [1023833] VMware ESX Server VMware Tools Executable/Library Loading/Unloading Flaws Let Users Execute Arbitrary Code
9100| [1023832] VMware Tools Executable/Library Loading/Unloading Flaws Let Users Execute Arbitrary Code
9101| [1023818] uTorrent HTTP Basic Authentication Processing Flaw in WebUI Lets Remote Users Deny Service
9102| [1023783] Mozilla Firefox Chrome Privilege Escalation Exposed via Firebug XMLHttpRequestSpy Lets Remote Users Execute Arbitrary Code
9103| [1023755] Interchange Lets Remote Users Conduct HTTP Response Splitting Attacks
9104| [1023690] Opera Integer Overflow in Processing HTTP 'Content-Length' Reponses Lets Remote Users Execute Arbitrary Code
9105| [1023655] Blue Coat ProxySG Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks
9106| [1023651] Adobe Download Manager Flaw Lets Remote Users Download and Install Arbitrary Software
9107| [1023647] EMC HomeBase Server Directory Traversal Flaw Lets Remote Users Upload Arbitrary Files
9108| [1023625] Symantec Client Security Buffer Overflow in Client Proxy ActiveX Control Lets Remote Users Execute Arbitrary Code
9109| [1023624] Symantec AntiVirus Buffer Overflow in Client Proxy ActiveX Control Lets Remote Users Execute Arbitrary Code
9110| [1023606] Cisco Security Agent Management Center Input Validation Flaws Let Remote Authenticated Users Download Files and Inject SQL Commands
9111| [1023549] F5 BIG-IP TCP Processing Flaw Lets Remote Users Deny Service
9112| [1023548] F5 FirePass TCP Processing Flaw Lets Remote Users Deny Service
9113| [1023533] Apache mod_proxy Integer Overflow May Let Remote Users Execute Arbitrary Code
9114| [1023488] Sun Java System Web Server Heap Overflow in Processing HTTP Digest Authentication Requests Lets Remote Users Execute Arbitary Code
9115| [1023427] Sun Java System Web Proxy Server Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks
9116| [1023396] F5 Data Manager Directory Traversal Flaw Discloses Files to Remote Authenticated Administrators
9117| [1023249] Asterisk RTP Comfort Noise Payload Processing Error Lets Remote Users Deny Service
9118| [1023188] Novell eDirectory Buffer Overflow in HTTPSTK Login Page Lets Remote Authenticated Users Execute Arbitrary Code
9119| [1023167] Apple Safari May Load HTML 5 Media Elements Automatically
9120| [1023118] KDE Bugs Let Remote Users Cause XMLHttpRequests to Be Issued or JavaScript to Be Executed
9121| [1023099] Mozilla Firefox Proxy Auto-configuration regexp Parsing Flaw Lets Users Execute Arbitrary Code
9122| [1023098] Mozilla Firefox Download Files Containing RTL Override Characters May Be Used to Spoof the Download Filename
9123| [1023096] Mozilla Firefox Lets Local Users Modify Downloaded Files in Certain Cases
9124| [1022935] Cisco IOS Authentication Proxy Race Condition Lets Remote Users Bypass Access Controls
9125| [1022928] Symantec Altiris Deployment Solution ActiveX Control DownloadAndInstall() Method Lets Remote Users Execute Arbitrary Code
9126| [1022849] Novell eDirectory HTTP Request Processing Flaw Lets Remote Users Deny Service
9127| [1022833] Adobe RoboHelp Unspecified Flaw Lets Remote Users Upload and Execute Arbitrary Code
9128| [1022830] Akamai Download Manager Unspecified Flaw Has Unspecified Impact
9129| [1022796] VMware Studio Directory Traversal Flaw Lets Remote Users Upload Files to Arbitrary Directories
9130| [1022784] Solaris sockfs HTTP Request Processing Bug Lets Remote Users Deny Service
9131| [1022659] Java Runtime Environment Proxy Mechanism Flaws Let Remote Applets Obtain Elevated Privileges
9132| [1022598] Sun Java System Access Manager Policy Agent Bug Lets Remote Users Deny Service to the Web Proxy Server
9133| [1022517] Ruby on Rails Bug in 'http_authentication.rb' Lets Remote Users Bypass Authentication
9134| [1022513] FCKeditor input Validation Flaw Lets Remote Users Upload Arbitrary Files
9135| [1022509] Apache mod_proxy stream_reqbody_cl() Infinite Loop Lets Remote Users Deny Service
9136| [1022429] Google Chrome Buffer Overflow in Processing HTTP Responses Lets Remote Users Execute Arbitrary Code
9137| [1022399] SugarCRM E-mail Attachment Uploading Bug Lets Remote Authenticated Users Execute Arbitrary Code
9138| [1022396] Mozilla Thunderbird Proxy Response Processing Bug Lets Remote Users Execute Arbitrary Code in the Context of an SSL-Protected Domain
9139| [1022387] F5 FirePass Input Validation Flaw in Unspecified Password Fields Permits Cross-Site Scripting Attacks
9140| [1022383] Mozilla Firefox Proxy Response Processing Bug Lets Remote Users Execute Arbitrary Code in the Context of an SSL-Protected Domain
9141| [1022342] Apple Safari Lets Local Users Access Files During Downloading
9142| [1022334] Sun Java System Web Server Input Validation Hole in Reverse Proxy Plug-in Permits Cross-Site Scripting Attacks
9143| [1022264] Apache mod_proxy_ajp Bug May Disclose Another User's Response Data
9144| [1022211] Mac OS X CFNetwork Heap Overflow in Processing HTTP Headers Lets Remote Users Execute Arbitrary Code
9145| [1022108] Sun Java System Delegated Administrator Bug Lets Remote Users Conduct HTTP Response Splitting Attacks
9146| [1022094] Mozilla Firefox XMLHttpRequest and XPCNativeWrapper.toString Bugs Let Remote Users Bypass Same-Origin Restrictions
9147| [1022041] Windows HTTP Services Bugs Let Remote Users Execute Arbitrary Code
9148| [1022015] Cisco ASA HTTP, TCP, H.323, and SQL*Net Processing Bugs Let Remote Users Deny Service
9149| [1021918] Java Runtime Environment (JRE) HTTP Server Bug Lets Remote Users Deny Service
9150| [1021838] WordPress MU Input Validation Hole in HTTP Host Header Permits Cross-Site Scripting Attacks
9151| [1021783] cURL/libcurl HTTP Redirect Processing May Let Remote Users Access Files
9152| [1021781] Blue Coat ProxySG Host Header Processing May Let Remote Users Bypass Security Restrictions
9153| [1021730] Sun Java System Directory Server Proxy Server Bug Lets Remote Users Deny Service
9154| [1021723] Mac OS X Folder Manager Directory Permission Error May Let Local Users Obtain the Contents of the Downloads Folder
9155| [1021716] InterScan Web Security Suite Discloses Proxy-Authentication Password
9156| [1021706] libvirt Buffer Overflow in 'libvirt_proxy' Lets Local Users Gain Elevated Privileges
9157| [1021705] BlackBerry Application Web Loader Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code
9158| [1021695] Novell QuickFinder Server Input Validation Flaws in HTTP POST Parameters Permit Cross-Site Scripting Attacks
9159| [1021684] Squid HTTP Request Processing Error Lets Remote Users Deny Service
9160| [1021668] Mozilla Firefox HTTPOnly Enforcement Flaw Lets Users Access Cookies
9161| [1021620] Cisco Unified Communications Manager Input Validation Flaw in Certificate Authority Proxy Function Lets Remote Users Deny Service
9162| [1021598] Cisco IOS Input Validation Flaw in HTTP Server Permits Cross-Site Scripting Attacks
9163| [1021555] SquirrelMail May Send Session Authentication Cookies via HTTP
9164| [1021427] Mozilla Firefox Permits Cross-Domain Responses to XMLHttpRequests to Be Accessed
9165| [1021424] Mozilla Firefox loadBindingDocument Lets Remote Users Obtain Information
9166| [1021286] WordPress Input Validation Hole in Processing 'HTTP_HOST' HTTP Header Permits Cross-Site Scripting Attacks
9167| [1021188] Mozilla Firefox nsXMLHttpRequest::NotifyEventListeners() Flaw Lets Remote Users Bypass Same-Origin Policies
9168| [1021185] Mozilla Firefox http-index-format MIME Parsing Buffer Overflow Lets Remote Users Execute Arbitrary Code
9169| [1021181] Mozilla Firefox Dynamic Module Unloading Bug Lets Remote Users Execute Arbitrary Code
9170| [1021146] Adobe Flash Player HTTP Response Header Processing Flaw Permits Cross-Site Scripting Attacks
9171| [1021038] Sun Java System Web Proxy Server Bug in FTP Subsystem Lets Remote Users Execute Arbitrary Code
9172| [1020989] Novell eDirectory Management Toolbox HTTP Header Processing Bugs Let Remote Users Deny Service
9173| [1020979] Blue Coat ProxySG Input Validation Hole in ICAP Patience Page Permits Cross-Site Scripting Attacks
9174| [1020929] Cisco IOS Firewall Bug in HTTP Application Inspection Control Lets Remote Users Deny Service
9175| [1020905] JBoss Enterprise Application Platform DownloadServerClasses Configuration Lets Remote Users Download Class Files
9176| [1020902] CCProxy Buffer Overflow in Processing CONNECTION Requests Lets Remote Users Execute Arbitrary Code
9177| [1020786] Novell eDirectory Heap Overflows in HTTP Protocol Stack Let Remote Users Execute Arbitrary Code
9178| [1020785] Novell eDirectory Input Validation Hole in HTTPSTK Permits Cross-Site Scripting Attacks
9179| [1020771] Red Hat Directory Server Buffer Overflow in Processing Accept-Language HTTP Header Values Lets Remote Users Execute Arbitrary Code
9180| [1020747] Belkin F5D7632-4 Wireless Router Lets Remote Users Bypass Authentication to Access Administrative Functions
9181| [1020696] Sun Java Web Proxy Server FTP Subsystem Bug Lets Remote Users Deny Service
9182| [1020654] Ruby WEBrick HTTP Server split_header_value() Function Regex Bug Lets Remote Users Deny Service
9183| [1020635] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
9184| [1020622] Tomcat Input Validation Hole in HttpServletResponse.sendError() Permits Cross-Site Scripting Attacks
9185| [1020607] Mac OS X Quick Look Buffer Overflow in Downloading Microsoft Office Files Lets Remote Users Execute Arbitrary Code
9186| [1020588] K9 Web Protection Buffer Overflows in Processing HTTP Responses From the Centralized Server Lets Remote Users Execute Arbitrary Code
9187| [1020587] K9 Web Protection Buffer Overflows in Processing HTTP Headers Lets Remote Users Execute Arbitrary Code
9188| [1020548] Blue Coat ProxySG DNS Query Port Entropy Weakness Lets Remote Users Spoof the System
9189| [1020515] Citrix XenServer Input Validation Flaw in XenAPI HTTP Interface Permits Cross-Site Scripting Attacks
9190| [1020433] Microsoft Access Snapshot Viewer ActiveX Control Lets Remote Users Download Files to Arbitrary Locations
9191| [1020393] Mac OS X Launch Services File Download Symlink Validation Bug Lets Remote Users Execute Arbitrary Code
9192| [1020328] PHP File and Directory Function safe_mode Restrictions Can By Bypass With 'http://' Prefix
9193| [1020327] PHP posix_access() safe_mode Restrictions Can By Bypass With 'http://' Prefix
9194| [1020267] Apache mod_proxy Interim Response Process Bug Lets Remote Users Deny Service
9195| [1020226] Microsoft Internet Explorer HTTP Request Header Bug May Let Remote Users Obtain Information in a Different Domain
9196| [1020217] QuickTime 'file://' URL Handler Bug Lets Remote Users Load Arbitrary Applications and Files
9197| [1020205] F5 FirePass Input Validation Hole in 'css_exceptions' and 'sql_matchscope' Parameters Permits Cross-Site Scripting Attacks
9198| [1020194] Akamai Download Manager ActiveX Control Lets Remote Users Execute Arbitrary Code
9199| [1020150] Apple Safari for Windows XP and Vista Lets Remote Users Download Files
9200| [1020098] IBM Lotus Domino Web Server Stack Overflow in Processing HTTP 'Accept-Language' Header Lets Remote Users Execute Arbitrary Code
9201| [1019955] Akamai Download Manager Lets Remote Users Execute Arbitrary Code
9202| [1019929] KDE Buffer Overflow in KHTML PNG Loader May Let Remote Users Execute Arbitrary Code
9203| [1019925] Sun Java System Directory Proxy Server Bug Lets Remote Authenticated Users Gain Administrative Privileges
9204| [1019868] Safari Bug in Processing Download Filenames Lets Remote Users Execute Arbitrary Code
9205| [1019836] Novell eDirectory HTTP Header Processing Lets Remote Users Deny Service
9206| [1019783] Novell eDirectory HTTP Request Procesing Bug Lets Remote Users Deny Service
9207| [1019735] InstallShield ActiveX Control Lets Remote Users Load and Execute Arbitrary Code
9208| [1019703] Mozilla Firefox URL Bug Lets Remote Users Spoof HTTP Referer Values in Certain Cases
9209| [1019679] Asterisk Predictable Session IDs May Let Remote Users Hijack HTTP Manager Sessions
9210| [1019655] Safari CFNetwork Bug Lets Remote Proxy Servers Spoof Secure Web Sites
9211| [1019628] Asterisk Buffer Overflow in Processing RTP Codec Payload Lets Remote Users Execute Arbitrary Code
9212| [1019536] Squid Analysis Report Generator Buffer Overflow in Processing HTTP User-Agent and Access Logs Lets Remote Users Execute Arbitrary Code
9213| [1019522] Trend Micro OfficeScan HTTP Request Parameter Processing Bugs Let Remote Users Deny Service
9214| [1019450] WebLogic Proxy Plugin Lets Remote Users Deny Service
9215| [1019443] WebLogic Servlets May Grant Access to Remote Users Based on Modified HTTP Request Header Values
9216| [1019411] Cisco Unified IP Phone Heap Overflow in Parsing SIP Proxy Responses Lets Remote Users Execute Arbitrary Code
9217| [1019408] Cisco Unified IP Phone Can Be Crashed By Remote Users Sending an HTTP Request Packet
9218| [1019370] Webmin Input Validation Hole in Processing HTTP Referer Values Permits Cross-Site Scripting Attacks
9219| [1019329] Mozilla Firefox chrome: URI Directory Traversal Bug Lets Remote Users Load Local Files
9220| [1019305] EMC Documentum 'dmclTrace.jsp' Bug Lets Remote Users Upload Arbitrary Files and Execute Arbitrary Code
9221| [1019303] Symantec BackupExec System Recovery Manager Lets Remote Users Upload Arbitrary Files and Execute Arbitrary Code
9222| [1019297] Aurigma Image Uploader Buffer Overflows in ExtractExif() and ExtractIptc() Functions Let Remote Users Execute Arbitrary Code
9223| [1019274] Proficy Real-Time Information Portal Lets Remote Authenticated Users Upload Arbitrary Files and Execute Arbitrary Code on the Target System
9224| [1019185] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
9225| [1019178] QuickTime Buffer Overflow in Processing HTTP 404 Response Messages Lets Remote Users Execute Arbitrary Code
9226| [1019147] XUpload Control Buffer Overflow in AddFolder() Lets Remote Users Execute Arbitrary Code
9227| [1019116] Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code, Scan Ports, and Conduct HTTP Request Splitting and Cross-Site Scripting Attacks
9228| [1019033] Microsoft Web Proxy Auto-Discovery Name Server Resolution Bug Lets Remote Users Conduct Man-in-the-Middle Attacks
9229| [1019031] F5 FirePass Input Validation Holes in 'my.logon.php3' and 'my.activation.php3' Permit Cross-Site Scripting Attacks
9230| [1019030] Apache Input Validation Hole in Default HTTP 413 Error Page Permits Cross-Site Scripting Attacks
9231| [1018988] Wireshark Wireshark MP3, DNP, SSL, ANSI MAP, Firebird/Interbase, NCP, HTTP, MEGACO, DCP ETSI, OS/400, PPP, Bluetooth SDP, and RPC Portmap Bugs Let Remote Users Deny Service
9232| [1018888] Blue Coat ProxySG Management Console Input Validation Hole in Processing CRLs Permits Cross-Site Scripting Attacks
9233| [1018883] Perdition Format String Bug in IMAP Proxy Lets Remote Users Execute Arbitrary Code
9234| [1018825] Cisco Firewall Service Module HTTPS and MGCP Processing Bugs Let Remote Users Deny Service
9235| [1018727] Microsoft Internet Security and Acceleration Server SOCKS4 Proxy Discloses IP Address Information to Remote Users
9236| [1018715] Yahoo Messenger GetFile() Method Lets Remote Users Download Arbitrary Files to the Target User's System
9237| [1018701] PhotoChannel Networks Buffer Overflow in Photo Upload Plugin ActiveX Control Lets Remote Users Execute Arbitrary Code
9238| [1018697] WinSCP URL Protocol Handlers Let Remote Users Upload/Download Arbitrary Files
9239| [1018659] Novell iChain HTTP Content Scanning Can Be Bypassed Using Full-Width Unicode Content
9240| [1018639] Backup Manager Discloses the Upload Site's FTP Password to Local Users
9241| [1018633] Apache mod_proxy Bug Lets Remote Users Deny Service
9242| [1018575] Safari for Windows Lets Remote Users Upload Arbitrary File
9243| [1018553] Streamripper Buffer Overflows in httplib_parse_sc_header() Let Remote Users Execute Arbitrary Code
9244| [1018504] Sun Java System Web Server Redirect URL Encoding Bug Lets Remote Users Conduct HTTP Response Splitting Attacks
9245| [1018491] Mac OS X CFNetwork Bugs Let Remote Users Execute Arbitrary FTP Commands and Conduct HTTP Response Splitting Attacks
9246| [1018466] IBM AIX pioout Command Lets Local Users Load and Execute Arbitrary Code
9247| [1018462] Solaris lbxproxy Lets Local Users View Portions of Certain Files
9248| [1018428] Java Runtime Environment Applet Class Loader Bug Lets Remote Users Connect to Localhost Sockets
9249| [1018356] .NET Buffer Overflows in PE Loader and JIT Compiler Let Remote Users Execute Arbitrary Code
9250| [1018344] EZFactory Input Validation Flaw in 'Download CGI' Lets Remote Users Traverse the Directory
9251| [1018332] imlib _LoadBMP() Function Endless Loop Lets Remote Users Deny Service
9252| [1018315] Wireshark DHCP/BOOTP, MMS, SSL, DCP ETSI, iSeries, and HTTP Chunked Response Bugs Let Remote Users Deny Service
9253| [1018304] Apache HTTPD scoreboard Protection Flaw Lets Local Users Terminate Arbitrary Processes
9254| [1018303] Apache HTTPD mod_cache May Let Remote Users Deny Service
9255| [1018283] RaidenHTTPD Input Validation Hole Permits Cross-Site Scripting Attacks
9256| [1018240] libexif Integer Overflow in exif_data_load_data_entry() May Let Remote Users Crash the Application or Execute Arbitrary Code
9257| [1018190] F5 FirePass Input Validation Flaw in 'my.activation.php3' Permits Remote Command Execution
9258| [1018130] Sun Java System Web Proxy Server Buffer Overflows in 'sockd' Let Remote Users Execute Arbitrary Code
9259| [1018124] Mac OS X pppd Plugin Loading Feature Lets Local Users Gain Root Privileges
9260| [1018088] FreeType Integer Overflow in TT_Load_Simple_Glyph() Lets Remote Users Execute Arbitrary Code
9261| [1018023] PHP Buffer Overflow in make_http_soap_request() May Let Remote Users Execute Arbitrary Code
9262| [1017969] Microsoft Internet Explorer Digest Authentication Bug Lets Remote Users Conduct HTTP Request Splitting Attacks
9263| [1017968] Mozilla Firefox Digest Authentication Bug Lets Remote Users Conduct HTTP Request Splitting Attacks
9264| [1017937] Gracenote CDDBControl ActiveX Control Buffer Overflow in Processing Proxy Control Parameters Permits Remote Code Execution
9265| [1017932] Novell GroupWise WebAccess Buffer Overflow in Processing HTTP Basic Authentication Lets Remote Users Execute Arbitrary Code
9266| [1017925] Akamai Download Manager ActiveX Control Buffer Overflow Lets Remote Users Execute Arbitrary Code
9267| [1017855] SolidWorks sldimdownload ActiveX Control Lets Remote Users Execute Arbitrary Code
9268| [1017840] IBM Tivoli Provisioning Manager Memory Corruption Error in Processing HTTP POST Requests May Let Remote Users Execute Arbitrary Code
9269| [1017828] IBM Lotus Sametime Buffer Overflow in STJNILoader.ocx ActiveX Control Lets Remote Users Execute Arbitrary Code
9270| [1017806] IBM WebSphere CRLF Validation Bug Permits HTTP Response Splitting Attacks
9271| [1017701] Mozilla Firefox onUnload Event and document.write() Race Condition May Let Remote Users Execute Arbitrary Code
9272| [1017613] HP Mercury LoadRunner Lets Remote Users Execute Arbitrary Code
9273| [1017581] Wireshark Bugs in TCP, HTTP, IEEE 802.11, and LLT Dissectors Let Remote Users Deny Service
9274| [1017552] GTK2 Input Validation Error in GdkPixbufLoader() Lets Remote Users Deny Service
9275| [1017498] Cisco IOS DLSw Capabilities Exchange Lets Remote Users Cause the Device to Reload
9276| [1017465] Cisco Clean Access Lets Remote Users Access the Administrative Interface and Download Backup Files
9277| [1017444] logahead UNU edition WidgEd Plugin Lets Remote Users Upload Files and Execute Arbitrary Code
9278| [1017432] Http explorer Lets Remote Users Traverse the Directory on the Target System
9279| [1017340] Adobe Download Manager Stack Overflow Lets Remote Users Execute Arbitrary Code
9280| [1017329] PHP Upload Center Include File Bug in 'activate.php' Lets Remote Users Execute Arbitrary Code
9281| [1017323] Sun Java System Web Server Lets Remote Users Conduct HTTP Request Smuggling Attacks
9282| [1017322] Sun Java Application Server Lets Remote Users Conduct HTTP Request Smuggling Attacks
9283| [1017233] Links SMB URL Parsing Bug Lets Remote Users Upload/Download Files
9284| [1017232] ELinks SMB URL Parsing Bug Lets Remote Users Upload/Download Files
9285| [1017201] SpeedyWiki Lets Remote Authenticated Users Upload Arbitrary Files and Remote Users Conduct Cross-Site Scripting Attacks
9286| [1017176] GreenBeast CMS Lets Remote Users View Filenames and Potentially Upload Files
9287| [1017163] AOL ICQ DownloadAgent() Function Lets Remote Users Execute Arbitrary Code
9288| [1017129] Wireshark (Ethereal) Bugs in HTTP, LDAP, XOT, WBXML, and MIME Multipart Dissectors Let Remote Users Deny Service
9289| [1017121] AOL Buffer Overflows in AddPictureNoAlbum and downloadFileDirectory ActiveX Controls Let Remote Users Execute Arbitrary Code
9290| [1017088] SHTTPD Buffer Overflow Lets Remote Users Execute Arbitrary Code
9291| [1017078] Adobe Flash Player Plugin Lets Remote Users Injection Arbitrary HTTP Header Data
9292| [1017076] F5 FirePass 1000 Input Validation Flaw in 'my.acctab.php3' Permits Cross-Site Scripting Attacks
9293| [1017007] TorrentFlux Missing Input Validation in HTTP User-Agent Permits Cross-Site Scripting Attacks
9294| [1016983] GOOP Gallery Input Validation Bug in 'download.php' Lets Remote Users Traverse the Directory
9295| [1016971] McAfee ePolicy Orchestrator Buffer Overflow in Processing HTTP Source Headers Lets Remote Users Execute Arbitrary Code
9296| [1016970] McAfee ProtectionPilot Buffer Overflow in Processing HTTP Source Headers Lets Remote Users Execute Arbitrary Code
9297| [1016824] Simpleboard Include File Bug in 'file_upload.php' Lets Remote Users Execute Arbitrary Code
9298| [1016781] CR64Loader ActiveX Control Buffer Overflow Lets Remote Users Execute Arbitrary Code
9299| [1016731] Microsoft Internet Explorer URL Buffer Overflow in Processing HTTP 1.1 Protocol with Compression Lets Remote Users Execute Arbitrary Code
9300| [1016593] Etomite 'rfiles.php' Lets Remote Users Upload and Execute Arbitrary Code
9301| [1016569] IBM HTTP Server (IHS) Lack of Input Validation in Expect Header May Permit Cross-Site Scripting Attacks
9302| [1016527] GIMP Buffer Overflow in xcf_load_vector() Lets Remote Users Execute Arbitrary Code
9303| [1016508] Invision Power Board Lack of Validation of HTTP Client IP Value Lets Remote Users Inject SQL Commands
9304| [1016506] Microsoft Internet Security and Acceleration Server HTTP File Exentsion Filter Can Be Bypassed By Remote Users
9305| [1016499] FlatNuke Gallery Module Lets Remote Users Upload and Execute Arbitrary Code
9306| [1016458] TWiki PHP File Suffix Validation Bug Lets Remote Users Upload and Execute Arbitrary Code
9307| [1016446] WebEx Downloader Lets Remote Users Download and Execute Arbitrary Files
9308| [1016431] F5 FirePass Input Validation Holes in Multiple Fields Permit Cross-Site Scripting Attacks
9309| [1016420] Ipswitch Collaboration Suite Bug in Premium Anti-Spam Feature May Not Properly Load Updates
9310| [1016419] Ipswitch IMail Secure Server Bug in Premium Anti-Spam Feature May Not Properly Load Updates
9311| [1016335] easy-CMS Lets Remote Authenticated Users Upload and Execute Arbitrary Code
9312| [1016327] Best Top List 'banner-upload.php' Script Lets Remote Users Upload Arbitrary Files
9313| [1016317] Cisco Secure ACS for UNIX Input Validation Flaw in 'LogonProxy.cgi' Permits Cross-Site Scripting Attacks
9314| [1016311] CMS Mundo Input Validation Flaw Lets Remote Users Inject SQL Commands and Remote Authenticated Administrators Upload Arbitrary Code
9315| [1016266] ImageVue 'admin/upload.php' Authentication Flaw Lets Remote Users Upload Arbitrary Files
9316| [1016219] Quake 3 Buffer Overflow in CL_ParseDownload() Permits Remote Code Execution
9317| [1016214] Mozilla Thunderbird Bugs Permit Arbitrary Code Execution, Cross-Site Scripting, and HTTP Response Smuggling
9318| [1016202] Mozilla Firefox Bugs Permit Arbitrary Code Execution, Cross-Site Scripting, and HTTP Response Smuggling
9319| [1016174] DGNews 'Upload Photo' Lets Remote Authenticated Users Upload Arbitrary Files
9320| [1016081] Apple LaunchServices Lets Remote Users Bypass Download Validation in Certain Cases
9321| [1016030] zawhttpd Can Be Crashed By Remote Users
9322| [1015978] Ruby HTTP/XMLRPC Server Lets Remote Users Block Connections
9323| [1015974] Symantec Scan Engine Lets Remote Users Access the System and Download Files
9324| [1015885] Sire Bugs Let Remote Users Include and Execute Arbitrary Code and Upload Image Files
9325| [1015878] Aweb's Scripts Seller Lets Remote Users Bypass Authorization and Download Files Without Paying
9326| [1015870] Cisco 11500 Content Services Switch HTTP Compression Bug Lets Remote Users Deny Service
9327| [1015863] Kaffeine Buffer Overflow in http_peek() When Fetching Playlists Lets Remote Users Execute Arbitrary Code
9328| [1015858] AN HTTPD Discloses Script Source Code to Remote Users
9329| [1015857] IBM WebSphere Lets Remote Users Deny Service By Sending Large HTTP Header Values
9330| [1015848] NetBSD elf_load_file() Validation Error Lets Local Users Crash the System
9331| [1015798] F5 FirePass Input Validation Hole in 'my.support.php3' Permits Cross-Site Scripting Attacks
9332| [1015779] Dwarf HTTP Server Discloses JSP Source Code and Permits Cross-Site Scripting Attacks
9333| [1015755] DSDownload Input Validation Flaws in 'search.php' and 'downloads.php' Permit SQL Injection
9334| [1015743] ZoneAlarm Use of Relative Path to Load DLLs Lets Local Users Gain Elevated Privileges
9335| [1015713] Apple Safari JavaScript Buffer Overflow Lets Remote Users Execute Arbitrary Code and HTTP Redirect Bug Lets Remote Users Access Files
9336| [1015703] lighttpd Discloses Script Source Code to Remote Users
9337| [1015702] SAP Web Application Server Lets Remote Users Inject Data into HTTP Responses
9338| [1015644] Blue Coat ProxySG Policy Error May Let Remote Users Bypass Default CONNECT Policy Rules
9339| [1015546] Cisco VPN 3000 Concentrator Bug in HTTP Service Lets Remote Users Deny Service
9340| [1015511] TippingPoint Intrusion Prevention System HTTP Processing Lets Remote Users Deny Service
9341| [1015484] PHP Input Validation Error in Session ID Values Permits HTTP Response Splitting Attacks
9342| [1015442] Blue Coat WinProxy Telnet Proxy Can Be Crashed By Remote Users
9343| [1015441] Blue Coat WinProxy Host Header Buffer Overflow Lets Remote Users Execute Arbitrary Code
9344| [1015432] raSMP Input Validation Flaw in HTTP User-Agent Field Permits Cross-Site Scripting Attacks
9345| [1015420] Hitachi Business Logic - Container Input Validation Holes Permit SQL Injection, Cross-Site Scripting, and HTTP Response Splitting Attacks
9346| [1015403] httprint Input Validation Error in 'Server' Field Lets Remote Users Injection Scripting Code or Deny Service
9347| [1015392] Interaction SIP Proxy Buffer Overflow in SIPParser() Lets Remote Users Deny Service
9348| [1015376] Microsoft IIS Lets Remote Users Deny Service or Execute Arbitrary Code With Malformed HTTP GET Requests
9349| [1015362] Watchfire AppScan Buffer Overflow in Processing HTTP 401 Response Messages Lets Remote Users Execute Arbitrary Code
9350| [1015353] Opera Browser May Let Remote Users Obfuscate the Download Dialog Box
9351| [1015350] Microsoft Internet Explorer Bug in Using HTTPS Proxies May Disclose Web URLs to Remote Users
9352| [1015349] Microsoft Windows Internet Explorer May Let Remote Users Obfuscate the Download Dialog Box
9353| [1015331] Sun Solaris Sun Update Connection Services May Disclose Web Proxy Password to Local Users
9354| [1015328] Mozilla Firefox Buffer Overflow in Loading 'history.dat' Lets Remote Users Deny Service
9355| [1015312] Sun Java System Application Server Reverse SSL Proxy Permits Man-in-the-Middle Attacks
9356| [1015308] DoceboLMS 'connector.php' Bugs Let Remote Users View Directory Contents and Upload and Execute Arbitrary PHP Code
9357| [1015294] Apple Safari WebKit Buffer Overflow May Let Remote Users Execute Arbitrary Code and Other Bugs May Permit JavaScript Dialog Box Spoofing and File Download Location Modification
9358| [1015275] Cisco IOS HTTP Server Input Validation Hole in Buffers Command Permits Cross-Site Scripting Attacks
9359| [1015253] Opera URL Loading Script Backtick Parsing Lets Remote Users Execute Arbitrary Shell Commands
9360| [1015246] Google Search Appliance 'proxystylesheet' Parameter Lets Remote Users Execute Arbitrary System Commands
9361| [1015213] phpMyAdmin 'libraries/header_http.inc.php' Lets Remote Users Conduct HTTP Response Splitting Attacks
9362| [1015174] SAP Web Application Server Input Validation Holes Permit HTTP Response Splitting, Cross-Site Scripting, and Phishing Attacks
9363| [1015112] Solaris Management Console Enables HTTP TRACE Support By Default
9364| [1015104] Snoopy Input Validation Hole in _httpsrequest() Lets Remote Execute Arbitrary Commands
9365| [1015072] Xloadimage Buffer Overflows in Processing NIFF Format Files Let Remote Users Execute Arbitrary Code
9366| [1015063] MailSite Express Lets Remote Users Upload Scripting Files and Execute Them
9367| [1015046] GFI MailSecurity Web Module Buffer Overflow in Processing HTTP Headers Lets Remote Users Execute Arbitrary Code
9368| [1014987] NateOn Messenger Buffer Overflow in 'NateonDownloadManager.ocx' Lets Remote Users Upload Files and Also Deny Service
9369| [1014949] Mozilla Firefox Proxy Auto-Config Scripts May Let Remote Users Deny Service
9370| [1014907] AzDGDatingLite Image Upload Feature Lets Remote Users Execute Arbitrary Code
9371| [1014884] Mail-it Now! Upload2Server Attachment Upload Feature Lets Remote Users Execute Arbitrary Code
9372| [1014875] Sun Java Web Proxy Server Error in Processing Certain POST Requests May Let Remote Users Deny Service
9373| [1014870] class-1 Forum Software File Upload Feature Lets Remote Users Upload and Execute Arbitrary Code
9374| [1014865] Cisco IOS Buffer Overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions May Let Remote Users Execute Arbitrary Code
9375| [1014814] FUDforum Avatar Upload Feature Lets Remote Users Upload and Execute Arbitrary PHP Code
9376| [1014762] ZipTorrent Discloses Proxy Password to Local Users
9377| [1014723] ezUpload 'path' Parameter Include File Bug Lets Remote Users Execute Arbitrary Code
9378| [1014673] Discuz! Board Input Validation Flaw Lets Remote Users Upload Scripting Code
9379| [1014592] Opera Error in Processing Extended ASCII Codes Lets Remote Users Spoof File Extensions in the Download Dialog Box
9380| [1014591] Simplicity oF Upload Lets Remote Users Upload and Execute Arbitrary Code
9381| [1014535] Website Generator Image Upload Preview Lets Remote Users Execute Arbitrary Code
9382| [1014534] Blue Coat ProxySG Error in Processing TCP Sequence Numbers in ICMP Messages Lets Remote Users Deny Service
9383| [1014506] Small HTTP Server FTP Service Lets Remote Authenticated Users Write to Arbitrary Files
9384| [1014452] F5 BIG-IP Unspecified SSL Authentication Bug May Let Remote Users Deny Service
9385| [1014427] MailEnable Professional Flaw in HTTPMail Service May Let Remote Users Execute Arbitrary Code
9386| [1014404] Internet Download Manager Buffer Overflow in Processing Long URLs Lets Remote Users Execute Arbitrary Code
9387| [1014369] SunONE Web Server May Allow Remote Users to Conduct HTTP Response Smuggling Attacks
9388| [1014368] Oracle Application Server Web Server May Allow Remote Users to Conduct HTTP Response Smuggling Attacks
9389| [1014367] IBM WebSphere May Allow Remote Users to Conduct HTTP Response Smuggling Attacks
9390| [1014366] BEA WebLogic May Allow Remote Users to Conduct HTTP Response Smuggling Attacks
9391| [1014365] Tomcat May Allow Remote Users to Conduct HTTP Response Smuggling Attacks
9392| [1014364] Microsoft Internet Information Server May Allow Remote Users to Conduct HTTP Response Smuggling Attacks
9393| [1014360] Oracle Application Server Web Cache Lets Remote Users Conduct HTTP Request Smuggling Attacks
9394| [1014357] Check Point FireWall-1 HTTP Request Smuggling May Let Remote Users Bypass Web Intelligence Features
9395| [1014356] Microsoft ISA Server May Accept HTTP Authentication Even When SSL Is Required
9396| [1014350] Squid HTTP Header Processing Lets Remote Users Smuggle HTTP Requests
9397| [1014323] Apache Chunked Transfer-Encoding and Content-Length Processing Lets Remote Users Smuggle HTTP Requests
9398| [1014322] Blue Coat ProxySG TCP Stack PAWS Timestamp Implementation Lets Remote Users Deny Service
9399| [1014310] ASP Nuke Input Validation Holes Permit SQL Injection, HTTP Response Splitting, and Cross-Site Scripting Attacks
9400| [1014309] ASPPlayground.NET Lets Remote Users Upload Arbitrary Files
9401| [1014285] UBBThreads Multiple Input Validation Holes Permit Cross-Site Scripting, SQL Injection, and HTTP Response Splitting Attacks
9402| [1014267] HP Version Control Repository Manager May Disclose Proxy Password to Local Users
9403| [1014263] MercuryBoard Input Validation Hole in HTTP User-Agent Permits SQL Injection
9404| [1014248] paFAQ Flaws Let Remote Users Download the Database, Inject SQL Commands, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code
9405| [1014245] Ublog Reload Input Validation Holes in 'index.asp' Permit SQL Injection and in 'trackback.asp' Permit Cross-Site Scripting Attacks
9406| [1014243] Trac Input Validation Hole Lets Remote Users Upload Arbitrary Files
9407| [1014239] Opera XMLHttpRequest Access Controls Can By Bypassed By Remote Users
9408| [1014181] Sysreport May Disclose the up2date Proxy Password Via the System Report
9409| [1014147] Loki Download Manager Input Validation Holes Permit SQL Injection Attacks
9410| [1014141] Apple LaunchServices Lets Remote Users Bypass the File Dowload Dialog
9411| [1014086] JiRo's Upload System Input Validation Hole in Admin Panel Lets Remote Users Inject SQL Commands
9412| [1014078] PowerDownload Include File Bug Lets Remote Users Execute Arbitrary Commands
9413| [1014007] Serendipity Bugs Let Remote Authenticated Users Upload Unauthorized Files and Also Permits Cross-Site Scripting Attacks
9414| [1013966] Firefox Input Validation Error in Content-Type and Filename Lets Remote Users Spoof Download Dialog Data
9415| [1013960] 1Two News Lets Remote Users Delete Images, Upload Images, and Conduct Cross-Site Scripting Attacks
9416| [1013923] Orenosv HTTP/FTP Server FTP Command Buffer Overflow Lets Remote Users Crash the Server and HTTP SSI Buffer Overflow May Let Local Users Execute Arbitrary Code
9417| [1013913] Firefox onload() History Access Bug and Install Function Scripting Execution Flaw Lets Remote Users Execute Arbitrary Code
9418| [1013910] Squid http_access Results May Be Unexpected Due to Configuration Errors
9419| [1013839] Lotus Domino @SetHTTPHeader Permits HTTP Response Splitting Attacks
9420| [1013835] Safari Can Be Crashed With Long HTTPS URL
9421| [1013830] Uapplication Products Disclose the Database to Remote Users and Let Remote Authenticate Administrators Upload Arbitrary Files
9422| [1013823] FilePocket Discloses Proxy Passwords to Local Users
9423| [1013812] nProtect Netizen Lets Remote Users Download Arbitrary Files to the Target System
9424| [1013802] SqWebMail Input Validation Hole in 'redirect' Parameter Permits HTTP Response Splitting Attacks
9425| [1013801] MaxDB HTTP Request '%' Buffer Overflow Lets Remote Users Execute Arbitrary Code
9426| [1013786] MailEnable HTTPMail 'Authorization' Header Lets Remote Users Execute Arbitrary Code
9427| [1013749] CityPost Simple PHP Upload Input Validation Hole Permits Cross-Site Scripting Attacks
9428| [1013726] PHP-Nuke Input Validation Hole in Surveys Module Permits HTTP Response Splitting Attacks
9429| [1013709] Axel Buffer Overflow in Processing HTTP Location Values Lets Remote Users Execute Arbitrary Code
9430| [1013680] OpenOffice StgCompObjStream::Load() Heap Overflow Lets Remote Users Execute Arbitrary Code
9431| [1013671] File Upload Script 'up.php' for phpBB Lets Remote Users Upload Arbitrary Files
9432| [1013666] AN HTTP Server 'cmdIS.DLL' Buffer Overflow Lets Local Users Execute Arbitrary Code and Remote Users Conduct Cross-Site Scripting Attacks
9433| [1013603] Ublog Reload Discloses Database to Remote Users and Permits Cross-Site Scripting Attacks
9434| [1013602] Linux Kernel Bug in load_elf_library Lets Local Users Deny Service
9435| [1013557] Trillian Buffer Overflow in Processing HTTP Response Headers May Let Remote Users Execute Arbitrary Code
9436| [1013541] Download Center Lite Lets Remote Users Include and Execute Arbitrary PHP Code
9437| [1013514] Phorum Input Validation'search.php' HTTP Response Splitting
9438| [1013510] betaparticle blog Discloses Database to Remote Users and Lets Remote Users Upload/Delete Arbitrary Files
9439| [1013478] OllyDbg Error in Loading Processes With Long Names Lets Users Crash the Debugger
9440| [1013452] Symantec Enterprise Firewall DNSd Proxy Bug Lets Remote Users Poison the DNS Cache
9441| [1013451] Symantec VelociRaptor DNSd Proxy Bug Lets Remote Users Poison the DNS Cache
9442| [1013450] Symantec Gateway Security DNSd Proxy Bug Lets Remote Users Poison the DNS Cache
9443| [1013402] XOOPS Avatar Image Upload Permits Unsafe File Extensions
9444| [1013359] CProxy Input Validation Hole Discloses Files to Remote Users and Lets Remote Users Crash the Service
9445| [1013334] RaidenHTTPD Discloses PHP Source Code and Lets Remote Users Execute Arbitrary Code
9446| [1013331] CuteNews Input Validation Holes in HTTP Header Parameters Let Remote Users Conduct Cross-Site Scripting Attacks
9447| [1013320] FCKeditor May Let Remote Users Upload Arbitrary Files When Used With PHP-Nuke and Mambo
9448| [1013307] KNet HTTP GET Request Buffer Overflow Lets Remote Users Execute Arbitrary Code
9449| [1013191] Sami HTTP Server Input Validation Holes Disclose Files to Remote Users and Let Remote Users Crash the Service
9450| [1013182] HP HTTP Server Buffer Overflow Lets Remote Users Execute Arbitrary Code
9451| [1013178] PHP-Nuke Input Validation Holes in Downloads 'newdownloadshowdays' and Web Links 'newlinkshowdays' Permit Cross-Site Scripting Attacks
9452| [1013167] Squid Proxy xstrdup() Can Be Crashed With Malformed DNS Responses
9453| [1013135] ArGoSoft Mail Server Input Validation Holes Allow Remote Authenticated Users to Upload/Download Files and Create/Delete Directories
9454| [1013106] 602LAN SUITE Input Validation Bug Lets Remote Authenticated Users Upload and Execute Files
9455| [1013088] RaidenHTTPD Input Validation Flaw Discloses Files to Remote Users
9456| [1013060] DeskNow Mail and Collaboration Server Directory Traversal Flaw Lets Remote Authenticated Users Upload and Delete Arbitrary Files
9457| [1013054] RealPlayer Lets Remote Users Load Scripting Code from Local Files
9458| [1013021] SmarterMail Lets Remote Users Upload Arbitrary Scripting Code and Execute Them
9459| [1013016] Cisco IOS Can Be Reloaded By Remote Users Sending Multiple IPv6 Packets
9460| [1013007] Perl DBI::ProxyServer Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
9461| [1012992] Squid Error in Parsing HTTP Content-Length Headers May Let Remote Users Poison the Cache
9462| [1012948] MaxDB sapdbwa_GetUserData() and HTTP Header Bugs Lets Remote Users Deny Service
9463| [1012891] Microsoft IE Windows XP SP2 File Download Security Can Be Bypassed With Dynamic IFRAME Tag
9464| [1012865] OpenBSD httpd mod_include Local Buffer Overflow Has Unspecified Impact
9465| [1012766] Mozilla Firefox Download Dialog Source Can Be Spoofed By Remote Users
9466| [1012765] Mozilla Browser Download Dialog Source Can Be Spoofed By Remote Users
9467| [1012764] PhotoPost Classifieds Input Validation Hole Lets Remote Users Upload Scripting Files
9468| [1012763] ReviewPost Pro Input Validation Hole Lets Remote Users Upload Scripting Files
9469| [1012753] GNUBoard Case-Sensitive File Extension Validation Lets Remote Users Upload Scripting Files
9470| [1012702] PHProxy Input Validation Hole in 'error' Parameter Lets Remote Users Conduct Cross-Site Scripting Attacks
9471| [1012684] Microsoft Windows LoadImage API Buffer Overflow Lets Remote Users Execute Arbitrary Code
9472| [1012622] IMG2ASCII 'ascii.php' Lets Remote Users Upload and Execute Scripting Code
9473| [1012588] IglooFTP Input Validation Hole in download_selection_recursive() Lets Remote Servers Write Arbitrary Files on the Client
9474| [1012567] Singapore Input Validation Holes Let Remote Authenticated Users Download and Upload Files, Delete Direcctories, and Conduct Cross-Site Scripting Attacks
9475| [1012553] 68 Designs Froogle Uploader 'setup.php' Lets Remote Users Gain Administrative Access
9476| [1012539] Attachment Mod Lets Remote Users Upload and Execute Scripting Code
9477| [1012538] JSBoard 'parse.php' Lets Remote Users Upload and Execute Scripting Code
9478| [1012532] MoniWiki 'UploadFile.php' Lets Remote Users Upload and Execute Scripting Code
9479| [1012528] Ethereal DICOM, HTTP, and SMB Dissector Bugs Let Remote Users Execute Arbitrary Code
9480| [1012499] MediaWiki Uploaded File Extension Error Lets Remote Users Execute Arbitrary Scripting Code
9481| [1012480] Opera Input Validation Error in Processing MIME Content-Type/Content-Displosition Headers Lets Remote Users Spoof the File Download Dialog
9482| [1012452] Blog Torrent 'btdownload.php' Input Validation Error Lets Remote Users Conduct Cross-Site Scripting Attacks
9483| [1012390] Blog Torrent 'btdownload.php' Input Validation Error Lets Remote Users View Arbitrary Files
9484| [1012369] PHProjekt 'setup.php' Lets Remote Users Upload Files and Execute Commands
9485| [1012362] IPCop Input Validation Hole in 'proxylog.dat' Lets Remote Users Conduct Cross-Site Scripting Attacks
9486| [1012322] DeSofto MyProxy Lets Remote Authenticated Users Connect to Arbitrary Ports and Hosts
9487| [1012298] ZyXEL Prestige 650HW 'rpFWUpload.html' Lets Remote Users Reset the Configuration
9488| [1012288] Microsoft IE Custom 404 Error Message and execCommand SaveAs Lets Remote Users Bypass XP SP2 Download Warning Mechanisms
9489| [1012234] Microsoft Internet Explorer on XP SP2 Has Unspecified Flaws That Let Remote Users Bypass File Download Restrictions
9490| [1012200] phpWebSite Input Validation Flaws Let Remote Users Conduct HTTP Response Splitting Attacks
9491| [1012189] CCProxy Buffer Overflow in Logging Function Lets Remote Users Execute Arbitrary Code
9492| [1012168] WebCalendar Grants Administrative Access and Permits Cross-Site Scripting and HTTP Response Splitting Attacks
9493| [1012165] Linux Kernel binfmt_elf Loader Lets Local Users Obtain Root Access
9494| [1012154] Microsoft Proxy Server Reverse DNS Caching Bug Lets Remote Users Spoof Web Sites
9495| [1012141] up-imapproxy Various Integer Overflows Let Remote Users Deny Service
9496| [1012103] 602LAN SUITE Lets Remote Users Deny Service With Large Content-Length Requests and Via Telnet Proxy Loopback Attacks
9497| [1012072] Proxytunnel Format String Flaw in Logging Responses May Let Remote Users Execute Arbitrary Code
9498| [1012050] ArGoSoft FTP Server Lets Remote Users Upload '.lnk' File
9499| [1012043] yChat HTTP Errors Let Remote Users Deny Service
9500| [1012025] iptables May Fail to Automatically Load Some Modules
9501| [1012011] Allied Telesyn AT-TFTP Server Lets Remote Users Download and Upload Arbitrary Files or Cause the TFTP Service to Crash
9502| [1012010] Netcordia Chesapeake TFTP Server Lets Remote Users Download and Upload Arbitrary Files or Cause the TFTP Service to Crash
9503| [1012005] Sun Java System Web Proxy Server Buffer Overflow May Let Remote Users Execute Arbitrary Code
9504| [1011960] Mega Upload Filenames in Querystring May Let Malicious Users Overwrite or Copy Files
9505| [1011938] PostNuke Downloads Site May Have Been Compromised
9506| [1011916] Mozilla Firefox Discloses Some Downloaded Files to Local Users
9507| [1011864] Serendipity Input Validation Flaws in Processing Request URI and HTTP Referer Field May Permit HTTP Response Splitting Attacks
9508| [1011769] SalesLogix Grants Administrative Access to Remote Users and Permits SQL Injection and Arbitrary File Uploads
9509| [1011736] File Upload Manager Lets Remote Users Execute Commands on the Target System
9510| [1011735] Microsoft Internet Explorer May Display the Incorrect URL When Loading a Javascript Homepage
9511| [1011708] Yak! Chat Directory Travesal Flaw Lets Remote Users Upload Files to Arbitrary Locations
9512| [1011614] Squid SNMP Parsing Error Lets Remote Users Restart the Proxy Server
9513| [1011501] Mozilla Firefox Input Validation Error Lets Remote Users Delete Download Directory Files
9514| [1011481] DCP-Portal Input Validation Errors Let Remote Users Conduct Cross-Site Scripting and HTTP Response Splitting Attacks
9515| [1011439] Icecast Buffer Overflow in Processing HTTP Headers Lets Remote Users Execute Arbitrary Code
9516| [1011427] MyServer Can Be Crashed By Remote Users With a Specially Crafted HTTP POST Request
9517| [1011406] ActivePost Lets Remote Users Upload Arbitrary Files, Detemine Passwords, and Crash the System, and D
9518| [1011261] getIntranet Input Validation Holes Let Remote Users Inject SQL Commands, Upload Files, Execute Scripting Code, and Gain Administrative Application Privileges
9519| [1011235] Pingtel xpressa Boundary Error in HTTP Management Interface Lets Remote Authenticated Users Crash the Phone
9520| [1011214] Squid Null Pointer Dereference in clientAbortBody() Lets Remote Users Crash the Proxy
9521| [1011213] Apache mod_ssl Can Be Crashed By Remote Users When Reverse Proxying SSL Connections
9522| [1011174] Mac OS X CoreFoundation Buffer Overflow and Library Loading Bugs Let Local Users Gain Elevated Privileges
9523| [1011155] Altnet Download Manager Buffer Overflow in bstrFilepath Lets Remote Users Execute Arbitrary Code
9524| [1011135] Comersus Shopping Cart 'redirecturl' Input Validation Flaw Permits HTTP Response Splitting Attacks
9525| [1011133] Cerbere Proxy Server Lets Remote Users Consume Excessive CPU Resources
9526| [1011054] Hastymail May Execute Scripting Code in E-Mail Content When 'Download' is Selected
9527| [1011046] icecast Input Validation Error in HTTP UserAgent Field Permits Cross-Site Scripting Attacks
9528| [1011042] Plesk 7 Reloaded Input Validation Flaw in 'login_up.php3' Permits Cross-Site Scripting Attacks
9529| [1011037] Gadu-Gadu File Downloading Dialog Lets Remote Authenticated Users Spoof the File Extension
9530| [1010971] Gallery Input Validation Error in 'save_photos.php' Lets Remote Users Upload and Execute Files
9531| [1010949] Kerio MailServer Bugs in Embedded HTTP Server Have Unspecified Impact
9532| [1010927] F5 3-DNS May Disclose UDP Port Status to Remote Users
9533| [1010920] Sygate Enforcer Can Be Crashed By a Remote Users Sending a Malformed Payload
9534| [1010850] thttpd Input Validation Error Discloses Files to Remote Users
9535| [1010837] MailEnable Professional HTTPMail Bug Lets Remote Users Deny Service
9536| [1010797] IBM WebSphere Can Be Crashed By Remote Users Sending Large HTTP Headers
9537| [1010788] RiSearch/Ri Search Pro Discloses Files to Remote Users and Can Be Used as an Open Proxy
9538| [1010756] Sun Java System Portal Server Proxy Authentication Flaw Grants Calendar Data Access to Remote Authenticated Users
9539| [1010751] Xitami Web Server Can Be Crashed By Remote Users Sending Invalid HTTP Headers
9540| [1010642] Fastream NETFile Server 'mkdir' Command Lets Remote Users Upload Files to Arbitrary Locations
9541| [1010639] IBM WebSphere Edge Server Component Caching Proxy JunctionRewrite Directive Lets Remote Users Deny Service
9542| [1010618] Cisco Collaboration Server ServletExec Lets Remote Users Upload Files and Obtain Administrative Privileges
9543| [1010613] Pavuk Buffer Overflow in Processing HTTP Location Headers Lets Remote Web Servers Execute Arbitrary Code on the Target System
9544| [1010599] Apache httpd Header Line Memory Allocation Lets Remote Users Crash the Server
9545| [1010500] Symantec Enterprise Firewall DNSD Proxy Can Be Poisoned By Remote Users
9546| [1010462] Apache mod_proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
9547| [1010461] smtp.proxy Format String Bug Lets Remote Users Execute Arbitrary Code
9548| [1010447] AspDotNetStorefront Input Validation Hole in Uploading Image Files Lets Remote Authenticated Administrators Upload and Execute Arbitrary Code
9549| [1010346] TinyWeb Lets Remote Users Download CGI Scripts
9550| [1010291] MiniShare Can Be Crashed By Remote Users With Incomplete HTTP Requests
9551| [1010289] Orenosv HTTP/FTP Server Can Be Crashed By Remote Users
9552| [1010266] F5 BIG-IP TCP SYN Cookie Processing Flaw Lets Remote Users Deny Service
9553| [1010255] CBTT Can Be Crashed By Remote Users Sending Specially Crafted HTTP Basic Authentication Headers
9554| [1010254] BNBT Can Be Crashed By Remote Users Sending Specially Crafted HTTP Basic Authentication Headers
9555| [1010203] OmniHTTPd Buffer Overflow in HTTP GET Range Header May Let Remote Users Execute Arbitrary Code
9556| [1010192] Blue Coat ProxySG May Disclose Private Key to Remote Users
9557| [1010171] NetChat Buffer Overflow in HTTP Service Lets Remote Users Execute Arbitrary Code
9558| [1010157] Microsoft Internet Explorer showHelp Path Search Lets Remote Users Load Existing Local CHM Files
9559| [1010107] MailEnable Buffer Overflow in HTTPMail Lets Remote Users Execute Arbitrary Code
9560| [1010088] Eudora Has Buffer Overflow in Loading 'file://' URLs
9561| [1010071] PHP-Nuke Input Validation Bugs in 'sid' Variable in 'Downloads' Module Permits SQL Injection and Cross-Site Scripting Attacks
9562| [1009958] Kaos news Lets Remote Users Download the Database Containing Passwords
9563| [1009945] IBM HTTP Server Can Be Crashed By Remote Users Sending Specially Crafted SSL Packets
9564| [1009902] PostNuke Downloads, Web_Links, 'openwindow.php' Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks
9565| [1009889] Cisco SNMP Bug Lets Remote Users Send SNMP Solicited Operations to Cause the Device to Reload
9566| [1009865] XChat Socks-5 Proxy Buffer Overflow Lets Remote Users Execute Arbitrary Code
9567| [1009825] ColdFusion MX File Upload Disk Space Management Bug Lets Remote Users Deny Service
9568| [1009762] Microsoft Windows COM Internet Services and RPC over HTTP Can Be Crashed By Remote Users
9569| [1009731] TikiWiki Multiple Input Validation Holes Let Remote Users Inject SQL Commands, Conduct Cross-Site Scripting Attacks, and Upload Files
9570| [1009717] FirstClass Client Buffer Overflow in Processing PROXYADDR Parameter Lets Local Users Execute Arbitrary Code
9571| [1009674] Macromedia Flash Null Pointer Assignment in LoadMovie() Lets Remote Users Deny Service
9572| [1009642] MondoSearch 'MsmHigh.exe' Can By Used As a Web Proxy By Remote Users
9573| [1009597] MPlayer Buffer Overflow in Parsing HTTP Location Header Lets Remote Servers Execute Arbitrary Code
9574| [1009548] Kerio WinRoute Firewall May Crash Due to Malformed HTTP Headers
9575| [1009513] ReGet Directory Traversal Bug May Cause Files to Be Downloaded to Arbitrary Locations
9576| [1009468] isakmpd Payload Handling Flaw Lets Remote Users Crash the Daemon
9577| [1009443] Twilight Utilities Web Server 'postfile.exe' Lets Remote Users Upload Files to Arbitrary Locations
9578| [1009439] PHP-Nuke Input Validation Holes in Feedback, Downloads, Journal, and Other Modules Permit Cross-Site Scripting Attacks
9579| [1009433] Phorum HTTP_REFERER and Other Input Validation Flaw Permits Cross-Site Scripting Attacks
9580| [1009395] MyProxy Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
9581| [1009318] Cisco Content Services Switch 11000 Series Can Be Reloaded By Remote Users
9582| [1009267] Squid Proxy Cache '%00' URL Character Access Control Bug May Let Remote Users Bypass Certain Access Controls
9583| [1009172] GateKeeper Proxy Buffer Overflow Lets Remote Users Execute Arbitrary Code
9584| [1009154] PSOProxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
9585| [1009088] Sami HTTP Server Buffer Overflow Lets Remote Users Crash the Web Server
9586| [1009023] Monkey Web Server Can Be Crashed By HTTP GET Requests With No Host Value
9587| [1009016] BosDates 'calendar_download.php' Input Validation Flaw Lets Remote Users Inject SQL Commands
9588| [1008998] httpdpalm Lets Remote Users Crash the System
9589| [1008997] Jim Rees PalmOS httpd Can Be Crashed By Remote Users
9590| [1008947] Check Point FireWall-1 Format String Flaw in HTTP Component Lets Remote Users Execute Arbitrary Code
9591| [1008897] PHP-Nuke Input Validation Flaws in 'Downloads' and 'Sections' Permits SQL Injection
9592| [1008879] SurfNOW Proxy Service Can Be Denied By Remote Users
9593| [1008866] WebLogic Server and Express Input Validation Flaw in Processing HTTP TRACE Requests Permits Cross-Site Scripting
9594| [1008856] ProxyNow! Buffer Overflow Lets Remote Users Gain SYSTEM Privileges
9595| [1008842] Reptile Web Server HTTP Request Flaw Lets Remote Users Deny Service
9596| [1008838] Oracle HTTP Server 'isqlplus' Input Validation Flaws Let Remote Users Conduct Cross-Site Scripting Attacks
9597| [1008836] SurfinGate Proxy Mode Lets Remote Users Execute Application Commands
9598| [1008833] Sun Solaris modload() May Grant Root Access to Local Users
9599| [1008826] GeoVision GeoHttpServer Authentication Bypass Grants Access to Remote Users
9600| [1008822] Apache mod_perl File Descriptor Leak May Let Local Users Hijack the http and https Services
9601| [1008820] Mephistoles httpd Input Validation Flaw Permits Cross-Site Scripting Attacks
9602| [1008807] GeoHttpServer Can Be Crashed By a Remote User Sending a Long Password
9603| [1008788] DUpics Authentication Flaw Lets Remote Users Gain Administrative Access to the Application and Upload Arbitrary Files
9604| [1008786] DUdownload Authentication Flaw Lets Remote Users Gain Administrative Access to the Application
9605| [1008662] phpGroupWare Flaws Allow SQL Injection and PHP File Uploading
9606| [1008661] FreeProxy Input Validation Flaw Discloses Files to Remote Users
9607| [1008651] Yahoo! Messenger Download Filename Buffer Overflow May Let Remote Users Execute Arbitrary Code
9608| [1008563] Microsoft IIS Fails to Log HTTP TRACK Requests
9609| [1008559] Apache mod_php File Descriptor Leak May Let Local Users Hijack the https Service
9610| [1008554] Microsoft IE for Mac May Disclose Sensitive Information in Secure URLs to Remote Sites via HTTP Referer Field
9611| [1008549] Surfboard httpd Buffer Overflow May Allow a Remote User to Execute Arbitrary Code
9612| [1008526] CyberGuard Firewall Proxy Error Page Input Validation Flaw May Permit Cross-Site Scripting Attacks
9613| [1008477] Cisco Firewall Services Module (FWSM) Buffer Overflow in Cut-Through Proxy Authentication Lets Remote Users Crash the FWSM
9614| [1008469] mvdsv Quake Server Download Buffer Overflow Allows Remote Code Execution
9615| [1008463] LFTP Buffer Overflow in Processing HTTP Responses May Allow Remote Code Execution
9616| [1008460] Opera Web Browser Download Dialog Lets Remote Users Delete Arbitrary Files
9617| [1008342] Surfboard httpd Input Validation Flaw Lets Remote Users View Arbitrary Files on the System
9618| [1008265] Xitami Web Server Bug in Processing Certain HTTP POST Headers Lets Remote Users Deny Service
9619| [1008244] Kerio WinRoute Firewall Discloses Authentication Data to Remote Sites When Using Proxy Authentication
9620| [1008240] Half-Life Dedicated Server Discloses Configuration Files to Remote Users if Downloads Are Permitted
9621| [1008187] PostMast Proxy Server Permits Cross-Site Scripting Attacks
9622| [1008180] WebWasher Classic Proxy Input Validation Flaw Permits Remote Cross-Site Scripting Attacks
9623| [1008177] PeopleSoft PeopleTools iClient Lets Remote Users Upload and Execute Arbitrary Commands
9624| [1008156] BEA WebLogic Input Validation Flaw in Proxy Plug-in Lets Remote Users Crash the Service With Malformed URLs
9625| [1008075] IA WebMail Server Buffer Overflow in Processing HTTP Headers Lets Remote Users Execute Arbitrary Code
9626| [1008072] Plug and Play Web Server Proxy Service Can Be Crashed By Remote Users
9627| [1008068] frox FTP Proxy Can Be Crashed By Remote Users Conducting Port Scans
9628| [1008036] tc.SimpleWebServer Buffer Overflow in Processing the HTTP Referer Lets Remote Users Execute Arbitrary Code
9629| [1008031] thttpd 'Host' Header Directory Traversal Flaw May Disclose Files to Remote Users
9630| [1008015] sh-httpd Discloses Files to Remote Users
9631| [1008007] thttpd defang() Buffer Overflow Lets Remote Users Execute Arbitrary Code
9632| [1007980] Sun Java Runtime Environment Classloader Flaw May Let Untrusted Applets Gain Elevated Privileges
9633| [1007899] FirstClass HTTP Daemon Can Be Crashed By Remote Users
9634| [1007886] PHP-Nuke 'mailattach.php' Input Validation Flaw Lets Remote Users Upload Arbitrary Files and Execute Them
9635| [1007855] IBM DB2 Buffer Overflow in LOAD and INVOKE Commands Lets Remote Authenticated Users Execute Arbitrary Code
9636| [1007802] Null httpd Can Be Crashed By Remote Users Sending Incomplete HTTP POST Requests
9637| [1007799] Gauntlet Firewall 'sql-gw' Proxy Can Be Crashed By Remote Users Sending Invalid Data
9638| [1007797] TclHttpd 'dirlist.tcl' Discloses Directory Contents to Remote Users and Permits Remote Cross-Site Scripting Attacks
9639| [1007794] ProFTPD ASCII Mode File Upload Buffer Overflow Lets Certain Remote Users Execute Arbitrary Code
9640| [1007774] Xitami Web Server Can Be Crashed By Remote Users Sending Large HTTP GET Request Headers
9641| [1007708] Minihttp File Sharing for net Password Parsing Flaw Grants Admin Privileges to Remote Users
9642| [1007707] Minihttp Forum Web Server Password Parsing Flaw Grants Admin Privileges to Remote Users
9643| [1007566] AnalogX Proxy Input Validation Flaw Permits Remote Cross-Site Scripting Attacks Against Arbitrary Web Sites
9644| [1007553] Avant Browser Crashes When Loading a Long URL
9645| [1007470] Lil' HTTP Server Discloses Web Server Passwords to Local Users
9646| [1007460] FreeBSD 'ibcs2.ko' Loadable Kernel Module May Disclose Kernel Memory to Local Users
9647| [1007452] Xitami Web Server Fails to Log Non-HTTP Connections
9648| [1007383] Minihttp Forum Web Server Default Configuration Leaves Administrator Account Without a Password
9649| [1007364] IISShield May Fail to Drop a Specific Malformed HTTP Request
9650| [1007342] Cisco IOS Web Interface Buffer Overflow Lets Remote Users Send 2GB HTTP GET Requests to Execute Arbitrary Code
9651| [1007340] Small HTTP Server Discloses Administrator Password to Local Users
9652| [1007295] paFileDB Authentication Flaw Lets Remote Users Upload and Execute Arbitrary Code
9653| [1007278] Microsoft DirectX Heap Overflow in Loading MIDI Files Lets Remote Users Execute Arbitrary Code
9654| [1007230] Apache HTTP Server 'rotatelogs' Bug on Win32 and OS/2 May Cause the Logging to Stop
9655| [1007215] OmniHTTPd Web Server Has Input Validation Holes in Additional Sample Scripts That Let Remote Users Conduct Cross-Site Scripting Attacks
9656| [1007171] UMN Gopherd Buffer Overflows in GSisText() and in FTP Proxy Code Let Remote Users Execute Arbitrary Code
9657| [1007159] Mabry HTTPServer/X Discloses Files on the System to Remote Users
9658| [1007155] Q-Shop Shopping Cart Authentication Flaw Lets Remote Users Upload and Execute Arbitrary Code
9659| [1007126] Microsoft Internet Explorer Can By Crashed By Loading 'C:\aux' URL
9660| [1007111] ProductCart Shopping Cart Default Configuration Lets Remote Users Download the Shopping Database
9661| [1007104] Xbox Dashboard Font File Loader Integer Overflow Lets Local Users Execute Arbitrary Code
9662| [1007058] NetScreen HTTP, Telnet, and FTP Authentication Feature Can Be Bypassed in Certain Cases
9663| [1007007] Microsoft Internet Explorer Custom HTTP Error Pages May Let Remote Users Execute Scripts in the Local Computer Zone
9664| [1006992] myServer Web Server HTTP Parsing Flaw Lets Remote Users Crash the Web Service
9665| [1006945] Novell HTTPSTK Can Be Crashed By Remote Users
9666| [1006894] iisCART2000 Upload Authentication Error Lets Remote Users Upload and Execute Arbitrary Scripts
9667| [1006867] Microsoft IIS Buffer Overflow Lets Remote Users With Upload Privileges Execute Code - Remote Users Can Also Crash the Service
9668| [1006852] BRS WebWeaver HTTP Buffer Overflows Let Remote Users Crash the Web Service
9669| [1006845] AnalogX Proxy URL Buffer Overflow Lets Remote Users Execute Arbitrary Code With Administrator Privileges
9670| [1006836] CUPS Internet Printing Protocol HTTP Header Processing Flaw Lets Remote Users Deny Service
9671| [1006793] PHP-Nuke Input Validation Flaws in Several Modules (Sections, AvantGo, Surveys, Downloads, Reviews, Web_Links) Let Remote Users Inject SQL Commands
9672| [1006774] Microsoft Internet Explorer May Execute Arbitrary Code in the Wrong Security Domain When Processing Large Numbers of Download Requests
9673| [1006750] 3Com OfficeConnect DSL Router Memory Leak May Disclose Previous HTTP Request Data
9674| [1006670] Opera Web Browser Can Be Crashed When Downloading a File With a Long Filename Extension
9675| [1006666] SonicWALL Pro Can Be Crashed By Remote Users Due to Bug in Processing Large HTTP POST Requests
9676| [1006665] Pi3Web Server Can Be Crashed By Remote Users Sending Malformed HTTP GET Requests
9677| [1006634] Microsoft Internet Explorer Bugs (URLMON.DLL Buffer Overflow, File Upload Control Bypass, Plug-in URL Input Validation Flaw, CSS Modal Dialog Input Validation Flaw) Let Remote Users Execute Arbitrary Code or Access Local Files
9678| [1006616] AN HTTPD Web Server Sample Script ('count.pl') Lets Remote Users Create or Overwrite Files on the System.
9679| [1006551] KDE Configuration Flaw Lets Remote Users Create Files That Will Execute Arbitrary Commands When Loaded
9680| [1006546] CC Log Input Validation Hole in HTTP Header Fields Lets Remote Users Conduct Cross-Site Scripting Attacks
9681| [1006534] Microsoft Proxy Service in Proxy Server 2.0 Has Unspecified Flaw That Lets Remote Users Stop Traffic
9682| [1006513] Opera Browser Buffer Overflow in Loading URLs May Let Remote Users Execute Code
9683| [1006508] Coppermine Photo Gallery File Extension Validation Flaw Lets Remote Users Upload and Execute PHP Code
9684| [1006489] Abyss Web Server HTTP Header Validation Flaw Lets Remote Users Crash the Web Server
9685| [1006330] Mutt Buffer Overflow May Cause Arbitrary Code to Be Executed When Downloading Mail
9686| [1006299] Kebi Academy 2001 Input Validation Flaw Lets Remote Authenticated Users View and Upload Files from/to Arbitrary Locations on the Server
9687| [1006269] Opera Browser Download Filename Buffer Overflow Lets Remote Users Execute Arbitrary Code
9688| [1006260] DeleGate Overflow in Processing 'robots.txt' Fields Lets Remote Users Execute Arbitrary Code on the Proxy Server
9689| [1006258] PeopleSoft PeopleTools Input Filtering Bug in SchedulerTransfer Java Servlet Lets Remote Users Upload and Execute Arbitrary Code
9690| [1006254] Upload Lite Temporary File Bug Lets Remote Users Upload and Execute Arbitrary CGI Code on the Server
9691| [1006217] Uploader PHP Script Default Configuration Lets Remote Users Upload Arbitrary Files and Then Execute Them
9692| [1006105] [Indy]News Forum Software Lets Remote Users Upload Files to the System
9693| [1006099] Symantec's Norton Anti-Virus Fails to Work After Loading Corrupt Anti-Virus Definitions
9694| [1006079] Opera Browser May Execute Arbitrary Code When Loading a Malicious URL
9695| [1006069] Eggdrop IRC Bot Lets Certain Remote Authenticated Users Invoke the Bot as a Proxy
9696| [1006056] IlohaMail Input Validation Bug Lets Remote Authenticated Users Upload Files to the Server
9697| [1006003] Replicom ProxyView Default Configuration Gives Remote Users Full Access
9698| [1005943] Shambala Server FTP Input Validation Bugs Let Remote Authenticated Users View and Upload Files and Crash the Server
9699| [1005915] Middleman Proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code on the Proxy Server
9700| [1005912] Mambo Site Server Input Validation Bugs Let Remote Authenticated Users Upload and Execute Code on the Server
9701| [1005901] Cgihtml Script Package Contains Multiple Flaws That Let Remote Users Deny Service or Upload Files to the System
9702| [1005889] HTTP Fetcher Buffer Overflows May Let Remote Servers Execute Arbitrary Code
9703| [1005886] AN HTTPD Web Server Discloses Installation Path to Remote Users
9704| [1005884] Winamp Buffer Overflow in Loading 'b4s' Playlists Lets Remote Users Execute Arbitrary Code on the Player
9705| [1005857] Microsoft Internet Explorer Bug in Loading Multimedia Files May Let Remote Users Execute Arbitrary Scripting Code in Other Domains
9706| [1005851] Junkbuster Proxy Default Configuration on Red Hat Linux Lets Remote Users Send SPAM Via the Proxy
9707| [1005815] Symantec VelociRaptor Firewall Buffer Overflow in RealAudio Proxy Allows Remote Users to Deny Service and Possibly Execute Arbitrary Code on the Firewall
9708| [1005814] Symantec Enterprise Firewall Buffer Overflow in RealAudio Proxy Allows Remote Users to Deny Service and Possibly Execute Arbitrary Code on the Firewall
9709| [1005792] Multi-Tech ProxyServer Default Configuration Gives Remote Users Control of the System
9710| [1005784] Apt-www-proxy Server Format String Hole Lets Remote Users Execute Arbitrary Commands
9711| [1005768] TrendMicro InterScan VirusWall Proxy Bug Lets Remote Users Connect to Internal Hosts Via the Proxy
9712| [1005730] Webster HTTP Server Multiple Bugs Let Remote Users Execute Arbitrary Code and View Files on the System
9713| [1005699] Microsoft Internet Explorer (IE) Java Class Loader Security Flaw Lets Remote Users Bypass Java Security Restrictions
9714| [1005698] Microsoft Java Virtual Machine (VM) Class Loader Security Flaw Lets Remote Users Bypass Java Security Restrictions
9715| [1005695] AOL Instant Messenger (AIM) File Sharing Bug May Let Remote Users Silently Force Downloads
9716| [1005690] acFreeProxy Server Input Validation Flaw Allows Remote Users to Conduct Cross-Site Scripting Attacks Against Proxy Server Users
9717| [1005645] Zeroo HTTP Server Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server
9718| [1005624] LibHTTPd Buffer Overflow Lets Remote Users Execute Arbitrary Code
9719| [1005600] Light HTTPd (lhttpd) Buffer Overflow Lets Remote Users Execute Arbitrary Code to Gain Shell Access on the System
9720| [1005599] eZ httpbench Tool Discloses Files on the System to Remote Users
9721| [1005598] Tiny HTTPd Input Validation Bug Discloses Files on the Server to Remote Users and Also Lets Users Execute Commands
9722| [1005524] Com21 DOXport Cable Modems Let Remote Users on the Local Network Load an Alternate Configuration File
9723| [1005505] Microsoft Internet Information Server (IIS) Script Access Control Bug May Let Remote Authenticated Users Upload Unauthorized Executable Files
9724| [1005490] AN HTTPD Web Server Lets Remote Users Conduct Cross-Site Scripting Attacks
9725| [1005472] IBM Web Traffic Express Caching Proxy Server Allows Cross-Site Scripting Attacks
9726| [1005471] IBM Web Traffic Express Caching Proxy Server Can Be Crashed By Remote Users
9727| [1005457] AN HTTPD Buffer Overflow in Processing SOCKS4 Requests Allows Remote Code Execution
9728| [1005442] IP Filter Linux Firewall Software FTP Proxy Bug Lets Remote Users Bypass the Rule Set
9729| [1005417] Web Server 4 Everyone Can Be Crashed By Remote Users Sending Long HTTP GET Requests
9730| [1005415] Symantec VelociRaptor Firewall Secure Web Proxy Lets Remote Users Cause Denial of Service Conditions
9731| [1005414] Symantec Enterprise Firewall (Raptor Firewall) Secure Web Proxy Lets Remote Users Cause Denial of Service Conditions
9732| [1005400] VBZooM Bulletin Board Lets Remote Users Upload and Execute Files
9733| [1005350] IBM HTTP Server (IHS) Input Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks
9734| [1005301] WASD HTTP Server for OpenVMS Has Multiple Flaws That Disclose Information and Let Remote Users Gain SYSTEM Access
9735| [1005297] acWEB HTTP Server Bugs Let Remote Users Crash the System and Permit Cross-Site Scripting Attacks
9736| [1005293] Monkey HTTP Daemon Discloses Files on the System to Remote Users
9737| [1005272] Null httpd Web Server Heap Overflow Lets Remote Users Execute Arbitrary Code With Root Privileges
9738| [1005259] IBM WebSphere Can Be Crashed By Remote Users Sending Large HTTP Headers
9739| [1005247] TrendMicro InterScan VirusWall Scanner Can Be Bypassed With HTTP Chunked Transfer Encoded Packets
9740| [1005214] KDE Konqueror URL Decoding Inconsistency May Result in a Web Page Loading in the Incorrect Security Domain
9741| [1005182] Microsoft Internet Explorer URL Decoding Inconsistency May Result in a Web Page Loading in the Incorrect Security Domain
9742| [1005177] Microsoft Visual FoxPro Filename Processing Bug Lets Remote Users Create HTML That Will Cause Arbitrary Code to Be Executed When the HTML is Loaded
9743| [1005167] NullLogic's Null httpd Web Server Input Validation Bug Lets Remote Users Conduct Cross-site Scripting Attacks
9744| [1005137] OmniHTTPd Web Server Input Validation Holes in Sample Applications Let Remote Users Conduct Cross-Site Scripting Attacks
9745| [1005108] Microsoft Windows Media Player Allows Malicious Windows Media Download (.wmd) Files to Silently Create Files in a Known Location and Execute Them
9746| [1005063] Microsoft Windows XP Help and Support Center Hole Lets Remote Users Create URLs That, When Loaded, Will Delete Arbitrary Files on Your System
9747| [1004988] Tinyproxy Double Freed Memory Bug May Let Remote Users Execute Arbitrary Code on the System
9748| [1004957] Jana Web Server Buffer Overflow in Processing HTTP Commands May Let Remote Users Execute Arbitrary Code on the System
9749| [1004953] 602Pro LAN Suite Web Server and Telnet Proxy Bugs Let Remote Users Consume All Available Memory on the System
9750| [1004893] eUpload CGI Web-based File Upload Utility Access Control Flaw Discloses User Passwords to Remote Users
9751| [1004867] Lucent Access Point Routers Can Be Crashed By Remote Users Sending a Large HTTP GET Request to the Web Management Interface
9752| [1004798] World Wide Web Offline Explorer (WWWOFFLE) Proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code on the System
9753| [1004759] ATPhttpd Web Server Buffer Overflows Let Remote Users Execute Arbitrary Code on the Server
9754| [1004751] Lil' HTTP Server 'pbcgi.cgi' Script Input Validation Flaw Allows Remote Users to Conduct Cross-site Scripting Attacks Against Web Server Users
9755| [1004736] Radio Community Server Default Configuration Lets Remote Users Create Users Accounts and Upload Arbitrary Files to the Server
9756| [1004722] Mac OS X SoftwareUpdate Feature Uses Unauthenticated Connections for Downloading and Automatically Installing Software Updates, Allowing Remote Users to Install Arbitrary Code on the System
9757| [1004704] Squid Proxy Cache Has Buffer Overflows in Processing Gopher and FTP Data and May Incorrectly Forward Proxy Authentication Credentials to Remote Web Sites
9758| [1004699] Noguska's NOLA Web-based Accounting and Inventory Management Package Lets Remote Users Upload and Execute PHP Code
9759| [1004675] AnalogX Proxy Server Buffer Overflow Lets Remote Users Execute Arbitrary Code on the System
9760| [1004672] OmniHTTPd Web Server Bug in Processing Long HTTP Protocol Parameters Allows Remote Users to Crash the Web Service
9761| [1004581] 4D Web Server Buffer Overflow in Processing Long HTTP Requests May Let Remote Users Execute Arbitrary Code or Crash the Service
9762| [1004572] Mozilla Mail Download Can Be Crashed By Remote Users Sending Malicious E-mail via POP3
9763| [1004571] Netscape Communicator Mail Download Can Be Crashed By Remote Users Sending Malicious E-mail via POP3
9764| [1004561] Cisco uBR7100/7200 Series Cable Modem Routers Have Integrity Verification Flaw That Lets Remote Users Load Alternate Configurations on the Router
9765| [1004518] Microsoft Proxy Server Buffer Overflow in Processing Gopher Protocol Responses Allows Remote Users to Execute Code on the Server to Gain Full Control of the Server
9766| [1004480] MetaMachine's 'eDonkey' File Sharing Software Has a Buffer Overflow May Let Remote Create URLs That Will Cause Arbitrary Arbitrary Code to Be Executed When Loaded
9767| [1004446] Squid Proxy Caching Server 'Msntauth' Authentication Module Format String Hole Lets Remote Users Execute Arbitrary Code on the Server
9768| [1004319] Hosting Controller Software for Web Hosting Companies Has Input Validation Errors in 'dsnmanager.asp' and 'imp_rootdir.asp' Scripts That Allow Remote Users to View Files on the System and Upload and Copy Files With Administrator Privileges
9769| [1004300] Microsoft Internet Explorer (IE) Zone Spoofing Hole Lets Remote Users Create HTML That, When Loaded, May Run in a Less-Secure IE Security Zone
9770| [1004241] Novel Border Manager Firewall Can Be Crashed By Remote Users Sending Specially Crafted Packets to the FTP Proxy, IP/IPX Gateway, or RTSP Proxy Ports
9771| [1004221] Squid_auth_ldap LDAP Authentication Module for the Squid Proxy Server Has Format String Bugs That Let Remote Users Execute Arbitrary Shell Commands on the System
9772| [1004211] 4D Web Server Buffer Overflow in Processing Basic HTTP Authentication Lets Remote Users Crash the Server and May Allow Arbitrary Code to Be Executed
9773| [1004191] Sun Solaris 'lbxproxy' Display Name Buffer Overflow Lets Local Users Obtain Root Group Privileges
9774| [1004187] Mozilla Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer
9775| [1004186] Netscape Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer
9776| [1004134] ICQ Instant Messaging Client Can Be Crashed When Malformed '.hpf' Files are Loaded
9777| [1004123] Lil' HTTP Server Discloses Files Located Outside of the Web Document Directory to Remote Users and Allows Remote Users to Conduct Cross-site Scripting Attacks Against Administrators
9778| [1004080] AOLserver Format String Flaw and Buffer Overflow in 'libnspd.a' API for External Database Driver Proxy Daemons May Let Remote Users Execute Arbitrary Code
9779| [1004056] Symantec Enterprise Firewall (Raptor) FTP Proxy Allows Remote Users to Conduct FTP Bounce Attacks Using Protected FTP Servers
9780| [1004014] Microsoft Internet Information Server ASP HTTP Header Processing Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server
9781| [1003992] Funk Software Proxy Remote Control Software May Let Remote Users Gain Unauthorized Access to the System
9782| [1003905] Cisco CallManager Memory Leak Lets Remote Users Cause the Server to Crash and Reload.
9783| [1003896] Squid Proxy Caching Server Heap Overflow in Processing Compressed DNS Responses Could Allow Remote DNS Servers to Crash the Service
9784| [1003873] Imlib Image Loader malloc() Argument Bug May Let Local Users Execute Arbitrary Code on the System
9785| [1003855] PHP safe_mode Restrictions Can Be Bypassed By Remote Users Via the 'move_uploaded_file' Function
9786| [1003839] Microsoft Internet Explorer (IE) 6 Lets Remote Users Cause Files to Be Downloaded and Executed Without the Knowledge or Consent of the Victim
9787| [1003778] Cobalt XTR User Interface Access Control Issue and File Uploading Authentication Bug Let Local Users Write to Files with Root Privileges
9788| [1003743] Thttpd Web Server Filtering Flaw Lets Remote Users Steal Cookies Via Cross-Site Scripting Attacks
9789| [1003740] Zope Web Application Content Server Proxy Role Error May Let Users Access Unauthorized Objects
9790| [1003732] Netscape Web Broswer Java Environment Lets Remote Malicious Applets Redirect Web Proxy Connections
9791| [1003731] Sun Java Runtime Environment (JRE) Lets Remote Malicious Applets Redirect Web Proxy Connections
9792| [1003730] Microsoft Java Virtual Machine in Internet Explorer Lets Remote Malicious Applets Redirect Web Proxy Connections
9793| [1003700] Network Associates Gauntlet Firewall Proxy Bug Lets Remote Users Bypass Some Access Controls and Connect to Arbitrary Ports on Internal/Protected Hosts
9794| [1003676] PHP File Upload Bugs Let Remote Users Execute Arbitrary Code on a PHP-enabled Web Server
9795| [1003643] FreeRADIUS Authentication Server (and Possibly Other RADIUS Servers) May Become Overloaded By a Remote Flood of Access-Request Packets from a Single User
9796| [1003639] Squid Proxy Cache Server Buffer Overflow Lets Remote Users Create Denial of Service Conditions and May Let Remote Users Execute Arbitrary Code on the System
9797| [1003636] Trend Micro's InterScan VirusWall Proxy Bug Lets Remote Users Bypass Some Access Controls and Connect to Arbitrary Ports on Internal/Protected Hosts
9798| [1003635] Finjan SurfinGate Proxy Bug Lets Remote Users Bypass Some Access Controls and Connect to Arbitrary Ports on Internal/Protected Hosts
9799| [1003614] Symantec Enterprise Firewall (Raptor) SMTP Proxy Fails to Fully Rewrite Some SMTP Headers
9800| [1003613] Lil' HTTP Server Discloses Files in Password Protected Directories on the Web Server to Remote Users
9801| [1003604] RealSystem Server and RealSystem Proxy Buffer Overflows May Let Remote Users Execute Arbitrary Code on the Server or Cause the Server to Crash
9802| [1003598] ScriptEase Mini WebServer Can Be Crashed By Remote Users Sending Long HTTP Requests
9803| [1003584] Dino's WebServer Can Be Crashed By Remote Users Sending Multiple Long HTTP GET Requests
9804| [1003553] DansGuardian Web Content Filtering Proxy Bug Lets Remote Users Bypass File Name Extension Filtering Restrictions
9805| [1003474] DeleGate Proxy Server Has Multiple Buffer Overflow Vulnerabilities That Let Remote Users Execute Arbitrary Code on the Server
9806| [1003466] Opera Web Browser Allows Cross-site Scripting Attacks Via Non-HTTP Servers
9807| [1003462] Microsoft Internet Explorer Web Browser Allows Cross-site Scripting Attacks Via Non-HTTP Servers
9808| [1003419] Microsoft Site Server Commerce Edition Lets Remote Users With Valid NT Accounts Upload and Then Execute ASP Scripts on the Server or Consume Disk Space on the Server
9809| [1003411] NETGEAR Router Web Content Filtering Mechanism Can Be Bypassed By Remote Users With Certain Malformed HTTP GET Requests
9810| [1003403] UBBThreads Bulletin Board Application Lets Remote Users With Accounts on the Bulletin Board Upload Files With Prohibited Extensions, Including PHP Scripts Which Can Subsequently Be Executed on the System
9811| [1003391] Cisco Catalyst CatOS Telnet Daemon Buffer Overflow Lets Remote Users Crash and Reload the Switch
9812| [1003331] Chuid File Permission Utility Incorrectly Lets Users Change Permission of Files Located Outside of the Upload Directory and Files Owned By Root
9813| [1003282] Avirt Gateway Web Proxy Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server with SYSTEM Level Privileges
9814| [1003281] Avirt Gateway Suite Telnet Proxy Flaw Gives Remote Users Telnet Command Line Access to the Server With SYSTEM Level Privileges
9815| [1003251] Sapporo Works 'BlackJumboDog' Web Proxy Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Host Running the Proxy
9816| [1003210] Pi3Web HTTP Server Can Be Crashed By Remote Users Sending Long CGI Parameters
9817| [1003170] Cisco SN 5420 Storage Router Bugs Disclose the Router Configuration to Remote Users and Allow Remote Users to Crash the Router With Large HTTP Headers or Fragmented Packets
9818| [1003133] PostNuke Downloads Module 'ttitle' Parameter Allows Cross-Site Scripting Attacks
9819| [1003125] Hosting Controller Windows-based Web Hosting Management Software Lets Remote Users Establish Administrator Accounts and Upload and Execute Arbitrary Code on the Server
9820| [1003116] PHPFileExchange Web-Based File Storage System Has Access Control Bug That Allows Remote Users With Valid Accounts to Upload Files to Read-Only Directories
9821| [1003111] Pine E-mail Client Allows Remote Users to Send Malicious URLs Within a Message That Will Execute Arbitrary Shell Commands on the Recipient's Host When the URL is Loaded
9822| [1003103] Anti-Web HTTPD (awhttpd) Web Server Can Be Crashed By Local Users
9823| [1003096] Sfxload Sound Font Loader Component of AWESFX Utility Package Has Buffer Overflow That May Allow a Local User to Obtain Elevated Privileges on the Host
9824| [1003068] DeleGate Proxy Server Allows Cross-Site Scripting Attacks
9825| [1003065] ELSA Lancom Router Discloses the Administrator Password to Remote Users, Allowing Them to Change the Router's Configuration and Upload Modified Firmware
9826| [1003038] IBM AIX Loadable Authentication Modules Gives Root Access to Remote Users
9827| [1003002] WMCube/GDK Load Monitoring Tool Has Buffer Overflow That Lets Local Users Gain Elevated Privileges
9828| [1002988] Tivoli SecureWay Policy Director WebSEAL Server Can Be Crashed By Remote Users Appending '%2e' to HTTP Requests
9829| [1002970] ATPhttpd Web Server Can Be Crashed By Remote Users Sending Long URLs
9830| [1002957] Microsoft Internet Information Server Can Be Crashed By Remote Users With HTTP Requests Containing Invalid Content-Length Values
9831| [1002908] Platform Computing's Platform LSF Load Sharing Application Contains Multiple Flaws, Disclosing Files to Local Users, Giving Local Users Root Access, and Crashing When Remote Users Send Malformed Packets
9832| [1002890] Outlook Express for Macintosh May Crash While Downloading POP3 Mail Containing a Long Line
9833| [1002878] AspUpload Default Configuration Installs Scripts That Allow Remote Users to Upload Arbitrary Files to the Server and Rename Those Files
9834| [1002867] Frox FTP Proxy Server May Allow Remote Users to Execute Arbitrary Code on the Server in a Certain Configuration
9835| [1002820] Microsoft Internet Explorer Allows Malicious Web Pages to Spoof Downloadable File Types And Execute Code on the User's Computer When Opened Directly from the Browser
9836| [1002818] Oracle9iAS Web Cache Can Be Crashed By Remote Users Sending Malformed HTTP Content Length Header
9837| [1002783] Thttpd Web Server Has a One Byte Buffer Overflow That Allows Remote Users to Execute Arbitrary Code
9838| [1002752] Cisco 12000 Series Internet Routers Can Be Degraded or Crashed By Remote Users Due to CPU Overloading in Generating ICMP Unreachable Messages
9839| [1002743] mini_httpd Web Server Discloses Password-Protected and Non-Readable Files to Remote Users
9840| [1002742] thttpd Web Server Discloses Password-Protected and Non-Readable Files to Remote Users in Certain Configurations
9841| [1002721] Rational ClearCase Configuration Management Software Buffer Overflow in db_loader Lets Local Users Execute Arbitrary Code with Root Level Privileges
9842| [1002713] Symantec Enterprise Firewall (Raptor Firewall) Netbios Proxy Can Be Crashed By Remote Users and UDP Proxy Can Be Made to Consume All CPU Resources
9843| [1002712] IBM AS/400 HTTP Server Discloses Source Code of Java Server Pages to Remote Users
9844| [1002600] Mozilla Browser Will Return HTTP Cookies to an FTP Server at the Same Domain as the HTTP Server, Which Could Be a Different Domain if the HTTP Server is Hosting Virtual Domains
9845| [1002594] Microsoft Internet Explorer for Mac OS X is Configured to Automatically Execute Downloaded Files
9846| [1002526] Microsoft Internet Explorer (IE) Web Browser Has Multiple URL-related Flaws That May Allow for Remote Code Execution, Remote HTTP Request Generation, and Application of Incorrect Security Restrictions
9847| [1002466] Meteor FTP Server Directory Traversal Security Hole Lets Remote Users Download Files From the Server That Are Located Outside the FTP Directory
9848| [1002459] PHP-Nuke Lets Remote Users Upload Files to the Server and Copy Files on the Server, Yielding User Level Access on the Server
9849| [1002439] Squid Proxy Caching Server Can Be Crashed by Remote Users with Mkdir PUT Requests
9850| [1002301] HP-UX Process Resource Manager (PRM) and Workload Manager (WLM) Allow Local Users to Obtain Root Level Privileges on the Host
9851| [1002267] AOLserver Can Be Crashed By Remote Users With a Long HTTP Authentication String And May Execute Arbitrary Code
9852| [1002229] Dynu FTP Server Lets Remote Users Traverse the Directory and Download Files Outside of the FTP Server Directory
9853| [1002187] Sambar Telnet Proxy/Server Password Buffer Overflow May Allow Remote Users to Execute Arbitrary Code on the Server
9854| [1002074] Proxomitron Web Filtering Proxy Allows Remote Users to Conduct Cross-site Scripting Attacks and Cause Arbitrary Code to be Executed by the Proxomitron Users' Browser, Possibly Disclosing Cookies
9855| [1002056] Tcl/Tk May Load Malicious Libraries That Can Give Root Privileges to Local Users
9856| [1002050] OmniSecure's HTTProtect Temporary File Flaw May Let Local Users Overwrite Files
9857| [1002045] Squid Proxy Caching Server Lets Remote Users Conduct Portscans Against Other Hosts Via the Squid Server in Certain Configurations
9858| [1002034] Caldera Docview Documentation Web Server Lets Local Users Gain Httpd User Account Privileges
9859| [1002013] HP/UX 11.11 Dynamically Loadable Kernel Modules Feature Lets Local Users Get Root Privileges
9860| [1001956] Xloadimage Used By Netscape Browser May Execute Arbitrary Code Specified By a Malicious Remote Web Server
9861| [1001905] Small HTTP Server Can Be Crashed By Remote Users
9862| [1001893] Another Buffer Overflow in GazTek ghttpd Web Server Lets Remote Users Execute Arbitrary Code on the Server
9863| [1001854] Cisco IOS Gives Remote Users Full Control of IOS Devices When HTTP Server Authentication with Local Authorization is Enabled
9864| [1001801] SurfControl's SuperScout Web Filter Fails to Block Packets Relayed Via Proxy Servers
9865| [1001772] GazTek ghttpd Web Server Executes Arbitrary Code Supplied By Remote Users
9866| [1001713] WatchGuard Firebox Firewall SMTP Proxy Fails to Block E-mail Based Executables and Scripts in Certain Conditions
9867| [1001618] OmniHTTP Web Server Allows Remote Users to Obtain Source Code of PHP Scripts and to Cause the Server to Consume All CPU Cycles
9868| [1001607] Cisco IOS Router Software May Reload Itself After Receiving a Vulnerability Scan
9869| [1001606] Norton AntiVirus E-mail Virus Scanner Module (poproxy.exe) Allows Remote Users to Cause the Host to Crash
9870| [1001555] OmniHTTPd Pro Web Server Can Be Crashed By Remote Users
9871| [1001475] CrushFTP Java-based FTP Server Lets Remote Users Change Directories and Download Files Outside of the FTP Server's Root Document Directory
9872| [1001427] Small HTTP Server Can Be Crashed By Remote Users
9873| [1001400] Opera Web Browser May Execute Files Selected for Download Instead of Prompting the User for Approval
9874| [1001378] RitLab's The Bat! E-Mail Client Allows a User's E-Mail to Be Made Unretrievable When Downloading a Specifically Formatted E-Mail Message
9875| [1001311] Netscape's SmartDownload Can Automatically Execute Arbitrary Code Without User Intervention or Knowledge for Both Netscape and Microsoft Browsers
9876| [1001248] Savant Web Server Can Be Crashed Remotely With Certain HTTP Requests
9877| [1001153] Symantec (Axent) Raptor Firewall May Allow Unauthorized Access Through the Firewall Using the HTTP Protocol
9878| [1001149] Nearly All of Compaq's Web-Enabled Management Software Inadvertently Acts As a Web Proxy Server, Allowing Web Surfers to Bypass Normal Proxy Server Filtering
9879| [1001139] SurfControl for Microsoft Proxy Server May Fail to Block Sites
9880| [1000992] WhitSoft's SlimServe HTTPd Web Server Gives Users Remote Access to Files Outside of the Server's Main Directory
9881|
9882| OSVDB - http://www.osvdb.org:
9883| [90557] Apache HTTP Server mod_proxy_balancer balancer-manager Interface Multiple Parameter XSS
9884| [75647] Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remote DoS
9885| [43259] Apache HTTP Server on Windows mod_proxy_balancer URL Handling Remote Memory Corruption
9886| [42937] Apache HTTP Server mod_proxy_balancer balancer-manager Unspecified CSRF
9887| [40264] Apache HTTP Server mod_proxy_balancer balancer_handler Function bb Variable Remote DoS
9888| [40263] Apache HTTP Server mod_proxy_balancer balancer-manager Multiple Parameter XSS
9889| [94090] Wireshark HTTP Dissector packet-http.c http_payload_subdissector Function Crafted Packet Handling Remote DoS
9890| [93048] IBM Sterling Secure Proxy HTTP Header Web Server Version Disclosure
9891| [92200] MiniWeb HTTP Server Non-existent Directory Arbitrary File Upload
9892| [92198] MiniWeb HTTP Server filename Parameter Traversal Arbitrary File Upload
9893| [91975] HAProxy HTTP Content Inspection Mechanism HTTP Request Handling Remote Overflow DoS
9894| [91703] Google Chrome PPB_URLLoader_Proxy::OnMsgReadResponseBodyAck URL Loader Out-of-bounds Memory Disclosure
9895| [91613] Zend Framework Multiple Class HTTP Header Proxy Information Handling Spoofing Weakness
9896| [91137] Flexera AdminStudio / InstallShield ActiveX (ISProxy.dll ) Multiple Method DLL Loading Arbitrary Code Execution
9897| [90736] Zen Load Balancer Multiple Unspecified Issues
9898| [90422] Mozilla Multiple Product Proxy 407 Response HTTPS Address Spoofing
9899| [89275] Apache HTTP Server mod_proxy_ajp Module Expensive Request Parsing Remote DoS
9900| [88581] Squid Web Proxy HTTP Accelerator Mode Proxied Port Scan Weakness
9901| [88287] Squid Crafted XMLHttpRequest Remote Proxy-Authorization Cleartext Credential Disclosure
9902| [88274] TVMOBiLi Media Server HttpUtils.dll CHTTPServerTransaction::LoadFile() Method Request Parsing Overflow
9903| [88239] BugTracker.NET download_file.aspx filename Parameter HTTP Response Splitting
9904| [88174] TVMOBiLi Media Server HttpUtils.dll CHTTPServerTransaction::LoadResource() Method Request Parsing Overflow DoS
9905| [88016] BlackJumboDog HTTP Proxy Multiple String Parsing Remote Overflow
9906| [87958] IBM WebSphere Message Broker ProxyServlet / MQ HTTP Connection Cleartext Credential Disclosure
9907| [87457] Tor Directory Connection HttpProxyAuthenticator Remote Fingerprinting Weakness
9908| [86549] libproxy px_pac_reload() Function Content-Length Header Handling Remote Overflow
9909| [85838] 602Pro LAN SUITE HTTP Proxy-Authorization Header Handling Remote Overflow DoS
9910| [85809] RubyGems HTTPS to HTTP Redirection MitM Downloaded Installation File Manipulation
9911| [85692] Zen Load Balancer content3-2.cgi if Parameter Remote Command Execution
9912| [85691] Zen Load Balancer upload.cgi Arbitrary File Upload
9913| [85690] Zen Load Balancer Multiple Directory Permissions Weakness Information Disclosure
9914| [85654] Zen Load Balancer content2-2.cgi Multiple Parameter Remote Command Execution
9915| [85584] Cisco Application Control Engine (ACE) Module for Cisco Catalyst Load Balancer (LB) Queue Monitoring Application Traffic Parsing Remote DoS
9916| [85090] Apache HTTP Server mod_proxy_ajp.c mod_proxy_ajp Module Proxy Functionality Cross-client Information Disclosure
9917| [85089] Apache HTTP Server mod_proxy_http.c mod_proxy_http Module Cross-client Information Disclosure
9918| [84319] Scrutinizer NetFlow and sFlow Analyzer HTTP Request Parsing Arbitrary File Upload
9919| [83057] Python SimpleHTTPServer Module Crafted Filename Upload Directory Listing XSS
9920| [82774] HAProxy http_auth_group() Function User Parsing Weakness
9921| [82768] HAProxy Secure / HttpOnly Flag Cookie Weakness
9922| [82651] SEIL Routers HTTP-Proxy/Gateway HTTP Request Parsing URL Filter Bypass
9923| [81524] Mozilla Multiple Product RSS / Atom XML HTTPS Content Loading URL Spoofing Weakness
9924| [81164] Squid Proxy HTTP Header Host Field Parsing URL Filter Bypass
9925| [79290] Google Chrome Translation Script Unsafe HTTP Download UXSS
9926| [78987] CVS src/client.c proxy_connect() Function HTTP Version Response Parsing Remote Overflow
9927| [78774] Mozilla Multiple Products IPv6 Proxy Generated XMLHttpRequest Object Handling Remote Information Disclosure
9928| [78667] Oracle Java SE / Java for Business java:classes_net HttpsUrlConnection Authenticated Proxy Tunnel Handling Overflow
9929| [77444] Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing Proxy Remote Security Bypass
9930| [77310] Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (2011-4317)
9931| [76079] Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Security Bypass (2011-3368)
9932| [74346] HAProxy src/proto_http.c manage_server_side_cookies() Function HTTP Set-Cookie Header Remote DoS
9933| [73624] PHP Streams Component HTTP Proxy FTP Wrapper ftp:// URL DoS
9934| [73354] IBM WebSphere Application Server (WAS) HTTP Transport SIP Proxy UDP Message Saturation Remote DoS
9935| [71647] Apache HttpComponents HttpClient Proxy-Authorization Credentials Remote Disclosure
9936| [69817] Microsoft SharePoint Office Document Load Balancer Crafted SOAP Request Remote Code Execution
9937| [69667] Google Chrome HTTP Proxy Authentication Required Response Handling DoS
9938| [68162] OmniVista 4760 HTTP Proxy Crafted HTTP Request Remote Overflow
9939| [67296] WebKit loader/DocumentThreadableLoader.cpp XMLHttpRequest Cross-origin Request Credential Handling Weakness
9940| [67270] Blue Coat ProxySG HTTPS Privilege Enforcement Bypass
9941| [66727] PHP HTTP Upload Unspecified DoS
9942| [65661] Spring Framework class.classLoader.URLs[0]=jar: Crafted JAR File HTTP Request Arbitrary Code Execution
9943| [65654] Apache HTTP Server mod_proxy_http mod_proxy_http.c Timeout Detection Weakness HTTP Request Response Disclosure
9944| [65157] sblim-sfcb httpAdapter.c GetPayload Function Content-Length Header Multiple Overflow
9945| [64504] Consona SdcUser.TgConCtl ActiveX (tgctlcm.dll) HTTPDownloadFile Arbitrary Command Execution
9946| [64002] WebKit DocumentThreadableLoader::preflightFailure Synchronous Preflight XMLHttpRequest CSRF
9947| [62676] Apache HTTP Server mod_proxy_ajp Module Crafted Request Remote DoS
9948| [62674] Apache HTTP Server mod_isapi Module Unloading Crafted Request Remote DoS
9949| [62009] Apache HTTP Server src/modules/proxy/proxy_util.c mod_proxy ap_proxy_send_fb() Function Overflow
9950| [60010] HP Praesidium Webproxy Crafted HTTP Request Forwarding Weakness
9951| [60001] HP LoadRunner Persits.XUpload.2 ActiveX (XUpload.ocx) MakeHttpRequest Method Traversal Arbitrary File Creation
9952| [59022] Apache Shindig ConcatProxyServlet HTTP Header Response Splitting
9953| [57882] Apache HTTP Server mod_proxy_ftp Authorization HTTP Header Arbitrary FTP Command Injection
9954| [57851] Apache HTTP Server mod_proxy_ftp EPSV Command NULL Dereference Remote DoS
9955| [57367] Universal HTTP Upload ActiveX (UUploaderSvrD.dll) Arbitrary File Deletion
9956| [56712] Live Chat Component for Joomla! xmlhttp.php Open HTTP Proxy
9957| [56489] Microsoft IE Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS Site Spoofing
9958| [56488] Google Chrome Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS Site Spoofing
9959| [56487] Opera Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS Site Spoofing
9960| [56247] Akamai Download Manager ActiveX manager.exe Redswoosh Download HTTP Response Handling Overflow
9961| [55653] MiniWeb HTTP Server Crafted Request Forced File Download / Source Disclosure
9962| [55553] Apache HTTP Server mod_proxy Module mod_proxy_http.c stream_reqbody_cl Function CPU Consumption DoS
9963| [55133] Mozilla Firefox HTTP Host Header Proxy Server CONNECT Response Document Context SSL Tampering Weakness
9964| [55132] Google Chrome src/net/http/http_transaction_winhttp.cc HTTP Host Header Proxy Server CONNECT Response Document Context SSL Tampering Weakness
9965| [55129] Microsoft IE HTTP Host Header Proxy Server CONNECT Response Document Context SSL Tampering Weakness
9966| [54768] IPFilter ippool lib/load_http.c URL Hostname Handling Local Overflow
9967| [53921] Apache HTTP Server mod_proxy_ajp Cross Thread/Session Information Disclosure
9968| [53396] Versalsoft HTTP Image Uploader ActiveX (UUploaderSvrD.dll) RemoveFileOrDir Method Arbitrary File Deletion
9969| [52413] Blue Coat ProxySG Transparent Interception Mode HTTP Host Header Dependancy Media Access Control Bypass
9970| [52412] Ziproxy Transparent Interception Mode HTTP Host Header Dependancy Media Access Control Bypass
9971| [51745] Free Download Manager (FDM) Remote Control Server HTTP Authorization Header Handling Overflow
9972| [50714] Blue Coat ProxySG Management Console /Secure/Local/console/install_upload_from_file.htm file Parameter XSS
9973| [50066] FlexCell Grid FlexCell.Grid ActiveX (FlexCell.ocx) HttpDownloadFile() Method Arbitrary File Overwrite
9974| [48528] CCProxy HTTP Proxy CONNECT Request Handling Remote Overflow
9975| [47866] Ultra.Office ActiveX (OfficeCtrl.ocx) HttpUpload() Method Overflow
9976| [47512] HTTP Anti Virus Proxy (HAVP) Infinite Loop Connection Saturation DoS
9977| [47474] Apache HTTP Server mod_proxy_ftp Directory Component Wildcard Character XSS
9978| [46085] Apache HTTP Server mod_proxy ap_proxy_http_process_response() Function Interim Response Forwarding Remote DoS
9979| [44577] phpMyAdmin Crafted HTTP Request UploadDir Parameter Arbitrary File Access
9980| [44345] Coppermine Photo Gallery upload.php Content-Type HTTP Header SQL Injection
9981| [44135] Nortel VPN Gateway Malformed HTTP Request SSL Proxy Remote DoS
9982| [44132] Nortel iSD-SSL Malformed HTTP Request SSL Proxy Remote DoS
9983| [43913] Perlbal lib/Perlbal/ClientProxy.pm Chunked Upload File Upload Handling Overflow DoS
9984| [42507] HTTP File Server (HFS) Traversal Arbitrary File Upload
9985| [42214] Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS
9986| [42122] Kerio WinRoute Firewall Proxy Server Unspecified HTTP Fallback
9987| [41862] DeleGate HTTP Cache Proxy Unspecified DoS
9988| [41019] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload XSS
9989| [41018] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload CRLF
9990| [39291] ELinks https Proxy CONNECT Request Cleartext Information Disclosure
9991| [38832] EDraw Office Viewer Component ActiveX (officeviewer.ocx) HttpDownloadFileToTempDir Method Overflow
9992| [38794] EDraw Office Viewer Component ActiveX (officeviewer.ocx) HttpDownloadFile Method Traversal Arbitrary File Overwrite
9993| [38665] F5 Firepass SSL VPN download_plugin.php3 backurl Parameter XSS
9994| [38415] EDraw Flowchart EDIMAGE.EDImageCtrl ActiveX (EDImage.ocx) HttpDownloadFile() Method Arbitrary File Overwrite
9995| [37345] Astaro Security Gateway (ASG) HTTP Proxy Unspecified DoS
9996| [37051] Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote DoS
9997| [36992] Bitflux Upload Progress Meter uploadprogress.c uploadprogress_php_rfc1867_file Function HTTP POST Overflow
9998| [36980] 3Proxy HTTP Redirection Unspecified DoS
9999| [36074] BEA WebLogic HttpClusterServlet / HttpProxyServlet SecureProxy Admin Functionality Access
10000| [36045] EDraw Office Viewer Component ActiveX (edrawofficeviewer.ocx) HttpDownloadFile Method Overflow
10001| [35237] 3Proxy HTTP Proxy Crafted Transparent Request Remote Overflow
10002| [35033] WebCreator http/load.inc.php moddir Parameter Remote File Inclusion
10003| [34339] HTTP File Uploader ActiveX (UFileUploaderD.dll) AddFile Method Overflow
10004| [33097] Blue Coat WinProxy HTTP CONNECT Request Overflow
10005| [28428] Ruby on Rails File Upload Request HTTP Header Unspecified Issue
10006| [27944] libmusicbrainz MBHttp::Download Redirect HTTP Reply Overflow
10007| [26300] Mozilla Multiple Products via Proxy Server HTTP Response Smuggling
10008| [26008] PHPGallue Proxy Cache HTTP Header Information Disclosure
10009| [25940] Etype Eserv/3 HTTP Server File Upload Name Validation Bypass
10010| [25565] phpBB usercp_avatar.php Arbitrary HTTP Proxy
10011| [22876] HTTP Anti Virus Proxy Multiple AV Scanner Failure
10012| [22853] Blue Coat ProxySG SGOS HTTP Proxy Arbitrary Port Connection
10013| [22237] Blue Coat WinProxy HTTP Request Overflow DoS
10014| [21762] Microsoft IE HTTPS Proxy Basic Authentication URL Cleartext Transmission
10015| [19792] Astaro Security Linux Proxy index.fpl wfe_download Parameter Traversal Arbitrary File Access
10016| [19008] Simpleproxy HTTP Proxy Reply Remote Format String
10017| [18284] Netquery HTTP GET Request Panel Unauthorized Proxy
10018| [16388] Mozilla with Proxy HTTP Header Arbitrary Cookie Disclosure
10019| [16082] Apple Mac OS X Server HTTP Proxy Unrestricted Access
10020| [16014] IBM Web Traffic Express Caching Proxy Server HTTP GET Request XSS
10021| [15413] Linux Kernel Equalizer Load-balancer (eql.c) Local DoS
10022| [14573] HTTP Anti Virus Proxy Archive Scanning Failure
10023| [14270] Sun Java JRE HTTP Proxy Java Applet Session Hijack
10024| [14155] BitlBee HTTP Proxy Support Unspecified Security Issue
10025| [12558] Apache HTTP Server IPv6 FTP Proxy Socket Failure DoS
10026| [12191] Falk eSolutions FLB02/CP Load Balancer Redirect Failure
10027| [11638] Bajie HTTP JServer UploadServlet upload.html File Upload Arbitrary Program Execution
10028| [11593] CCProxy Logging Component HTTP GET Request Remote Overflow
10029| [11375] ezContents uploadfile.php HTTP POST Arbitrary File/Directory Modification
10030| [9742] Apache HTTP Server mod_ssl char_buffer_read Function Reverse Proxy DoS
10031| [9688] Apache HTTP Server mod_proxy Malformed FTP Command DoS
10032| [7929] Apache HTTP Server mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String
10033| [7714] AnomicHTTPProxy Invalid HTTP Command Proxy Localhost Block
10034| [7713] AnomicHTTPProxy Administration Password Dementia
10035| [7709] AnomicHTTPProxy Double Dot Arbitrary File Access
10036| [6839] Apache HTTP Server mod_proxy Content-Length Overflow
10037| [6804] Avirt Gateway/Gateway Suite/SOHO HTTP Proxy Overflow
10038| [6187] Trend Micro InterScan VirusWall HTTP CONNECT Proxying
10039| [6162] Trend Micro InterScan VirusWall HTTP Proxy Content Scanning Circumvention
10040| [4433] Check Point FireWall-1 HTTP Proxy Traffic Bypass
10041| [4366] Symantec Personal Firewalls HTTP Proxy Remote Overflow
10042| [4028] PSOProxy Long HTTP Request Overflow
10043| [4015] Jigsaw HTTP Proxy Error Page XSS
10044| [3876] Jack's formmail.php Malformed HTTP Referer Arbitrary File Upload
10045| [3732] Gaim HTTP Proxy Connect Overflow
10046| [3723] ProxyNow! HTTP Request Overflow
10047| [3718] Finjan SurfinGate Proxy FHTTP Command Admin Functions Authentication Bypass
10048| [2764] Plug and Play Web Server Proxy Service HTTP Request Handling DoS
10049| [1789] Microsoft ISA Server Web Proxy Malformed HTTP Request Parsing Remote DoS
10050| [1429] SapporoWorks WinProxy Malformed HTTP GET Request DoS
10051| [1336] CProxy SP2 Long HTTP Request DoS
10052| [1050] Persits Software AspUpload AspUpload.dll HTTP Request Overflow
10053| [787] Compaq Web-enabled Management Software HTTP Server Arbitrary Traffic Proxy
10054|_
10055139/tcp closed netbios-ssn conn-refused
10056443/tcp open ssl/https syn-ack
10057| fingerprint-strings:
10058| GetRequest:
10059| HTTP/1.1 200 OK
10060| Date: Sun, 11 Aug 2019 01:56:43 GMT
10061| Strict-Transport-Security: max-age=31536000; includeSubDomains
10062| X-XSS-Protection: 1; mode=block
10063| Feature-Policy: microphone 'none'; camera 'none'
10064| Expires: Thu, 19 Nov 1981 08:52:00 GMT
10065| Cache-Control: max-age=420, private, must-revalidate
10066| Pragma: no-cache
10067| Vary: Accept-Encoding
10068| X-Content-Type-Options: nosniff
10069| X-Frame-Options: sameorigin
10070| Set-Cookie: PHPSESSID=jb135eh24rp2fijonva15oqnu7; path=/;HttpOnly;Secure
10071| Set-Cookie: returned_id=jb135eh24rp2fijonva15oqnu7; expires=Tue, 10-Sep-2019 01:56:43 GMT; Max-Age=2592000; path=/;HttpOnly;Secure
10072| Referrer-Policy: no-referrer
10073| Content-Security-Policy: default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooU
10074| HTTPOptions:
10075| HTTP/1.1 200 OK
10076| Date: Sun, 11 Aug 2019 01:56:46 GMT
10077| Strict-Transport-Security: max-age=31536000; includeSubDomains
10078| X-XSS-Protection: 1; mode=block
10079| Feature-Policy: microphone 'none'; camera 'none'
10080| Expires: Thu, 19 Nov 1981 08:52:00 GMT
10081| Cache-Control: max-age=420, private, must-revalidate
10082| Pragma: no-cache
10083| Vary: Accept-Encoding
10084| X-Content-Type-Options: nosniff
10085| X-Frame-Options: sameorigin
10086| Set-Cookie: PHPSESSID=084henhhgifnunu56a8h734ms0; path=/;HttpOnly;Secure
10087| Set-Cookie: returned_id=084henhhgifnunu56a8h734ms0; expires=Tue, 10-Sep-2019 01:56:46 GMT; Max-Age=2592000; path=/;HttpOnly;Secure
10088| Referrer-Policy: no-referrer
10089|_ Content-Security-Policy: default-src 'self' https://stats.g.doubleclick.net https://www.google-analytics.com https://d3mbz7sg00v6j4.cloudfront.net https://l.sharethis.com; script-src 'self' 'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU=' 'sha256-QPDSSnfJTBLooU
10090445/tcp closed microsoft-ds conn-refused
100911 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
10092SF-Port443-TCP:V=7.70%T=SSL%I=7%D=8/10%Time=5D4F75DA%P=x86_64-pc-linux-gnu
10093SF:%r(GetRequest,4000,"HTTP/1\.1\x20200\x20OK\r\nDate:\x20Sun,\x2011\x20Au
10094SF:g\x202019\x2001:56:43\x20GMT\r\nStrict-Transport-Security:\x20max-age=3
10095SF:1536000;\x20includeSubDomains\r\nX-XSS-Protection:\x201;\x20mode=block\
10096SF:r\nFeature-Policy:\x20microphone\x20'none';\x20camera\x20'none'\r\nExpi
10097SF:res:\x20Thu,\x2019\x20Nov\x201981\x2008:52:00\x20GMT\r\nCache-Control:\
10098SF:x20max-age=420,\x20private,\x20must-revalidate\r\nPragma:\x20no-cache\r
10099SF:\nVary:\x20Accept-Encoding\r\nX-Content-Type-Options:\x20nosniff\r\nX-F
10100SF:rame-Options:\x20sameorigin\r\nSet-Cookie:\x20PHPSESSID=jb135eh24rp2fij
10101SF:onva15oqnu7;\x20path=/;HttpOnly;Secure\r\nSet-Cookie:\x20returned_id=jb
10102SF:135eh24rp2fijonva15oqnu7;\x20expires=Tue,\x2010-Sep-2019\x2001:56:43\x2
10103SF:0GMT;\x20Max-Age=2592000;\x20path=/;HttpOnly;Secure\r\nReferrer-Policy:
10104SF:\x20no-referrer\r\nContent-Security-Policy:\x20default-src\x20'self'\x2
10105SF:0https://stats\.g\.doubleclick\.net\x20https://www\.google-analytics\.c
10106SF:om\x20https://d3mbz7sg00v6j4\.cloudfront\.net\x20https://l\.sharethis\.
10107SF:com;\x20script-src\x20'self'\x20'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLI
10108SF:dSnWDCy9AWHU='\x20'sha256-QPDSSnfJTBLooU")%r(HTTPOptions,4000,"HTTP/1\.
10109SF:1\x20200\x20OK\r\nDate:\x20Sun,\x2011\x20Aug\x202019\x2001:56:46\x20GMT
10110SF:\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeSubDomain
10111SF:s\r\nX-XSS-Protection:\x201;\x20mode=block\r\nFeature-Policy:\x20microp
10112SF:hone\x20'none';\x20camera\x20'none'\r\nExpires:\x20Thu,\x2019\x20Nov\x2
10113SF:01981\x2008:52:00\x20GMT\r\nCache-Control:\x20max-age=420,\x20private,\
10114SF:x20must-revalidate\r\nPragma:\x20no-cache\r\nVary:\x20Accept-Encoding\r
10115SF:\nX-Content-Type-Options:\x20nosniff\r\nX-Frame-Options:\x20sameorigin\
10116SF:r\nSet-Cookie:\x20PHPSESSID=084henhhgifnunu56a8h734ms0;\x20path=/;HttpO
10117SF:nly;Secure\r\nSet-Cookie:\x20returned_id=084henhhgifnunu56a8h734ms0;\x2
10118SF:0expires=Tue,\x2010-Sep-2019\x2001:56:46\x20GMT;\x20Max-Age=2592000;\x2
10119SF:0path=/;HttpOnly;Secure\r\nReferrer-Policy:\x20no-referrer\r\nContent-S
10120SF:ecurity-Policy:\x20default-src\x20'self'\x20https://stats\.g\.doublecli
10121SF:ck\.net\x20https://www\.google-analytics\.com\x20https://d3mbz7sg00v6j4
10122SF:\.cloudfront\.net\x20https://l\.sharethis\.com;\x20script-src\x20'self'
10123SF:\x20'sha256-oqelZGdETXUs6CPxvyBaixVS67lCvLIdSnWDCy9AWHU='\x20'sha256-QP
10124SF:DSSnfJTBLooU");
10125Device type: general purpose
10126Running (JUST GUESSING): Linux 2.6.X (90%)
10127OS CPE: cpe:/o:linux:linux_kernel:2.6
10128OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
10129Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (90%)
10130No exact OS matches for host (test conditions non-ideal).
10131TCP/IP fingerprint:
10132SCAN(V=7.70%E=4%D=8/10%OT=80%CT=25%CU=%PV=N%G=N%TM=5D4F769D%P=x86_64-pc-linux-gnu)
10133SEQ(SP=106%GCD=1%ISR=10D%TI=RD%CI=Z%TS=A)
10134OPS(O1=M44FNW2ST11%O2=M44FNW2ST11%O3=M44FNW2NNT11%O4=M44FNW2ST11%O5=M44FNW2ST11%O6=M44FST11)
10135WIN(W1=2B16%W2=2B16%W3=1900%W4=14F0%W5=14F0%W6=A5A)
10136ECN(R=Y%DF=Y%TG=FF%W=2B16%O=M44FNW2SLL%CC=Y%Q=)
10137T1(R=Y%DF=Y%TG=FF%S=O%A=S+%F=AS%RD=0%Q=)
10138T2(R=N)
10139T3(R=N)
10140T4(R=N)
10141T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
10142T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
10143T7(R=N)
10144U1(R=N)
10145IE(R=N)
10146
10147Uptime guess: 24.545 days (since Wed Jul 17 08:55:51 2019)
10148TCP Sequence Prediction: Difficulty=261 (Good luck!)
10149IP ID Sequence Generation: Randomized
10150Service Info: Device: load balancer
10151
10152TRACEROUTE (using proto 1/icmp)
10153HOP RTT ADDRESS
101541 214.90 ms 10.247.200.1
101552 219.74 ms 185.242.4.145
101563 215.07 ms xe-1-0-2-0.bb1.tyo1.jp.m247.com (82.102.29.232)
101574 214.94 ms ix-xe-4-1-3-0.tcore2.tv2-tokyo.as6453.net (180.87.181.169)
101585 223.08 ms if-et-24-2.hcore2.kv8-chiba.as6453.net (180.87.181.73)
101596 230.92 ms if-et-1-2.hcore1.kv8-chiba.as6453.net (120.29.211.2)
101607 463.07 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
101618 463.28 ms if-ae-18-3.tcore1.sqn-san-jose.as6453.net (63.243.205.130)
101629 467.13 ms if-ae-0-2.tcore1.nto-new-york.as6453.net (63.243.128.30)
1016310 468.69 ms if-ae-7-2.tcore1.n0v-new-york.as6453.net (63.243.128.26)
1016411 471.64 ms if-ae-2-2.tcore2.n0v-new-york.as6453.net (216.6.90.22)
1016512 469.37 ms if-ae-4-2.tcore2.l78-london.as6453.net (80.231.131.157)
1016613 481.56 ms if-ae-9-2.tcore2.wyn-marseille.as6453.net (80.231.200.13)
1016714 ... 30
10168
10169NSE: Script Post-scanning.
10170NSE: Starting runlevel 1 (of 2) scan.
10171Initiating NSE at 21:59
10172Completed NSE at 21:59, 0.00s elapsed
10173NSE: Starting runlevel 2 (of 2) scan.
10174Initiating NSE at 21:59
10175Completed NSE at 21:59, 0.00s elapsed
10176Read data files from: /usr/bin/../share/nmap
10177OS and Service detection performed. Please report any incorrect results at https://nmap.org/
10178#######################################################################################################################################
10179Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-10 21:59 EDT
10180NSE: Loaded 45 scripts for scanning.
10181NSE: Script Pre-scanning.
10182Initiating NSE at 21:59
10183Completed NSE at 21:59, 0.00s elapsed
10184Initiating NSE at 21:59
10185Completed NSE at 21:59, 0.00s elapsed
10186Initiating Parallel DNS resolution of 1 host. at 21:59
10187Completed Parallel DNS resolution of 1 host. at 21:59, 0.03s elapsed
10188Initiating UDP Scan at 21:59
10189Scanning 87.101.237.176 [14 ports]
10190Completed UDP Scan at 22:00, 2.97s elapsed (14 total ports)
10191Initiating Service scan at 22:00
10192Scanning 12 services on 87.101.237.176
10193Service scan Timing: About 8.33% done; ETC: 22:19 (0:17:58 remaining)
10194Completed Service scan at 22:01, 102.59s elapsed (12 services on 1 host)
10195Initiating OS detection (try #1) against 87.101.237.176
10196Retrying OS detection (try #2) against 87.101.237.176
10197Initiating Traceroute at 22:01
10198Completed Traceroute at 22:01, 7.25s elapsed
10199Initiating Parallel DNS resolution of 1 host. at 22:01
10200Completed Parallel DNS resolution of 1 host. at 22:01, 0.00s elapsed
10201NSE: Script scanning 87.101.237.176.
10202Initiating NSE at 22:01
10203Completed NSE at 22:02, 7.51s elapsed
10204Initiating NSE at 22:02
10205Completed NSE at 22:02, 1.61s elapsed
10206Nmap scan report for 87.101.237.176
10207Host is up (0.21s latency).
10208
10209PORT STATE SERVICE VERSION
1021053/udp open|filtered domain
1021167/udp open|filtered dhcps
1021268/udp open|filtered dhcpc
1021369/udp open|filtered tftp
1021488/udp open|filtered kerberos-sec
10215123/udp open|filtered ntp
10216137/udp filtered netbios-ns
10217138/udp filtered netbios-dgm
10218139/udp open|filtered netbios-ssn
10219161/udp open|filtered snmp
10220162/udp open|filtered snmptrap
10221389/udp open|filtered ldap
10222520/udp open|filtered route
102232049/udp open|filtered nfs
10224Too many fingerprints match this host to give specific OS details
10225
10226TRACEROUTE (using port 137/udp)
10227HOP RTT ADDRESS
102281 213.75 ms 10.247.200.1
102292 ... 3
102304 212.66 ms 10.247.200.1
102315 220.55 ms 10.247.200.1
102326 219.23 ms 10.247.200.1
102337 219.20 ms 10.247.200.1
102348 217.39 ms 10.247.200.1
102359 217.37 ms 10.247.200.1
1023610 216.13 ms 10.247.200.1
1023711 ... 18
1023819 220.11 ms 10.247.200.1
1023920 212.82 ms 10.247.200.1
1024021 ... 27
1024128 213.96 ms 10.247.200.1
1024229 ...
1024330 213.17 ms 10.247.200.1
10244
10245NSE: Script Post-scanning.
10246Initiating NSE at 22:02
10247Completed NSE at 22:02, 0.00s elapsed
10248Initiating NSE at 22:02
10249Completed NSE at 22:02, 0.00s elapsed
10250Read data files from: /usr/bin/../share/nmap
10251OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
10252Nmap done: 1 IP address (1 host up) scanned in 129.56 seconds
10253 Raw packets sent: 147 (13.614KB) | Rcvd: 21 (2.224KB)
10254#######################################################################################################################################
10255 Anonymous JTSEC #OpSaudiArabia Full Recon #8